AWS sagemaker-unified-studio documentation change
Summary
Updated IAM policy attachment target from project user role to EMR on EKS system namespace role.
Security assessment
Change corrects documentation about IAM role assignment but doesn't address any security vulnerability or weakness. No security implications beyond standard IAM policy management.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/configuring-trusted-identity-propagation-for-emr-on-eks.md b/sagemaker-unified-studio/latest/adminguide/configuring-trusted-identity-propagation-for-emr-on-eks.md index 62ac067de..37360823e 100644 --- a//sagemaker-unified-studio/latest/adminguide/configuring-trusted-identity-propagation-for-emr-on-eks.md +++ b//sagemaker-unified-studio/latest/adminguide/configuring-trusted-identity-propagation-for-emr-on-eks.md @@ -9 +9 @@ -Amazon EMR on EKS requires additional IAM permissions to enable trusted identity propagation. You must attach the following inline IAM role policy to the IAM role created as the project user role. +Amazon EMR on EKS requires additional IAM permissions to enable trusted identity propagation. You must attach the following inline IAM role policy to the IAM role created as the Amazon EMR on EKS system namespace role. @@ -13 +13 @@ Amazon EMR on EKS requires additional IAM permissions to enable trusted identity -The project user role for an Amazon SageMaker Unified Studio project is named `datazone_usr_role_`{project_id}``. +The Amazon EMR on EKS system namespace role for an Amazon SageMaker Unified Studio project is named `datazone_emr_containers_system_namespace_role_`{project_id}``.