AWS sagemaker-unified-studio documentation change
Summary
Added policy update entry for SageMakerStudioProjectRoleMachineLearningPolicy with expanded DataZone permissions
Security assessment
Documents expanded permissions (datazone:List*, datazone:Search*, datazone:*Message*) for a managed policy. While related to access control, there's no evidence of addressing a vulnerability. It adds documentation about IAM policy changes which are security-related features.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/doc-history.md b/sagemaker-unified-studio/latest/adminguide/doc-history.md index 5d372a2d1..df257db04 100644 --- a//sagemaker-unified-studio/latest/adminguide/doc-history.md +++ b//sagemaker-unified-studio/latest/adminguide/doc-history.md @@ -12,0 +13 @@ Change| Description| Date +Policy update - SageMakerStudioProjectRoleMachineLearningPolicy| Policy updates to SageMakerStudioProjectRoleMachineLearningPolicy - updating the DataZoneUserPermissions statement to support the Business Data Catalog within Data Agent. Adding `datazone:List*` and `datazone:Search*` permissions for catalog discovery, and replacing `datazone:SendMessage` with `datazone:*Message*` to support conversation management. For more information, see [Amazon SageMaker Unified Studio updates to AWS managed policies](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol.html).| May 13, 2026