# AWS Identity and Access Management for Amazon SageMaker AI Identity and Access Management AWS Identity and Access Management (IAM) is an AWS service that helps an administrator securely control access to AWS resources. IAM administrators control who can be *authenticated* (signed in) and *authorized* (have permissions) to use SageMaker AI resources. IAM is an AWS service that you can use with no additional charge. **Topics** + [ ## Audience ](#security_iam_audience) + [ ## Authenticating with identities ](#security_iam_authentication) + [ ## Managing access using policies ](#security_iam_access-manage) + [ # How Amazon SageMaker AI works with IAM ](security_iam_service-with-iam.md) + [ # Amazon SageMaker AI identity-based policy examples ](security_iam_id-based-policy-examples.md) + [ # Cross-service confused deputy prevention ](security-confused-deputy-prevention.md) + [ # How to use SageMaker AI execution roles ](sagemaker-roles.md) + [ # Amazon SageMaker Role Manager ](role-manager.md) + [ # Access control for notebooks ](security-access-control.md) + [ # Amazon SageMaker AI API Permissions: Actions, Permissions, and Resources Reference ](api-permissions-reference.md) + [ # AWS managed policies for Amazon SageMaker AI ](security-iam-awsmanpol.md) + [ # Troubleshooting Amazon SageMaker AI Identity and Access ](security_iam_troubleshoot.md) ## Audience How you use AWS Identity and Access Management (IAM) differs based on your role: + **Service user** - request permissions from your administrator if you cannot access features (see [Troubleshooting Amazon SageMaker AI Identity and Access](security_iam_troubleshoot.md)) + **Service administrator** - determine user access and submit permission requests (see [How Amazon SageMaker AI works with IAM](security_iam_service-with-iam.md)) + **IAM administrator** - write policies to manage access (see [Amazon SageMaker AI identity-based policy examples](security_iam_id-based-policy-examples.md)) ## Authenticating with identities Authentication is how you sign in to AWS using your identity credentials. You must be authenticated as the AWS account root user, an IAM user, or by assuming an IAM role. You can sign in as a federated identity using credentials from an identity source like AWS IAM Identity Center (IAM Identity Center), single sign-on authentication, or Google/Facebook credentials. For more information about signing in, see [How to sign in to your AWS account](https://docs.aws.amazon.com/signin/latest/userguide/how-to-sign-in.html) in the *AWS Sign-In User Guide*. For programmatic access, AWS provides an SDK and CLI to cryptographically sign requests. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in the *IAM User Guide*. ### AWS account root user When you create an AWS account, you begin with one sign-in identity called the AWS account *root user* that has complete access to all AWS services and resources. We strongly recommend that you don't use the root user for everyday tasks. For tasks that require root user credentials, see [Tasks that require root user credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#root-user-tasks) in the *IAM User Guide*. ### Federated identity As a best practice, require human users to use federation with an identity provider to access AWS services using temporary credentials. A *federated identity* is a user from your enterprise directory, web identity provider, or Directory Service that accesses AWS services using credentials from an identity source. Federated identities assume roles that provide temporary credentials. For centralized access management, we recommend AWS IAM Identity Center. For more information, see [What is IAM Identity Center?](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the *AWS IAM Identity Center User Guide*. ### IAM Users and Groups An *[IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html)* is an identity with specific permissions for a single person or application. We recommend using temporary credentials instead of IAM users with long-term credentials. For more information, see [Require human users to use federation with an identity provider to access AWS using temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) in the *IAM User Guide*. An [https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html) specifies a collection of IAM users and makes permissions easier to manage for large sets of users. For more information, see [Use cases for IAM users](https://docs.aws.amazon.com/IAM/latest/UserGuide/gs-identities-iam-users.html) in the *IAM User Guide*. ### IAM Roles An *[IAM role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)* is an identity with specific permissions that provides temporary credentials. You can assume a role by [switching from a user to an IAM role (console)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-console.html) or by calling an AWS CLI or AWS API operation. For more information, see [Methods to assume a role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage-assume.html) in the *IAM User Guide*. IAM roles are useful for federated user access, temporary IAM user permissions, cross-account access, cross-service access, and applications running on Amazon EC2. For more information, see [Cross account resource access in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-cross-account-resource-access.html) in the *IAM User Guide*. ## Managing access using policies You control access in AWS by creating policies and attaching them to AWS identities or resources. A policy defines permissions when associated with an identity or resource. AWS evaluates these policies when a principal makes a request. Most policies are stored in AWS as JSON documents. For more information about JSON policy documents, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) in the *IAM User Guide*. Using policies, administrators specify who has access to what by defining which **principal** can perform **actions** on what **resources**, and under what **conditions**. By default, users and roles have no permissions. An IAM administrator creates IAM policies and adds them to roles, which users can then assume. IAM policies define permissions regardless of the method used to perform the operation. ### Identity-based policies Identity-based policies are JSON permissions policy documents that you attach to an identity (user, group, or role). These policies control what actions identities can perform, on which resources, and under what conditions. To learn how to create an identity-based policy, see [Define custom IAM permissions with customer managed policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the *IAM User Guide*. Identity-based policies can be *inline policies* (embedded directly into a single identity) or *managed policies* (standalone policies attached to multiple identities). To learn how to choose between managed and inline policies, see [Choose between managed policies and inline policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-choosing-managed-or-inline.html) in the *IAM User Guide*. ### Resource-based policies Resource-based policies are JSON policy documents that you attach to a resource. Examples include IAM *role trust policies* and Amazon S3 *bucket policies*. In services that support resource-based policies, service administrators can use them to control access to a specific resource. You must [specify a principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) in a resource-based policy. Resource-based policies are inline policies that are located in that service. You can't use AWS managed policies from IAM in a resource-based policy. ### Access control lists (ACLs) Access control lists (ACLs) control which principals (account members, users, or roles) have permissions to access a resource. ACLs are similar to resource-based policies, although they do not use the JSON policy document format. Amazon S3, AWS WAF, and Amazon VPC are examples of services that support ACLs. To learn more about ACLs, see [Access control list (ACL) overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html) in the *Amazon Simple Storage Service Developer Guide*. ### Other policy types AWS supports additional policy types that can set the maximum permissions granted by more common policy types: + **Permissions boundaries** – Set the maximum permissions that an identity-based policy can grant to an IAM entity. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*. + **Service control policies (SCPs)** – Specify the maximum permissions for an organization or organizational unit in AWS Organizations. For more information, see [Service control policies](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html) in the *AWS Organizations User Guide*. + **Resource control policies (RCPs)** – Set the maximum available permissions for resources in your accounts. For more information, see [Resource control policies (RCPs)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_rcps.html) in the *AWS Organizations User Guide*. + **Session policies** – Advanced policies passed as a parameter when creating a temporary session for a role or federated user. For more information, see [Session policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) in the *IAM User Guide*. ### Multiple policy types When multiple types of policies apply to a request, the resulting permissions are more complicated to understand. To learn how AWS determines whether to allow a request when multiple policy types are involved, see [Policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide*. # How Amazon SageMaker AI works with IAM **Important** Custom IAM policies that allow Amazon SageMaker Studio or Amazon SageMaker Studio Classic to create Amazon SageMaker resources must also grant permissions to add tags to those resources. The permission to add tags to resources is required because Studio and Studio Classic automatically tag any resources they create. If an IAM policy allows Studio and Studio Classic to create resources but does not allow tagging, "AccessDenied" errors can occur when trying to create resources. For more information, see [Provide permissions for tagging SageMaker AI resources](security_iam_id-based-policy-examples.md#grant-tagging-permissions). [AWS managed policies for Amazon SageMaker AI](security-iam-awsmanpol.md) that give permissions to create SageMaker resources already include permissions to add tags while creating those resources. Before you use IAM to manage access to SageMaker AI, you should understand what IAM features are available to use with SageMaker AI. To get a high-level view of how SageMaker AI and other AWS services work with IAM, see [AWS Services That Work with IAM](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_aws-services-that-work-with-iam.html) in the *Service Authorization Reference*. **Topics** + [ ## Identity-based policies for Amazon SageMaker AI ](#security_iam_service-with-iam-id-based-policies) + [ ## Resource-based policies within Amazon SageMaker AI ](#security_iam_service-with-iam-resource-based-policies) + [ ## Policy actions for Amazon SageMaker AI ](#security_iam_service-with-iam-id-based-policies-actions) + [ ## Policy resources for Amazon SageMaker AI ](#security_iam_service-with-iam-id-based-policies-resources) + [ ## Policy condition keys for Amazon SageMaker AI ](#security_iam_service-with-iam-id-based-policies-conditionkeys) + [ ## Authorization based on SageMaker AI tags ](#security_iam_service-with-iam-tags) + [ ## SageMaker AI IAM roles ](#security_iam_service-with-iam-roles) ## Identity-based policies for Amazon SageMaker AI With IAM identity-based policies, you can specify allowed or denied actions and resources as well as the conditions under which actions are allowed or denied. SageMaker AI supports specific actions, resources, and condition keys. To learn about all of the elements that you use in a JSON policy, see [IAM JSON Policy Elements Reference](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_elements.html) in the *Service Authorization Reference*. ## Resource-based policies within Amazon SageMaker AI **Supports resource-based policies:** No Resource-based policies are JSON policy documents that you attach to a resource. Examples of resource-based policies are IAM *role trust policies* and Amazon S3 *bucket policies*. In services that support resource-based policies, service administrators can use them to control access to a specific resource. For the resource where the policy is attached, the policy defines what actions a specified principal can perform on that resource and under what conditions. You must [specify a principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) in a resource-based policy. Principals can include accounts, users, roles, federated users, or AWS services. To enable cross-account access, you can specify an entire account or IAM entities in another account as the principal in a resource-based policy. Adding a cross-account principal to a resource-based policy is only half of establishing the trust relationship. When the principal and the resource are in different AWS accounts, an IAM administrator in the trusted account must also grant the principal entity (user or role) permission to access the resource. They grant permission by attaching an identity-based policy to the entity. However, if a resource-based policy grants access to a principal in the same account, no additional identity-based policy is required. For more information, see [Cross account resource access in IAM](https://docs.aws.amazon.com//IAM/latest/UserGuide/access_policies-cross-account-resource-access.html) in the *IAM User Guide*. **Note** Use [AWS Resource Access Manager](https://docs.aws.amazon.com/ram/latest/userguide/what-is.html) for securely sharing supported SageMaker AI resources. To find the list of sharable resources, see [shareable Amazon SageMaker AI resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-sagemaker). ## Policy actions for Amazon SageMaker AI Administrators can use AWS JSON policies to specify who has access to what. That is, which **principal** can perform **actions** on what **resources**, and under what **conditions**. The `Action` element of a JSON policy describes the actions that you can use to allow or deny access in a policy. Include actions in a policy to grant permissions to perform the associated operation. Policy actions in SageMaker AI use the following prefix before the action: `sagemaker:`. For example, to grant someone permission to run a SageMaker AI training job with the SageMaker AI `CreateTrainingJob` API operation, you include the `sagemaker:CreateTrainingJob` action in their policy. Policy statements must include either an `Action` or `NotAction` element. SageMaker AI defines its own set of actions that describe tasks that you can perform with this service. To specify multiple actions in a single statement, separate them with commas as follows: ``` "Action": [ "sagemaker:action1", "sagemaker:action2" ] ``` You can specify multiple actions using wildcards (\$1). For example, to specify all actions that begin with the word `Describe`, include the following action: ``` "Action": "sagemaker:Describe*" ``` To see a list of SageMaker AI actions, see [Actions, resources, and condition keys for Amazon SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html) in the *Service Authorization Reference*. ## Policy resources for Amazon SageMaker AI **Supports policy resources:** Yes Administrators can use AWS JSON policies to specify who has access to what. That is, which **principal** can perform **actions** on what **resources**, and under what **conditions**. The `Resource` JSON policy element specifies the object or objects to which the action applies. Statements must include either a `Resource` or a `NotResource` element. As a best practice, specify a resource using its [Amazon Resource Name (ARN)](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html). You can do this for actions that support a specific resource type, known as *resource-level permissions*. For actions that don't support resource-level permissions, such as listing operations, use a wildcard (\$1) to indicate that the statement applies to all resources. ``` "Resource": "*" ``` To see a list of Amazon SageMaker AI resource types and their ARNs, see the following references for actions, resource types, and condition keys defined by Amazon SageMaker AI in the *Service Authorization Reference*. + [Amazon SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html) + [Amazon SageMaker geospatial capabilities](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergeospatialcapabilities.html) + [Amazon SageMaker Ground Truth Synthetic](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergroundtruthsynthetic.html) + [Amazon SageMaker AI with MLflow](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakerwithmlflow.html) To learn with which actions you can specify the ARN of each resource, see [Actions defined by Amazon SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html#amazonsagemaker-actions-as-permissions). ## Policy condition keys for Amazon SageMaker AI Administrators can use AWS JSON policies to specify who has access to what. That is, which **principal** can perform **actions** on what **resources**, and under what **conditions**. The `Condition` element specifies when statements execute based on defined criteria. You can create conditional expressions that use [condition operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html), such as equals or less than, to match the condition in the policy with values in the request. To see all AWS global condition keys, see [AWS global condition context keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html) in the *IAM User Guide*. SageMaker AI defines its own set of condition keys and also supports using some global condition keys. To see all AWS global condition keys, see [AWS Global Condition Context Keys](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_condition-keys.html) in the *Service Authorization Reference*. SageMaker AI supports a number of service-specific condition keys that you can use for fine-grained access control for the following operations: + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html) + [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html) To see a list of SageMaker AI condition keys, see [Condition keys for Amazon SageMaker AI ](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html#amazonsagemaker-policy-keys) in the *Service Authorization Reference*. To learn with which actions and resources you can use a condition key, see [Actions defined by Amazon SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html#amazonsagemaker-actions-as-permissions). For examples of using SageMaker AI condition keys, see the following: [Control creation of SageMaker AI resources with condition keys](security_iam_id-based-policy-examples.md#sagemaker-condition-examples). ### Examples To view examples of SageMaker AI identity-based policies, see [Amazon SageMaker AI identity-based policy examples](security_iam_id-based-policy-examples.md). ## Authorization based on SageMaker AI tags You can attach tags to SageMaker AI resources or pass tags in a request to SageMaker AI. To control access based on tags, you provide tag information in the [condition element](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_elements_condition.html) of a policy using the `sagemaker:ResourceTag/key-name`, `aws:RequestTag/key-name`, or `aws:TagKeys` condition keys. For more information about tagging SageMaker AI resources, see [Control access to SageMaker AI resources by using tags](security_iam_id-based-policy-examples.md#access-tag-policy). To view an example identity-based policy for limiting access to a resource based on the tags on that resource, see [Control access to SageMaker AI resources by using tags](security_iam_id-based-policy-examples.md#access-tag-policy). ## SageMaker AI IAM roles An [IAM role](https://docs.aws.amazon.com/service-authorization/latest/reference/id_roles.html) is an entity within your AWS account that has specific permissions. ### Using temporary credentials with SageMaker AI You can use temporary credentials to sign in with federation, assume an IAM role, or to assume a cross-account role. You obtain temporary security credentials by calling AWS STS API operations such as [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) or [GetFederationToken](https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html). SageMaker AI supports using temporary credentials. ### Service-linked roles SageMaker AI partially supports [service-linked roles](https://docs.aws.amazon.com/service-authorization/latest/reference/id_roles_terms-and-concepts.html#iam-term-service-linked-role). Service-linked roles are currently available for SageMaker Studio Classic. ### Service roles This feature allows a service to assume a [service role](https://docs.aws.amazon.com/service-authorization/latest/reference/id_roles_terms-and-concepts.html#iam-term-service-role) on your behalf. This role allows the service to access resources in other services to complete an action on your behalf. Service roles appear in your IAM account and are owned by the account. This means that an IAM administrator can change the permissions for this role. However, doing so might break the functionality of the service. SageMaker AI supports service roles. ### Choosing an IAM role in SageMaker AI When you create a notebook instance, processing job, training job, hosted endpoint, or batch transform job resource in SageMaker AI, you must choose a role to allow SageMaker AI to access SageMaker AI on your behalf. If you have previously created a service role or service-linked role, then SageMaker AI provides you with a list of roles to choose from. It's important to choose a role that allows access to the AWS operations and resources you need. For more information, see [How to use SageMaker AI execution roles](sagemaker-roles.md). # Amazon SageMaker AI identity-based policy examples Identity-based policy examples By default, IAM users and roles don't have permission to create or modify SageMaker AI resources. They also can't perform tasks using the AWS Management Console, AWS CLI, or AWS API. An IAM administrator must create IAM policies that grant users and roles permission to perform specific API operations on the specified resources they need. The administrator must then attach those policies to the IAM users or groups that require those permissions. To learn how to attach policies to an IAM user or group, see [Adding and Removing IAM Identity Permissions](https://docs.aws.amazon.com/service-authorization/latest/reference/access_policies_manage-attach-detach.html) in the *Service Authorization Reference*. To learn how to create an IAM identity-based policy using these example JSON policy documents, see [Creating Policies on the JSON Tab](https://docs.aws.amazon.com/service-authorization/latest/reference/access_policies_create.html#access_policies_create-json-editor). **Topics** + [ ## Policy best practices ](#security_iam_service-with-iam-policy-best-practices) + [ ## Using the SageMaker AI console ](#security_iam_id-based-policy-examples-console) + [ ## Allow users to view their own permissions ](#security_iam_id-based-policy-examples-view-own-permissions) + [ ## Control creation of SageMaker AI resources with condition keys ](#sagemaker-condition-examples) + [ ## Control access to the SageMaker AI API by using identity-based policies ](#api-access-policy) + [ ## Limit access to SageMaker AI API and runtime calls by IP address ](#api-ip-filter) + [ ## Limit access to a notebook instance by IP address ](#nbi-ip-filter) + [ ## Control access to SageMaker AI resources by using tags ](#access-tag-policy) + [ ## Provide permissions for tagging SageMaker AI resources ](#grant-tagging-permissions) + [ ## Limit access to searchable resources with visibility conditions ](#limit-access-to-searchable-resources) ## Policy best practices Identity-based policies determine whether someone can create, access, or delete SageMaker AI resources in your account. These actions can incur costs for your AWS account. When you create or edit identity-based policies, follow these guidelines and recommendations: + **Get started with AWS managed policies and move toward least-privilege permissions** – To get started granting permissions to your users and workloads, use the *AWS managed policies* that grant permissions for many common use cases. They are available in your AWS account. We recommend that you reduce permissions further by defining AWS customer managed policies that are specific to your use cases. For more information, see [AWS managed policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) or [AWS managed policies for job functions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html) in the *IAM User Guide*. + **Apply least-privilege permissions** – When you set permissions with IAM policies, grant only the permissions required to perform a task. You do this by defining the actions that can be taken on specific resources under specific conditions, also known as *least-privilege permissions*. For more information about using IAM to apply permissions, see [ Policies and permissions in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) in the *IAM User Guide*. + **Use conditions in IAM policies to further restrict access** – You can add a condition to your policies to limit access to actions and resources. For example, you can write a policy condition to specify that all requests must be sent using SSL. You can also use conditions to grant access to service actions if they are used through a specific AWS service, such as CloudFormation. For more information, see [ IAM JSON policy elements: Condition](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *IAM User Guide*. + **Use IAM Access Analyzer to validate your IAM policies to ensure secure and functional permissions** – IAM Access Analyzer validates new and existing policies so that the policies adhere to the IAM policy language (JSON) and IAM best practices. IAM Access Analyzer provides more than 100 policy checks and actionable recommendations to help you author secure and functional policies. For more information, see [Validate policies with IAM Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-policy-validation.html) in the *IAM User Guide*. + **Require multi-factor authentication (MFA)** – If you have a scenario that requires IAM users or a root user in your AWS account, turn on MFA for additional security. To require MFA when API operations are called, add MFA conditions to your policies. For more information, see [ Secure API access with MFA](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html) in the *IAM User Guide*. For more information about best practices in IAM, see [Security best practices in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the *IAM User Guide*. ## Using the SageMaker AI console Using the Console To access the Amazon SageMaker AI console, you must have a minimum set of permissions. These permissions must allow you to list and view details about the SageMaker AI resources in your AWS account. If you create an identity-based policy more restrictive than the minimum required permissions, the console won't function properly for entities with that policy. This include users or roles with that policy. To ensure that those entities can still use the SageMaker AI console, you must also attach the following AWS managed policy to the entities. For more information, see [Adding Permissions to a User](https://docs.aws.amazon.com/service-authorization/latest/reference/id_users_change-permissions.html#users_change_permissions-add-console) in the *Service Authorization Reference*: You don't need to allow minimum console permissions for users that are making calls only to the AWS CLI or the AWS API. Instead, allow access to only the actions that match the API operation that you're trying to perform. **Topics** + [ ### Permissions required to use the Amazon SageMaker AI console ](#console-permissions) + [ ### Permissions required to use the Amazon SageMaker Ground Truth console ](#groundtruth-console-policy) + [ ### Permissions required to use the Amazon Augmented AI (Preview) console ](#amazon-augmented-ai-console-policy) ### Permissions required to use the Amazon SageMaker AI console The permissions reference table lists the Amazon SageMaker AI API operations and shows the required permissions for each operation. For more information about Amazon SageMaker AI API operations, see [Amazon SageMaker AI API Permissions: Actions, Permissions, and Resources Reference](api-permissions-reference.md). To use the Amazon SageMaker AI console, you need to grant permissions for additional actions. Specifically, the console needs permissions that allow the `ec2` actions to display subnets, VPCs, and security groups. Optionally, the console needs permission to create *execution roles* for tasks such as `CreateNotebook`, `CreateTrainingJob`, and `CreateModel`. Grant these permissions with the following permissions policy: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "SageMakerApis", "Effect": "Allow", "Action": [ "sagemaker:*" ], "Resource": "*" }, { "Sid": "VpcConfigurationForCreateForms", "Effect": "Allow", "Action": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ], "Resource": "*" }, { "Sid":"KmsKeysForCreateForms", "Effect":"Allow", "Action":[ "kms:DescribeKey", "kms:ListAliases" ], "Resource":"*" }, { "Sid": "AccessAwsMarketplaceSubscriptions", "Effect": "Allow", "Action": [ "aws-marketplace:ViewSubscriptions" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:ListRepositories", "codecommit:ListBranches", "secretsmanager:CreateSecret", "secretsmanager:DescribeSecret", "secretsmanager:ListSecrets" ], "Resource": "*" }, { "Sid":"ListAndCreateExecutionRoles", "Effect":"Allow", "Action":[ "iam:ListRoles", "iam:CreateRole", "iam:CreatePolicy", "iam:AttachRolePolicy" ], "Resource":"*" }, { "Sid": "DescribeECRMetaData", "Effect": "Allow", "Action": [ "ecr:Describe*" ], "Resource": "*" }, { "Sid": "PassRoleForExecutionRoles", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } } ] } ``` ------ ### Permissions required to use the Amazon SageMaker Ground Truth console To use the Amazon SageMaker Ground Truth console, you need to grant permissions for additional resources. Specifically, the console needs permissions for: + the AWS Marketplace to view subscriptions, + Amazon Cognito operations to manage your private workforce + Amazon S3 actions for access to your input and output files + AWS Lambda actions to list and invoke functions Grant these permissions with the following permissions policy: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "GroundTruthConsole", "Effect": "Allow", "Action": [ "aws-marketplace:ViewSubscriptions", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "groundtruthlabeling:DescribeConsoleJob", "groundtruthlabeling:ListDatasetObjects", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "lambda:InvokeFunction", "lambda:ListFunctions", "s3:GetObject", "s3:PutObject" ], "Resource": "*" } ] } ``` ------ ### Permissions required to use the Amazon Augmented AI (Preview) console To use the Augmented AI console, you need to grant permissions for additional resources. Grant these permissions with the following permissions policy: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:*Algorithm", "sagemaker:*Algorithms", "sagemaker:*App", "sagemaker:*Apps", "sagemaker:*AutoMLJob", "sagemaker:*AutoMLJobs", "sagemaker:*CodeRepositories", "sagemaker:*CodeRepository", "sagemaker:*CompilationJob", "sagemaker:*CompilationJobs", "sagemaker:*Endpoint", "sagemaker:*EndpointConfig", "sagemaker:*EndpointConfigs", "sagemaker:*EndpointWeightsAndCapacities", "sagemaker:*Endpoints", "sagemaker:*Experiment", "sagemaker:*Experiments", "sagemaker:*FlowDefinitions", "sagemaker:*HumanLoop", "sagemaker:*HumanLoops", "sagemaker:*HumanTaskUi", "sagemaker:*HumanTaskUis", "sagemaker:*HyperParameterTuningJob", "sagemaker:*HyperParameterTuningJobs", "sagemaker:*LabelingJob", "sagemaker:*LabelingJobs", "sagemaker:*Metrics", "sagemaker:*Model", "sagemaker:*ModelPackage", "sagemaker:*ModelPackages", "sagemaker:*Models", "sagemaker:*MonitoringExecutions", "sagemaker:*MonitoringSchedule", "sagemaker:*MonitoringSchedules", "sagemaker:*NotebookInstance", "sagemaker:*NotebookInstanceLifecycleConfig", "sagemaker:*NotebookInstanceLifecycleConfigs", "sagemaker:*NotebookInstanceUrl", "sagemaker:*NotebookInstances", "sagemaker:*ProcessingJob", "sagemaker:*ProcessingJobs", "sagemaker:*RenderUiTemplate", "sagemaker:*Search", "sagemaker:*SearchSuggestions", "sagemaker:*Tags", "sagemaker:*TrainingJob", "sagemaker:*TrainingJobs", "sagemaker:*TransformJob", "sagemaker:*TransformJobs", "sagemaker:*Trial", "sagemaker:*TrialComponent", "sagemaker:*TrialComponents", "sagemaker:*Trials", "sagemaker:*Workteam", "sagemaker:*Workteams" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "sagemaker:*FlowDefinition" ], "Resource": "*", "Condition": { "StringEqualsIfExists": { "sagemaker:WorkteamType": [ "private-crowd", "vendor-crowd" ] } } }, { "Effect": "Allow", "Action": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "aws-marketplace:ViewSubscriptions", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:ListBranches", "codecommit:ListRepositories", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreateVpcEndpoint", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:CreateRepository", "ecr:Describe*", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "glue:CreateJob", "glue:DeleteJob", "glue:GetJob", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:ResetJobBookmark", "glue:StartJobRun", "glue:UpdateJob", "groundtruthlabeling:*", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "lambda:ListFunctions", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:PutLogEvents", "sns:ListTopics" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "logs:DescribeResourcePolicies", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ecr:SetRepositoryPolicy", "ecr:CompleteLayerUpload", "ecr:BatchDeleteImage", "ecr:UploadLayerPart", "ecr:DeleteRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:DeleteRepository", "ecr:PutImage" ], "Resource": "arn:aws:ecr:*:*:repository/*sagemaker*" }, { "Effect": "Allow", "Action": [ "codecommit:GitPull", "codecommit:GitPush" ], "Resource": [ "arn:aws:codecommit:*:*:*sagemaker*", "arn:aws:codecommit:*:*:*SageMaker*", "arn:aws:codecommit:*:*:*Sagemaker*" ] }, { "Effect": "Allow", "Action": [ "secretsmanager:ListSecrets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret" ], "Resource": [ "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" ] }, { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "*", "Condition": { "StringEquals": { "secretsmanager:ResourceTag/SageMaker": "true" } } }, { "Effect": "Allow", "Action": [ "robomaker:CreateSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:DeleteSimulationApplication" ], "Resource": [ "*" ] }, { "Effect": "Allow", "Action": [ "robomaker:CreateSimulationJob", "robomaker:DescribeSimulationJob", "robomaker:CancelSimulationJob" ], "Resource": [ "*" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:AbortMultipartUpload", "s3:GetBucketCors", "s3:PutBucketCors" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*", "arn:aws:s3:::*aws-glue*" ] }, { "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" } } }, { "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:*:*:function:*SageMaker*", "arn:aws:lambda:*:*:function:*sagemaker*", "arn:aws:lambda:*:*:function:*Sagemaker*", "arn:aws:lambda:*:*:function:*LabelingFunction*" ] }, { "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint", "Condition": { "StringLike": { "iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com" } } }, { "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "*", "Condition": { "StringEquals": { "iam:AWSServiceName": "robomaker.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "sns:Subscribe", "sns:CreateTopic" ], "Resource": [ "arn:aws:sns:*:*:*SageMaker*", "arn:aws:sns:*:*:*Sagemaker*", "arn:aws:sns:*:*:*sagemaker*" ] }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": [ "sagemaker.amazonaws.com", "glue.amazonaws.com", "robomaker.amazonaws.com", "states.amazonaws.com" ] } } } ] } ``` ------ ## Allow users to view their own permissions This example shows how you might create a policy that allows IAM users to view the inline and managed policies that are attached to their user identity. This policy includes permissions to complete this action on the console or programmatically using the AWS CLI or AWS API. ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "ViewOwnUserInfo", "Effect": "Allow", "Action": [ "iam:GetUserPolicy", "iam:ListGroupsForUser", "iam:ListAttachedUserPolicies", "iam:ListUserPolicies", "iam:GetUser" ], "Resource": ["arn:aws:iam::*:user/${aws:username}"] }, { "Sid": "NavigateInConsole", "Effect": "Allow", "Action": [ "iam:GetGroupPolicy", "iam:GetPolicyVersion", "iam:GetPolicy", "iam:ListAttachedGroupPolicies", "iam:ListGroupPolicies", "iam:ListPolicyVersions", "iam:ListPolicies", "iam:ListUsers" ], "Resource": "*" } ] } ``` ## Control creation of SageMaker AI resources with condition keys Control fine-grained access to allow the creation of SageMaker AI resources by using SageMaker AI-specific condition keys. For information about using condition keys in IAM policies, see [IAM JSON Policy Elements: Condition](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_elements_condition.html) in the *IAM User Guide*. The condition keys, related API actions, and links to relevant documentation are listed in [Condition Keys for SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html#amazonsagemaker-policy-keys) in the *Service Authorization Reference*. The following examples show how to use the SageMaker AI condition keys to control access. **Topics** + [ ### Control access to SageMaker AI resources by using file system condition keys ](#access-fs-condition-keys) + [ ### Restrict training to a specific VPC ](#sagemaker-condition-vpc) + [ ### Restrict access to workforce types for Ground Truth labeling jobs and Amazon A2I Human Review workflows ](#sagemaker-condition-keys-labeling) + [ ### Enforce encryption of input data ](#sagemaker-condition-kms) + [ ### Enforce network isolation for training jobs ](#sagemaker-condition-isolation) + [ ### Enforce a specific instance type for training jobs ](#sagemaker-condition-instance) + [ ### Enforce disabling internet access and root access for creating notebook instances ](#sagemaker-condition-nbi-lockdown) ### Control access to SageMaker AI resources by using file system condition keys SageMaker AI training provides a secure infrastructure for the training algorithm to run in, but for some cases you may want increased defense in depth. For example, you minimize the risk of running untrusted code in your algorithm, or you have specific security mandates in your organization. For these scenarios, you can use the service-specific condition keys in the Condition element of an IAM policy to scope down the user to: + specific file systems + directories + access modes (read-write, read-only) + security groups **Topics** + [ #### Restrict an IAM user to specific directories and access modes ](#access-fs-condition-keys-ex-dirs) + [ #### Restrict a user to a specific file system ](#access-fs-condition-keys-ex-fs) #### Restrict an IAM user to specific directories and access modes The following policy restricts a user to the `/sagemaker/xgboost-dm/train` and `/sagemaker/xgboost-dm/validation` directories of an EFS file system to `ro` (read-only) AccessMode: **Note** When a directory is allowed, all of its subdirectories are also accessible by the training algorithm. POSIX permissions are ignored. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AccessToElasticFileSystem", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "EFS", "sagemaker:FileSystemDirectoryPath": "/sagemaker/xgboost-dm/train" } } }, { "Sid": "AccessToElasticFileSystemValidation", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "EFS", "sagemaker:FileSystemDirectoryPath": "/sagemaker/xgboost-dm/validation" } } } ] } ``` ------ #### Restrict a user to a specific file system To prevent a malicious algorithm using a user space client from accessing any file system directly in your account, you can restrict networking traffic. To restrict this traffic, allow ingress only from a specific security group. In the following example, the user can only use the specified security group to access the file system: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AccessToLustreFileSystem", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "FSxLustre", "sagemaker:FileSystemDirectoryPath": "/fsx/sagemaker/xgboost/train" }, "ForAllValues:StringEquals": { "sagemaker:VpcSecurityGroupIds": [ "sg-12345678" ] } } } ] } ``` ------ This example can restrict an algorithm to a specific file system. However, it does not prevent an algorithm from accessing any directory within that file system using the user space client. To mitigate this, you can: + Ensure that the file system only contains data that you trust your users to access + Create an IAM role that restricts your users to launching training jobs with algorithms from approved ECR repositories For more information on how to use roles with SageMaker AI, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). ### Restrict training to a specific VPC Restrict an AWS user to creating training jobs from within a Amazon VPC. When a training job is created within a VPC, use VPC flow logs to monitor all traffic to and from the training cluster. For information about using VPC flow logs, see [VPC Flow Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) in the *Amazon Virtual Private Cloud User Guide*. The following policy enforces that a training job is created by a user calling [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) from within a VPC: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AllowFromVpc", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "ForAllValues:StringEquals": { "sagemaker:VpcSubnets": ["subnet-a1234"], "sagemaker:VpcSecurityGroupIds": ["sg12345", "sg-67890"] }, "Null": { "sagemaker:VpcSubnets": "false", "sagemaker:VpcSecurityGroupIds": "false" } } } ] } ``` ------ ### Restrict access to workforce types for Ground Truth labeling jobs and Amazon A2I Human Review workflows Amazon SageMaker Ground Truth and Amazon Augmented AI work teams fall into one of three [workforce types](https://docs.aws.amazon.com/sagemaker/latest/dg/sms-workforce-management.html): + public (with Amazon Mechanical Turk) + private + vendor You can restrict user access to a specific work team using one of these types or the work team ARN. To do so, use the `sagemaker:WorkteamType` and/or the `sagemaker:WorkteamArn` condition keys. For the `sagemaker:WorkteamType` condition key, use [string condition operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). For the `sagemaker:WorkteamArn` condition key, use [Amazon Resource Name (ARN) condition operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). If the user attempts to create a labeling job with a restricted work team, SageMaker AI returns an access denied error. The following policies show different ways to use the `sagemaker:WorkteamType` and `sagemaker:WorkteamArn` condition keys with appropriate condition operators and valid condition values. The following example uses the `sagemaker:WorkteamType` condition key with the `StringEquals` condition operator to restrict access to a public work team. It accepts condition values in the following format: `workforcetype-crowd`, where *workforcetype* can equal `public`, `private`, or `vendor`. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:WorkteamType": "public-crowd" } } } ] } ``` ------ The following policies show how to restrict access to a public work team using the `sagemaker:WorkteamArn` condition key. The first shows how to use it with a valid IAM regex-variant of the work team ARN and the `ArnLike` condition operator. The second shows how to use it with the `ArnEquals` condition operator and the work team ARN. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "ArnLike": { "sagemaker:WorkteamArn": "arn:aws:sagemaker:*:*:workteam/public-crowd/*" } } } ] } ``` ------ ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "ArnEquals": { "sagemaker:WorkteamArn": "arn:aws:sagemaker:us-west-2:394669845002:workteam/public-crowd/default" } } } ] } ``` ------ ### Enforce encryption of input data The following policy restricts a user to specify a AWS KMS key to encrypt input data using the `sagemaker:VolumeKmsKey` condition key when creating: + training + hyperparameter tuning + labeling jobs ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "EnforceEncryption", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateFlowDefinition" ], "Resource": "*", "Condition": { "ArnEquals": { "sagemaker:VolumeKmsKey": "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } } } ] } ``` ------ ### Enforce network isolation for training jobs The following policy restricts a user to enable network isolation when creating training jobs by using the `sagemaker:NetworkIsolation` condition key: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "EnforceIsolation", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "Bool": { "sagemaker:NetworkIsolation": "true" } } } ] } ``` ------ ### Enforce a specific instance type for training jobs The following policy restricts a user to use a specific instance type when creating training jobs by using the `sagemaker:InstanceTypes` condition key: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "EnforceInstanceType", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "ForAllValues:StringLike": { "sagemaker:InstanceTypes": ["ml.c5.*"] } } } ] } ``` ------ ### Enforce disabling internet access and root access for creating notebook instances You can disable both internet access and root access to notebook instances to help make them more secure. For information about controlling root access to a notebook instance, see [Control root access to a SageMaker notebook instance](nbi-root-access.md). For information about disabling internet access for a notebook instance, see [Connect a Notebook Instance in a VPC to External Resources](appendix-notebook-and-internet-access.md). The following policy requires a user to disable network access when creating instance, and disable root access when creating or updating a notebook instance. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "LockDownCreateNotebookInstance", "Effect": "Allow", "Action": [ "sagemaker:CreateNotebookInstance" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:DirectInternetAccess": "Disabled", "sagemaker:RootAccess": "Disabled" }, "Null": { "sagemaker:VpcSubnets": "false", "sagemaker:VpcSecurityGroupIds": "false" } } }, { "Sid": "LockDownUpdateNotebookInstance", "Effect": "Allow", "Action": [ "sagemaker:UpdateNotebookInstance" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:RootAccess": "Disabled" } } } ] } ``` ------ ## Control access to the SageMaker AI API by using identity-based policies To control access to SageMaker AI API calls and calls to SageMaker AI hosted endpoints, use identity-based IAM policies. **Topics** + [ ### Restrict access to SageMaker AI API and runtime to calls from within your VPC ](#api-access-policy-vpc) ### Restrict access to SageMaker AI API and runtime to calls from within your VPC If you set up an interface endpoint in your VPC, individuals outside the VPC can connect to the SageMaker AI API and runtime over the internet. To prevent this, attach an IAM policy that restricts access to calls coming from within the VPC. These calls must be restricted to all users and groups that have access to your SageMaker AI resources. For information about creating a VPC interface endpoint for the SageMaker AI API and runtime, see [Connect to SageMaker AI Within your VPC](interface-vpc-endpoint.md). **Important** If you apply an IAM policy similar to one of the following, users can't access the specified SageMaker AI APIs through the console. To restrict access to only connections made from within your VPC, create an AWS Identity and Access Management policy that restricts access. This access must be restricted to only calls that come from within your VPC. Then add that policy to every AWS Identity and Access Management user, group, or role used to access the SageMaker AI API or runtime. **Note** This policy allows connections only to callers within a subnet where you created an interface endpoint. ------ #### [ JSON ] **** ``` { "Id": "api-example-1", "Version":"2012-10-17", "Statement": [ { "Sid": "EnableAPIAccess", "Effect": "Allow", "Action": [ "sagemaker:*" ], "Resource": "*", "Condition": { "StringEquals": { "aws:SourceVpc": "vpc-111bbaaa" } } } ] } ``` ------ To restrict access to the API to only calls made using the interface endpoint, use the `aws:SourceVpce` condition key instead of `aws:SourceVpc`: ------ #### [ JSON ] **** ``` { "Id": "api-example-1", "Version":"2012-10-17", "Statement": [ { "Sid": "EnableAPIAccess", "Effect": "Allow", "Action": [ "sagemaker:CreatePresignedNotebookInstanceUrl" ], "Resource": "*", "Condition": { "StringEquals": { "aws:sourceVpce": [ "vpce-111bbccc", "vpce-111bbddd" ] } } } ] } ``` ------ ## Limit access to SageMaker AI API and runtime calls by IP address You can allow access to SageMaker AI API calls and runtime invocations only from IP addresses in a list that you specify. To do so, create an IAM policy that denies access to the API unless the call comes from an IP address in the list. Then attach that policy to every AWS Identity and Access Management user, group, or role used to access the API or runtime. For information about creating IAM policies, see [Creating IAM Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the *AWS Identity and Access Management User Guide*. To specify the list of IP addresses that have access to the API call, use the: + `IpAddress` condition operator + `aws:SourceIP` condition context key For information about IAM condition operators, see [IAM JSON Policy Elements: Condition Operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) in the *AWS Identity and Access Management User Guide*. For information about IAM condition context keys, see [AWS Global Condition Context Keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html). For example, the following policy allows access to the [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) only from IP addresses in the ranges `192.0.2.0`-`192.0.2.255` and `203.0.113.0`-`203.0.113.255`: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:CreateTrainingJob", "Resource": "*", "Condition": { "IpAddress": { "aws:SourceIp": [ "192.0.2.0/24", "203.0.113.0/24" ] } } } ] } ``` ------ ## Limit access to a notebook instance by IP address You can allow access to a notebook instance only from IP addresses in a list that you specify. To do so, create an IAM policy that denies access to [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html) unless the call comes from an IP address in the list. Then, attach this policy to every AWS Identity and Access Management user, group, or role used to access the notebook instance. For information about creating IAM policies, see [Creating IAM Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the *AWS Identity and Access Management User Guide*. To specify the list of IP addresses that you want to have access to the notebook instance, use the: + `IpAddress` condition operator + `aws:SourceIP` condition context key For information about IAM condition operators, see [IAM JSON Policy Elements: Condition Operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) in the *AWS Identity and Access Management User Guide*. For information about IAM condition context keys, see [AWS Global Condition Context Keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html). For example, the following policy allows access to a notebook instance only from IP addresses in the ranges `192.0.2.0`-`192.0.2.255` and `203.0.113.0`-`203.0.113.255`: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:CreatePresignedNotebookInstanceUrl", "Resource": "*", "Condition": { "IpAddress": { "aws:SourceIp": [ "192.0.2.0/24", "203.0.113.0/24" ] } } } ] } ``` ------ The policy restricts access to both the call to `CreatePresignedNotebookInstanceUrl` and to the URL that the call returns. The policy also restricts access to opening a notebook instance in the console. It is enforced for every HTTP request and WebSocket frame that attempts to connect to the notebook instance. **Note** Using this method to filter by IP address is incompatible when [connecting to SageMaker AI through a VPC interface endpoint.](https://docs.aws.amazon.com/sagemaker/latest/dg/interface-vpc-endpoint.html). For information about restricting access to a notebook instance when connecting through a VPC interface endpoint, see [Connect to a Notebook Instance Through a VPC Interface Endpoint](notebook-interface-endpoint.md). ## Control access to SageMaker AI resources by using tags Specify tags within an IAM policy to control access to groups of SageMaker AI resources. Use tags to implement attribute based access control (ABAC). Using tags helps you partition access to resources to specific groups of users. You can have one team with access to one group of resources and a different team with access to another set of resources. You can provide `ResourceTag` conditions in IAM policies to provide access for each group. **Note** Tag-based policies don't work to restrict the following API calls: DeleteImageVersion DescribeImageVersion ListAlgorithms ListCodeRepositories ListCompilationJobs ListEndpointConfigs ListEndpoints ListFlowDefinitions ListHumanTaskUis ListHyperparameterTuningJobs ListLabelingJobs ListLabelingJobsForWorkteam ListModelPackages ListModels ListNotebookInstanceLifecycleConfigs ListNotebookInstances ListSubscribedWorkteams ListTags ListProcessingJobs ListTrainingJobs ListTrainingJobsForHyperParameterTuningJob ListTransformJobs ListWorkteams Search A simple example can help you understand how you can use tags to partition resources. Suppose that you've defined two different IAM groups, named `DevTeam1` and `DevTeam2`, in your AWS account. You've created 10 notebook instances as well. You're using 5 of the notebook instances for one project. You're using the other 5 for a second project. You can provide `DevTeam1` with permissions to make API calls on the notebook instances that you're using for the first project. You can provide `DevTeam2` to make API calls on notebook instances used for the second project. The following procedure provides a simple example that helps you understand the concept of adding tags. You can use it to implement the solution described in the preceding paragraph. **To control access to API calls (example)** 1. Add a tag with the key `Project` and value `A` to the notebook instances used for the first project. For information about adding tags to SageMaker AI resources, see [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). 1. Add a tag with the key `Project` and value `B` to the notebook instances used for the second project. 1. Create an IAM policy with a `ResourceTag` condition that denies access to the notebook instances used for the second project. Then, attach that policy to `DevTeam1`. The following example policy denies all API calls on any notebook instance with a tag with a key of `Project` and a value of `B`: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:*", "Resource": "*" }, { "Effect": "Deny", "Action": "sagemaker:*", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:ResourceTag/Project": "B" } } }, { "Effect": "Deny", "Action": [ "sagemaker:AddTags", "sagemaker:DeleteTags" ], "Resource": "*" } ] } ``` ------ For information about creating IAM policies and attaching them to identities, see [Controlling Access Using Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html) in the *AWS Identity and Access Management User Guide*. 1. Create an IAM policy with a `ResourceTag` condition that denies access to the notebook instances used for the first project. Then, attach that policy to `DevTeam2`. The following example policy denies all API calls on any notebook instance with a tag with a key of `Project` and a value of `A`: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:*", "Resource": "*" }, { "Effect": "Deny", "Action": "sagemaker:*", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:ResourceTag/Project": "A" } } }, { "Effect": "Deny", "Action": [ "sagemaker:AddTags", "sagemaker:DeleteTags" ], "Resource": "*" } ] } ``` ------ ## Provide permissions for tagging SageMaker AI resources [Tags](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/what-are-tags.html) are metadata labels that you can attach to certain AWS resources. A tag consists of a key-value pair that provides a flexible way to annotate resources with metadata attributes for various [tagging use cases](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-use-cases.html) including: + search + security + [cost attribution](https://docs.aws.amazon.com/whitepapers/latest/sagemaker-studio-admin-best-practices/cost-attribution.html) + access control + automation They can be used in permissions and policies, service quotas, and integrations with other AWS services. Tags can be user-defined or AWS generated when creating resources. This depends on whether a user manually specifies custom tags or an AWS service automatically generates a tag. + *User-defined tags* in SageMaker AI: Users can add tags when they create SageMaker AI resources using SageMaker SDKs, the AWS CLI CLI, SageMaker APIs, SageMaker AI Console, or CloudFormation templates. **Note** User-defined tags can be overridden if a resource is later updated and the tag value is changed or replaced. For example, a training job created with \$1Team: A\$1 could be improperly updated and retagged as \$1Team: B\$1. As a result, the allowed permissions may be improperly assigned. Therefore, care should be given when allowing users or groups to add tags, as they may be able to override existing tag values. It's best practice to tightly scope tag permissions and use IAM conditions to control tagging abilities. + *AWS generated tags* in SageMaker AI: SageMaker AI automatically tags certain resources it creates. For example, Studio and Studio Classic automatically assign the `sagemaker:domain-arn` tag to SageMaker AI resources that they create. Tagging new resources with the domain ARN provides traceability into how SageMaker AI resources such as training jobs, models, and endpoints originate. For finer control and tracking, new resources receive additional tags such as: + `sagemaker:user-profile-arn` - The ARN of the user profile that created the resource. This allows tracking resources created by specific users. + `sagemaker:space-arn` - The ARN of the space in which the resource was created. This allows grouping and isolating resources per space. **Note** AWS generated tags cannot be changed by users. For general information on tagging AWS resources and best practices, see [Tagging your AWS resources](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html). For information on the main tagging use cases, see [Tagging use cases](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-use-cases.html). ### Grant permission to add tags when creating SageMaker AI resources You can allow users (*User-defined tags*) or Studio and Studio Classic (*AWS generated tags*) to add tags on new SageMaker AI resources at creation time. To do so, their IAM permissions must include both: + The base SageMaker AI create permission for that resource type. + The `sagemaker:AddTags` permission. For example, allowing a user to create a SageMaker training job and tag it would require granting permissions for `sagemaker:CreateTrainingJob` and `sagemaker:AddTags`. **Important** Custom IAM policies that allow Amazon SageMaker Studio or Amazon SageMaker Studio Classic to create Amazon SageMaker AI resources must also grant permissions to add tags to those resources. The permission to add tags to resources is required because Studio and Studio Classic automatically tag any resources they create. If an IAM policy allows Studio and Studio Classic to create resources but does not allow tagging, "AccessDenied" errors can occur when trying to create resources. [AWS managed policies for Amazon SageMaker AI](security-iam-awsmanpol.md) that give permissions to create SageMaker AI resources already include permissions to add tags while creating those resources. Administrators attach these IAM permissions to either: + AWS IAM roles assigned to the user for user-defined tags + the execution role used by Studio or Studio Classic for AWS generated tags For instructions on creating and applying custom IAM policies, see [Creating IAM policies (console)](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html). **Note** The list of SageMaker AI resource create operations can be found in the [SageMaker API documentation](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Operations_Amazon_SageMaker_Service.html) by searching for actions beginning with `Create`. These create actions, such as `CreateTrainingJob` and `CreateEndpoint`, are the operations that create new SageMaker AI resources. **Add tag permissions to certain create actions ** You grant the `sagemaker:AddTags` permission with constraints by attaching an additional IAM policy to the original resource creation policy. The following example policy allows `sagemaker:AddTags`, but restricts it to only certain SageMaker AI resource create actions such as `CreateTrainingJob`. ``` { "Sid": "AllowAddTagsForCreateOperations", "Effect": "Allow", "Action": [ "sagemaker:AddTags" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:TaggingAction": "CreateTrainingJob" } } } ``` The policy condition limits `sagemaker:AddTags` to being used alongside specific create actions. In this approach, the create permission policy remains intact while an extra policy provides restricted `sagemaker:AddTags` access. The condition prevents blanket `sagemaker:AddTags` permission by scoping it narrowly to creation actions that need tagging. This implements least privilege for `sagemaker:AddTags` by only permitting it for specific SageMaker AI resource creation use cases. **Example: Allow tag permission globally and restrict create actions to a domain** In this example of a custom IAM policy, the first two statements illustrate using tags to track resource creation. It allows the `sagemaker:CreateModel` action on all resources and tagging of those resources when that action is used. The third statement demonstrates how tag values can be used to control operations on resources. In this case, it prevents creating any SageMaker AI resources tagged with a specific domain ARN, restricting access based on the tag value. In particular: + The first statement allows the `CreateModel` action on any resource (`*`). + The second statement allows the `sagemaker:AddTags` action, but only when the `sagemaker:TaggingAction` condition key equals `CreateModel`. This restricts the `sagemaker:AddTags` action to only when it's being used to tag a newly created model. + The third statement denies any SageMaker AI create action (`Create*`) on any resource (`*`), but only when the resource has a tag `sagemaker:domain-arn` equal to a specific domain ARN, `domain-arn`. ``` { "Statement":[ { "Effect":"Allow", "Action":[ "sagemaker:CreateModel" ], "Resource":"*" }, { "Effect":"Allow", "Action":[ "sagemaker:AddTags" ], "Resource":"*", "Condition":{ "String":{ "sagemaker:TaggingAction":[ "CreateModel" ] } } }, { "Sid":"IsolateDomain", "Effect":"Deny", "Resource":"*", "Action":[ "sagemaker:Create*" ], "Condition":{ "StringEquals":{ "aws:ResourceTag/sagemaker:domain-arn":"domain-arn" } } } ] } ``` ## Limit access to searchable resources with visibility conditions Use visibility conditions to limit the access of your users to specific tagged resources within an AWS account. Your users can access only those resources for which they have permissions. When your users are searching through their resources, they can limit the search results to specific resources. You might want your users to only see and interact with the resources associated with specific Amazon SageMaker Studio or Amazon SageMaker Studio Classic domains. You can use visibility conditions to limit their access to a single domain or multiple domains. ``` { "Sid": "SageMakerApis", "Effect": "Allow", "Action": "sagemaker:Search", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:SearchVisibilityCondition/Tags.sagemaker:example-domain-arn/EqualsIfExists": "arn:aws:sagemaker:AWS Region:111122223333:domain/example-domain-1", "sagemaker:SearchVisibilityCondition/Tags.sagemaker:example-domain-arn/EqualsIfExists": "arn:aws:sagemaker:AWS Region:111122223333:domain/example-domain-2" } } } ``` The general format of a visibility condition is `"sagemaker:SearchVisibilityCondition/Tags.key": "value"`. You can provide the key-value pair for any tagged resource. ``` { "MaxResults": number, "NextToken": "string", "Resource": "string", # Required Parameter "SearchExpression": { "Filters": [ { "Name": "string", "Operator": "string", "Value": "string" } ], "NestedFilters": [ { "Filters": [ { "Name": "string", "Operator": "string", "Value": "string" } ], "NestedPropertyName": "string" } ], "Operator": "string", "SubExpressions": [ "SearchExpression" ] }, "IsCrossAccount": "string", "VisibilityConditions" : [ List of conditions for visibility {"Key": "Tags.sagemaker:example-domain-arn", "Value": "arn:aws:sagemaker:AWS Region:111122223333:domain/example-domain-1"}, {"Key": "Tags.sagemaker:example-domain-arn", "Value": "arn:aws:sagemaker:AWS Region:111122223333:domain/example-domain-2"} ] ], "SortBy": "string", "SortOrder": "string" } ``` The visibility condition within uses the same `"sagemaker:SearchVisibilityCondition/Tags.key": "value"` formatting specified in the policy. Your users can specify the key-value pairs used for any tagged resource. If a user includes the `VisibilityConditions` parameter in their [Search](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html) request, but the access policy that applies to that user doesn't contain any matching conditions keys that were specified in `VisibilityConditions`, the `Search` request is still allowed and will run. If a `VisibilityConditions` parameter is not specified in the user's [Search](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html) API request, but the access policy that applies to that user contains condition keys related to `VisibilityConditions`, that user's `Search` request is denied. # Cross-service confused deputy prevention The [confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy) is a security issue where an entity that doesn't have permission to perform an action can coerce a more-privileged entity to perform the action. In AWS, the confused deputy problem can arise due to cross-service impersonation. Cross-service impersonation can occur when one service (the *calling service*) invokes another service (the *called service*) and leverages the called service's elevated permissions to act on resources the calling service has no authorization to access. To prevent unauthorized access through the confused deputy problem, AWS provides tools to help secure your data across services. These tools help you control the permissions granted to service principals, limiting their access to only the resources in your account that are required. By carefully managing the access privileges of service principals, you can help mitigate the risk of services improperly accessing data or resources to which they should not have permissions. Read on for general guidance or navigate to an example for a specific SageMaker AI feature: **Topics** + [ ## Limit Permissions With Global Condition Keys ](#security-confused-deputy-context-keys) + [ ## SageMaker Edge Manager ](#security-confused-deputy-edge-manager) + [ ## SageMaker Images ](#security-confused-deputy-images) + [ ## SageMaker AI Inference ](#security-confused-deputy-inference) + [ ## SageMaker AI Batch Transform Jobs ](#security-confused-deputy-batch) + [ ## SageMaker AI Marketplace ](#security-confused-deputy-marketplace) + [ ## SageMaker Neo ](#security-confused-deputy-neo) + [ ## SageMaker Pipelines ](#security-confused-deputy-pipelines) + [ ## SageMaker Processing Jobs ](#security-confused-deputy-processing-job) + [ ## SageMaker Studio ](#security-confused-deputy-studio) + [ ## SageMaker Training Jobs ](#security-confused-deputy-training-job) ## Limit Permissions With Global Condition Keys We recommend using the `[aws:SourceArn](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn)` and `[aws:SourceAccount](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount)` global condition keys in resource policies to limit the permissions to the resource that Amazon SageMaker AI gives another service. If you use both global condition keys and the `aws:SourceArn` value contains the account ID, the `aws:SourceAccount` value and the account in the `aws:SourceArn` value must use the same account ID when used in the same policy statement. Use `aws:SourceArn` if you want only one resource to be associated with the cross-service access. Use `aws:SourceAccount` if you want to allow any resource in that account to be associated with the cross-service use. The most effective way to protect against the confused deputy problem is to use the `aws:SourceArn` global condition key with the full ARN of the resource. If you don't know the full ARN of the resource or if you are specifying multiple resources, use the `aws:SourceArn` global condition key with wildcards (`*`) for the unknown portions of the ARN. For example, `arn:aws:sagemaker:*:123456789012:*`. The following example shows how you can use the `aws:SourceArn` and `aws:SourceAccount` global condition keys in SageMaker AI to prevent the confused deputy problem. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": { "Sid": "ConfusedDeputyPreventionExamplePolicy", "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sagemaker:StartSession", "Resource": "arn:aws:sagemaker:us-east-1:123456789012:ResourceName/*", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-east-1:123456789012:*" }, "StringEquals": { "aws:SourceAccount": "123456789012" } } } } ``` ------ ## SageMaker Edge Manager The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker Edge Manager created by account number *123456789012* in the *us-west-2* Region. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:*" } } } } ``` ------ You can replace the `aws:SourceArn` in this template with the full ARN of one specific packaging job to further limit permissions. ## SageMaker Images The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for [SageMaker Images](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-byoi.html). Use this template with either `[Image](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Image.html)` or `[ImageVersion](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ImageVersion.html)`. This example uses an `ImageVersion` record ARN with the account number *123456789012*. Note that because the account number is part of the `aws:SourceArn` value, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-east-2:123456789012:image-version/*" } } } } ``` ------ Do not replace the `aws:SourceArn` in this template with the full ARN of a specific image or image version. The ARN must be in the format provided above and specify either `image` or `image-version`. The `partition` placeholder should designate either an AWS commercial partition (`aws`) or an AWS in China partition (`aws-cn`), depending on where the image or image version is running. Similarly, the `region` placeholder in the ARN can be any [valid Region](https://docs.aws.amazon.com/sagemaker/latest/dg/regions-quotas.html) where SageMaker images are available. ## SageMaker AI Inference The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker AI [real-time](https://docs.aws.amazon.com/sagemaker/latest/dg/realtime-endpoints), [serverless](https://docs.aws.amazon.com/sagemaker/latest/dg/serverless-endpoints), and [asynchronous](https://docs.aws.amazon.com/sagemaker/latest/dg/async-inference) inference. Note that because the account number is part of the `aws:SourceArn` value, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:*" } } } } ``` ------ Do not replace the `aws:SourceArn` in this template with the full ARN of a specific model or endpoint. The ARN must be in the format provided above. The asterisk in the ARN template does not stand for wildcard and should not be changed. ## SageMaker AI Batch Transform Jobs The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker AI [batch transform jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform.html) created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:transform-job/*" } } } ] } ``` ------ You can replace the `aws:SourceArn` in this template with the full ARN of one specific batch transform job to further limit permissions. ## SageMaker AI Marketplace The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker AI Marketplace resources created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:*" } } } ] } ``` ------ Do not replace the `aws:SourceArn` in this template with the full ARN of a specific algorithm or model package. The ARN must be in the format provided above. The asterisk in the ARN template does stand for wildcard and covers all training jobs, models, and batch transform jobs from validation steps, as well as algorithm and model packages published to SageMaker AI Marketplace. ## SageMaker Neo The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker Neo compilation jobs created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:compilation-job/*" } } } ] } ``` ------ You can replace the `aws:SourceArn` in this template with the full ARN of one specific compilation job to further limit permissions. ## SageMaker Pipelines The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for [SageMaker Pipelines](https://docs.aws.amazon.com/sagemaker/latest/dg/pipelines-overview.html) using pipeline execution records from one or more pipelines. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-east-1:123456789012:pipeline/mypipeline/*" } } } ] } ``` ------ Do not replace the `aws:SourceArn` in this template with the full ARN of a specific pipeline execution. The ARN must be in the format provided above. The `partition` placeholder should designate either an AWS commercial partition (`aws`) or an AWS in China partition (`aws-cn`), depending on where the pipeline is running. Similarly, the `region` placeholder in the ARN can be any [valid Region](https://docs.aws.amazon.com/sagemaker/latest/dg/regions-quotas.html) where SageMaker Pipelines is available. The asterisk in the ARN template does stand for wildcard and covers all pipeline executions of a pipeline named `mypipeline`. If you want to allow the `AssumeRole` permissions for all pipelines in account `123456789012` rather than one specific pipeline, then the `aws:SourceArn` would be `arn:aws:sagemaker:*:123456789012:pipeline/*`. ## SageMaker Processing Jobs The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker Processing jobs created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:processing-job/*" } } } ] } ``` ------ You can replace the `aws:SourceArn` in this template with the full ARN of one specific processing job to further limit permissions. ## SageMaker Studio The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker Studio created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is part of the `aws:SourceArn` value, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:*" } } } ] } ``` ------ Do not replace the `aws:SourceArn` in this template with the full ARN of a specific Studio application, user profile, or domain. The ARN must be in the format provided in the previous example. The asterisk in the ARN template does not stand for wildcard and should not be changed. ## SageMaker Training Jobs The following example shows how you can use the `aws:SourceArn` global condition key to prevent the cross-service confused deputy problem for SageMaker training jobs created by account number *123456789012* in the *us-west-2* Region. Note that because the account number is in the ARN, you do not need to specify an `aws:SourceAccount` value. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:sagemaker:us-west-2:123456789012:training-job/*" } } } ] } ``` ------ You can replace the `aws:SourceArn` in this template with the full ARN of one specific training job to further limit permissions. **Next Up** For more information on managing execution roles, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles). # How to use SageMaker AI execution roles Amazon SageMaker AI performs operations on your behalf using other AWS services. You must grant SageMaker AI permissions to use these services and the resources they act upon. You grant SageMaker AI these permissions using an AWS Identity and Access Management (IAM) execution role. For more information on IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html). To create and use an execution role, you can use the following procedures. ## Create execution role Use the following procedure to create an execution role with the IAM managed policy, `AmazonSageMakerFullAccess`, attached. If your use case requires more granular permissions, use other sections on this page to create an execution role that meets your business needs. You can create an execution role using the SageMaker AI console or the AWS CLI. **Important** The IAM managed policy, `AmazonSageMakerFullAccess`, used in the following procedure only grants the execution role permission to perform certain Amazon S3 actions on buckets or objects with `SageMaker`, `Sagemaker`, `sagemaker`, or `aws-glue` in the name. To learn how to add an additional policy to an execution role to grant it access to other Amazon S3 buckets and objects, see [Add Additional Amazon S3 Permissions to a SageMaker AI Execution Role](#sagemaker-roles-get-execution-role-s3). **Note** You can create an execution role directly when you create a SageMaker AI domain or a notebook instance. For information on how to create a SageMaker AI domain, see [Guide to getting set up with Amazon SageMaker AI](gs.md). For information on how to create a notebook instance, see [Create an Amazon SageMaker Notebook Instance for the tutorial](gs-setup-working-env.md). **To create a new execution role from the SageMaker AI console** 1. Open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/). 1. Choose **Roles** and then choose **Create role**. 1. Keep **AWS service** as the **Trusted entity type** and then use the down arrow to find **SageMaker AI** in **Use cases for other AWS services**. 1. Choose **SageMaker AI – Execution** and then choose **Next**. 1. The IAM managed policy, `AmazonSageMakerFullAccess`, is automatically attached to the role. To see the permissions included in this policy, choose the plus (**\$1**) sign next to the policy name. Choose **Next**. 1. Enter a **Role name** and a **Description**. 1. (Optional) Add additional permissions and tags to the role. 1. Choose **Create role**. 1. On the **Roles** section of the IAM console, find the role you just created. If needed, use the text box to search for the role using the role name. 1. On the role summary page, make note of the ARN. **To create a new execution role from the AWS CLI** Before you create an execution role using the AWS CLI, make sure to update and configure it by following the instructions in [(Optional) Configure the AWS CLI](gs-set-up.md#gs-cli-prereq), then continue with the instructions in [Custom setup using the AWS CLI](onboard-custom.md#onboard-custom-instructions-cli). Once you have created an execution role, you can associate it with a SageMaker AI domain, a user profile, or with a Jupyter notebook instance. + To learn about how to associate an execution role with an existing SageMaker AI domain, see [Edit domain settings](domain-edit.md). + To learn about how to associate an execution role with an existing user profile, see [Add user profiles](domain-user-profile-add.md). + To learn about how to associate an execution role with an existing notebook instance, see [Update a Notebook Instance](nbi-update.md). You can also pass the ARN of an execution role to your API call. For example, using [Amazon SageMaker Python SDK](https://sagemaker.readthedocs.io/en/stable), you can pass the ARN of your execution role to an estimator. In the code sample that follows, we create an estimator using the XGBoost algorithm container and pass the ARN of the execution role as a parameter. For the full example on GitHub, see [Customer Churn Prediction with XGBoost](https://github.com/aws/amazon-sagemaker-examples/blob/89c54681b7e0f83ce137b34b879388cf5960af93/introduction_to_applying_machine_learning/xgboost_customer_churn/xgboost_customer_churn.ipynb). ``` import sagemaker, boto3 from sagemaker import image_uris sess = sagemaker.Session() region = sess.boto_region_name bucket = sess.default_bucket() prefix = "sagemaker/DEMO-xgboost-churn" container = sagemaker.image_uris.retrieve("xgboost", region, "1.7-1") xgb = sagemaker.estimator.Estimator( container, execution-role-ARN, instance_count=1, instance_type="ml.m4.xlarge", output_path="s3://{}/{}/output".format(bucket, prefix), sagemaker_session=sess, ) ... ``` ### Add Additional Amazon S3 Permissions to a SageMaker AI Execution Role When you use a SageMaker AI feature with resources in Amazon S3, such as input data, the execution role you specify in your request (for example `CreateTrainingJob`) is used to access these resources. If you attach the IAM managed policy, `AmazonSageMakerFullAccess`, to an execution role, that role has permission to perform certain Amazon S3 actions on buckets or objects with `SageMaker`, `Sagemaker`, `sagemaker`, or `aws-glue` in the name. It also has permission to perform the following actions on any Amazon S3 resource: ``` "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketCors", "s3:PutBucketCors" ``` To give an execution role permissions to access one or more specific buckets in Amazon S3, you can attach a policy similar to the following to the role. This policy grants an IAM role permission to perform all actions that `AmazonSageMakerFullAccess` allows but restricts this access to the buckets amzn-s3-demo-bucket1 and amzn-s3-demo-bucket2. Refer to the security documentation for the specific SageMaker AI feature you are using to learn more about the Amazon S3 permissions required for that feature. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:AbortMultipartUpload" ], "Resource": [ "arn:aws:s3:::amzn-s3-demo-bucket1/*", "arn:aws:s3:::amzn-s3-demo-bucket2/*" ] }, { "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketCors", "s3:PutBucketCors" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:GetBucketAcl", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::amzn-s3-demo-bucket1", "arn:aws:s3:::amzn-s3-demo-bucket2" ] } ] } ``` ------ ## Get your execution role You can use the [SageMaker AI console](https://console.aws.amazon.com/sagemaker), [Amazon SageMaker Python SDK](https://sagemaker.readthedocs.io/en/stable), or the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html) to retrieve the ARN and name of the execution role attached to a SageMaker AI domain, space, or user profile. **Topics** + [ ### Get domain execution role ](#sagemaker-roles-get-execution-role-domain) + [ ### Get space execution role ](#sagemaker-roles-get-execution-role-space) + [ ### Get user execution role ](#sagemaker-roles-get-execution-role-user) ### Get domain execution role The following provides instructions on finding your domain’s execution role. #### Get domain execution role (console) **Find the execution role attached to your domain** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **Domain settings** tab. 1. In the **General settings** section, the execution role ARN is listed under **Execution role**. The execution role name is after the last `/` in the execution role ARN. ### Get space execution role The following provides instructions on finding your space’s execution role. #### Get space execution role (console) **Find the execution role attached to your space** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **Space management** tab. 1. In the **Details** section, the execution role ARN is listed under **Execution role**. The execution role name is after the last `/` in the execution role ARN. #### Get space execution role (SDK for Python) **Note** The following code is meant to be run in a SageMaker AI environment, like any of the IDEs in Amazon SageMaker Studio. You will receive an error if you run `get_execution_role` outside of a SageMaker AI environment. The following [https://sagemaker.readthedocs.io/en/stable/api/utility/session.html#sagemaker.session.get_execution_role](https://sagemaker.readthedocs.io/en/stable/api/utility/session.html#sagemaker.session.get_execution_role) [Amazon SageMaker Python SDK](https://sagemaker.readthedocs.io/en/stable) command retrieves the ARN of the execution role attached to the space. ``` from sagemaker import get_execution_role role = get_execution_role() print(role) ``` The execution role name is after the last `/` in the execution role ARN. ### Get user execution role The following provides instructions on finding a user’s execution role. #### Get user execution role (console) **Find the execution role attached to a user** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **User profiles** tab. 1. Choose the link corresponding to your user. 1. In the **Details** section, the execution role ARN is listed under **Execution role**. The execution role name is after the last `/` in the execution role ARN. #### Get space execution role (AWS CLI) **Note** To use the following examples, you must have the AWS Command Line Interface (AWS CLI) installed and configured. For information, see [Get started with the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) in the *AWS Command Line Interface User Guide for Version 2*. The following [https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html) AWS CLI command displays information about the IAM identity used to authenticate the request. The caller is an IAM user. ``` aws sts get-caller-identity ``` The execution role name is after the last `/` in the execution role ARN. ## Change your execution role An execution role is an IAM role that a SageMaker AI identity (like a SageMaker AI user, space, or domain) assumes. Changing the IAM role changes the permissions for all of the identities assuming that role. When you change an execution role the corresponding space's execution role will also change. The effects of the change may take some time to propagate. + When you change a *user's execution role*, the *private spaces* created by that user will assume the changed execution role. + When you change a *space's default execution role*, the *shared spaces* in the domain will assume the changed execution role. For more information on execution roles and spaces, see [Understanding domain space permissions and execution roles](execution-roles-and-spaces.md). You can change the execution role for a identity to a different IAM role by using one of the following instructions. If, instead, you want to *modify* a role that an identity is assuming, see [Modify permissions to execution role](#sagemaker-roles-modify-to-execution-role). **Topics** + [ ### Change the domain default execution role ](#sagemaker-roles-change-execution-role-domain) + [ ### Change space default execution role ](#sagemaker-roles-change-execution-role-space) + [ ### Change user profile execution role ](#sagemaker-roles-change-execution-role-user) ### Change the domain default execution role The following provides instructions on changing your domain’s default execution role. #### Change the domain default execution role (console) **Change the default execution role attached to your domain** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **Domain settings** tab. 1. In the **General settings** section, choose **Edit**. 1. In the **Permissions** section, under **Default execution role** expand the drop-down list. 1. In the drop-down list you can choose an existing role, enter a custom IAM role ARN, or create a new role. If you wish to create a new role, you can choose **Create role using the role creation wizard** option. 1. Choose Next in the following steps and choose Submit on the last step. ### Change space default execution role The following provides instructions on changing your space’s default execution role. Changing this execution role will change the role assumed by all of the shared spaces in the domain. #### Change space default execution role (console) **Change the space default execution role for when you create a new space** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **Domain settings** tab. 1. In the **General settings** section, choose **Edit**. 1. In the **Permissions** section, under **Space default execution role** expand the drop-down list. 1. In the drop-down list you can choose an existing role, enter a custom IAM role ARN, or create a new role. If you wish to create a new role, you can choose **Create role using the role creation wizard** option. 1. Choose **Next** in the following steps and choose **Submit** on the last step. ### Change user profile execution role The following provides instructions on changing a user’s execution role. Changing this execution role will change the role assumed by all of the private spaces created by this user. #### Change user profile execution role (console) **Change the execution role attached to a user** 1. Open the SageMaker AI console, [https://console.aws.amazon.com/sagemaker/](https://console.aws.amazon.com/sagemaker/) 1. On the left navigation pane, choose **Domains** under **Admin configurations**. 1. Choose the link corresponding to your domain. 1. Choose the **User profiles** tab. 1. Choose the link corresponding to the user profile name. 1. Choose **Edit**. 1. In the drop-down list you can choose an existing role, enter a custom IAM role ARN, or create a new role. If you wish to create a new role, you can choose **Create role using the role creation wizard** option. 1. Choose **Next** in the following steps and choose **Submit** on the last step. ## Modify permissions to execution role You can modify existing permissions to the execution role of an identity (like a SageMaker AI user, space, or domain). This is done by finding the appropriate IAM role that the identity is assuming, then modifying that IAM role. The following will provide instructions on achieving this through the console. When you modify an execution role the corresponding space's execution role will also change. The effects of the change may not be immediate. + When you modify a *user's execution role*, the *private spaces* created by that user will assume the modified execution role. + When you modify a *space's default execution role*, the *shared spaces* in the domain will assume the modified execution role. For more information on execution roles and spaces, see [Understanding domain space permissions and execution roles](execution-roles-and-spaces.md). If, instead, you want to *change* a role that an identity is assuming, see [Change your execution role](#sagemaker-roles-change-execution-role). ### Modify permissions to execution role (console) **To modify permissions to your execution roles** 1. First get name of the identity you would like to modify. + [Get domain execution role](#sagemaker-roles-get-execution-role-domain) + [Get space execution role](#sagemaker-roles-get-execution-role-space) + [Get user execution role](#sagemaker-roles-get-execution-role-user) 1. To modify a role that an identity is assuming, see [Modifying a role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_modify.html) in the *AWS Identity and Access Management User Guide*. For more information and instructions on adding permissions to IAM identities, see [Add or remove identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) in the *AWS Identity and Access Management User Guide*. ## Passing Roles Actions like passing a role between services are a common function within SageMaker AI. You can find more details on [Actions, Resources, and Condition Keys for SageMaker AI](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html#amazonsagemaker-actions-as-permissions) in the *Service Authorization Reference*. You pass the role (`iam:PassRole`) when making these API calls: [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCompilationJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCompilationJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFeatureGroup.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFeatureGroup.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateMonitoringSchedule.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateMonitoringSchedule.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RenderUiTemplate.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RenderUiTemplate.html), [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html), and [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html). You attach the following trust policy to the IAM role which grants SageMaker AI principal permissions to assume the role, and is the same for all of the execution roles: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } ``` ------ The permissions that you need to grant to the role vary depending on the API that you call. The following sections explain these permissions. **Note** Instead of managing permissions by crafting a permission policy, you can use the AWS-managed `AmazonSageMakerFullAccess` permission policy. The permissions in this policy are fairly broad, to allow for any actions you might want to perform in SageMaker AI. For a listing of the policy including information about the reasons for adding many of the permissions, see [AWS managed policy: AmazonSageMakerFullAccess](security-iam-awsmanpol.md#security-iam-awsmanpol-AmazonSageMakerFullAccess). If you prefer to create custom policies and manage permissions to scope the permissions only to the actions you need to perform with the execution role, see the following topics. **Important** If you're running into issues, see [Troubleshooting Amazon SageMaker AI Identity and Access](security_iam_troubleshoot.md). For more information about IAM roles, see [IAM Roles](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *Service Authorization Reference*. **Topics** + [ ## Create execution role ](#sagemaker-roles-create-execution-role) + [ ## Get your execution role ](#sagemaker-roles-get-execution-role) + [ ## Change your execution role ](#sagemaker-roles-change-execution-role) + [ ## Modify permissions to execution role ](#sagemaker-roles-modify-to-execution-role) + [ ## Passing Roles ](#sagemaker-roles-pass-role) + [ ## CreateAutoMLJob and CreateAutoMLJobV2 API: Execution Role Permissions ](#sagemaker-roles-autopilot-perms) + [ ## CreateDomain API: Execution Role Permissions ](#sagemaker-roles-createdomain-perms) + [ ## CreateImage and UpdateImage APIs: Execution Role Permissions ](#sagemaker-roles-createimage-perms) + [ ## CreateNotebookInstance API: Execution Role Permissions ](#sagemaker-roles-createnotebookinstance-perms) + [ ## CreateHyperParameterTuningJob API: Execution Role Permissions ](#sagemaker-roles-createhyperparametertiningjob-perms) + [ ## CreateProcessingJob API: Execution Role Permissions ](#sagemaker-roles-createprocessingjob-perms) + [ ## CreateTrainingJob API: Execution Role Permissions ](#sagemaker-roles-createtrainingjob-perms) + [ ## CreateModel API: Execution Role Permissions ](#sagemaker-roles-createmodel-perms) + [ # SageMaker geospatial capabilities roles ](sagemaker-geospatial-roles.md) ## CreateAutoMLJob and CreateAutoMLJobV2 API: Execution Role Permissions For an execution role that you can pass in a `CreateAutoMLJob` or `CreateAutoMLJobV2` API request, you can attach the following minimum permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeModel", "sagemaker:InvokeEndpoint", "sagemaker:ListTags", "sagemaker:DescribeEndpoint", "sagemaker:CreateModel", "sagemaker:CreateEndpointConfig", "sagemaker:CreateEndpoint", "sagemaker:DeleteModel", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteEndpoint", "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "*" } ] } ``` ------ If you specify a private VPC for your AutoML job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ] } ``` If your input is encrypted using server-side encryption with an AWS KMS–managed key (SSE-KMS), add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Decrypt" ] } ``` If you specify a KMS key in the output configuration of your AutoML job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Encrypt" ] } ``` If you specify a volume KMS key in the resource configuration of your AutoML job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:CreateGrant" ] } ``` ## CreateDomain API: Execution Role Permissions The execution role for domains with IAM Identity Center and the user/execution role for IAM domains need the following permissions when you pass an AWS KMS customer managed key as the `KmsKeyId` in the `CreateDomain` API request. The permissions are enforced during the `CreateApp` API call. For an execution role that you can pass in the `CreateDomain` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kms:CreateGrant", "kms:DescribeKey" ], "Resource": "arn:aws:kms:us-east-1:111122223333:key/kms-key-id" } ] } ``` ------ Alternatively, if the permissions are specified in a KMS policy, you can attach the following policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "Allow use of the key", "Effect": "Allow", "Principal": { "AWS": [ "arn:aws:iam::111122223333:role/ExecutionRole" ] }, "Action": [ "kms:CreateGrant", "kms:DescribeKey" ], "Resource": "*" } ] } ``` ------ ## CreateImage and UpdateImage APIs: Execution Role Permissions For an execution role that you can pass in a `CreateImage` or `UpdateImage` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer" ], "Resource": "*" } ] } ``` ------ ## CreateNotebookInstance API: Execution Role Permissions The permissions that you grant to the execution role for calling the `CreateNotebookInstance` API depend on what you plan to do with the notebook instance. If you plan to use it to invoke SageMaker AI APIs and pass the same role when calling the `CreateTrainingJob` and `CreateModel` APIs, attach the following permissions policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:*", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:BatchCheckLayerAvailability", "ecr:SetRepositoryPolicy", "ecr:CompleteLayerUpload", "ecr:BatchDeleteImage", "ecr:UploadLayerPart", "ecr:DeleteRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:DeleteRepository", "ecr:PutImage", "ecr:CreateRepository", "cloudwatch:PutMetricData", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:GetLogEvents", "s3:CreateBucket", "s3:ListBucket", "s3:GetBucketLocation", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "robomaker:CreateSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:DeleteSimulationApplication", "robomaker:CreateSimulationJob", "robomaker:DescribeSimulationJob", "robomaker:CancelSimulationJob", "ec2:CreateVpcEndpoint", "ec2:DescribeRouteTables", "elasticfilesystem:DescribeMountTargets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "codecommit:GitPull", "codecommit:GitPush" ], "Resource": [ "arn:aws:codecommit:*:*:*sagemaker*", "arn:aws:codecommit:*:*:*SageMaker*", "arn:aws:codecommit:*:*:*Sagemaker*" ] }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } } ] } ``` ------ To tighten the permissions, limit them to specific Amazon S3 and Amazon ECR resources, by restricting `"Resource": "*"`, as follows: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:*", "ecr:GetAuthorizationToken", "cloudwatch:PutMetricData", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:GetLogEvents" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::inputbucket" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::inputbucket/object1", "arn:aws:s3:::outputbucket/path", "arn:aws:s3:::inputbucket/object2", "arn:aws:s3:::inputbucket/object3" ] }, { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": [ "arn:aws:ecr:us-east-1:111122223333:repository/my-repo1", "arn:aws:ecr:us-east-1:111122223333:repository/my-repo2", "arn:aws:ecr:us-east-1:111122223333:repository/my-repo3" ] } ] } ``` ------ If you plan to access other resources, such as Amazon DynamoDB or Amazon Relational Database Service, add the relevant permissions to this policy. In the preceding policy, you scope the policy as follows: + Scope the `s3:ListBucket` permission to the specific bucket that you specify as `InputDataConfig.DataSource.S3DataSource.S3Uri` in a `CreateTrainingJob` request. + Scope `s3:GetObject `, `s3:PutObject`, and `s3:DeleteObject` permissions as follows: + Scope to the following values that you specify in a `CreateTrainingJob` request: `InputDataConfig.DataSource.S3DataSource.S3Uri` `OutputDataConfig.S3OutputPath` + Scope to the following values that you specify in a `CreateModel` request: `PrimaryContainer.ModelDataUrl` `SuplementalContainers.ModelDataUrl` + Scope `ecr` permissions as follows: + Scope to the `AlgorithmSpecification.TrainingImage` value that you specify in a `CreateTrainingJob` request. + Scope to the `PrimaryContainer.Image` value that you specify in a `CreateModel` request: The `cloudwatch` and `logs` actions are applicable for "\$1" resources. For more information, see [CloudWatch Resources and Operations](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/iam-access-control-overview-cw.html#CloudWatch_ARN_Format) in the Amazon CloudWatch User Guide. ## CreateHyperParameterTuningJob API: Execution Role Permissions For an execution role that you can pass in a `CreateHyperParameterTuningJob` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "*" } ] } ``` ------ Instead of the specifying `"Resource": "*"`, you could scope these permissions to specific Amazon S3, Amazon ECR, and Amazon CloudWatch Logs resources: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::inputbucket" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::inputbucket/object", "arn:aws:s3:::outputbucket/path" ] }, { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "arn:aws:ecr:us-east-1:111122223333:repository/my-repo" }, { "Effect": "Allow", "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams" ], "Resource": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/sagemaker/TrainingJobs*" } ] } ``` ------ If the training container associated with the hyperparameter tuning job needs to access other data sources, such as DynamoDB or Amazon RDS resources, add relevant permissions to this policy. In the preceding policy, you scope the policy as follows: + Scope the `s3:ListBucket` permission to a specific bucket that you specify as the `InputDataConfig.DataSource.S3DataSource.S3Uri` in a `CreateTrainingJob` request. + Scope the `s3:GetObject `and `s3:PutObject` permissions to the following objects that you specify in the input and output data configuration in a `CreateHyperParameterTuningJob` request: `InputDataConfig.DataSource.S3DataSource.S3Uri` `OutputDataConfig.S3OutputPath` + Scope Amazon ECR permissions to the registry path (`AlgorithmSpecification.TrainingImage`) that you specify in a `CreateHyperParameterTuningJob` request. + Scope Amazon CloudWatch Logs permissions to log group of SageMaker training jobs. The `cloudwatch` actions are applicable for "\$1" resources. For more information, see [ CloudWatch Resources and Operations](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html#CWL_ARN_Format) in the Amazon CloudWatch User Guide. If you specify a private VPC for your hyperparameter tuning job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ] } ``` If your input is encrypted using server-side encryption with an AWS KMS–managed key (SSE-KMS), add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Decrypt" ] } ``` If you specify a KMS key in the output configuration of your hyperparameter tuning job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Encrypt" ] } ``` If you specify a volume KMS key in the resource configuration of your hyperparameter tuning job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:CreateGrant" ] } ``` ## CreateProcessingJob API: Execution Role Permissions For an execution role that you can pass in a `CreateProcessingJob` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "*" } ] } ``` ------ Instead of the specifying `"Resource": "*"`, you could scope these permissions to specific Amazon S3 and Amazon ECR resources: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::inputbucket" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::inputbucket/object", "arn:aws:s3:::outputbucket/path" ] }, { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "arn:aws:ecr:us-east-1:111122223333:repository/my-repo" } ] } ``` ------ If `CreateProcessingJob.AppSpecification.ImageUri` needs to access other data sources, such as DynamoDB or Amazon RDS resources, add relevant permissions to this policy. In the preceding policy, you scope the policy as follows: + Scope the `s3:ListBucket` permission to a specific bucket that you specify as the `ProcessingInputs` in a `CreateProcessingJob` request. + Scope the `s3:GetObject `and `s3:PutObject` permissions to the objects that will be downloaded or uploaded in the `ProcessingInputs` and `ProcessingOutputConfig` in a `CreateProcessingJob` request. + Scope Amazon ECR permissions to the registry path (`AppSpecification.ImageUri`) that you specify in a `CreateProcessingJob` request. The `cloudwatch` and `logs` actions are applicable for "\$1" resources. For more information, see [CloudWatch Resources and Operations](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/iam-access-control-overview-cw.html#CloudWatch_ARN_Format) in the Amazon CloudWatch User Guide. If you specify a private VPC for your processing job, add the following permissions. Don't scope in the policy with any conditions or resource filters. Otherwise, the validation checks that occur during the creation of the processing job fail. ``` { "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ] } ``` If your input is encrypted using server-side encryption with an AWS KMS–managed key (SSE-KMS), add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Decrypt" ] } ``` If you specify a KMS key in the output configuration of your processing job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Encrypt" ] } ``` If you specify a volume KMS key in the resource configuration of your processing job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:CreateGrant" ] } ``` ## CreateTrainingJob API: Execution Role Permissions For an execution role that you can pass in a `CreateTrainingJob` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "*" } ] } ``` ------ Instead of the specifying `"Resource": "*"`, you could scope these permissions to specific Amazon S3 and Amazon ECR resources: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::inputbucket" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::inputbucket/object", "arn:aws:s3:::outputbucket/path" ] }, { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "arn:aws:ecr:us-east-1:111122223333:repository/my-repo" } ] } ``` ------ If `CreateTrainingJob.AlgorithSpecifications.TrainingImage` needs to access other data sources, such as DynamoDB or Amazon RDS resources, add relevant permissions to this policy. If you specify an algorithm resource by using the `AlgorithmSpecification.AlgorithmArn` parameter, the execution role must also have the following permission: ``` { "Effect": "Allow", "Action": [ "sagemaker:DescribeAlgorithm" ], "Resource": "arn:aws:sagemaker:*:*:algorithm/*" } ``` In the preceding policy, you scope the policy as follows: + Scope the `s3:ListBucket` permission to a specific bucket that you specify as the `InputDataConfig.DataSource.S3DataSource.S3Uri` in a `CreateTrainingJob` request. + Scope the `s3:GetObject `and `s3:PutObject` permissions to the following objects that you specify in the input and output data configuration in a `CreateTrainingJob` request: `InputDataConfig.DataSource.S3DataSource.S3Uri` `OutputDataConfig.S3OutputPath` + Scope Amazon ECR permissions to the registry path (`AlgorithmSpecification.TrainingImage`) that you specify in a `CreateTrainingJob` request. The `cloudwatch` and `logs` actions are applicable for "\$1" resources. For more information, see [CloudWatch Resources and Operations](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/iam-access-control-overview-cw.html#CloudWatch_ARN_Format) in the Amazon CloudWatch User Guide. If you specify a private VPC for your training job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ] } ``` If your input is encrypted using server-side encryption with an AWS KMS–managed key (SSE-KMS), add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Decrypt" ] } ``` If you specify a KMS key in the output configuration of your training job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:Encrypt" ] } ``` If you specify a volume KMS key in the resource configuration of your training job, add the following permissions: ``` { "Effect": "Allow", "Action": [ "kms:CreateGrant" ] } ``` ## CreateModel API: Execution Role Permissions For an execution role that you can pass in a `CreateModel` API request, you can attach the following permission policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "s3:GetObject", "s3:ListBucket", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": "*" } ] } ``` ------ Instead of the specifying `"Resource": "*"`, you can scope these permissions to specific Amazon S3 and Amazon ECR resources: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "logs:DescribeLogStreams", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::inputbucket/object" ] }, { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "Resource": [ "arn:aws:ecr:us-east-1:111122223333:repository/my-repo", "arn:aws:ecr:us-east-1:111122223333:repository/my-repo" ] } ] } ``` ------ If `CreateModel.PrimaryContainer.Image` need to access other data sources, such as Amazon DynamoDB or Amazon RDS resources, add relevant permissions to this policy. In the preceding policy, you scope the policy as follows: + Scope S3 permissions to objects that you specify in the `PrimaryContainer.ModelDataUrl` in a [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. + Scope Amazon ECR permissions to a specific registry path that you specify as the `PrimaryContainer.Image` and `SecondaryContainer.Image` in a `CreateModel` request. The `cloudwatch` and `logs` actions are applicable for "\$1" resources. For more information, see [CloudWatch Resources and Operations](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/iam-access-control-overview-cw.html#CloudWatch_ARN_Format) in the Amazon CloudWatch User Guide. **Note** If you plan to use the [SageMaker AI deployment guardrails feature](https://docs.aws.amazon.com/sagemaker/latest/dg/deployment-guardrails.html) for model deployment in production, ensure that your execution role has permission to perform the `cloudwatch:DescribeAlarms` action on your auto-rollback alarms. If you specify a private VPC for your model, add the following permissions: ``` { "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ] } ``` # SageMaker geospatial capabilities roles As a managed service, Amazon SageMaker geospatial capabilities performs operations on your behalf on the AWS hardware that is managed by SageMaker AI. Use AWS Identity and Access Management to grant users, groups, and roles access to SageMaker geospatial. An IAM Administrator can grant these permissions to user, group, or role using the AWS Management Console, AWS CLI, or one of the AWS SDKs. **To use SageMaker geospatial you need the following IAM permissions.** 1. **An SageMaker AI execution role.** To use the SageMaker geospatial specific API operations your SageMaker AI execution role must include the SageMaker geospatial service principal, `sagemaker-geospatial.amazonaws.com` in the execution role's trust policy. This allows the SageMaker AI execution role to perform actions in your AWS account on your behalf. 1. **A user, group, or role that has access Amazon SageMaker Studio Classic and SageMaker geospatial** To get started with SageMaker geospatial you can use the AWS managed policy: `AmazonSageMakerGeospatialFullAccess`. This grants will grant a user, group, or role full access to SageMaker geospatial. To see the policy and learn more about which actions, resources, and conditions are available, see [AWS managed policy: AmazonSageMakerFullAccess](security-iam-awsmanpol.md#security-iam-awsmanpol-AmazonSageMakerFullAccess). To get started with Studio Classic and creating a Amazon SageMaker AI domain, see [Amazon SageMaker AI domain overview](gs-studio-onboard.md). Use the following topics to create a new SageMaker AI execution role, update an existing SageMaker AI execution role, and learn how to manage permissions using SageMaker geospatial specific IAM actions, resources, and conditions. **Topics** + [ # Creating an new SageMaker AI execution role ](sagemaker-geospatial-roles-create-execution-role.md) + [ # Adding the SageMaker geospatial service principal to an existing SageMaker AI execution role ](sagemaker-geospatial-roles-pass-role.md) + [ # `StartEarthObservationJob` API: Execution role permissions ](sagemaker-roles-start-eoj-perms.md) + [ # `StartVectorEnrichmentJob` API: Execution role permissions ](sagemaker-roles-start-vej-perms.md) + [ # `ExportEarthObservationJob` API: Execution role permissions ](sagemaker-roles-export-eoj-perms.md) + [ # `ExportVectorEnrichmentJob` API: Execution Role Permissions ](sagemaker-roles-export-vej-perms.md) # Creating an new SageMaker AI execution role To work with SageMaker geospatial capabilities, you must set up a user, group, or role, and an execution role. A user role is an AWS identity with permissions policies that determine what the user can and cannot do within AWS. An execution role is an IAM role that grants the service permission to access your AWS resources. An execution role consists of permissions and trust policy. The trust policy specifies which principals have the permission to assume the role. SageMaker geospatial also requires a different service principal, `sagemaker-geospatial.amazonaws.com`. If you are an existing SageMaker AI customer, you must add this additional service principal to your trust policy. Use the following procedure to create an new execution role with the IAM managed policy, `AmazonSageMakerGeospatialFullAccess`, attached. If your use case requires more granular permissions, use other sections of this guide to create an execution role that meets your business needs. **Important** The IAM managed policy, `AmazonSageMakerGeospatialFullAccess`, used in the following procedure, only grants the execution role permission to perform certain Amazon S3 actions on buckets or objects with `SageMaker`, `Sagemaker`, `sagemaker`, or `aws-glue` in the name. To learn how to update the execution role's policy to grant it access to other Amazon S3 buckets and objects, see [Add Additional Amazon S3 Permissions to a SageMaker AI Execution Role](sagemaker-roles.md#sagemaker-roles-get-execution-role-s3). **To create a new role** 1. Open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/). 1. Select **Roles** and then select **Create role**. 1. Select **SageMaker**. 1. Select **Next: Permissions**. 1. The IAM managed policy, `AmazonSageMakerGeospatialFullAccess` is automatically attached to this role. To see the permissions included in this policy, select the sideways arrow next to the policy name. Select **Next: Tags**. 1. (Optional) Add tags and select **Next: Review**. 1. Give the role a name in the text field under **Role name** and select **Create role**. 1. In the **Roles** section of the IAM console, select the role you just created in step 7. If needed, use the text box to search for the role using the role name you entered in step 7. 1. On the role summary page, make note of the ARN. # Adding the SageMaker geospatial service principal to an existing SageMaker AI execution role To use the SageMaker geospatial specific API operations your SageMaker AI execution role must include the SageMaker geospatial service principal, `sagemaker-geospatial.amazonaws.com` in the execution role's trust policy. This allows the SageMaker AI execution role to perform actions in your AWS account on your behalf. Actions like passing a role between services are common within SageMaker AI. For more details, To add the SageMaker geospatial service principal to an existing SageMaker AI execution role update the existing policy to include the SageMaker geospatial service principal as shown in the following trust policy. By attaching the service principal to the trust policy a SageMaker AI execution role can now run the SageMaker geospatial specific APIs on your behalf. To learn more about SageMaker geospatial specific IAM actions, resources, and conditions, see [Actions, Resources, and Condition Keys for SageMaker AI](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonsagemaker.html#amazonsagemaker-actions-as-permissions) in the *IAM User Guide*. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "sagemaker-geospatial.amazonaws.com", "sagemaker.amazonaws.com" ] }, "Action": "sts:AssumeRole" } ] } ``` ------ # `StartEarthObservationJob` API: Execution role permissions For an execution role that you can pass in a `StartEarthObservationJob` API request, you can attach the following minimum permissions policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetEarthObservationJob", "Resource": "arn:aws:sagemaker-geospatial:*:*:earth-observation-job/*" }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetRasterDataCollection", "Resource": "arn:aws:sagemaker-geospatial:*:*:raster-data-collection/*" } ] } ``` ------ If your input Amazon S3 bucket is encrypted using server-side encryption with an AWS KMS managed key (SSE-KMS), see [Using Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html) for more information. # `StartVectorEnrichmentJob` API: Execution role permissions For an execution role that you can pass in a `StartVectorEnrichmentJob` API request, you can attach the following minimum permissions policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetVectorEnrichmentJob", "Resource": "arn:aws:sagemaker-geospatial:*:*:vector-enrichment-job/*" } ] } ``` ------ If your input Amazon S3 bucket is encrypted using server-side encryption with an AWS KMS managed key (SSE-KMS), see [Using Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html) for more information. # `ExportEarthObservationJob` API: Execution role permissions For an execution role that you can pass in a `ExportEarthObservationJob` API request, you can attach the following minimum permissions policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetEarthObservationJob", "Resource": "arn:aws:sagemaker-geospatial:*:*:earth-observation-job/*" } ] } ``` ------ If your input Amazon S3 bucket is encrypted using server-side encryption with an AWS KMS managed key (SSE-KMS), see [Using Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html) for more information. # `ExportVectorEnrichmentJob` API: Execution Role Permissions For an execution role that you can pass in a `ExportVectorEnrichmentJob` API request, you can attach the following minimum permissions policy to the role: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetVectorEnrichmentJob", "Resource": "arn:aws:sagemaker-geospatial:*:*:vector-enrichment-job/*" } ] } ``` ------ If your input Amazon S3 bucket is encrypted using server-side encryption with an AWS KMS managed key (SSE-KMS), see [Using Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html). # Amazon SageMaker Role Manager Role Manager Machine learning (ML) administrators striving for least-privilege permissions with Amazon SageMaker AI must account for a diversity of industry perspectives, including the unique least-privilege access needs required for personas such as data scientists, machine learning operation (MLOps) engineers, and more. Use Amazon SageMaker Role Manager to build and manage persona-based IAM roles for common machine learning needs directly through the Amazon SageMaker AI console. Amazon SageMaker Role Manager provides 3 preconfigured role personas and predefined permissions for common ML activities. Explore the provided personas and their suggested policies, or create and maintain roles for personas unique to your business needs. If you require additional customization, specify networking and encryption permissions for [Amazon Virtual Private Cloud](https://aws.amazon.com/vpc/) resources and [AWS Key Management Service](https://aws.amazon.com/kms/) encryption keys in [Step 1. Enter role information](role-manager-tutorial.md#role-manager-tutorial-enter-role-information) of the Amazon SageMaker Role Manager. **Topics** + [ # Using the role manager (console) ](role-manager-tutorial.md) + [ # Using the role manager (AWS CDK) ](role-manager-tutorial-cdk.md) + [ # Persona reference ](role-manager-personas.md) + [ # ML activity reference ](role-manager-ml-activities.md) + [ # Launch Studio Classic ](role-manager-launch-notebook.md) + [ # Role Manager FAQs ](role-manager-faqs.md) # Using the role manager (console) You can use the Amazon SageMaker Role Manager from the following locations on the left-hand navigation of the Amazon SageMaker AI console: + **Getting started** – Quickly add permissions policies for your users. + **domains** – Add permissions policies for users within a Amazon SageMaker AI domain. + **Notebooks** – Add least permissions for users who create and run notebooks. + **Training** – Add least permissions for users who create and manage training jobs. + **Inference** – Add least permissions for users who deploy and manage models for inference. You can use the following are procedures to start the process of creating a role from different locations in the SageMaker AI console. ## Getting started If you're using SageMaker AI for the first time, we recommend creating a role from the **Getting started** section. To create a role using Amazon SageMaker Role Manager, do the following. 1. Open the Amazon SageMaker AI console. 1. On the left navigation pane, choose **Admin configurations**. 1. Under **Admin configurations**, choose **Role manager**. 1. Choose **Create a role**. ## domains You can create a role using Amazon SageMaker Role Manager when you start the process of creating a Amazon SageMaker AI domain. To create a role using Amazon SageMaker Role Manager, do the following. 1. Open the Amazon SageMaker AI console. 1. On the left navigation pane, choose **Admin configurations**. 1. Under **Admin configurations**, choose **domains**. 1. Choose **Create domain**. 1. Choose **Create role using the role creation wizard**. ## Notebook You can create a role using Amazon SageMaker Role Manager when you start the process of creating a notebook. To create a role using Amazon SageMaker Role Manager, do the following. 1. Open the Amazon SageMaker AI console. 1. On the left-hand navigation, select **Notebook**. 1. Choose **Notebook instances**. 1. Choose **Create notebook instance**. 1. Choose **Create role using the role creation wizard**. ## Training You can create a role using Amazon SageMaker Role Manager when you start the process of creating a training job. To create a role using Amazon SageMaker Role Manager, do the following. 1. Open the Amazon SageMaker AI console. 1. On the left-hand navigation, choose **Training**. 1. Select **Training jobs**. 1. Choose **Create training job**. 1. Choose **Create role using the role creation wizard**. ## Inference You can create a role using Amazon SageMaker Role Manager when you start the process of deploying a model for inference. To create a role using Amazon SageMaker Role Manager, do the following. 1. Open the Amazon SageMaker AI console. 1. On the left-hand navigation, choose **Inference**. 1. Select **Models**. 1. Choose **Create model**. 1. Choose **Create role using the role creation wizard**. After you've completed one of the preceding procedures, use the information in the following sections to help you create the role. ## Prerequisites To use Amazon SageMaker Role Manager, you must have permission to create an IAM role. This permission is usually available to ML administrators and roles with least-privilege permissions for ML practitioners. You can temporarily assume an IAM role in the AWS Management Console by [switching roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-console.html). For more information about methods for using roles, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide*. ## Step 1. Enter role information Provide a name to use as the unique suffix of your new SageMaker AI role. By default, the prefix `"sagemaker-"` is added to every role name for easier search in the IAM console. For example, if you name your role `test-123` during role creation, your role shows up as `sagemaker-test-123` in the IAM console. You can optionally add a description of your role to provide additional details. Then, choose from one of the available personas to get suggested permissions for personas such as data scientists, data engineers, or machine learning operations (MLOps) engineers. For information on available personas and their suggested permissions, see [Persona reference](role-manager-personas.md). To create a role without any suggested permissions to guide you, choose **Custom Role Settings**. **Note** We recommend that you first use the role manager to create a SageMaker AI Compute Role so that SageMaker AI compute resources have the ability to perform tasks such as training and inference. Use the SageMaker AI Compute Role persona to create this role with the role manager. After creating a SageMaker AI Compute Role, take note of its ARN for future use. ### Network and encryption conditions We recommend that you activate VPC customization to use VPC configurations, subnets, and security groups with IAM policies associated with your new role. When VPC customization is activated, IAM policies for ML activities that interact with VPC resources are scoped down for least-privilege access. VPC customization is not activated by default. For more details on recommended networking architecture, see [Networking architecture](https://docs.aws.amazon.com/whitepapers/latest/build-secure-enterprise-ml-platform/networking-architecture.html) in the *AWS Technical Guide*. You can also use a KMS key to encrypt, decrypt, and re-encrypt data for regulated workloads with highly sensitive data. When AWS KMS customization is activated, IAM policies for ML activities that support custom encryption keys are scoped down for least-privilege access. For more information, see [Encryption with AWS KMS](https://docs.aws.amazon.com/whitepapers/latest/build-secure-enterprise-ml-platform/encryption-with-kms.html) in the *AWS Technical Guide*. ## Step 2. Configure ML activities Each Amazon SageMaker Role Manager ML activity includes suggested IAM permissions to provide access to relevant AWS resources. Some ML activities require that you add service role ARNs to complete setup. For information on predefined ML activities and their permissions, see [ML activity reference](role-manager-ml-activities.md). For information on adding service roles, see [Service roles](#role-manager-tutorial-configure-ml-activities-service-roles). Based on the chosen persona, certain ML activities are already selected. You can deselect any suggested ML activities or select additional activities to create your own role. If you selected the Custom Role Settings persona, then no ML activities are preselected in this step. You can add any additional AWS or customer-managed IAM policies to your role in [Step 3: Add additional policies and tags](#role-manager-tutorial-add-policies-and-tags). ### Service roles Some AWS services require a service role to perform actions on your behalf. If the ML activity that you selected requires you to pass a service role, then you must provide the ARN for that service role. You can either create a new service role or use an existing one, such as a service role created with the SageMaker AI Compute Role persona. You can find the ARN of an existing role by selecting the role name in the Roles section of the [IAM console](https://console.aws.amazon.com/iamv2/). To learn more about service roles, see [Creating a role for an AWS service](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html). ## Step 3: Add additional policies and tags You can add any existing AWS or customer-managed IAM policies to your new role. For information on existing SageMaker AI policies, see [AWS Managed Policies for Amazon SageMaker AI](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol.html). You can also check your existing policies in the **Roles** section of the [IAM console](https://console.aws.amazon.com/iamv2/). Optionally, use tag-based policy conditions to assign metadata information to categorize and manage AWS resources. Each tag is represented by a key-value pair. For more information, see [Controlling access to AWS resources using tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). ## Review role Take the time to review all of the information associated with your new role. Choose **Previous** to go back and edit any of the information. When you are ready to create your role, choose **Create role**. This generates a role with permissions for your selected ML activities. You can view your new role in the **Roles** section of the [IAM console](https://console.aws.amazon.com/iamv2/). # Using the role manager (AWS CDK) Use the AWS Cloud Development Kit (AWS CDK) with Amazon SageMaker Role Manager to programmatically create roles and set permissions. You can use the AWS CDK to accomplish any task that you could perform using the AWS Management Console. The programmatic access of the CDK makes it easier to provide permissions that give your users access to specific resources. For more information about the AWS CDK, see [What is AWS CDK?](https://docs.aws.amazon.com/cdk/v2/guide/home.html) **Important** You must use the SageMaker AI Compute Role persona to create a SageMaker AI Compute Role. For more information about the compute persona, see [SageMaker AI compute persona](role-manager-personas.md#role-manager-personas-compute). For code that you can use to create the compute role within the AWS CDK, see [Grant permissions to a Compute persona](#role-manager-cdk-compute-persona). The following are examples of tasks that you can perform in the AWS CDK: + Create IAM roles with granular permissions for machine learning (ML) personas, such as Data Scientists and MLOps Engineers. + Grant permissions to CDK constructs from ML personas or ML activities. + Set ML activity condition parameters. + Enable global Amazon VPC and AWS Key Management Service conditions and set values for them. + Choose from all versions of the ML activities for your users without causing disruptions in their access. There are common AWS tasks related to machine learning (ML) with SageMaker AI that require specific IAM permissions. The permissions to perform the tasks are defined as ML activities in Amazon SageMaker Role Manager. ML activities specify a set of permissions that are linked to the IAM role. For example, the ML activity for Amazon SageMaker Studio Classic has all of the permissions that a user needs to access Studio Classic. For more information about ML activities, see [ML activity reference](role-manager-ml-activities.md). When you're creating roles, you first define the constructs for the ML persona or the ML activity. A construct is a resource within the AWS CDK stack. For example, a construct could be an Amazon S3 bucket, an Amazon VPC subnet, or an IAM role. As you're creating the persona or activity, you can limit the permissions associated with that persona or activity to specific resources. For example, you can customize the activity to only provide permissions for a specific subnet within an Amazon VPC. After you've defined permissions, you can create roles and then pass those roles to create other resources, such as SageMaker notebook instances. The following are code examples in Typescript for tasks that you can accomplish using the CDK. When you create an activity, you specify an ID and the options for the activity's construct. The options are dictionaries that specify the required parameters for the activities, such as an Amazon S3. You pass an empty dictionary for activities that don't have required parameters. ## Grant permissions to a Compute persona The following code creates a Data Scientist ML persona with a set of ML activities specific to the persona. The permissions from ML activities only apply to the Amazon VPC and AWS KMS configurations specified in the persona construct. The following code creates a class for a Data Scientist persona. The ML activities are defined in the activities list. The VPC permissions and the KMS permissions are defined as optional parameters outside of the activities list. After you’ve defined the class, you can create a role as a construct within the AWS CDK stack. You can also create a notebook instance. The person who is using the IAM role that you’ve created in the following code can access the notebook instance when they log in to their AWS account. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const persona = new Persona(this, 'example-persona-id', { activities: [ Activity.accessAwsServices(this, 'example-id1', {}) ] }); const role = persona.createRole(this, 'example-IAM-role-id', 'example-IAM-role-name'); } } ``` ## Grant permissions to a Data Scientist persona The following code creates a Data Scientist ML persona with a set of ML activities specific to the persona. The permissions from ML activities only apply to the VPC and KMS configurations specified in the persona construct. The following code creates a class for a Data Scientist persona. The ML activities are defined in the activities list. The Amazon VPC permissions and the AWS KMS permissions are defined as optional parameters outside of the activities list. After you’ve defined the class, you can create a role as a construct within the AWS CDK stack. You can also create a notebook instance. The person who is using the IAM role that you’ve created in the following code can access the notebook instance when they log in to their AWS account. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const persona = new Persona(this, 'example-persona-id', { activities: [ Activity.runStudioAppsV2(this, 'example-id1', {}), Activity.manageJobs(this, 'example-id2', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.manageModels(this, 'example-id3', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.manageExperiments(this, 'example-id4', {}), Activity.visualizeExperiments(this, 'example-id5', {}), Activity.accessS3Buckets(this, 'example-id6', {s3buckets: [s3.S3Bucket.fromBucketName('amzn-s3-demo-bucket')]}) ], // optional: to configure VPC permissions subnets: [ec2.Subnet.fromSubnetId('example-VPC-subnet-id')], securityGroups: [ec2.SecurityGroup.fromSecurityGroupId('example-VPC-security-group-id')], // optional: to configure KMS permissions dataKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], volumeKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], }); const role = persona.createRole(this, 'example-IAM-role-id', 'example-IAM-role-name'); const notebookInstance = new CfnNotebookInstance(this, 'example-notebook-instance-name', { RoleArn: role.RoleArn, ...}); } } ``` ## Grant permissions to an ML Ops persona The following code creates an ML Ops persona with a set of ML activities specific to the persona. The permissions from ML activities only apply to the Amazon VPC and AWS KMS configurations specified in the persona construct. The following code creates a class for an ML Ops persona. The ML activities are defined in the activities list. The VPC permissions and the KMS permissions are defined as optional parameters outside of the activities list. After you’ve defined the class, you can create a role as a construct within the AWS CDK stack. You can also create an Amazon SageMaker Studio Classic user profile. The person who is using the IAM role that you’ve created in the following code can open SageMaker Studio Classic when they log in to their AWS account. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const persona = new Persona(this, 'example-persona-id', { activities: [ Activity.runStudioAppsV2(this, 'example-id1', {}), Activity.manageModels(this, 'example-id2', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.manageEndpoints(this, 'example-id3',{rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.managePipelines(this, 'example-id4', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.visualizeExperiments(this, 'example-id5', {}) ], subnets: [ec2.Subnet.fromSubnetId('example-VPC-subnet-id')], securityGroups: [ec2.SecurityGroup.fromSecurityGroupId('example-VPC-security-group-id')], dataKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], volumeKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], }); const role = persona.createRole(this, 'example-IAM-role-id', 'example-IAM-role-name'); let userProfile = new CfnNUserProfile(this, 'example-Studio Classic-profile-name', { RoleName: role.RoleName, ... }); } } ``` ## Grant permissions to a construct The following code creates an ML Ops persona with a set of ML activities specific to the persona. The following code creates a class for a ML Ops persona. The ML activities are defined in the activities list. After you’ve defined the class, you can create a role as a construct within the AWS CDK stack. You can also create a notebook instance. The code grants permissions from the ML activities to the IAM role of the Lambda function. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const persona = new Persona(this, 'example-persona-id', { activities: [ Activity.runStudioAppsV2(this, 'example-id1', {}), Activity.manageModels(this, 'example-id2', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.manageEndpoints(this, 'example-id3',{rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.managePipelines(this, 'example-id4', {rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')]}), Activity.visualizeExperiments(this, 'example-id5', {}) ], }); const lambdaFn = lambda.Function.fromFunctionName('example-lambda-function-name'); persona.grantPermissionsTo(lambdaFn); } } ``` ## Grant permissions for a single ML activity The following code creates an ML activity and creates a role from the activity. The permissions from the activity only apply to the VPC and KMS configuration that you specify for the user. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const activity = Activity.manageJobs(this, 'example-activity-id', { rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')], subnets: [ec2.Subnet.fromSubnetId('example-VPC-subnet-id')], securityGroups: [ec2.SecurityGroup.fromSecurityGroupId('example-VPC-security-group-id')], dataKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], volumeKeys: [kms.Key.fromKeyArn('example-KMS-key-ARN')], }); const role = activity.createRole(this, 'example-IAM-role-id', 'example-IAM-role-name'); } } ``` ## Create a role and give it permissions for a single activity The following code creates an IAM role for a single ML activity. ``` export class myCDKStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); const activity = Activity.manageJobs(this, 'example-activity-id', { rolesToPass: [iam.Role.fromRoleName('example-IAM-role-name')], }); activity.create_role(this, 'example-IAM-role-id', 'example-IAM-role-name') } } ``` # Persona reference Amazon SageMaker Role Manager provides suggested permissions for a number of ML personas. These include user execution roles for common ML practitioner responsibilities as well as service execution roles for common AWS service interactions needed to work with SageMaker AI. Each persona has suggested permissions in the form of selected ML activities. For information on predefined ML activities and their permissions, see [ML activity reference](role-manager-ml-activities.md). ## Data scientist persona Use this persona to configure permissions to perform general machine learning development and experimentation in a SageMaker AI environment. This persona includes the following preselected ML activities: + Run Studio Classic Applications + Manage ML Jobs + Manage Models + Manage AWS Glue Tables + Canvas AI Services + Canvas MLOps + Canvas Kendra Access + Use MLflow + Access required to AWS Services for MLflow + Run Studio EMR Serverless Applications ## MLOps persona Choose this persona to configure permissions for operational activities. This persona includes the following preselected ML activities: + Run Studio Classic Applications + Manage Models + Manage Pipelines + Search and visualize experiments + Amazon S3 Full Access ## SageMaker AI compute persona **Note** We recommend that you first use the role manager to create a SageMaker AI Compute Role so that SageMaker AI compute resources can perform tasks such as training and inference. Use the SageMaker AI Compute Role persona to create this role with the role manager. After creating a SageMaker AI Compute Role, take note of its ARN for future use. This persona includes the following preselected ML activity: + Access Required AWS Services # ML activity reference ML activities are common AWS tasks related to machine learning with SageMaker AI that require specific IAM permissions. Each [persona](https://docs.aws.amazon.com/sagemaker/latest/dg/role-manager-personas.html) suggests related ML activities when creating a role with Amazon SageMaker Role Manager. You can select any additional ML activities or deselect any suggested ML activities to create a role that meets your unique business needs. Amazon SageMaker Role Manager provides predefined permissions for the following ML activities: **** | **ML activity** | **Description** | | --- | --- | | Access Required AWS Services | Permissions to access Amazon S3, Amazon ECR, Amazon CloudWatch, and Amazon EC2. Required for execution roles for jobs and endpoints. | | Run Studio Classic Applications | Permissions to operate within a Studio Classic environment. Required for domain and user profile execution roles. | | Manage ML Jobs | Permissions to audit, query lineage, and visualize experiments. | | Manage Models | Permissions to manage SageMaker AI jobs across their lifecycles. | | Manage Pipelines | Permissions to manage SageMaker pipelines and pipeline executions. | | Search and visualize experiments | Permissions to audit, query lineage, and visualize SageMaker AI experiments. | | Manage Model Monitoring | Permissions to manage monitoring schedules for SageMaker AI Model Monitor. | | Amazon S3 Full Access | Permissions to perform all Amazon S3 operations. | | Amazon S3 Bucket Access | Permissions to perform operations on specified Amazon S3 buckets. | | Query Athena Workgroups | Permissions to run and manage Amazon Athena queries. | | Manage AWS Glue Tables | Permissions to create and manage AWS Glue tables for SageMaker AI Feature Store and Data Wrangler. | | SageMaker Canvas Core Access | Permissions to perform experimentation in SageMaker Canvas (i.e, basic data prep, model build, validation). | | SageMaker Canvas Data Preparation (powered by Data Wrangler) | Permissions to perform end-to-end data preparation in SageMaker Canvas (i.e, aggregate, transform and analyze data, create and schedule data preparation jobs on large datasets). | | SageMaker Canvas AI Services | Permissions to access ready-to-use models from Amazon Bedrock, Amazon Textract, Amazon Rekognition, and Amazon Comprehend. Additionally, user can fine-tune foundation models from Amazon Bedrock and Amazon SageMaker JumpStart. | | SageMaker Canvas MLOps | Permission for SageMaker Canvas users to directly deploy model to endpoint. | | SageMaker Canvas Kendra Access | Permission for SageMaker Canvas to access Amazon Kendra for enterprise document search. The permission is only given to your selected index names in Amazon Kendra. | | Use MLflow | Permissions to manage experiments, runs, and models in MLflow. | | Manage MLflow Tracking Servers | Permissions to manage, start, and stop MLflow Tracking Servers. | | Access required to AWS Services for MLflow | Permissions for MLflow Tracking Servers to access S3, Secrets Manager, and Model Registry. | | Run Studio EMR Serverless Applications | Permissions to Create and Manage EMR Serverless Applications on Amazon SageMaker Studio. | # Launch Studio Classic Use your persona-focused roles to launch Studio Classic. If you are an administrator, you can give your users access to Studio Classic and have them assume their persona role either directly through the AWS Management Console or through the AWS IAM Identity Center. ## Launch Studio Classic with AWS Management Console For data scientists or other users to assume their given persona through the AWS Management Console, they require a console role to get to the Studio Classic environment. You cannot use Amazon SageMaker Role Manager to create a role that grants permissions to the AWS Management Console. However, after creating a service role in the role manager, you can go to the IAM console to edit the role and add a user access role. The following is an example of a role that provides user access to the AWS Management Console: ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "DescribeCurrentDomain", "Effect": "Allow", "Action": "sagemaker:DescribeDomain", "Resource": "arn:aws:sagemaker:us-east-1:111122223333:domain/" }, { "Sid": "RemoveErrorMessagesFromConsole", "Effect": "Allow", "Action": [ "servicecatalog:ListAcceptedPortfolioShares", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:ListModels", "sagemaker:ListTrainingJobs", "servicecatalog:ListPrincipalsForPortfolio", "sagemaker:ListNotebookInstances", "sagemaker:ListEndpoints" ], "Resource": "*" }, { "Sid": "RequiredForAccess", "Effect": "Allow", "Action": [ "sagemaker:ListDomains", "sagemaker:ListUserProfiles" ], "Resource": "*" }, { "Sid": "CreatePresignedURLForAccessToDomain", "Effect": "Allow", "Action": "sagemaker:CreatePresignedDomainUrl", "Resource": "arn:aws:sagemaker:us-east-1:111122223333:user-profile//" } ] } ``` ------ In the Studio Classic control panel, choose **Add User** to create a new user. In the **General Settings** section, give your user a name and set the **Default execution role** for the user to be the role that you created using Amazon SageMaker Role Manager. On the next screen, choose the appropriate Jupyter Lab version, and whether to turn on SageMaker JumpStart and SageMaker AI Project templates. Then choose **Next**. On the SageMaker Canvas settings page, choose whether to turn on SageMaker Canvas support, and additionally whether to allow for timeseries forecasting in SageMaker Canvas. Then choose **Submit**. Your new user should now be visible in the Studio Classic control panel. To test this user, choose **Studio** from the **Launch app** dropdown list in the same row as the user’s name. ## Launch Studio Classic with IAM Identity Center To assign IAM Identity Center users to execution roles, the user must first exist in the IAM Identity Center directory. For more information, see [Manage identities in IAM Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-sso.html) in the *AWS IAM Identity Center*. **Note** Your IAM Identity Center Authentication directory and Studio Classic domain must be in the same AWS Region. 1. To assign IAM Identity Center users to your Studio Classic domain, choose **Assign users and Groups** in the Studio Classic control panel. On the **Assign users and groups** screen select your data scientist user, and then choose **Assign Users and Groups**. 1. After the user is added to the Studio Classic control panel, choose the user to open the user details screen. 1. On the **User details** screen, choose **Edit**. 1. On the **Edit user profile** screen, under **General settings**, modify the **Default execution role** to match the user execution role you’ve created for your data scientists. 1. Choose **Next** through the rest of the settings pages, and choose **Submit** to save your changes. When your data scientist or other user logs into the IAM Identity Center portal, they see a tile for this Studio Classic domain. Choosing that tile logs them into Studio Classic with their assigned user execution role. # Role Manager FAQs Refer to the following FAQ items for answers to commonly asked questions about Amazon SageMaker Role Manager. ## Q. How can I access Amazon SageMaker Role Manager? A: You can access Amazon SageMaker Role Manager through multiple location in the Amazon SageMaker AI console. For information about accessing role manager and using it to create a role, see [Using the role manager (console)](role-manager-tutorial.md). ## Q. What are personas? A: Personas are preconfigured groups of permissions based on common machine learning (ML) responsibitilies. For example, the data science persona suggests permissions for general machine learning development and experimentation in a SageMaker AI environment, while the MLOps persona suggests permissions for ML activities related to operations. ## Q. What are ML activities? A: ML activities are common AWS tasks related to machine learning with SageMaker AI that require specific IAM permissions. Each persona suggests related ML activities when creating a role with Amazon SageMaker Role Manager. ML activities include tasks such as Amazon S3 full access or searching and visualizing experiments. For more information, see [ML activity reference](role-manager-ml-activities.md). ## Q. Are the roles that I create with the role manager AWS Identity and Access Management (IAM) roles? A: Yes. Roles created using the Amazon SageMaker Role Manager are IAM roles with customized access policies. You can view created roles in the **Roles** section of the [IAM console](https://console.aws.amazon.com/iamv2/). ## Q. How can I view the roles that I created using Amazon SageMaker Role Manager? A: You can view created roles in the **Roles** section of the [IAM console](https://console.aws.amazon.com/iamv2/). By default, the prefix `"sagemaker-"` is added to every role name for easier search in the IAM console. For example, if you named your role `test-123` during role creation, your role shows up as `sagemaker-test-123` in the IAM console. ## Q. Can I modify a role made with Amazon SageMaker Role Manager once it is created? A: Yes. You can modify the roles and policies created by Amazon SageMaker Role Manager through the [IAM console](https://console.aws.amazon.com/iamv2/). For more information, see [Modifying a role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_modify.html) in the *AWS Identity and Access Management User Guide*. ## Q. Can I attach my own policies to roles created using Amazon SageMaker Role Manager? A: Yes. You can attach any AWS or customer-managed IAM policies from your account to the role that you create using Amazon SageMaker Role Manager. ## Q. How many policies can I add to a role that I create with Amazon SageMaker Role Manager? A: The maximum limit for attaching managed policies to an IAM role or user is 20. The maximum character size limit for managed policies is 6,144. For more information, see [IAM object quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entities) and [IAM and AWS Security Token Service quotas name requirements, and character limits](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html). ## Q. Can I add conditions to ML activities? A: Any conditions that you provide in [Step 1. Enter role information](role-manager-tutorial.md#role-manager-tutorial-enter-role-information) of the Amazon SageMaker Role Manager, such as subnets, security groups, or KMS keys, are automatically passed to any ML activities selected in [Step 2. Configure ML activities](role-manager-tutorial.md#role-manager-tutorial-configure-ml-activities). You can also add additional conditions to ML activities if necessary. For example, you might also add `InstanceTypes` or `IntercontainerTrafficEncryption` conditions to the Manage Training Jobs activity. ## Q. Can I use tagging to manage access to any AWS resource? A:****You can add tags to your role in [Step 3: Add additional policies and tags](role-manager-tutorial.md#role-manager-tutorial-add-policies-and-tags) of the Amazon SageMaker Role Manager. To successfully manage AWS resources using tags, you must add the same tag to both the role and any associated policies. For example, you can add a tag to a role and to an Amazon S3 bucket. Then, because the role passes the tag to the SageMaker AI session, only a user with that role can access that S3 bucket. You can add tags to a policy through the [IAM console](https://console.aws.amazon.com/iamv2/). For more information, see [Tagging IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags_roles.html) in the *AWS Identity and Access Management User Guide*. ## Q. Can I use Amazon SageMaker Role Manager to create a role to access the AWS Management Console? A: No. However, after creating a service role in the role manager, you can go to the IAM console to edit the role and add a human access role in IAM console. ## Q. What is difference between a user federation role and a SageMaker AI execution role? A: A user federation role is directly assumed by a user to access AWS resources such as access to the AWS Management Console. A SageMaker AI execution role is assumed by the SageMaker AI service to perform a function on behalf of a user or an automation tool. For example, when a user opens a Studio Classic instance, Studio Classic assumes the execution role associated with the user profile in order to access AWS resources on the behalf of the user. If the user profile does not specify an execution role, then the execution role is specified at the Amazon SageMaker AI domain level. ## Q. If I am using a custom web application that accesses Studio Classic through a presigned url, what role is used? A: If you use a custom web application to access Studio Classic, then you have a hybrid user federation role and SageMaker AI execution role. Be sure that this role has least privilege permissions for both what the user can do and what Studio Classic can do on the associated user’s behalf. ## Q: Can I use Amazon SageMaker Role Manager with AWS IAM Identity Center authentication for my Studio Classic domain? A: AWS IAM Identity Center Studio Classic Cloud Applications use a Studio Classic execution role to grant permissions to federated users. This execution role can be specified at the Studio Classic IAM Identity Center user profile level or the default domain level. User identities and groups must be synchronized into IAM Identity Center and the Studio Classic user profile must be created with IAM Identity Center user assignment using [CreateUserProfile](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html). For more information, see [Launch Studio Classic with IAM Identity Center](role-manager-launch-notebook.md#role-manager-launch-notebook-iam-identity-center). # Access control for notebooks Access Control You must use different procedures to control access to Amazon SageMaker Studio Classic notebooks and SageMaker notebook instances because they have different runtime environments. Studio Classic uses file system permissions and containers to control access to Studio Classic notebooks and isolation of users. A SageMaker notebook instance gives users that login to the notebook instance default root access. The following topics describe how to change permissions for both kinds of notebooks. **Topics** + [ # Access control and setting permissions for SageMaker Studio notebooks ](security-access-control-studio-nb.md) + [ # Control root access to a SageMaker notebook instance ](nbi-root-access.md) # Access control and setting permissions for SageMaker Studio notebooks Access control and Studio notebooks Amazon SageMaker Studio uses filesystem and container permissions for access control and isolation of Studio users and notebooks. This is one of the major differences between Studio notebooks and SageMaker notebook instances. This topic describes how permissions are set up to avoid security threats, what SageMaker AI does by default, and how the customer can customize the permissions. For more information about Studio notebooks and their runtime environment, see [Use Amazon SageMaker Studio Classic Notebooks](notebooks.md). **SageMaker AI app permissions** A *run-as user* is a POSIX user/group which is used to run the JupyterServer app and KernelGateway apps inside the container. The run-as user for the JupyterServer app is sagemaker-user (1000) by default. This user has sudo permissions to enable the installation of dependencies such as yum packages. The run-as user for the KernelGateway apps is root (0) by default. This user is able to install dependencies using pip/apt-get/conda. Due to user remapping, neither user is able to access resources or make changes to the host instance. **User remapping** SageMaker AI performs user-remapping to map a user inside the container to a user on the host instance outside the container. The range of user IDs (0 - 65535) in the container are mapped to non-privileged user IDs above 65535 on the instance. For example, sagemaker-user (1000) inside the container might map to user (200001) on the instance, where the number in parentheses is the user ID. If the customer creates a new user/group inside the container, it won't be privileged on the host instance regardless of the user/group ID. The root user of the container is also mapped to a non-privileged user on the instance. For more information, see [Isolate containers with a user namespace](https://docs.docker.com/engine/security/userns-remap/). **Note** Files created by the user sagemaker-user may look like they are owned by sagemaker-studio (uid 65534). This is a side effect of a fast app creation mode where SageMaker AI container images are pre-pulled, allowing applications to start in under a minute. If your application requires the file owner uid and the process owner uid to match, ask the customer service to remove your account number from the image pre-pull feature. **Custom image permissions** Customers can bring their own custom SageMaker images. These images can specify a different run-as user/group to launch the KernelGateway app. The customer can implement fine grained permission control inside the image, for example, to disable root access or perform other actions. The same user remapping applies here. For more information, see [Custom Images in Amazon SageMaker Studio Classic](studio-byoi.md). **Container isolation** Docker keeps a list of default capabilities that the container can use. SageMaker AI doesn’t add additional capabilities. SageMaker AI adds specific route rules to block requests to Amazon EFS and the [ instance metadata service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service) (IMDS) from the container. Customers can’t change these route rules from the container. For more information, see [Runtime privilege and Linux capabilities](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities). **App metadata access** Metadata used by running apps are mounted to the container with read-only permission. Customers aren’t able to modify this metadata from the container. For the available metadata, see [Get Amazon SageMaker Studio Classic Notebook and App Metadata](notebooks-run-and-manage-metadata.md). **User isolation on EFS** When you onboard to Studio, SageMaker AI creates an Amazon Elastic File System (EFS) volume for your domain that is shared by all Studio users in the domain. Each user gets their own private home directory on the EFS volume. This home directory is used to store the user's notebooks, Git repositories, and other data. To prevent other users in the domain from accessing the user's data, SageMaker AI creates a globally unique user ID for the user's profile and applies it as a POSIX user/group ID for the user’s home directory. **EBS access** An Amazon Elastic Block Store (Amazon EBS) volume is attached to the host instance and shared across all images. It's used for the root volume of the notebooks and stores temporary data that's generated inside the container. The storage isn't persisted when the instance running the notebooks is deleted. The root user inside the container can't access the EBS volume. **IMDS access** Due to security concerns, access to the Amazon Elastic Compute Cloud (Amazon EC2) Instance Metadata Service (IMDS) is unavailable in SageMaker Studio. For more information on IMDS, see [Instance metadata and user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). # Control root access to a SageMaker notebook instance Control root access to a Notebook instance By default, when you create a notebook instance, users that log into that notebook instance have root access. Data science is an iterative process that might require the data scientist to test and use different software tools and packages, so many notebook instance users need to have root access to be able to install these tools and packages. Because users with root access have administrator privileges, users can access and edit all files on a notebook instance with root access enabled. If you don't want users to have root access to a notebook instance, when you call [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html) or [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html) operations, set the `RootAccess` field to `Disabled`. You can also disable root access for users when you create or update a notebook instance in the Amazon SageMaker AI console. For information, see [Create an Amazon SageMaker Notebook Instance for the tutorial](gs-setup-working-env.md). **Note** Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users. **Note** For security reasons, Rootless Docker is installed on root-disabled notebook instances instead of regular Docker. For more information, see [Run the Docker daemon as a non-root user (Rootless mode)](https://docs.docker.com/engine/security/rootless/) ## Security considerations Lifecycle configuration scripts execute with root access and inherit the full privileges of the notebook instance's IAM execution role. Anyone (including Administrators) who has permissions to create or modify lifecycle configurations and manage notebook instances can execute code with the execution role's credentials hence please follow below best practices. Best practices: + Restrict administrative access: Grant lifecycle configuration permissions only to trusted administrators who understand the security implications. + Apply least-privilege principles: Define notebook instance execution roles with only the minimum permissions required for legitimate workloads. + Enable monitoring: Review CloudWatch Logs regularly for lifecycle configuration executions in log group `/aws/sagemaker/NotebookInstances` to detect unexpected activity. + Implement change controls: Establish approval processes for lifecycle configuration changes in production environments. # Amazon SageMaker AI API Permissions: Actions, Permissions, and Resources Reference Amazon SageMaker AI API Permissions Reference When you are setting up access control and writing a permissions policy that you can attach to an IAM identity (an identity-based policy), use the following table as a reference. The table lists each Amazon SageMaker AI API operation, the corresponding actions for which you can grant permissions to perform the action, and the AWS resource for which you can grant the permissions. You specify the actions in the policy's `Action` field, and you specify the resource value in the policy's `Resource` field. **Note** Except for the `ListTags` API, resource-level restrictions are not available on `List-` calls . Any user calling a `List-` API will see all resources of that type in the account. To express conditions in your Amazon SageMaker AI policies, you can use AWS-wide condition keys. For a complete list of AWS-wide keys, see [Available Keys](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_elements.html#AvailableKeys) in the *Service Authorization Reference*. **Warning** Some SageMaker API actions may still be accessible through the`[Search API](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html)`. For example, if a user has an IAM policy that denies permissions to a `Describe` call for a particular SageMaker AI resource, that user can still access the description information through the Search API. To fully restrict user access to `Describe` calls, you must also restrict access to the Search API. For a list of SageMaker AI resources that are accessible through the Search API, see the [SageMaker AI Search AWS CLI Command Reference](https://docs.aws.amazon.com/cli/latest/reference/sagemaker/search.html#options). Use the scroll bars to see the rest of the table. Amazon SageMaker AI API Operations and Required Permissions for Actions **** | Amazon SageMaker AI API Operations | Required Permissions (API Actions) | Resources | | --- | --- | --- | | `[ DeleteEarthObservationJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteEarthObservationJob.html)` | `sagemaker-geospatial:DeleteEarthObservationJob` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ DeleteVectorEnrichmentJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteVectorEnrichmentJob.html)` | `sagemaker-geospatial:DeleteVectorEnrichmentJob` | `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ ExportEarthObservationJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportEarthObservationJob.html)` | `sagemaker-geospatial:ExportEarthObservationJob` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ ExportVectorEnrichmentJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportVectorEnrichmentJob.html)` | `sagemaker-geospatial:ExportVectorEnrichmentJob` | `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ GetEarthObservationJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetEarthObservationJob.html)` | `sagemaker-geospatial:GetEarthObservationJob` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ GetRasterDataCollection](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteEarthObservationJob.html)` | `sagemaker-geospatial:GetRasterDataCollection` | `arn:aws:sagemaker-geospatial:region:account-id:raster-data-collection/public/id` | | `[ GetTile](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetTile.html)` | `sagemaker-geospatial:GetTile` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ GetVectorEnrichmentJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetVectorEnrichmentJob.html)` | `sagemaker-geospatial:GetVectorEnrichmentJob` | `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ ListEarthObservationJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListEarthObservationJobs.html)` | `sagemaker-geospatial:ListEarthObservationJobs` | `*` | | `[ ListRasterDataCollections](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListRasterDataCollections.html)` | `sagemaker-geospatial:ListRasterDataCollections` | `*` | | `[ ListTagsForResource](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListTagsForResource.html)` | `sagemaker-geospatial:ListTagsForResource` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ ListVectorEnrichmentJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListVectorEnrichmentJobs.html)` | `sagemaker-geospatial:ListVectorEnrichmentJobs` | `*` | | `[ SearchRasterDataCollection](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_SearchRasterDataCollection.html)` | `sagemaker-geospatial:SearchRasterDataCollection` | `arn:aws:sagemaker-geospatial:region:account-id:raster-data-collection/public/id` | | `[ StartEarthObservationJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartEarthObservationJob.html)` | `sagemaker-geospatial:StartEarthObservationJob` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ StartVectorEnrichmentJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartVectorEnrichmentJob.html)` | `sagemaker-geospatial:StartVectorEnrichmentJob` | `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ StopEarthObservationJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopEarthObservationJob.html)` | `sagemaker-geospatial:StopEarthObservationJob` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` | | `[ StopVectorEnrichmentJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopVectorEnrichmentJob.html)` | `sagemaker-geospatial:StopVectorEnrichmentJob` | `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ TagResource](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_TagResource.html)` | `sagemaker-geospatial:TagResource` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ UntagResource](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_UntagResource.html)` | `sagemaker-geospatial:UntagResource` | `arn:aws:sagemaker-geospatial:region:account-id:earth-observation-job/id` `arn:aws:sagemaker-geospatial:region:account-id:vector-enrichment-job/id` | | `[ AddTags](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html)` | `sagemaker:AddTags` | `arn:aws:sagemaker:region:account-id:*` | | `[ CreateApp](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateApp.html)` | `sagemaker:CreateApp` | `arn:aws:sagemaker:region:account-id:app/domain-id/user-profile-name/app-type/appName` | | `[ CreateAppImageConfig](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAppImageConfig.html)` | `sagemaker:CreateAppImageConfig` | `arn:aws:sagemaker:region:account-id:app-image-config/appImageConfigName` | | `[ CreateAutoMLJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJob.html)` | `sagemaker:CreateAutoMLJob` `iam:PassRole` The following permission is required only if any of the associated `ResourceConfig` have a specified `VolumeKmsKeyId `and the associated role does not have a policy that permits this action: `kms:CreateGrant` | arn:aws:sagemaker:region:account-id:automl-job/autoMLJobName | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJobV2.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJobV2.html) | `sagemaker:CreateAutoMLJobV2` `iam:PassRole` The following permission is required only if any of the associated `ResourceConfig` have a specified `VolumeKmsKeyId `and the associated role does not have a policy that permits this action: `kms:CreateGrant` | arn:aws:sagemaker:region:account-id:automl-job/autoMLJobName | | `[ CreateDomain](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html)` | `sagemaker:CreateDomain` `iam:CreateServiceLinkedRole` `iam:PassRole` Required if a KMS customer managed key is specified for `KmsKeyId`: `elasticfilesystem:CreateFileSystem` `kms:CreateGrant` `kms:Decrypt` `kms:DescribeKey` `kms:GenerateDataKeyWithoutPlainText` Required to create a domain that supports RStudio: `sagemaker:CreateApp` | `arn:aws:sagemaker:region:account-id:domain/domain-id` | | `[ CreateEndpoint](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html)` | `sagemaker:CreateEndpoint` `kms:CreateGrant` (required only if the associated `EndPointConfig` has a `KmsKeyId` specified) | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` `arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html) | `sagemaker:CreateEndpointConfig` | `arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html) | `sagemaker:CreateFlowDefinition` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:flow-definition/flowDefinitionName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHumanTaskUi.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHumanTaskUi.html) | `sagemaker:CreateHumanTaskUi` | `arn:aws:sagemaker:region:account-id:human-task-ui/humanTaskUiName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) | `sagemaker:CreateInferenceRecommendationsJob` `iam:PassRole` The following permissions are required only if you specify an encryption key: `kms:CreateGrant` `kms:Decrypt` `kms:DescribeKey` `kms:GenerateDataKey` | `arn:aws:sagemaker:region:account-id:inference-recommendations-job/inferenceRecommendationsJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html) | `sagemaker:CreateHyperParameterTuningJob` `iam:PassRole` The following permission is required only if any of the associated `ResourceConfig` have a specified `VolumeKmsKeyId `and the associated role does not have a policy that permits this action: `kms:CreateGrant` | `arn:aws:sagemaker:region:account-id:hyper-parameter-tuning-job/hyperParameterTuningJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html) | `sagemaker:CreateImage` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:image/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImageVersion.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImageVersion.html) | `sagemaker:CreateImageVersion` | `arn:aws:sagemaker:region:account-id:image-version/imageName/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html) | sagemaker:CreateLabelingJob iam:PassRole | `arn:aws:sagemaker:region:account-id:labeling-job/labelingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) | `sagemaker:CreateModel` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:model/modelName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackage.html) | `sagemaker:CreateModelPackage` | `arn:aws:sagemaker:region:account-id:model-package/modelPackageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackageGroup.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackageGroup.html) | `sagemaker:CreateModelPackageGroup` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html) | `sagemaker:CreateNotebookInstance` `iam:PassRole` The following permissions are required only if you specify a VPC for your notebook instance: `ec2:CreateNetworkInterface` `ec2:DescribeSecurityGroups` `ec2:DescribeSubnets` `ec2:DescribeVpcs` The following permissions are required only if you specify an encryption key: `kms:DescribeKey` `kms:CreateGrant` The following permission is required only if you specify an AWS Secrets Manager secret to access a private Git repository: `secretsmanager:GetSecretValue` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePipeline.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePipeline.html) | `sagemaker:CreatePipeline` `iam:PassRole` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` `arn:aws-partition:iam::account-id:role/role-name` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html) | `sagemaker:CreatePresignedDomainUrl` | `arn:aws:sagemaker:region:account-id:app/domain-id/userProfileName`/\$1 | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html) | `sagemaker:CreatePresignedNotebookInstanceUrl` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) | `sagemaker:CreateProcessingJob` `iam:PassRole` `kms:CreateGrant` (required only if the associated `ProcessingResources` has a specified `VolumeKmsKeyId` and the associated role does not have a policy that permits this action) `ec2:CreateNetworkInterface` (required only if you specify a VPC) | `arn:aws:sagemaker:region:account-id:processing-job/processingJobName` | | `[ CreateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateSpace.html)` | `sagemaker:CreateSpace` | `arn:aws:sagemaker:region:account-id:space/domain-id/spaceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateStudioLifecycleConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateStudioLifecycleConfig.html) | `sagemaker:CreateStudioLifecycleConfig` | `arn:aws:sagemaker:region:account-id:studio-lifecycle-config/.*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) | `sagemaker:CreateTrainingJob` `iam:PassRole` `kms:CreateGrant` (required only if the associated `ResourceConfig` has a specified `VolumeKmsKeyId` and the associated role does not have a policy that permits this action) | `arn:aws:sagemaker:region:account-id:training-job/trainingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingPlan.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingPlan.html) | `sagemaker:CreateTrainingPlan` `sagemaker:CreateReservedCapacity` `sagemaker:AddTags` | `arn:aws:sagemaker:region:account-id:training-plan/*"` `arn:aws:sagemaker:region:account-id:reserved-capacity/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) | `sagemaker:CreateTransformJob` `kms:CreateGrant` (required only if the associated `TransformResources` has a specified `VolumeKmsKeyId` and the associated role does not have a policy that permits this action) | `arn:aws:sagemaker:region:account-id:transform-job/transformJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html) | `sagemaker:CreateUserProfile` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:user-profile/domain-id/userProfileName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkforce.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkforce.html) | `sagemaker:CreateWorkforce` `cognito-idp:DescribeUserPoolClient` `cognito-idp:UpdateUserPool` `cognito-idp:DescribeUserPool` `cognito-idp:UpdateUserPoolClient` | arn:aws:sagemaker:region:account-id:workforce/\$1 | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkteam.html) | `sagemaker:CreateWorkteam` `cognito-idp:DescribeUserPoolClient` `cognito-idp:UpdateUserPool` `cognito-idp:DescribeUserPool` `cognito-idp:UpdateUserPoolClient` | `arn:aws:sagemaker:region:account-id:workteam/private-crowd/work team name` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteApp.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteApp.html) | `sagemaker:DeleteApp` | `arn:aws:sagemaker:region:account-id:app/domain-id/user-profile-name/app-type/appName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAppImageConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAppImageConfig.html) | `sagemaker:DeleteAppImageConfig` | `arn:aws:sagemaker:region:account-id:app-image-config/appImageConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDomain.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDomain.html) | `sagemaker:DeleteDomain` | `arn:aws:sagemaker:region:account-id:domain/domainId` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html) | `sagemaker:DeleteEndpoint` | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpointConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpointConfig.html) | `sagemaker:DeleteEndpointConfig` | `arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFlowDefinition.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFlowDefinition.html) | `sagemaker:DeleteFlowDefinition` | `arn:aws:sagemaker:region:account-id:flow-definition/flowDefinitionName` | | `[DeleteHumanLoop](https://docs.aws.amazon.com/augmented-ai/2019-11-07/APIReference/API_DeleteHumanLoop.html)` | `sagemaker:DeleteHumanLoop` | `arn:aws:sagemaker:region:account-id:human-loop/humanLoopName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImage.html) | `sagemaker:DeleteImage` | `arn:aws:sagemaker:region:account-id:image/imageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImageVersion.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImageVersion.html) | `sagemaker:DeleteImageVersion` | `arn:aws:sagemaker:region:account-id:image-version/imageName/versionNumber` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModel.html) | `sagemaker:DeleteModel` | `arn:aws:sagemaker:region:account-id:model/modelName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackage.html) | `sagemaker:DeleteModelPackage` | `arn:aws:sagemaker:region:account-id:model-package/modelPackageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroup.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroup.html) | `sagemaker:DeleteModelPackageGroup` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroupPolicy.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroupPolicy.html) | `sagemaker:DeleteModelPackageGroupPolicy` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstance.html) | `sagemaker:DeleteNotebookInstance` The following permission is required only if you specified a VPC for your notebook instance: `ec2:DeleteNetworkInterface` The following permissions are required only if you specified an encryption key when you created the notebook instance: `kms:DescribeKey` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeletePipeline.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeletePipeline.html) | `sagemaker:DeletePipeline` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` | | `[DeleteSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteSpace.html)` | `sagemaker:DeleteSpace` | `arn:aws:sagemaker:region:account-id:space/domain-id/spaceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTags.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTags.html) | `sagemaker:DeleteTags` | `arn:aws:sagemaker:region:account-id:*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteUserProfile.html) | `sagemaker:DeleteUserProfile` | `arn:aws:sagemaker:region:account-id:user-profile/domain-id/userProfileName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkforce.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkforce.html) | `sagemaker:DeleteWorkforce` | `arn:aws:sagemaker:region:account-id:workforce/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkteam.html) | `sagemaker:DeleteWorkteam` | `arn:aws:sagemaker:region:account-id:workteam/private-crowd/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeApp.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeApp.html) | `sagemaker:DescribeApp` | `arn:aws:sagemaker:region:account-id:app/domain-id/user-profile-name/app-type/appName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAppImageConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAppImageConfig.html) | `sagemaker:DescribeAppImageConfig` | `arn:aws:sagemaker:region:account-id:app-image-config/appImageConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJob.html) | `sagemaker:DescribeAutoMLJob` | arn:aws:sagemaker:region:account-id:automl-job/autoMLJobName | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJobV2.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJobV2.html) | `sagemaker:DescribeAutoMLJobV2` | arn:aws:sagemaker:region:account-id:automl-job/autoMLJobName | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDomain.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDomain.html) | `sagemaker:DescribeDomain` | `arn:aws:sagemaker:region:account-id:domain/domainId` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html) | `sagemaker:DescribeEndpoint` | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpointConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpointConfig.html) | `sagemaker:DescribeEndpointConfig` | `arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFlowDefinition.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFlowDefinition.html) | `sagemaker:DescribeFlowDefinition` | `arn:aws:sagemaker:region:account-id:flow-definition/flowDefinitionName` | | `[DescribeHumanLoop](https://docs.aws.amazon.com/augmented-ai/2019-11-07/APIReference/API_DescribeHumanLoop.html)` | `sagemaker:DescribeHumanLoop` | `arn:aws:sagemaker:region:account-id:human-loop/humanLoopName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanTaskUi.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanTaskUi.html) | `sagemaker:DescribeHumanTaskUi` | `arn:aws:sagemaker:region:account-id:human-task-ui/humanTaskUiName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHyperParameterTuningJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHyperParameterTuningJob.html) | `sagemaker:DescribeHyperParameterTuningJob` | `arn:aws:sagemaker:region:account-id:hyper-parameter-tuning-job/hyperParameterTuningJob` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImage.html) | `sagemaker:DescribeImage` | `arn:aws:sagemaker:region:account-id:image/imageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImageVersion.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImageVersion.html) | `sagemaker:DescribeImageVersion` | `arn:aws:sagemaker:region:account-id:image-version/imageName/versionNumber` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLabelingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLabelingJob.html) | `sagemaker:DescribeLabelingJob` | `arn:aws:sagemaker:region:account-id:labeling-job/labelingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModel.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModel.html) | `sagemaker:DescribeModel` | `arn:aws:sagemaker:region:account-id:model/modelName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackage.html) | `sagemaker:DescribeModelPackage` | `arn:aws:sagemaker:region:account-id:model-package/modelPackageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackageGroup.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackageGroup.html) | `sagemaker:DescribeModelPackageGroup` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstance.html) | `sagemaker:DescribeNotebookInstance ` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipeline.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipeline.html) | `sagemaker:DescribePipeline` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineDefinitionForExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineDefinitionForExecution.html) | `sagemaker:DescribePipelineDefinitionForExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineExecution.html) | `sagemaker:DescribePipelineExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProcessingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProcessingJob.html) | `sagemaker:DescribeProcessingJob` | `arn:aws:sagemaker:region:account-id:processing-job/processingjobname` | | `[DescribeSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSpace.html)` | `sagemaker:DescribeSpace` | `arn:aws:sagemaker:region:account-id:space/domain-id/spaceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSubscribedWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSubscribedWorkteam.html) | `sagemaker:DescribeSubscribedWorkteam` `aws-marketplace:ViewSubscriptions` | `arn:aws:sagemaker:region:account-id:workteam/vendor-crowd/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html) | `sagemaker:DescribeTrainingJob` | `arn:aws:sagemaker:region:account-id:training-job/trainingjobname` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTransformJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTransformJob.html) | `sagemaker:DescribeTransformJob` | `arn:aws:sagemaker:region:account-id:transform-job/transformjobname` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html) | `sagemaker:DescribeUserProfile` | `arn:aws:sagemaker:region:account-id:user-profile/domain-id/userProfileName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkforce.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkforce.html) | `sagemaker:DescribeWorkforce` | `arn:aws:sagemaker:region:account-id:workforce/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkteam.html) | `sagemaker:DescribeWorkteam` | `arn:aws:sagemaker:region:account-id:workteam/private-crowd/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetModelPackageGroupPolicy.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetModelPackageGroupPolicy.html) | `sagemaker:GetModelPackageGroupPolicy` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) | `sagemaker:InvokeEndpoint` | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAppImageConfigs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAppImageConfigs.html) | `sagemaker:ListAppImageConfigs` | `arn:aws:sagemaker:region:account-id:app-image-config/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListApps.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListApps.html) | `sagemaker:ListApps` | `arn:aws:sagemaker:region:account-id:app/domain-id/user-profile-name/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDomains.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDomains.html) | `sagemaker:ListDomains` | `arn:aws:sagemaker:region:account-id:domain/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpointConfigs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpointConfigs.html) | `sagemaker:ListEndpointConfigs` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpoints.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpoints.html) | `sagemaker:ListEndpoints` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFlowDefinitions.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFlowDefinitions.html) | `sagemaker:ListFlowDefinitions` | `*` | | `[ListHumanLoops](https://docs.aws.amazon.com/augmented-ai/2019-11-07/APIReference/API_ListHumanLoops.html)` | `sagemaker:ListHumanLoops` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanTaskUis.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanTaskUis.html) | `sagemaker:ListHumanTaskUis` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHyperParameterTuningJobs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHyperParameterTuningJobs.html) | `sagemaker:ListHyperParameterTuningJobs` | `arn:aws:sagemaker:region:account-id:hyper-parameter-tuning-job/hyperParameterTuningJob` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImages.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImages.html) | `sagemaker:ListImages` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImageVersions.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImageVersions.html) | `sagemaker:ListImageVersions` | `arn:aws:sagemaker:region:account-id:image/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html) | `sagemaker:ListLabelingJobs` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobsForWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobsForWorkteam.html) | `sagemaker:ListLabelingJobForWorkteam` | `*` | | `[ ListModelPackageGroups](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackageGroups.html)` | `sagemaker:ListModelPackageGroups` | `arn:aws:sagemaker:region:account-id :model-package-group/ModelPackageGroupName` | | `[ ListModelPackages](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackages.html)` | `sagemaker:ListModelPackages` | `arn:aws:sagemaker:region:account-id :model-package/ModelPackageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModels.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModels.html) | `sagemaker:ListModels` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstances.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstances.html) | `sagemaker:ListNotebookInstances` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutions.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutions.html) | `sagemaker:ListPipelineExecutions` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutionSteps.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutionSteps.html) | `sagemaker:ListPipelineExecutionSteps` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineParametersForExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineParametersForExecution.html) | `sagemaker:ListPipelineParametersForExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelines.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelines.html) | `sagemaker:ListPipelines` | \$1 | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProcessingJobs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProcessingJobs.html) | `sagemaker:ListProcessingJobs` | `*` | | `[ListSpaces](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSpaces.html)` | `sagemaker:ListSpaces` | `arn:aws:sagemaker:region:account-id:space/domain-id/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSubscribedWorkteams.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSubscribedWorkteams.html) | `sagemaker:ListSubscribedWorkteams` `aws-marketplace:ViewSubscriptions` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTags.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTags.html) | `sagemaker:ListTags` | `arn:aws:sagemaker:region:account-id:*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobs.html) | `sagemaker:ListTrainingJobs` | `*` | | `[ ListTrainingJobsForHyperParameterTuningJob](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobsForHyperParameterTuningJob.html)` | `sagemaker:ListTrainingJobsForHyperParameterTuningJob` | `arn:aws:sagemaker:region:account-id:hyper-parameter-tuning-job/hyperParameterTuningJob` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTransformJobs.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTransformJobs.html) | `sagemaker:ListTransformJobs` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListUserProfiles.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListUserProfiles.html) | `sagemaker:ListUserProfiles` | `arn:aws:sagemaker:region:account-id:user-profile/domain-id/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkforces.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkforces.html) | `sagemaker:ListWorkforces` | \$1 | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkteams.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkteams.html) | `sagemaker:ListWorkteams` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_PutModelPackageGroupPolicy.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_PutModelPackageGroupPolicy.html) | `sagemaker:PutModelPackageGroupPolicy` | `arn:aws:sagemaker:region:account-id:model-package-group/modelPackageGroupName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RetryPipelineExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RetryPipelineExecution.html) | `sagemaker:RetryPipelineExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html) | `sagemaker:Search` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepFailure.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepFailure.html) | `sagemaker:SendPipelineExecutionStepFailure` | `*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepSuccess.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepSuccess.html) | `sagemaker:SendPipelineExecutionStepSuccess` | `*` | | `[StartHumanLoop](https://docs.aws.amazon.com/augmented-ai/2019-11-07/APIReference/API_StartHumanLoop.html)` | `sagemaker:StartHumanLoop` | `arn:aws:sagemaker:region:account-id:human-loop/humanLoopName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartNotebookInstance.html) | `sagemaker:StartNotebookInstance` The following permissions are required only if you specified a VPC when you created your notebook instance: `ec2:CreateNetworkInterface` `ec2:DescribeNetworkInterfaces` `ec2:DescribeSecurityGroups` `ec2:DescribeSubnets` `ec2:DescribeVpcs` The following permissions are required only if you specified an encryption key when you created the notebook instance: `kms:DescribeKey` `kms:CreateGrant` The following permission is required only if you specified an AWS Secrets Manager secret to access a private Git repository when you created the notebook instance: `secretsmanager:GetSecretValue` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) | `sagemaker:StartPipelineExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` | | `[StopHumanLoop](https://docs.aws.amazon.com/augmented-ai/2019-11-07/APIReference/API_StopHumanLoop.html)` | `sagemaker:StopHumanLoop` | `arn:aws:sagemaker:region:account-id:human-loop/humanLoopName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHyperParameterTuningJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHyperParameterTuningJob.html) | `sagemaker:StopHyperParameterTuningJob` | `arn:aws:sagemaker:region:account-id:hyper-parameter-tuning-job/hyperParameterTuningJob` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopLabelingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopLabelingJob.html) | `sagemaker:StopLabelingJob` | `arn:aws:sagemaker:region:account-id:labeling-job/labelingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopNotebookInstance.html) | `sagemaker:StopNotebookInstance` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopPipelineExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopPipelineExecution.html) | `sagemaker:StopPipelineExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopProcessingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopProcessingJob.html) | `sagemaker:StopProcessingJob` | `arn:aws:sagemaker:region:account-id:processing-job/processingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTrainingJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTrainingJob.html) | `sagemaker:StopTrainingJob` | `arn:aws:sagemaker:region:account-id:training-job/trainingJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTransformJob.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTransformJob.html) | `sagemaker:StopTransformJob` | `arn:aws:sagemaker:region:account-id:transform-job/transformJobName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAppImageConfig.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAppImageConfig.html) | `sagemaker:UpdateAppImageConfig` | `arn:aws:sagemaker:region:account-id:app-image-config/appImageConfigName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDomain.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDomain.html) | `sagemaker:UpdateDomain` | `arn:aws:sagemaker:region:account-id:domain/domainId` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html) | `sagemaker:UpdateEndpoint` | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html) | `sagemaker:UpdateEndpointWeightsAndCapacities` | `arn:aws:sagemaker:region:account-id:endpoint/endpointName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html) | `sagemaker:UpdateImage` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:image/imageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelPackage.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelPackage.html) | `sagemaker:UpdateModelPackage` | `arn:aws:sagemaker:region:account-id:model-package/modelPackageName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html) | `sagemaker:UpdateNotebookInstance` `iam:PassRole` | `arn:aws:sagemaker:region:account-id:notebook-instance/notebookInstanceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipeline.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipeline.html) | `sagemaker:UpdatePipeline` `iam:PassRole` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name` `arn:aws-partition:iam::account-id:role/role-name` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipelineExecution.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipelineExecution.html) | `sagemaker:UpdatePipelineExecution` | `arn:aws-partition:sagemaker:region:account-id:pipeline/pipeline-name/execution/execution-id` | | `[UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html)` | `sagemaker:UpdateSpace` | `arn:aws:sagemaker:region:account-id:space/domain-id/spaceName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateUserProfile.html) | `sagemaker:UpdateUserProfile` | `arn:aws:sagemaker:region:account-id:user-profile/domain-id/userProfileName` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkforce.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkforce.html) | `sagemaker:UpdateWorkforce` | `arn:aws:sagemaker:region:account-id:workforce/*` | | [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkteam.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkteam.html) | `sagemaker:UpdateWorkteam` | `arn:aws:sagemaker:region:account-id:workteam/private-crowd/*` | # AWS managed policies for Amazon SageMaker AI AWS managed policies for SageMaker AI To add permissions to users, groups, and roles, it is easier to use AWS managed policies than to write policies yourself. It takes time and expertise to [create IAM customer managed policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html) that provide your team with only the permissions they need. To get started quickly, you can use our AWS managed policies. These policies cover common use cases and are available in your AWS account. For more information about AWS managed policies, see [AWS managed policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) in the *IAM User Guide*. AWS services maintain and update AWS managed policies. You can't change the permissions in AWS managed policies. Services occasionally add additional permissions to an AWS managed policy to support new features. This type of update affects all identities (users, groups, and roles) to which the policy is attached. Services are most likely to update an AWS managed policy when a new feature is launched or when new operations become available. Services do not remove permissions from an AWS managed policy, so policy updates won't break your existing permissions. Additionally, AWS supports managed policies for job functions that span multiple services. For example, the `ReadOnlyAccess` AWS managed policy provides read-only access to all AWS services and resources. When a service launches a new feature, AWS adds read-only permissions for new operations and resources. For a list and descriptions of job function policies, see [AWS managed policies for job functions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html) in the *IAM User Guide*. **Important** We recommend that you use the most restricted policy that allows you to perform your use case. The following AWS managed policies, which you can attach to users in your account, are specific to Amazon SageMaker AI: + **`AmazonSageMakerFullAccess`** – Grants full access to Amazon SageMaker AI and SageMaker AI geospatial resources and the supported operations. This does not provide unrestricted Amazon S3 access, but supports buckets and objects with specific `sagemaker` tags. This policy allows all IAM roles to be passed to Amazon SageMaker AI, but only allows IAM roles with "AmazonSageMaker" in them to be passed to the AWS Glue, AWS Step Functions, and AWS RoboMaker services. + **`AmazonSageMakerReadOnly`** – Grants read-only access to Amazon SageMaker AI resources. The following AWS managed policies can be attached to users in your account but are not recommended: + [http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_administrator](http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_administrator) – Grants all actions for all AWS services and for all resources in the account. + [http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_data-scientist](http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_data-scientist) – Grants a wide range of permissions to cover most of the use cases (primarily for analytics and business intelligence) encountered by data scientists. You can review these permissions policies by signing in to the IAM console and searching for them. You can also create your own custom IAM policies to allow permissions for Amazon SageMaker AI actions and resources as you need them. You can attach these custom policies to the users or groups that require them. **Topics** + [ ## AWS managed policy: AmazonSageMakerFullAccess ](#security-iam-awsmanpol-AmazonSageMakerFullAccess) + [ ## AWS managed policy: AmazonSageMakerReadOnly ](#security-iam-awsmanpol-AmazonSageMakerReadOnly) + [ # AWS managed policies for Amazon SageMaker Canvas ](security-iam-awsmanpol-canvas.md) + [ # AWS managed policies for Amazon SageMaker Feature Store ](security-iam-awsmanpol-feature-store.md) + [ # AWS managed policies for Amazon SageMaker geospatial ](security-iam-awsmanpol-geospatial.md) + [ # AWS Managed Policies for Amazon SageMaker Ground Truth ](security-iam-awsmanpol-ground-truth.md) + [ # AWS managed policies for Amazon SageMaker HyperPod ](security-iam-awsmanpol-hyperpod.md) + [ # AWS Managed Policies for SageMaker AI Model Governance ](security-iam-awsmanpol-governance.md) + [ # AWS Managed Policies for Model Registry ](security-iam-awsmanpol-model-registry.md) + [ # AWS Managed Policies for SageMaker Notebooks ](security-iam-awsmanpol-notebooks.md) + [ # AWS managed policies for Amazon SageMaker Partner AI Apps ](security-iam-awsmanpol-partner-apps.md) + [ # AWS Managed Policies for SageMaker Pipelines ](security-iam-awsmanpol-pipelines.md) + [ # AWS managed policies for SageMaker training plans ](security-iam-awsmanpol-training-plan.md) + [ # AWS Managed Policies for SageMaker Projects and JumpStart ](security-iam-awsmanpol-sc.md) + [ ## SageMaker AI Updates to AWS Managed Policies ](#security-iam-awsmanpol-updates) ## AWS managed policy: AmazonSageMakerFullAccess AmazonSageMakerFullAccess This policy grants administrative permissions that allow a principal full access to all Amazon SageMaker AI and SageMaker AI geospatial resources and operations. The policy also provides select access to related services. This policy allows all IAM roles to be passed to Amazon SageMaker AI, but only allows IAM roles with "AmazonSageMaker" in them to be passed to the AWS Glue, AWS Step Functions, and AWS RoboMaker services. This policy does not include permissions to create an Amazon SageMaker AI domain. For information on the policy needed to create a domain, see [Complete Amazon SageMaker AI prerequisites](gs-set-up.md). **Permissions details** This policy includes the following permissions. + `application-autoscaling` – Allows principals to automatically scale a SageMaker AI real-time inference endpoint. + `athena` – Allows principals to query a list of data catalogs, databases, and table metadata from Amazon Athena. + `aws-marketplace` – Allows principals to view AWS AI Marketplace subscriptions. You need this if you want to access SageMaker AI software subscribed in AWS Marketplace. + `cloudformation` – Allows principals to get AWS CloudFormation templates for using SageMaker AI JumpStart solutions and Pipelines. SageMaker AI JumpStart creates resources necessary to run end-to-end machine learning solutions that tie SageMaker AI to other AWS services. SageMaker AI Pipelines creates new projects that are backed by Service Catalog. + `cloudwatch` – Allows principals to post CloudWatch metrics, interact with alarms, and upload logs to CloudWatch Logs in your account. + `codebuild` – Allows principals to store AWS CodeBuild artifacts for SageMaker AI Pipeline and Projects. + `codecommit` – Needed for AWS CodeCommit integration with SageMaker AI notebook instances. + `cognito-idp` – Needed for Amazon SageMaker Ground Truth to define private workforce and work teams. + `ec2` – Needed for SageMaker AI to manage Amazon EC2 resources and network interfaces when you specify an Amazon VPC for your SageMaker AI jobs, models, endpoints, and notebook instances. + `ecr` – Needed to pull and store Docker artifacts for Amazon SageMaker Studio Classic (custom images), training, processing, batch inference, and inference endpoints. This is also required to use your own container in SageMaker AI. Additional permissions for SageMaker AI JumpStart solutions are required to create and remove custom images on behalf of users. + `elasticfilesystem` – Allows principals to access Amazon Elastic File System. This is needed for SageMaker AI to use data sources in Amazon Elastic File System for training machine learning models. + `fsx` – Allows principals to access Amazon FSx. This is needed for SageMaker AI to use data sources in Amazon FSx for training machine learning models. + `glue` – Needed for inference pipeline pre-processing from within SageMaker AI notebook instances. + `groundtruthlabeling` – Needed for Ground Truth labeling jobs. The `groundtruthlabeling` endpoint is accessed by the Ground Truth console. + `iam` – Needed to give the SageMaker AI console access to available IAM roles and create service-linked roles. + `kms` – Needed to give the SageMaker AI console access to available AWS KMS keys and retrieve them for any specified AWS KMS aliases in jobs and endpoints. + `lambda` – Allows principals to invoke and get a list of AWS Lambda functions. + `logs` – Needed to allow SageMaker AI jobs and endpoints to publish log streams. + `redshift` – Allows principals to access Amazon Redshift cluster credentials. + `redshift-data` – Allows principals to use data from Amazon Redshift to run, describe, and cancel statements; get statement results; and list schemas and tables. + `robomaker` – Allows principals to have full access to create, get descriptions, and delete AWS RoboMaker simulation applications and jobs. This is also needed to run reinforcement learning examples on notebook instances. + `s3, s3express` – Allows principals to have full access to Amazon S3 and Amazon S3 Express resources pertaining to SageMaker AI, but not all of Amazon S3 or Amazon S3 Express. + `sagemaker` – Allows principals to list tags on SageMaker AI user profiles, and add tags to SageMaker AI apps and spaces. Allows access only to SageMaker AI flow-definitions of sagemaker:WorkteamType "private-crowd" or "vendor-crowd". Allows the use and description of SageMaker AI training plans and reserved capacity in SageMaker training jobs, and SageMaker HyperPod clusters, across all AWS Regions where the training plans feature is accessible. + `sagemaker` and `sagemaker-geospatial` – Allows principals read-only access to SageMaker AI domains and user profiles. + `secretsmanager` – Allows principals to have full access to AWS Secrets Manager. The principals can securely encrypt, store, and retrieve credentials for databases and other services. This is also needed for SageMaker AI notebook instances with SageMaker AI code repositories that use GitHub. + `servicecatalog` – Allows principals to use Service Catalog. The principals can create, get a list of, update, or terminate provisioned products, such as servers, databases, websites, or applications deployed using AWS resources. This is needed for SageMaker AI JumpStart and Projects to find and read service catalog products and launch AWS resources in users. + `sns` – Allows principals to get a list of Amazon SNS topics. This is needed for endpoints with Async Inference enabled for notifying users that their inference has completed. + `states` – Needed for SageMaker AI JumpStart and Pipelines to use a service catalog to create step function resources. + `tag` – Needed for SageMaker AI Pipelines to render in Studio Classic. Studio Classic needs resources tagged with particular `sagemaker:project-id` tag-key. This requires the `tag:GetResources` permission. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AllowAllNonAdminSageMakerActions", "Effect": "Allow", "Action": [ "sagemaker:*", "sagemaker-geospatial:*" ], "NotResource": [ "arn:aws:sagemaker:*:*:domain/*", "arn:aws:sagemaker:*:*:user-profile/*", "arn:aws:sagemaker:*:*:app/*", "arn:aws:sagemaker:*:*:space/*", "arn:aws:sagemaker:*:*:partner-app/*", "arn:aws:sagemaker:*:*:flow-definition/*", "arn:aws:sagemaker:*:*:training-plan/*", "arn:aws:sagemaker:*:*:reserved-capacity/*" ] }, { "Sid": "AllowAddTagsForSpace", "Effect": "Allow", "Action": [ "sagemaker:AddTags" ], "Resource": [ "arn:aws:sagemaker:*:*:space/*" ], "Condition": { "StringEquals": { "sagemaker:TaggingAction": "CreateSpace" } } }, { "Sid": "AllowAddTagsForApp", "Effect": "Allow", "Action": [ "sagemaker:AddTags" ], "Resource": [ "arn:aws:sagemaker:*:*:app/*" ] }, { "Sid": "AllowUseOfTrainingPlanResources", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateCluster", "sagemaker:UpdateCluster", "sagemaker:DescribeTrainingPlan" ], "Resource": [ "arn:aws:sagemaker:*:*:training-plan/*", "arn:aws:sagemaker:*:*:reserved-capacity/*" ] }, { "Sid": "AllowStudioActions", "Effect": "Allow", "Action": [ "sagemaker:CreatePresignedDomainUrl", "sagemaker:DescribeDomain", "sagemaker:ListDomains", "sagemaker:DescribeUserProfile", "sagemaker:ListUserProfiles", "sagemaker:DescribeSpace", "sagemaker:ListSpaces", "sagemaker:DescribeApp", "sagemaker:ListApps" ], "Resource": "*" }, { "Sid": "AllowAppActionsForUserProfile", "Effect": "Allow", "Action": [ "sagemaker:CreateApp", "sagemaker:DeleteApp" ], "Resource": "arn:aws:sagemaker:*:*:app/*/*/*/*", "Condition": { "Null": { "sagemaker:OwnerUserProfileArn": "true" } } }, { "Sid": "AllowAppActionsForSharedSpaces", "Effect": "Allow", "Action": [ "sagemaker:CreateApp", "sagemaker:DeleteApp" ], "Resource": "arn:aws:sagemaker:*:*:app/${sagemaker:DomainId}/*/*/*", "Condition": { "StringEquals": { "sagemaker:SpaceSharingType": [ "Shared" ] } } }, { "Sid": "AllowMutatingActionsOnSharedSpacesWithoutOwner", "Effect": "Allow", "Action": [ "sagemaker:CreateSpace", "sagemaker:UpdateSpace", "sagemaker:DeleteSpace" ], "Resource": "arn:aws:sagemaker:*:*:space/${sagemaker:DomainId}/*", "Condition": { "Null": { "sagemaker:OwnerUserProfileArn": "true" } } }, { "Sid": "RestrictMutatingActionsOnSpacesToOwnerUserProfile", "Effect": "Allow", "Action": [ "sagemaker:CreateSpace", "sagemaker:UpdateSpace", "sagemaker:DeleteSpace" ], "Resource": "arn:aws:sagemaker:*:*:space/${sagemaker:DomainId}/*", "Condition": { "ArnLike": { "sagemaker:OwnerUserProfileArn": "arn:aws:sagemaker:*:*:user-profile/${sagemaker:DomainId}/${sagemaker:UserProfileName}" }, "StringEquals": { "sagemaker:SpaceSharingType": [ "Private", "Shared" ] } } }, { "Sid": "RestrictMutatingActionsOnPrivateSpaceAppsToOwnerUserProfile", "Effect": "Allow", "Action": [ "sagemaker:CreateApp", "sagemaker:DeleteApp" ], "Resource": "arn:aws:sagemaker:*:*:app/${sagemaker:DomainId}/*/*/*", "Condition": { "ArnLike": { "sagemaker:OwnerUserProfileArn": "arn:aws:sagemaker:*:*:user-profile/${sagemaker:DomainId}/${sagemaker:UserProfileName}" }, "StringEquals": { "sagemaker:SpaceSharingType": [ "Private" ] } } }, { "Sid": "AllowFlowDefinitionActions", "Effect": "Allow", "Action": "sagemaker:*", "Resource": [ "arn:aws:sagemaker:*:*:flow-definition/*" ], "Condition": { "StringEqualsIfExists": { "sagemaker:WorkteamType": [ "private-crowd", "vendor-crowd" ] } } }, { "Sid": "AllowAWSServiceActions", "Effect": "Allow", "Action": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "aws-marketplace:ViewSubscriptions", "cloudformation:GetTemplateSummary", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:List*", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:List*", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreateVpcEndpoint", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:CreateRepository", "ecr:Describe*", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:StartImageScan", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "glue:CreateJob", "glue:DeleteJob", "glue:GetJob*", "glue:GetTable*", "glue:GetWorkflowRun", "glue:ResetJobBookmark", "glue:StartJobRun", "glue:StartWorkflowRun", "glue:UpdateJob", "groundtruthlabeling:*", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "lambda:ListFunctions", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:Describe*", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery", "robomaker:CreateSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:DeleteSimulationApplication", "robomaker:CreateSimulationJob", "robomaker:DescribeSimulationJob", "robomaker:CancelSimulationJob", "secretsmanager:ListSecrets", "servicecatalog:Describe*", "servicecatalog:List*", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProvisionedProducts", "sns:ListTopics", "tag:GetResources" ], "Resource": "*" }, { "Sid": "AllowECRActions", "Effect": "Allow", "Action": [ "ecr:SetRepositoryPolicy", "ecr:CompleteLayerUpload", "ecr:BatchDeleteImage", "ecr:UploadLayerPart", "ecr:DeleteRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:DeleteRepository", "ecr:PutImage" ], "Resource": [ "arn:aws:ecr:*:*:repository/*sagemaker*" ] }, { "Sid": "AllowCodeCommitActions", "Effect": "Allow", "Action": [ "codecommit:GitPull", "codecommit:GitPush" ], "Resource": [ "arn:aws:codecommit:*:*:*sagemaker*", "arn:aws:codecommit:*:*:*SageMaker*", "arn:aws:codecommit:*:*:*Sagemaker*" ] }, { "Sid": "AllowCodeBuildActions", "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild" ], "Resource": [ "arn:aws:codebuild:*:*:project/sagemaker*", "arn:aws:codebuild:*:*:build/*" ], "Effect": "Allow" }, { "Sid": "AllowStepFunctionsActions", "Action": [ "states:DescribeExecution", "states:GetExecutionHistory", "states:StartExecution", "states:StopExecution", "states:UpdateStateMachine" ], "Resource": [ "arn:aws:states:*:*:statemachine:*sagemaker*", "arn:aws:states:*:*:execution:*sagemaker*:*" ], "Effect": "Allow" }, { "Sid": "AllowSecretManagerActions", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret" ], "Resource": [ "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" ] }, { "Sid": "AllowReadOnlySecretManagerActions", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "*", "Condition": { "StringEquals": { "secretsmanager:ResourceTag/SageMaker": "true" } } }, { "Sid": "AllowServiceCatalogProvisionProduct", "Effect": "Allow", "Action": [ "servicecatalog:ProvisionProduct" ], "Resource": "*" }, { "Sid": "AllowServiceCatalogTerminateUpdateProvisionProduct", "Effect": "Allow", "Action": [ "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UpdateProvisionedProduct" ], "Resource": "*", "Condition": { "StringEquals": { "servicecatalog:userLevel": "self" } } }, { "Sid": "AllowS3ObjectActions", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:AbortMultipartUpload" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*", "arn:aws:s3:::*aws-glue*" ] }, { "Sid": "AllowS3GetObjectWithSageMakerExistingObjectTag", "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::*" ], "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" } } }, { "Sid": "AllowS3GetObjectWithServiceCatalogProvisioningExistingObjectTag", "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::*" ], "Condition": { "StringEquals": { "s3:ExistingObjectTag/servicecatalog:provisioning": "true" } } }, { "Sid": "AllowS3BucketActions", "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketCors", "s3:PutBucketCors" ], "Resource": "*" }, { "Sid": "AllowS3BucketACL", "Effect": "Allow", "Action": [ "s3:GetBucketAcl", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Sid": "AllowLambdaInvokeFunction", "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:*:*:function:*SageMaker*", "arn:aws:lambda:*:*:function:*sagemaker*", "arn:aws:lambda:*:*:function:*Sagemaker*", "arn:aws:lambda:*:*:function:*LabelingFunction*" ] }, { "Sid": "AllowCreateServiceLinkedRoleForSageMakerApplicationAutoscaling", "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint", "Condition": { "StringLike": { "iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com" } } }, { "Sid": "AllowCreateServiceLinkedRoleForRobomaker", "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "*", "Condition": { "StringEquals": { "iam:AWSServiceName": "robomaker.amazonaws.com" } } }, { "Sid": "AllowSNSActions", "Effect": "Allow", "Action": [ "sns:Subscribe", "sns:CreateTopic", "sns:Publish" ], "Resource": [ "arn:aws:sns:*:*:*SageMaker*", "arn:aws:sns:*:*:*Sagemaker*", "arn:aws:sns:*:*:*sagemaker*" ] }, { "Sid": "AllowPassRoleForSageMakerRoles", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*AmazonSageMaker*", "Condition": { "StringEquals": { "iam:PassedToService": [ "glue.amazonaws.com", "robomaker.amazonaws.com", "states.amazonaws.com" ] } } }, { "Sid": "AllowPassRoleToSageMaker", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Sid": "AllowAthenaActions", "Effect": "Allow", "Action": [ "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListTableMetadata", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:StartQueryExecution", "athena:StopQueryExecution" ], "Resource": [ "*" ] }, { "Sid": "AllowGlueCreateTable", "Effect": "Allow", "Action": [ "glue:CreateTable" ], "Resource": [ "arn:aws:glue:*:*:table/*/sagemaker_tmp_*", "arn:aws:glue:*:*:table/sagemaker_featurestore/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ] }, { "Sid": "AllowGlueUpdateTable", "Effect": "Allow", "Action": [ "glue:UpdateTable" ], "Resource": [ "arn:aws:glue:*:*:table/sagemaker_featurestore/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/sagemaker_featurestore" ] }, { "Sid": "AllowGlueDeleteTable", "Effect": "Allow", "Action": [ "glue:DeleteTable" ], "Resource": [ "arn:aws:glue:*:*:table/*/sagemaker_tmp_*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ] }, { "Sid": "AllowGlueGetTablesAndDatabases", "Effect": "Allow", "Action": [ "glue:GetDatabases", "glue:GetTable", "glue:GetTables" ], "Resource": [ "arn:aws:glue:*:*:table/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ] }, { "Sid": "AllowGlueGetAndCreateDatabase", "Effect": "Allow", "Action": [ "glue:CreateDatabase", "glue:GetDatabase" ], "Resource": [ "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/sagemaker_featurestore", "arn:aws:glue:*:*:database/sagemaker_processing", "arn:aws:glue:*:*:database/default", "arn:aws:glue:*:*:database/sagemaker_data_wrangler" ] }, { "Sid": "AllowRedshiftDataActions", "Effect": "Allow", "Action": [ "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ListSchemas", "redshift-data:ListTables" ], "Resource": [ "*" ] }, { "Sid": "AllowRedshiftGetClusterCredentials", "Effect": "Allow", "Action": [ "redshift:GetClusterCredentials" ], "Resource": [ "arn:aws:redshift:*:*:dbuser:*/sagemaker_access*", "arn:aws:redshift:*:*:dbname:*" ] }, { "Sid": "AllowListTagsForUserProfile", "Effect": "Allow", "Action": [ "sagemaker:ListTags" ], "Resource": [ "arn:aws:sagemaker:*:*:user-profile/*" ] }, { "Sid": "AllowCloudformationListStackResources", "Effect": "Allow", "Action": [ "cloudformation:ListStackResources" ], "Resource": "arn:aws:cloudformation:*:*:stack/SC-*" }, { "Sid": "AllowS3ExpressObjectActions", "Effect": "Allow", "Action": [ "s3express:CreateSession" ], "Resource": [ "arn:aws:s3express:*:*:bucket/*SageMaker*", "arn:aws:s3express:*:*:bucket/*Sagemaker*", "arn:aws:s3express:*:*:bucket/*sagemaker*", "arn:aws:s3express:*:*:bucket/*aws-glue*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AllowS3ExpressCreateBucketActions", "Effect": "Allow", "Action": [ "s3express:CreateBucket" ], "Resource": [ "arn:aws:s3express:*:*:bucket/*SageMaker*", "arn:aws:s3express:*:*:bucket/*Sagemaker*", "arn:aws:s3express:*:*:bucket/*sagemaker*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AllowS3ExpressListBucketActions", "Effect": "Allow", "Action": [ "s3express:ListAllMyDirectoryBuckets" ], "Resource": "*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerReadOnly AmazonSageMakerReadOnly This policy grants read-only access to Amazon SageMaker AI through the AWS Management Console and SDK. **Permissions details** This policy includes the following permissions. + `application-autoscaling` – Allows users to browse descriptions of scalable SageMaker AI real-time inference endpoints. + `aws-marketplace` – Allows users to view AWS AI Marketplace subscriptions. + `cloudwatch` – Allows users to receive CloudWatch alarms. + `cognito-idp` – Needed for Amazon SageMaker Ground Truth to browse descriptions and lists of private workforce and work teams. + `ecr` – Needed to read Docker artifacts for training and inference. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:Describe*", "sagemaker:List*", "sagemaker:BatchGetMetrics", "sagemaker:GetDeviceRegistration", "sagemaker:GetDeviceFleetReport", "sagemaker:GetSearchSuggestions", "sagemaker:BatchGetRecord", "sagemaker:GetRecord", "sagemaker:Search", "sagemaker:QueryLineage", "sagemaker:GetLineageGroupPolicy", "sagemaker:BatchDescribeModelPackage", "sagemaker:GetModelPackageGroupPolicy" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "aws-marketplace:ViewSubscriptions", "cloudwatch:DescribeAlarms", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "ecr:Describe*" ], "Resource": "*" } ] } ``` ------ # AWS managed policies for Amazon SageMaker Canvas SageMaker Canvas These AWS managed policies add permissions required to use Amazon SageMaker Canvas. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerCanvasFullAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasFullAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasDataPrepFullAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasDataPrepFullAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasDirectDeployAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasDirectDeployAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasAIServicesAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasAIServicesAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasBedrockAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasBedrockAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasForecastAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasForecastAccess) + [ ## AWS managed policy: AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy) + [ ## AWS managed policy: AmazonSageMakerCanvasSMDataScienceAssistantAccess ](#security-iam-awsmanpol-AmazonSageMakerCanvasSMDataScienceAssistantAccess) + [ ## Amazon SageMaker AI updates to Amazon SageMaker Canvas managed policies ](#security-iam-awsmanpol-canvas-updates) ## AWS managed policy: AmazonSageMakerCanvasFullAccess AmazonSageMakerCanvasFullAccess This policy grants permissions that allow full access to Amazon SageMaker Canvas through the AWS Management Console and SDK. The policy also provides select access to related services [for example, Amazon Simple Storage Service (Amazon S3), AWS Identity and Access Management (IAM), Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Container Registry (Amazon ECR), Amazon CloudWatch Logs, Amazon Redshift, AWS Secrets Manager, Amazon SageMaker Autopilot, SageMaker Model Registry, and Amazon Forecast]. This policy is intended to help customers experiment and get started with all the capabilities of SageMaker Canvas. For more fine-grained control, we suggest customers build their own scoped down versions as they move to production workloads. For more information, see [IAM policy types: How and when to use them](https://aws.amazon.com/blogs/security/iam-policy-types-how-and-when-to-use-them/). **Permissions details** This AWS managed policy includes the following permissions. + `sagemaker` – Allows principals to create and host SageMaker AI models on resources whose ARN contains "Canvas", "canvas", or "model-compilation-". Additionally, users can register their SageMaker Canvas model to SageMaker AI Model Registry in the same AWS account. Also allows principals to create and manage SageMaker training, transform, and AutoML jobs. + `application-autoscaling` – Allows principals to automatically scale a SageMaker AI inference endpoint. + `athena` – Allows principals to query a list of data catalogs, databases, and table metadata from Amazon Athena, and access the tables in the catalogs. + `cloudwatch` – Allows principals to create and manage Amazon CloudWatch alarms. + `ec2` – Allows principals to create Amazon VPC endpoints. + `ecr` – Allows principals to get information about a container image. + `emr-serverless` – Allows principals to create and manage Amazon EMR Serverless applications and job runs. Also allows principals to tag SageMaker Canvas resources. + `forecast` – Allows principals to use Amazon Forecast. + `glue` – Allows principals to retrieve the tables, databases, and partitions in the AWS Glue catalog. + `iam` – Allows principals to pass an IAM role to Amazon SageMaker AI, Amazon Forecast, and Amazon EMR Serverless. Also allows principals to create a service-linked role. + `kms` – Allows principals to read an AWS KMS key that is tagged with `Source:SageMakerCanvas`. + `logs` – Allows principals to publish logs from training jobs and endpoints. + `quicksight` – Allows principals to list the namespaces in the Quick account. + `rds` – Allows principals to return information about provisioned Amazon RDS instances. + `redshift` – Allows principals to get credentials for a "sagemaker\$1access\$1" dbuser on any Amazon Redshift cluster if that user exists. + `redshift-data` – Allows principals to run queries on Amazon Redshift using the Amazon Redshift Data API. This only provides access to the Redshift Data APIs themselves and does not directly provide access to your Amazon Redshift clusters. For more information, see [Using the Amazon Redshift Data API](https://docs.aws.amazon.com/redshift/latest/mgmt/data-api.html). + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose name includes "SageMaker", "Sagemaker", or "sagemaker". Also allows principals to retrieve objects from Amazon S3 buckets whose ARN starts with "jumpstart-cache-prod-" in specific regions. + `secretsmanager` – Allows principals to store customer credentials to connect to a Snowflake database using Secrets Manager. **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "SageMakerUserDetailsAndPackageOperations", "Effect": "Allow", "Action": [ "sagemaker:DescribeDomain", "sagemaker:DescribeUserProfile", "sagemaker:ListTags", "sagemaker:ListModelPackages", "sagemaker:ListModelPackageGroups", "sagemaker:ListEndpoints" ], "Resource": "*" }, { "Sid": "SageMakerPackageGroupOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelPackage" ], "Resource": [ "arn:aws:sagemaker:*:*:model-package/*", "arn:aws:sagemaker:*:*:model-package-group/*" ] }, { "Sid": "SageMakerTrainingOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateCompilationJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateModel", "sagemaker:CreateProcessingJob", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:DeleteEndpoint", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeModel", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:StopAutoMLJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:AddTags", "sagemaker:DeleteApp" ], "Resource": [ "arn:aws:sagemaker:*:*:*Canvas*", "arn:aws:sagemaker:*:*:*canvas*", "arn:aws:sagemaker:*:*:*model-compilation-*" ] }, { "Sid": "SageMakerHostingOperations", "Effect": "Allow", "Action": [ "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteModel", "sagemaker:InvokeEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:InvokeEndpointAsync" ], "Resource": [ "arn:aws:sagemaker:*:*:*Canvas*", "arn:aws:sagemaker:*:*:*canvas*" ] }, { "Sid": "EC2VPCOperation", "Effect": "Allow", "Action": [ "ec2:CreateVpcEndpoint", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServices" ], "Resource": "*" }, { "Sid": "ECROperations", "Effect": "Allow", "Action": [ "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Sid": "IAMGetOperations", "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/*" }, { "Sid": "IAMPassOperation", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Sid": "LoggingOperation", "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/sagemaker/*" }, { "Sid": "S3Operations", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:CreateBucket", "s3:GetBucketCors", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Sid": "ReadSageMakerJumpstartArtifacts", "Effect": "Allow", "Action": "s3:GetObject", "Resource": [ "arn:aws:s3:::jumpstart-cache-prod-us-west-2/*", "arn:aws:s3:::jumpstart-cache-prod-us-east-1/*", "arn:aws:s3:::jumpstart-cache-prod-us-east-2/*", "arn:aws:s3:::jumpstart-cache-prod-eu-west-1/*", "arn:aws:s3:::jumpstart-cache-prod-eu-central-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-south-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-northeast-2/*", "arn:aws:s3:::jumpstart-cache-prod-ap-northeast-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-southeast-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-southeast-2/*" ] }, { "Sid": "S3ListOperations", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Sid": "GlueOperations", "Effect": "Allow", "Action": "glue:SearchTables", "Resource": [ "arn:aws:glue:*:*:table/*/*", "arn:aws:glue:*:*:database/*", "arn:aws:glue:*:*:catalog" ] }, { "Sid": "SecretsManagerARNBasedOperation", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret", "secretsmanager:PutResourcePolicy" ], "Resource": [ "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" ] }, { "Sid": "SecretManagerTagBasedOperation", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "*", "Condition": { "StringEquals": { "secretsmanager:ResourceTag/SageMaker": "true" } } }, { "Sid": "RedshiftOperations", "Effect": "Allow", "Action": [ "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable" ], "Resource": "*" }, { "Sid": "RedshiftGetCredentialsOperation", "Effect": "Allow", "Action": [ "redshift:GetClusterCredentials" ], "Resource": [ "arn:aws:redshift:*:*:dbuser:*/sagemaker_access*", "arn:aws:redshift:*:*:dbname:*" ] }, { "Sid": "ForecastOperations", "Effect": "Allow", "Action": [ "forecast:CreateExplainabilityExport", "forecast:CreateExplainability", "forecast:CreateForecastEndpoint", "forecast:CreateAutoPredictor", "forecast:CreateDatasetImportJob", "forecast:CreateDatasetGroup", "forecast:CreateDataset", "forecast:CreateForecast", "forecast:CreateForecastExportJob", "forecast:CreatePredictorBacktestExportJob", "forecast:CreatePredictor", "forecast:DescribeExplainabilityExport", "forecast:DescribeExplainability", "forecast:DescribeAutoPredictor", "forecast:DescribeForecastEndpoint", "forecast:DescribeDatasetImportJob", "forecast:DescribeDataset", "forecast:DescribeForecast", "forecast:DescribeForecastExportJob", "forecast:DescribePredictorBacktestExportJob", "forecast:GetAccuracyMetrics", "forecast:InvokeForecastEndpoint", "forecast:GetRecentForecastContext", "forecast:DescribePredictor", "forecast:TagResource", "forecast:DeleteResourceTree" ], "Resource": [ "arn:aws:forecast:*:*:*Canvas*" ] }, { "Sid": "RDSOperation", "Effect": "Allow", "Action": "rds:DescribeDBInstances", "Resource": "*" }, { "Sid": "IAMPassOperationForForecast", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "forecast.amazonaws.com" } } }, { "Sid": "AutoscalingOperations", "Effect": "Allow", "Action": [ "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget" ], "Resource": "arn:aws:application-autoscaling:*:*:scalable-target/*", "Condition": { "StringEquals": { "application-autoscaling:service-namespace": "sagemaker", "application-autoscaling:scalable-dimension": "sagemaker:variant:DesiredInstanceCount" } } }, { "Sid": "AsyncEndpointOperations", "Effect": "Allow", "Action": [ "cloudwatch:DescribeAlarms", "sagemaker:DescribeEndpointConfig" ], "Resource": "*" }, { "Sid": "DescribeScalingOperations", "Effect": "Allow", "Action": [ "application-autoscaling:DescribeScalingActivities" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "SageMakerCloudWatchUpdate", "Effect": "Allow", "Action": [ "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms" ], "Resource": [ "arn:aws:cloudwatch:*:*:alarm:TargetTracking*" ], "Condition": { "StringEquals": { "aws:CalledViaLast": "application-autoscaling.amazonaws.com" } } }, { "Sid": "AutoscalingSageMakerEndpointOperation", "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint", "Condition": { "StringLike": { "iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com" } } }, { "Sid": "AthenaOperation", "Action": [ "athena:ListTableMetadata", "athena:ListDataCatalogs", "athena:ListDatabases" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "GlueOperation", "Action": [ "glue:GetDatabases", "glue:GetPartitions", "glue:GetTables" ], "Effect": "Allow", "Resource": [ "arn:aws:glue:*:*:table/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "QuicksightOperation", "Action": [ "quicksight:ListNamespaces" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AllowUseOfKeyInAccount", "Effect": "Allow", "Action": [ "kms:DescribeKey" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceTag/Source": "SageMakerCanvas", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessCreateApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:CreateApplication", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:ListApplications", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessApplicationOperations", "Effect": "Allow", "Action": [ "emr-serverless:UpdateApplication", "emr-serverless:StopApplication", "emr-serverless:GetApplication", "emr-serverless:StartApplication" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessStartJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:StartJobRun", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:ListJobRuns", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessJobRunOperations", "Effect": "Allow", "Action": [ "emr-serverless:GetJobRun", "emr-serverless:CancelJobRun" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*/jobruns/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessTagResourceOperation", "Effect": "Allow", "Action": "emr-serverless:TagResource", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "IAMPassOperationForEMRServerless", "Effect": "Allow", "Action": "iam:PassRole", "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerCanvasEMRSExecutionAccess-*", "arn:aws:iam::*:role/AmazonSageMakerCanvasEMRSExecutionAccess-*" ], "Condition": { "StringEquals": { "iam:PassedToService": "emr-serverless.amazonaws.com", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ## AWS managed policy: AmazonSageMakerCanvasDataPrepFullAccess AmazonSageMakerCanvasDataPrepFullAccess This policy grants permissions that allow full access to the data preparation functionality of Amazon SageMaker Canvas. The policy also provides least privilege permissions for the services that integrate with the data preparation functionality [for example, Amazon Simple Storage Service (Amazon S3), AWS Identity and Access Management (IAM), Amazon EMR, Amazon EventBridge, Amazon Redshift, AWS Key Management Service (AWS KMS) and AWS Secrets Manager]. **Permissions details** This AWS managed policy includes the following permissions. + `sagemaker` – Allows principals to access processing jobs, training jobs, inference pipelines, AutoML jobs, and feature groups. + `athena` – Allows principals to query a list of data catalogs, databases, and table metadata from Amazon Athena. + `elasticmapreduce` – Allows principals to read and list Amazon EMR clusters. + `emr-serverless` – Allows principals to create and manage Amazon EMR Serverless applications and job runs. Also allows principals to tag SageMaker Canvas resources. + `events` – Allows principals to create, read, update, and add targets to Amazon EventBridge rules for scheduled jobs. + `glue` – Allows principals to get and search tables from databases in the AWS Glue catalog. + `iam` – Allows principals to pass an IAM role to Amazon SageMaker AI, EventBridge, and Amazon EMR Serverless. Also allows principals to create a service-linked role. + `kms` – Allows principals to retrieve AWS KMS aliases stored in jobs and endpoints, and access the associated KMS key. + `logs` – Allows principals to publish logs from training jobs and endpoints. + `redshift` – Allows principals to get credentials to access an Amazon Redshift database. + `redshift-data` – Allows principals to run, cancel, describe, list, and get the results of Amazon Redshift queries. Also allows principals to list Amazon Redshift schemas and tables. + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose name includes "SageMaker", "Sagemaker", or "sagemaker"; or is tagged with "SageMaker", case-insensitive. + `secretsmanager` – Allows principals to store and retrieve customer database credentials using Secrets Manager. **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "SageMakerListFeatureGroupOperation", "Effect": "Allow", "Action": "sagemaker:ListFeatureGroups", "Resource": "*" }, { "Sid": "SageMakerFeatureGroupOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateFeatureGroup", "sagemaker:DescribeFeatureGroup" ], "Resource": "arn:aws:sagemaker:*:*:feature-group/*" }, { "Sid": "SageMakerProcessingJobOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateProcessingJob", "sagemaker:DescribeProcessingJob", "sagemaker:AddTags" ], "Resource": "arn:aws:sagemaker:*:*:processing-job/*canvas-data-prep*" }, { "Sid": "SageMakerProcessingJobListOperation", "Effect": "Allow", "Action": "sagemaker:ListProcessingJobs", "Resource": "*" }, { "Sid": "SageMakerPipelineOperations", "Effect": "Allow", "Action": [ "sagemaker:DescribePipeline", "sagemaker:CreatePipeline", "sagemaker:UpdatePipeline", "sagemaker:DeletePipeline", "sagemaker:StartPipelineExecution", "sagemaker:ListPipelineExecutionSteps", "sagemaker:DescribePipelineExecution" ], "Resource": "arn:aws:sagemaker:*:*:pipeline/*canvas-data-prep*" }, { "Sid": "KMSListOperations", "Effect": "Allow", "Action": "kms:ListAliases", "Resource": "*" }, { "Sid": "KMSOperations", "Effect": "Allow", "Action": "kms:DescribeKey", "Resource": "arn:aws:kms:*:*:key/*" }, { "Sid": "S3Operations", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetBucketCors", "s3:GetBucketLocation", "s3:AbortMultipartUpload" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "S3GetObjectOperation", "Effect": "Allow", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::*", "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" }, "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "S3ListOperations", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Sid": "IAMListOperations", "Effect": "Allow", "Action": "iam:ListRoles", "Resource": "*" }, { "Sid": "IAMGetOperations", "Effect": "Allow", "Action": "iam:GetRole", "Resource": "arn:aws:iam::*:role/*" }, { "Sid": "IAMPassOperation", "Effect": "Allow", "Action": "iam:PassRole", "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": [ "sagemaker.amazonaws.com", "events.amazonaws.com" ] } } }, { "Sid": "EventBridgePutOperation", "Effect": "Allow", "Action": [ "events:PutRule" ], "Resource": "arn:aws:events:*:*:rule/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-data-prep-job": "true" } } }, { "Sid": "EventBridgeOperations", "Effect": "Allow", "Action": [ "events:DescribeRule", "events:PutTargets" ], "Resource": "arn:aws:events:*:*:rule/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-data-prep-job": "true" } } }, { "Sid": "EventBridgeTagBasedOperations", "Effect": "Allow", "Action": [ "events:TagResource" ], "Resource": "arn:aws:events:*:*:rule/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-data-prep-job": "true", "aws:ResourceTag/sagemaker:is-canvas-data-prep-job": "true" } } }, { "Sid": "EventBridgeListTagOperation", "Effect": "Allow", "Action": "events:ListTagsForResource", "Resource": "*" }, { "Sid": "GlueOperations", "Effect": "Allow", "Action": [ "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:SearchTables" ], "Resource": [ "arn:aws:glue:*:*:table/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ] }, { "Sid": "EMROperations", "Effect": "Allow", "Action": [ "elasticmapreduce:DescribeCluster", "elasticmapreduce:ListInstanceGroups" ], "Resource": "arn:aws:elasticmapreduce:*:*:cluster/*" }, { "Sid": "EMRListOperation", "Effect": "Allow", "Action": "elasticmapreduce:ListClusters", "Resource": "*" }, { "Sid": "AthenaListDataCatalogOperation", "Effect": "Allow", "Action": "athena:ListDataCatalogs", "Resource": "*" }, { "Sid": "AthenaQueryExecutionOperations", "Effect": "Allow", "Action": [ "athena:GetQueryExecution", "athena:GetQueryResults", "athena:StartQueryExecution", "athena:StopQueryExecution" ], "Resource": "arn:aws:athena:*:*:workgroup/*" }, { "Sid": "AthenaDataCatalogOperations", "Effect": "Allow", "Action": [ "athena:ListDatabases", "athena:ListTableMetadata" ], "Resource": "arn:aws:athena:*:*:datacatalog/*" }, { "Sid": "RedshiftOperations", "Effect": "Allow", "Action": [ "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult" ], "Resource": "*" }, { "Sid": "RedshiftArnBasedOperations", "Effect": "Allow", "Action": [ "redshift-data:ExecuteStatement", "redshift-data:ListSchemas", "redshift-data:ListTables" ], "Resource": "arn:aws:redshift:*:*:cluster:*" }, { "Sid": "RedshiftGetCredentialsOperation", "Effect": "Allow", "Action": "redshift:GetClusterCredentials", "Resource": [ "arn:aws:redshift:*:*:dbuser:*/sagemaker_access*", "arn:aws:redshift:*:*:dbname:*" ] }, { "Sid": "SecretsManagerARNBasedOperation", "Effect": "Allow", "Action": "secretsmanager:CreateSecret", "Resource": "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" }, { "Sid": "SecretManagerTagBasedOperation", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*", "Condition": { "StringEquals": { "aws:ResourceTag/SageMaker": "true", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "RDSOperation", "Effect": "Allow", "Action": "rds:DescribeDBInstances", "Resource": "*" }, { "Sid": "LoggingOperation", "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/sagemaker/studio:*" }, { "Sid": "EMRServerlessCreateApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:CreateApplication", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:ListApplications", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessApplicationOperations", "Effect": "Allow", "Action": [ "emr-serverless:UpdateApplication", "emr-serverless:GetApplication" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessStartJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:StartJobRun", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:ListJobRuns", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessJobRunOperations", "Effect": "Allow", "Action": [ "emr-serverless:GetJobRun", "emr-serverless:CancelJobRun" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*/jobruns/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessTagResourceOperation", "Effect": "Allow", "Action": "emr-serverless:TagResource", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "IAMPassOperationForEMRServerless", "Effect": "Allow", "Action": "iam:PassRole", "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerCanvasEMRSExecutionAccess-*", "arn:aws:iam::*:role/AmazonSageMakerCanvasEMRSExecutionAccess-*" ], "Condition": { "StringEquals": { "iam:PassedToService": "emr-serverless.amazonaws.com", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ## AWS managed policy: AmazonSageMakerCanvasDirectDeployAccess AmazonSageMakerCanvasDirectDeployAccess This policy grants permissions needed for Amazon SageMaker Canvas to create and manage Amazon SageMaker AI endpoints. **Permissions details** This AWS managed policy includes the following permissions. + `sagemaker` – Allows principals to create and manage SageMaker AI endpoints with an ARN resource name that starts with "Canvas" or "canvas". + `cloudwatch` – Allows principals to retrieve Amazon CloudWatch metric data. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "SageMakerEndpointPerms", "Effect": "Allow", "Action": [ "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:DeleteEndpoint", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:InvokeEndpoint", "sagemaker:UpdateEndpoint" ], "Resource": [ "arn:aws:sagemaker:*:*:Canvas*", "arn:aws:sagemaker:*:*:canvas*" ] }, { "Sid": "ReadCWInvocationMetrics", "Effect": "Allow", "Action": "cloudwatch:GetMetricData", "Resource": "*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerCanvasAIServicesAccess AmazonSageMakerCanvasAIServicesAccess This policy grants permissions for Amazon SageMaker Canvas to use Amazon Textract, Amazon Rekognition, Amazon Comprehend, and Amazon Bedrock. **Permissions details** This AWS managed policy includes the following permissions. + `textract` – Allows principals to use Amazon Textract to detect documents, expenses, and identities within an image. + `rekognition` – Allows principals to use Amazon Rekognition to detect labels and text within an image. + `comprehend` – Allows principals to use Amazon Comprehend to detect sentiment and dominant language, and named and personally identifiable information (PII) entities within a text document. + `bedrock` – Allows principals to use Amazon Bedrock to list and invoke foundation models. + `iam` – Allows principals to pass an IAM role to Amazon Bedrock. **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "Textract", "Effect": "Allow", "Action": [ "textract:AnalyzeDocument", "textract:AnalyzeExpense", "textract:AnalyzeID", "textract:StartDocumentAnalysis", "textract:StartExpenseAnalysis", "textract:GetDocumentAnalysis", "textract:GetExpenseAnalysis" ], "Resource": "*" }, { "Sid": "Rekognition", "Effect": "Allow", "Action": [ "rekognition:DetectLabels", "rekognition:DetectText" ], "Resource": "*" }, { "Sid": "Comprehend", "Effect": "Allow", "Action": [ "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectSentiment", "comprehend:DetectPiiEntities", "comprehend:DetectEntities", "comprehend:DetectSentiment", "comprehend:DetectDominantLanguage" ], "Resource": "*" }, { "Sid": "Bedrock", "Effect": "Allow", "Action": [ "bedrock:InvokeModel", "bedrock:ListFoundationModels", "bedrock:InvokeModelWithResponseStream" ], "Resource": "*" }, { "Sid": "CreateBedrockResourcesPermission", "Effect": "Allow", "Action": [ "bedrock:CreateModelCustomizationJob", "bedrock:CreateProvisionedModelThroughput", "bedrock:TagResource" ], "Resource": [ "arn:aws:bedrock:*:*:model-customization-job/*", "arn:aws:bedrock:*:*:custom-model/*", "arn:aws:bedrock:*:*:provisioned-model/*" ], "Condition": { "ForAnyValue:StringEquals": { "aws:TagKeys": [ "SageMaker", "Canvas" ] }, "StringEquals": { "aws:RequestTag/SageMaker": "true", "aws:RequestTag/Canvas": "true", "aws:ResourceTag/SageMaker": "true", "aws:ResourceTag/Canvas": "true" } } }, { "Sid": "GetStopAndDeleteBedrockResourcesPermission", "Effect": "Allow", "Action": [ "bedrock:GetModelCustomizationJob", "bedrock:GetCustomModel", "bedrock:GetProvisionedModelThroughput", "bedrock:StopModelCustomizationJob", "bedrock:DeleteProvisionedModelThroughput" ], "Resource": [ "arn:aws:bedrock:*:*:model-customization-job/*", "arn:aws:bedrock:*:*:custom-model/*", "arn:aws:bedrock:*:*:provisioned-model/*" ], "Condition": { "StringEquals": { "aws:ResourceTag/SageMaker": "true", "aws:ResourceTag/Canvas": "true" } } }, { "Sid": "FoundationModelPermission", "Effect": "Allow", "Action": [ "bedrock:CreateModelCustomizationJob" ], "Resource": [ "arn:aws:bedrock:*::foundation-model/*" ] }, { "Sid": "BedrockFineTuningPassRole", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::*:role/*" ], "Condition": { "StringEquals": { "iam:PassedToService": "bedrock.amazonaws.com" } } } ] } ``` ## AWS managed policy: AmazonSageMakerCanvasBedrockAccess AmazonSageMakerCanvasBedrockAccess This policy grants permissions commonly needed to use Amazon SageMaker Canvas with Amazon Bedrock. **Permissions details** This AWS managed policy includes the following permissions. + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets in the "sagemaker-\$1/Canvas" directory. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "S3CanvasAccess", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::sagemaker-*/Canvas", "arn:aws:s3:::sagemaker-*/Canvas/*" ] }, { "Sid": "S3BucketAccess", "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::sagemaker-*" ] } ] } ``` ------ ## AWS managed policy: AmazonSageMakerCanvasForecastAccess AmazonSageMakerCanvasForecastAccess This policy grants permissions commonly needed to use Amazon SageMaker Canvas with Amazon Forecast. **Permissions details** This AWS managed policy includes the following permissions. + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose name starts with "sagemaker-". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::sagemaker-*/Canvas", "arn:aws:s3:::sagemaker-*/canvas" ] }, { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::sagemaker-*" ] } ] } ``` ------ ## AWS managed policy: AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy This policy grants permissions to Amazon EMR Serverless for AWS services, such as Amazon S3, used by Amazon SageMaker Canvas for large data processing. **Permissions details** This AWS managed policy includes the following permissions. + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose name includes "SageMaker" or "sagemaker"; or is tagged with "SageMaker", case-insensitive. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "S3Operations", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetBucketCors", "s3:GetBucketLocation", "s3:AbortMultipartUpload" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*sagemaker*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "S3GetObjectOperation", "Effect": "Allow", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::*", "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" }, "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "S3ListOperations", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ ## AWS managed policy: AmazonSageMakerCanvasSMDataScienceAssistantAccess AmazonSageMakerCanvasSMDataScienceAssistantAccess This policy grants permissions for users in Amazon SageMaker Canvas to start conversations with Amazon Q Developer. This feature requires permissions to both Amazon Q Developer and the SageMaker AI Data Science Assistant service. **Permissions details** This AWS managed policy includes the following permissions. + `q` – Allows principals to send prompts to Amazon Q Developer. + `sagemaker-data-science-assistant` – Allows principals to send prompts to the SageMaker Canvas Data Science Assistant service. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "SageMakerDataScienceAssistantAccess", "Effect": "Allow", "Action": [ "sagemaker-data-science-assistant:SendConversation" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AmazonQDeveloperAccess", "Effect": "Allow", "Action": [ "q:SendMessage", "q:StartConversation" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ ## Amazon SageMaker AI updates to Amazon SageMaker Canvas managed policies SageMaker Canvas policy updates View details about updates to AWS managed policies for SageMaker Canvas since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerCanvasSMDataScienceAssistantAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasSMDataScienceAssistantAccess) - Update to an existing policy | 2 | Add `q:StartConversation` permission. | January 14, 2025 | | [AmazonSageMakerCanvasSMDataScienceAssistantAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasSMDataScienceAssistantAccess) - New policy | 1 | Initial policy | December 4, 2024 | | [AmazonSageMakerCanvasDataPrepFullAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasDataPrepFullAccess) - Update to an existing policy | 4 | Add resource to `IAMPassOperationForEMRServerless` permission. | August 16, 2024 | | [AmazonSageMakerCanvasFullAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasFullAccess) - Update to an existing policy | 11 | Add resource to `IAMPassOperationForEMRServerless` permission. | August 15, 2024 | | [AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy](#security-iam-awsmanpol-AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy) - New policy | 1 | Initial policy | July 26, 2024 | | AmazonSageMakerCanvasDataPrepFullAccess - Update to an existing policy | 3 | Add `emr-serverless:CreateApplication`, `emr-serverless:ListApplications`, `emr-serverless:UpdateApplication`, `emr-serverless:GetApplication`, `emr-serverless:StartJobRun`, `emr-serverless:ListJobRuns`, `emr-serverless:GetJobRun`, `emr-serverless:CancelJobRun`, and `emr-serverless:TagResource` permissions. | July 18, 2024 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 10 | Add `application-autoscaling:DescribeScalingActivities` `iam:PassRole`, `kms:DescribeKey`, and `quicksight:ListNamespaces` permissions. Add `sagemaker:CreateTrainingJob`, `sagemaker:CreateTransformJob`, `sagemaker:DescribeTrainingJob`, `sagemaker:DescribeTransformJob`, `sagemaker:StopAutoMLJob`, `sagemaker:StopTrainingJob`, and `sagemaker:StopTransformJob` permissions. Add `athena:ListTableMetadata`, `athena:ListDataCatalogs`, and `athena:ListDatabases` permissions. Add `glue:GetDatabases`, `glue:GetPartitions`, and `glue:GetTables` permissions. Add `emr-serverless:CreateApplication`, `emr-serverless:ListApplications`, `emr-serverless:UpdateApplication`, `emr-serverless:StopApplication`, `emr-serverless:GetApplication`, `emr-serverless:StartApplication`, `emr-serverless:StartJobRun`, `emr-serverless:ListJobRuns`, `emr-serverless:GetJobRun`, `emr-serverless:CancelJobRun`, and `emr-serverless:TagResource` permissions. | July 9, 2024 | | [AmazonSageMakerCanvasBedrockAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasBedrockAccess) - New policy | 1 | Initial policy | February 2, 2024 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 9 | Add `sagemaker:ListEndpoints` permission. | January 24, 2024 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 8 | Add `sagemaker:UpdateEndpointWeightsAndCapacities`, `sagemaker:DescribeEndpointConfig`, `sagemaker:InvokeEndpointAsync`, `athena:ListDataCatalogs`, `athena:GetQueryExecution`, `athena:GetQueryResults`, `athena:StartQueryExecution`, `athena:StopQueryExecution`, `athena:ListDatabases`, `cloudwatch:DescribeAlarms`, `cloudwatch:PutMetricAlarm`, `cloudwatch:DeleteAlarms`, and `iam:CreateServiceLinkedRole` permissions. | December 8, 2023 | | AmazonSageMakerCanvasDataPrepFullAccess - Update to an existing policy | 2 | Small update to enforce the intents of the previous policy, version 1; no permissions added or deleted. | December 7, 2023 | | [AmazonSageMakerCanvasAIServicesAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasAIServicesAccess) - Update to an existing policy | 3 | Add `bedrock:InvokeModelWithResponseStream`, `bedrock:GetModelCustomizationJob`, `bedrock:StopModelCustomizationJob`, `bedrock:GetCustomModel`, `bedrock:GetProvisionedModelThroughput`, `bedrock:DeleteProvisionedModelThroughput`, `bedrock:TagResource`, `bedrock:CreateModelCustomizationJob`, `bedrock:CreateProvisionedModelThroughput`, and `iam:PassRole` permissions. | November 29, 2023 | | AmazonSageMakerCanvasDataPrepFullAccess - New policy | 1 | Initial policy | October 26, 2023 | | [AmazonSageMakerCanvasDirectDeployAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasDirectDeployAccess) - New policy | 1 | Initial policy | October 6, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 7 | Add `sagemaker:DeleteEndpointConfig`, `sagemaker:DeleteModel`, and `sagemaker:InvokeEndpoint` permissions. Also add `s3:GetObject` permission for JumpStart resources in specific regions. | September 29, 2023 | | AmazonSageMakerCanvasAIServicesAccess - Update to an existing policy | 2 | Add `bedrock:InvokeModel` and `bedrock:ListFoundationModels` permissions. | September 29, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 6 | Add `rds:DescribeDBInstances` permission. | August 29, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 5 | Add `application-autoscaling:PutScalingPolicy` and `application-autoscaling:RegisterScalableTarget` permissions. | July 24, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 4 | Add `sagemaker:CreateModelPackage`, `sagemaker:CreateModelPackageGroup`, `sagemaker:DescribeModelPackage`, `sagemaker:DescribeModelPackageGroup`, `sagemaker:ListModelPackages`, and `sagemaker:ListModelPackageGroups` permissions. | May 4, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 3 | Add `sagemaker:CreateAutoMLJobV2`, `sagemaker:DescribeAutoMLJobV2`, and `glue:SearchTables` permissions. | March 24, 2023 | | AmazonSageMakerCanvasAIServicesAccess - New policy | 1 | Initial policy | March 23, 2023 | | AmazonSageMakerCanvasFullAccess - Update to an existing policy | 2 | Add `forecast:DeleteResourceTree` permission. | December 6, 2022 | | AmazonSageMakerCanvasFullAccess - New policy | 1 | Initial policy | September 8, 2022 | | [AmazonSageMakerCanvasForecastAccess](#security-iam-awsmanpol-AmazonSageMakerCanvasForecastAccess) - New policy | 1 | Initial policy | August 24, 2022 | # AWS managed policies for Amazon SageMaker Feature Store SageMaker AI Feature Store These AWS managed policies add permissions required to use Feature Store. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerFeatureStoreAccess ](#security-iam-awsmanpol-AmazonSageMakerFeatureStoreAccess) + [ ## Amazon SageMaker AI updates to Amazon SageMaker Feature Store managed policies ](#security-iam-awsmanpol-feature-store-updates) ## AWS managed policy: AmazonSageMakerFeatureStoreAccess AmazonSageMakerFeatureStoreAccess This policy grants permissions required to enable the offline store for an Amazon SageMaker Feature Store feature group. **Permissions details** This AWS managed policy includes the following permissions. + `s3` – Allows principals to write data into an offline store Amazon S3 bucket. These buckets are limited to those whose name includes "SageMaker", "Sagemaker", or "sagemaker". + `s3` – Allows principals to read existing manifest files maintained in the `metadata` folder of an offline store S3 bucket. + `glue` – Allows principals to read and update AWS Glue tables. These permissions are limited to tables in the `sagemaker_featurestore` folder. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetBucketAcl", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::*SageMaker*/metadata/*", "arn:aws:s3:::*Sagemaker*/metadata/*", "arn:aws:s3:::*sagemaker*/metadata/*" ] }, { "Effect": "Allow", "Action": [ "glue:GetTable", "glue:UpdateTable" ], "Resource": [ "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/sagemaker_featurestore", "arn:aws:glue:*:*:table/sagemaker_featurestore/*" ] } ] } ``` ------ ## Amazon SageMaker AI updates to Amazon SageMaker Feature Store managed policies Feature Store policy updates View details about updates to AWS managed policies for Feature Store since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the SageMaker AI [Document history page.](doc-history.md) | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerFeatureStoreAccess](#security-iam-awsmanpol-AmazonSageMakerFeatureStoreAccess) - Update to an existing policy | 3 | Add `s3:GetObject`, `glue:GetTable`, and `glue:UpdateTable` permissions. | December 5, 2022 | | AmazonSageMakerFeatureStoreAccess - Update to an existing policy | 2 | Add `s3:PutObjectAcl` permission. | February 23, 2021 | | AmazonSageMakerFeatureStoreAccess - New policy | 1 | Initial policy | December 1, 2020 | # AWS managed policies for Amazon SageMaker geospatial SageMaker geospatial These AWS managed policies add permissions required to use SageMaker geospatial. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerGeospatialFullAccess ](#security-iam-awsmanpol-AmazonSageMakerGeospatialFullAccess) + [ ## AWS managed policy: AmazonSageMakerGeospatialExecutionRole ](#security-iam-awsmanpol-AmazonSageMakerGeospatialExecutionRole) + [ ## Amazon SageMaker AI updates to Amazon SageMaker geospatial managed policies ](#security-iam-awsmanpol-geospatial-updates) ## AWS managed policy: AmazonSageMakerGeospatialFullAccess AmazonSageMakerGeospatialFullAccess This policy grants permissions that allow full access to Amazon SageMaker geospatial through the AWS Management Console and SDK. **Permissions details** This AWS managed policy includes the following permissions. + `sagemaker-geospatial` – Allows principals full access to all SageMaker geospatial resources. + `iam` – Allows principals to pass an IAM role to SageMaker geospatial. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker-geospatial:*", "Resource": "*" }, { "Effect": "Allow", "Action": ["iam:PassRole"], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": [ "sagemaker-geospatial.amazonaws.com" ] } } } ] } ``` ------ ## AWS managed policy: AmazonSageMakerGeospatialExecutionRole AmazonSageMakerGeospatialExecutionRole This policy grants permissions commonly needed to use SageMaker geospatial. **Permissions details** This AWS managed policy includes the following permissions. + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose name contains "SageMaker", "Sagemaker", or "sagemaker". + `sagemaker-geospatial` – Allows principals to access Earth observation jobs through the `GetEarthObservationJob` API. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetEarthObservationJob", "Resource": "arn:aws:sagemaker-geospatial:*:*:earth-observation-job/*" }, { "Effect": "Allow", "Action": "sagemaker-geospatial:GetRasterDataCollection", "Resource": "arn:aws:sagemaker-geospatial:*:*:raster-data-collection/*" } ] } ``` ------ ## Amazon SageMaker AI updates to Amazon SageMaker geospatial managed policies SageMaker geospatial policy updates View details about updates to AWS managed policies for SageMaker geospatial since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerGeospatialExecutionRole](#security-iam-awsmanpol-AmazonSageMakerGeospatialExecutionRole) - Updated policy | 2 | Add `sagemaker-geospatial:GetRasterDataCollection` permission. | May 10, 2023 | | [AmazonSageMakerGeospatialFullAccess](#security-iam-awsmanpol-AmazonSageMakerGeospatialFullAccess) - New policy | 1 | Initial policy | November 30, 2022 | | AmazonSageMakerGeospatialExecutionRole - New policy | 1 | Initial policy | November 30, 2022 | # AWS Managed Policies for Amazon SageMaker Ground Truth SageMaker AI Ground Truth These AWS managed policies add permissions required to use SageMaker AI Ground Truth. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerGroundTruthExecution ](#security-iam-awsmanpol-gt-AmazonSageMakerGroundTruthExecution) + [ ## Amazon SageMaker AI updates to SageMaker AI Ground Truth managed policies ](#security-iam-awsmanpol-groundtruth-updates) ## AWS managed policy: AmazonSageMakerGroundTruthExecution AmazonSageMakerGroundTruthExecution This AWS managed policy grants permissions commonly needed to use SageMaker AI Ground Truth. **Permissions details** This policy includes the following permissions. + `lambda` – Allows principals to invoke Lambda functions whose name includes "sagemaker" (case-insensitive), "GtRecipe", or "LabelingFunction". + `s3` – Allows principals to add and retrieve objects from Amazon S3 buckets. These objects are limited to those whose case-insensitive name contains "groundtruth" or "sagemaker", or are tagged with "SageMaker". + `cloudwatch` – Allows principals to post CloudWatch metrics. + `logs` – Allows principals to create and access log streams, and post log events. + `sqs` – Allows principals to create Amazon SQS queues, and send and receive Amazon SQS messages. These permissions are limited to queues whose name includes "GroundTruth". + `sns` – Allows principals to subscribe to and publish messages to Amazon SNS topics whose case-insensitive name contains "groundtruth" or "sagemaker". + `ec2` – Allows principals to create, describe, and delete Amazon VPC endpoints whose VPC endpoint service name contains "sagemaker-task-resources" or "labeling". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "CustomLabelingJobs", "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:*:*:function:*GtRecipe*", "arn:aws:lambda:*:*:function:*LabelingFunction*", "arn:aws:lambda:*:*:function:*SageMaker*", "arn:aws:lambda:*:*:function:*sagemaker*", "arn:aws:lambda:*:*:function:*Sagemaker*" ] }, { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::*GroundTruth*", "arn:aws:s3:::*Groundtruth*", "arn:aws:s3:::*groundtruth*", "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" } } }, { "Effect": "Allow", "Action": [ "s3:GetBucketLocation", "s3:ListBucket" ], "Resource": "*" }, { "Sid": "CloudWatch", "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:DescribeLogStreams", "logs:PutLogEvents" ], "Resource": "*" }, { "Sid": "StreamingQueue", "Effect": "Allow", "Action": [ "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:SetQueueAttributes" ], "Resource": "arn:aws:sqs:*:*:*GroundTruth*" }, { "Sid": "StreamingTopicSubscribe", "Effect": "Allow", "Action": "sns:Subscribe", "Resource": [ "arn:aws:sns:*:*:*GroundTruth*", "arn:aws:sns:*:*:*Groundtruth*", "arn:aws:sns:*:*:*groundTruth*", "arn:aws:sns:*:*:*groundtruth*", "arn:aws:sns:*:*:*SageMaker*", "arn:aws:sns:*:*:*Sagemaker*", "arn:aws:sns:*:*:*sageMaker*", "arn:aws:sns:*:*:*sagemaker*" ], "Condition": { "StringEquals": { "sns:Protocol": "sqs" }, "StringLike": { "sns:Endpoint": "arn:aws:sqs:*:*:*GroundTruth*" } } }, { "Sid": "StreamingTopic", "Effect": "Allow", "Action": [ "sns:Publish" ], "Resource": [ "arn:aws:sns:*:*:*GroundTruth*", "arn:aws:sns:*:*:*Groundtruth*", "arn:aws:sns:*:*:*groundTruth*", "arn:aws:sns:*:*:*groundtruth*", "arn:aws:sns:*:*:*SageMaker*", "arn:aws:sns:*:*:*Sagemaker*", "arn:aws:sns:*:*:*sageMaker*", "arn:aws:sns:*:*:*sagemaker*" ] }, { "Sid": "StreamingTopicUnsubscribe", "Effect": "Allow", "Action": [ "sns:Unsubscribe" ], "Resource": "*" }, { "Sid": "WorkforceVPC", "Effect": "Allow", "Action": [ "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DeleteVpcEndpoints" ], "Resource": "*", "Condition": { "StringLikeIfExists": { "ec2:VpceServiceName": [ "*sagemaker-task-resources*", "aws.sagemaker*labeling*" ] } } } ] } ``` ------ ## Amazon SageMaker AI updates to SageMaker AI Ground Truth managed policies SageMaker AI Ground Truth policy updates View details about updates to AWS managed policies for Amazon SageMaker AI Ground Truth since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerGroundTruthExecution](#security-iam-awsmanpol-gt-AmazonSageMakerGroundTruthExecution) - Update to an existing policy | 3 | Add `ec2:CreateVpcEndpoint`, `ec2:DescribeVpcEndpoints`, and `ec2:DeleteVpcEndpoints` permissions. | April 29, 2022 | | AmazonSageMakerGroundTruthExecution - Update to an existing policy | 2 | Remove `sqs:SendMessageBatch` permission. | April 11, 2022 | | AmazonSageMakerGroundTruthExecution - New policy | 1 | Initial policy | July 20, 2020 | # AWS managed policies for Amazon SageMaker HyperPod SageMaker HyperPod The following AWS managed policies add permissions required to use Amazon SageMaker HyperPod. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console or the HyperPod service-linked role. **Topics** + [ # AWS managed policy: AmazonSageMakerHyperPodTrainingOperatorAccess ](security-iam-awsmanpol-AmazonSageMakerHyperPodTrainingOperatorAccess.md) + [ # AWS managed policy: AmazonSageMakerHyperPodObservabilityAdminAccess ](security-iam-awsmanpol-AmazonSageMakerHyperPodObservabilityAdminAccess.md) + [ # AWS managed policy: AmazonSageMakerHyperPodServiceRolePolicy ](security-iam-awsmanpol-AmazonSageMakerHyperPodServiceRolePolicy.md) + [ # AWS managed policy: AmazonSageMakerClusterInstanceRolePolicy ](security-iam-awsmanpol-AmazonSageMakerClusterInstanceRolePolicy.md) + [ ## Amazon SageMaker AI updates to SageMaker HyperPod managed policies ](#security-iam-awsmanpol-hyperpod-updates) # AWS managed policy: AmazonSageMakerHyperPodTrainingOperatorAccess AmazonSageMakerHyperPodTrainingOperatorAccess This policy provides administrative permissions required to set up the SageMaker HyperPod training operator. It enables access to SageMaker HyperPod and Amazon EKS add-ons. The policy includes permissions to describe the SageMaker HyperPod resources in your account. **Permission details** This policy includes the following permissions: + `sagemaker:DescribeClusterNode` - Allows users to return information about a HyperPod cluster. To view the permissions for this policy, see [AmazonSageMakerHyperPodTrainingOperatorAccess](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerHyperPodTrainingOperatorAccess.html) in the AWS Managed Policy Reference. # AWS managed policy: AmazonSageMakerHyperPodObservabilityAdminAccess AmazonSageMakerHyperPodObservabilityAdminAccess This policy provides administrative privileges required for setting up Amazon SageMaker HyperPod observability. It enables access to Amazon Managed Service for Prometheus, Amazon Managed Grafana and Amazon Elastic Kubernetes Service add-ons. The policy also includes broad access to Grafana HTTP APIs through ServiceAccountTokens across all Amazon Managed Grafana workspaces in your account. **Permission details** The following list provides an overview of the permissions that are included in this policy. + `prometheus` – Create and manage Amazon Managed Service for Prometheus workspaces and rule groups + `grafana` – Creates and manages Amazon Managed Grafana workspaces and service accounts + `eks` – Creates and manages the `amazon-sagemaker-hyperpod-observability` Amazon EKS add-on + `iam` – Passes specific IAM service roles to Amazon Managed Grafana and Amazon EKS + `sagemaker` – Lists and describes SageMaker HyperPod clusters + `sso` – Creates and manages IAM Identity Center application instances for Amazon Managed Grafana setup + `tag` – Tags Amazon Managed Service for Prometheus, Amazon Managed Grafana, and Amazon EKS add-on resources To view the policy JSON, see [AmazonSageMakerHyperPodObservabilityAdminAccess](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerHyperPodObservabilityAdminAccess.html). # AWS managed policy: AmazonSageMakerHyperPodServiceRolePolicy AmazonSageMakerHyperPodServiceRolePolicy SageMaker HyperPod creates and uses the service-linked role named `AWSServiceRoleForSageMakerHyperPod` with the `AmazonSageMakerHyperPodServiceRolePolicy` attached to the role. This policy grants Amazon SageMaker HyperPod permissions to related AWS services such as Amazon EKS and Amazon CloudWatch. The service-linked role makes setting up SageMaker HyperPod easier because you don’t have to manually add the necessary permissions. SageMaker HyperPod defines the permissions of its service-linked roles, and unless defined otherwise, only SageMaker HyperPod can assume its roles. The defined permissions include the trust policy and the permissions policy, and that permissions policy cannot be attached to any other IAM entity. You can delete a service-linked role only after first deleting their related resources. This protects your SageMaker HyperPod resources because you can't inadvertently remove permission to access the resources. For information about other services that support service-linked roles, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) and look for the services that have **Yes** in the **Service-linked roles** column. Choose a **Yes** with a link to view the service-linked role documentation for that service. The `AmazonSageMakerHyperPodServiceRolePolicy` allows SageMaker HyperPod to complete the following actions on the specified resources on your behalf. **Permissions details** This service-linked role policy includes the following permissions. + `eks` – Allows principals to read Amazon Elastic Kubernetes Service (EKS) cluster information. + `logs` – Allows principals to publish Amazon CloudWatch log streams to `/aws/sagemaker/Clusters`. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "EKSClusterDescribePermissions", "Effect": "Allow", "Action": "eks:DescribeCluster", "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "CloudWatchLogGroupPermissions", "Effect": "Allow", "Action": [ "logs:CreateLogGroup" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/sagemaker/Clusters/*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "CloudWatchLogStreamPermissions", "Effect": "Allow", "Action": [ "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/sagemaker/Clusters/*:log-stream:*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ You must configure permissions to allow your users, groups, or roles to create, edit, or delete a service-linked role. For more information, see [Service-linked role permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html#service-linked-role-permissions) in the *IAM User Guide*. ## Creating a service-linked role for SageMaker HyperPod You don't need to manually create a service-linked role. When you create a SageMaker HyperPod cluster using the SageMaker AI console, the AWS CLI, or the AWS SDKs, SageMaker HyperPod creates the service-linked role for you. If you delete this service-linked role but need to create it again, you can use the same process (create a new SageMaker HyperPod cluster) to recreate the role in your account. ## Editing a service-linked role for SageMaker HyperPod SageMaker HyperPod does not allow you to edit the `AWSServiceRoleForSageMakerHyperPod` service-linked role. After you create a service-linked role, you cannot change the name of the role because various entities might reference the role. However, you can edit the description of the role using IAM. For more information, see [Editing a service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html#edit-service-linked-role) in the *IAM User Guide*. ## Deleting a service-linked role for SageMaker HyperPod If you no longer need to use a feature or service that requires a service-linked role, we recommend that you delete that role. That way you don’t have an unused entity that is not actively monitored or maintained. However, you must clean up the resources for your service-linked role before you can manually delete it. **To delete SageMaker HyperPod cluster resources using the service-linked role** Use one of the following options to delete SageMaker HyperPod cluster resources. + [Delete a SageMaker HyperPod cluster](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-operate-slurm-console-ui.html#sagemaker-hyperpod-operate-slurm-console-ui-delete-cluster) using the SageMaker AI console + [Delete a SageMaker HyperPod cluster](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-operate-slurm-cli-command.html#sagemaker-hyperpod-operate-slurm-cli-command-delete-cluster) using the AWS CLI **Note** If the SageMaker HyperPod service is using the role when you try to delete the resources, then the deletion might fail. If that happens, wait for a few minutes and try the operation again. **To manually delete the service-linked role using IAM** Use the IAM console, the AWS CLI, or the AWS API to delete the `AWSServiceRoleForSageMakerHyperPod` service-linked role. For more information, see [Deleting a service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html#delete-service-linked-role) in the *IAM User Guide*. ## Supported Regions for SageMaker HyperPod service-linked roles SageMaker HyperPod supports using service-linked roles in all of the Regions where the service is available. For more information, see [Prerequisites for SageMaker HyperPod](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-prerequisites.html). # AWS managed policy: AmazonSageMakerClusterInstanceRolePolicy AmazonSageMakerClusterInstanceRolePolicy This policy grants permissions commonly needed to use Amazon SageMaker HyperPod. **Permissions details** This AWS managed policy includes the following permissions. + `cloudwatch` – Allows principals to post Amazon CloudWatch metrics. + `logs` – Allows principals to publish CloudWatch log streams. + `s3` – Allows principals to list and retrieve lifecycle script files from an Amazon S3 bucket in your account. These buckets are limited to those whose name starts with "sagemaker-". + `ssmmessages` – Allows principals to open a connection to AWS Systems Manager. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement" : [ { "Sid" : "CloudwatchLogStreamPublishPermissions", "Effect" : "Allow", "Action" : [ "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams" ], "Resource" : [ "arn:aws:logs:*:*:log-group:/aws/sagemaker/Clusters/*:log-stream:*" ] }, { "Sid" : "CloudwatchLogGroupCreationPermissions", "Effect" : "Allow", "Action" : [ "logs:CreateLogGroup" ], "Resource" : [ "arn:aws:logs:*:*:log-group:/aws/sagemaker/Clusters/*" ] }, { "Sid" : "CloudwatchPutMetricDataAccess", "Effect" : "Allow", "Action" : [ "cloudwatch:PutMetricData" ], "Resource" : [ "*" ], "Condition" : { "StringEquals" : { "cloudwatch:namespace" : "/aws/sagemaker/Clusters" } } }, { "Sid" : "DataRetrievalFromS3BucketPermissions", "Effect" : "Allow", "Action" : [ "s3:ListBucket", "s3:GetObject" ], "Resource" : [ "arn:aws:s3:::sagemaker-*" ], "Condition" : { "StringEquals" : { "aws:ResourceAccount" : "${aws:PrincipalAccount}" } } }, { "Sid" : "SSMConnectivityPermissions", "Effect" : "Allow", "Action" : [ "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel" ], "Resource" : "*" } ] } ``` ------ ## Amazon SageMaker AI updates to SageMaker HyperPod managed policies SageMaker HyperPod policy updates View details about updates to AWS managed policies for SageMaker HyperPod since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the SageMaker AI [Document history page.](doc-history.md) | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerHyperPodTrainingOperatorAccess](security-iam-awsmanpol-AmazonSageMakerHyperPodTrainingOperatorAccess.md) - New policy | 1 | Initial policy | August 22, 2025 | | [AmazonSageMakerHyperPodObservabilityAdminAccess](security-iam-awsmanpol-AmazonSageMakerHyperPodObservabilityAdminAccess.md) - Updated policy | 2 | Updated the policy to fix the role scope-down to include the `service-role` prefix. Also added permissions for `eks:DeletePodIdentityAssociation` and `eks:UpdatePodIdentityAssociation` that are required for end-to-end administrative actions. | August 19, 2025 | | [AmazonSageMakerHyperPodObservabilityAdminAccess](security-iam-awsmanpol-AmazonSageMakerHyperPodObservabilityAdminAccess.md) - New policy | 1 | Initial policy | July 10, 2025 | | [AmazonSageMakerHyperPodServiceRolePolicy](security-iam-awsmanpol-AmazonSageMakerHyperPodServiceRolePolicy.md) - New policy | 1 | Initial policy | September 9, 2024 | | [AmazonSageMakerClusterInstanceRolePolicy](security-iam-awsmanpol-AmazonSageMakerClusterInstanceRolePolicy.md) - New policy | 1 | Initial policy | November 29, 2023 | # AWS Managed Policies for SageMaker AI Model Governance SageMaker AI Model Governance This AWS managed policy adds permissions required to use SageMaker AI Model Governance. The policy is available in your AWS account and is used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerModelGovernanceUseAccess ](#security-iam-awsmanpol-governance-AmazonSageMakerModelGovernanceUseAccess) + [ ## Amazon SageMaker AI updates to SageMaker AI Model Governance managed policies ](#security-iam-awsmanpol-governance-updates) ## AWS managed policy: AmazonSageMakerModelGovernanceUseAccess AmazonSageMakerModelGovernanceUseAccess This AWS managed policy grants permissions needed to use all Amazon SageMaker AI Governance features. The policy is available in your AWS account. This policy includes the following permissions. + `s3` – Retrieve objects from Amazon S3 buckets. Retrievable objects are limited to those whose case-insensitive name contains the string `"sagemaker"`. + `kms` – List the AWS KMS keys to use for content encryption. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AllowSMMonitoringModelCards", "Effect": "Allow", "Action": [ "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:UpdateMonitoringAlert", "sagemaker:StartMonitoringSchedule", "sagemaker:StopMonitoringSchedule", "sagemaker:ListMonitoringAlertHistory", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:CreateModelCard", "sagemaker:DescribeModelCard", "sagemaker:UpdateModelCard", "sagemaker:DeleteModelCard", "sagemaker:ListModelCards", "sagemaker:ListModelCardVersions", "sagemaker:CreateModelCardExportJob", "sagemaker:DescribeModelCardExportJob", "sagemaker:ListModelCardExportJobs" ], "Resource": "*" }, { "Sid": "AllowSMTrainingModelsSearchTags", "Effect": "Allow", "Action": [ "sagemaker:ListTrainingJobs", "sagemaker:DescribeTrainingJob", "sagemaker:ListModels", "sagemaker:DescribeModel", "sagemaker:Search", "sagemaker:AddTags", "sagemaker:DeleteTags", "sagemaker:ListTags" ], "Resource": "*" }, { "Sid": "AllowKMSActions", "Effect": "Allow", "Action": [ "kms:ListAliases" ], "Resource": "*" }, { "Sid": "AllowS3Actions", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:CreateBucket", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Sid": "AllowS3ListActions", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" } ] } ``` ------ ## Amazon SageMaker AI updates to SageMaker AI Model Governance managed policies SageMaker AI Model Governance policy updates View details about updates to AWS managed policies for SageMaker AI Model Governance since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the SageMaker AI [Document history page.](doc-history.md) | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerModelGovernanceUseAccess](#security-iam-awsmanpol-governance-AmazonSageMakerModelGovernanceUseAccess) - Update to an existing policy | 3 | Add statement IDs (`Sid`). | June 4, 2024 | | AmazonSageMakerModelGovernanceUseAccess - Update to an existing policy | 2 | Add `sagemaker:DescribeModelPackage` and `DescribeModelPackageGroup` permissions. | July 17, 2023 | | AmazonSageMakerModelGovernanceUseAccess - New policy | 1 | Initial policy | November 30, 2022 | # AWS Managed Policies for Model Registry Model Registry These AWS managed policies adds permissions required to use Model Registry. The policies are available in your AWS account and are used by execution roles created from the Amazon SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerModelRegistryFullAccess ](#security-iam-awsmanpol-model-registry-AmazonSageMakerModelRegistryFullAccess) + [ ## Amazon SageMaker AI updates to Model Registry managed policies ](#security-iam-awsmanpol-model-registry-updates) ## AWS managed policy: AmazonSageMakerModelRegistryFullAccess AmazonSageMakerModelRegistryFullAccess This AWS managed policy grants permissions needed to use all Model Registry features inside an Amazon SageMaker AI domain. This policy is attached to an execution role when configuring Model Registry settings to enable Model Registry permissions. This policy includes the following permissions. + `ecr` – Allows principals to retrieve information, including metadata, about Amazon Elastic Container Registry (Amazon ECR) images. + `iam` – Allows principals to pass the execution role to the Amazon SageMaker AI service. + `resource-groups` – Allows principals to create, list, tag, and delete AWS Resource Groups. + `s3` – Allows principals to retrieve objects from the Amazon Simple Storage Service (Amazon S3) buckets where model versions are stored. Retrievable objects are limited to those whose case-insensitive name contains the string `"sagemaker"`. + `sagemaker` – Allows principals to catalog, manage, and deploy models using the SageMaker Model Registry. + `kms` – Allows only the SageMaker AI service principal to add a grant, generate data keys, decrypt, and read AWS KMS keys, and only keys that are tagged for "sagemaker" use. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AmazonSageMakerModelRegistrySageMakerReadPermission", "Effect": "Allow", "Action": [ "sagemaker:DescribeAction", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineExecution", "sagemaker:ListAssociations", "sagemaker:ListArtifacts", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackages", "sagemaker:Search", "sagemaker:GetSearchSuggestions" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistrySageMakerWritePermission", "Effect": "Allow", "Action": [ "sagemaker:AddTags", "sagemaker:CreateModel", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteTags", "sagemaker:UpdateModelPackage" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistryS3GetPermission", "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Sid": "AmazonSageMakerModelRegistryS3ListPermission", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistryECRReadPermission", "Effect": "Allow", "Action": [ "ecr:BatchGetImage", "ecr:DescribeImages" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistryIAMPassRolePermission", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Sid": "AmazonSageMakerModelRegistryTagReadPermission", "Effect": "Allow", "Action": [ "tag:GetResources" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistryResourceGroupGetPermission", "Effect": "Allow", "Action": [ "resource-groups:GetGroupQuery" ], "Resource": "arn:aws:resource-groups:*:*:group/*" }, { "Sid": "AmazonSageMakerModelRegistryResourceGroupListPermission", "Effect": "Allow", "Action": [ "resource-groups:ListGroupResources" ], "Resource": "*" }, { "Sid": "AmazonSageMakerModelRegistryResourceGroupWritePermission", "Effect": "Allow", "Action": [ "resource-groups:CreateGroup", "resource-groups:Tag" ], "Resource": "arn:aws:resource-groups:*:*:group/*", "Condition": { "ForAnyValue:StringEquals": { "aws:TagKeys": "sagemaker:collection" } } }, { "Sid": "AmazonSageMakerModelRegistryResourceGroupDeletePermission", "Effect": "Allow", "Action": "resource-groups:DeleteGroup", "Resource": "arn:aws:resource-groups:*:*:group/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:collection": "true" } } }, { "Sid": "AmazonSageMakerModelRegistryResourceKMSPermission", "Effect": "Allow", "Action": [ "kms:CreateGrant", "kms:DescribeKey", "kms:GenerateDataKey", "kms:Decrypt" ], "Resource": "arn:aws:kms:*:*:key/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker" : "true" }, "StringLike": { "kms:ViaService": "sagemaker.*.amazonaws.com" } } } ] } ``` ------ ## Amazon SageMaker AI updates to Model Registry managed policies Model Registry policy updates View details about updates to AWS managed policies for Model Registry since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the SageMaker AI [Document history page.](doc-history.md) | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerModelRegistryFullAccess](#security-iam-awsmanpol-model-registry-AmazonSageMakerModelRegistryFullAccess) - Update to an existing policy | 2 | Add `kms:CreateGrant`, `kms:DescribeKey`, `kms:GenerateDataKey`, and `kms:Decrypt` permissions. | June 6, 2024 | | AmazonSageMakerModelRegistryFullAccess - New policy | 1 | Initial policy | April 12, 2023 | # AWS Managed Policies for SageMaker Notebooks SageMaker Notebooks These AWS managed policies add permissions required to use SageMaker Notebooks. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerNotebooksServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerNotebooksServiceRolePolicy) + [ ## Amazon SageMaker AI updates to SageMaker AI Notebooks managed policies ](#security-iam-awsmanpol-notebooks-updates) ## AWS managed policy: AmazonSageMakerNotebooksServiceRolePolicy AmazonSageMakerNotebooksServiceRolePolicy This AWS managed policy grants permissions commonly needed to use Amazon SageMaker Notebooks. The policy is added to the `AWSServiceRoleForAmazonSageMakerNotebooks` that is created when you onboard to Amazon SageMaker Studio Classic. For more information on service-linked roles, see [Service-linked roles](security_iam_service-with-iam.md#security_iam_service-with-iam-roles-service-linked). For more information, see [AmazonSageMakerNotebooksServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerNotebooksServiceRolePolicy.html) **Permissions details** This policy includes the following permissions. + `elasticfilesystem` – Allows principals to create and delete Amazon Elastic File System (EFS) file systems, access points, and mount targets. These are limited to those tagged with the key *ManagedByAmazonSageMakerResource*. Allows principals to describe all EFS file systems, access points, and mount targets. Allows principals to create or overwrite tags for EFS access points and mount targets. + `ec2` – Allows principals to create network interfaces and security groups for Amazon Elastic Compute Cloud (EC2) instances. Also allows principals to create and overwrite tags for these resources. + `sso` – Allows principals to add and delete managed application instances to AWS IAM Identity Center. + `sagemaker` – Allows principals to create and read SageMaker AI user profiles and SageMaker AI spaces; delete SageMaker AI spaces and SageMaker AI apps; and add and list tags. + `fsx` – Allows principals to describe Amazon FSx for Lustre file system, and use the metadata to mount it on notebook. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AllowFSxDescribe", "Effect": "Allow", "Action": [ "fsx:DescribeFileSystems" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AllowSageMakerDeleteApp", "Effect": "Allow", "Action": [ "sagemaker:DeleteApp" ], "Resource": "arn:aws:sagemaker:*:*:app/*" }, { "Sid": "AllowEFSAccessPointCreation", "Effect": "Allow", "Action": "elasticfilesystem:CreateAccessPoint", "Resource": "arn:aws:elasticfilesystem:*:*:file-system/*", "Condition": { "StringLike": { "aws:ResourceTag/ManagedByAmazonSageMakerResource": "*", "aws:RequestTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowEFSAccessPointDeletion", "Effect": "Allow", "Action": [ "elasticfilesystem:DeleteAccessPoint" ], "Resource": "arn:aws:elasticfilesystem:*:*:access-point/*", "Condition": { "StringLike": { "aws:ResourceTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowEFSCreation", "Effect": "Allow", "Action": "elasticfilesystem:CreateFileSystem", "Resource": "*", "Condition": { "StringLike": { "aws:RequestTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowEFSMountWithDeletion", "Effect": "Allow", "Action": [ "elasticfilesystem:CreateMountTarget", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget" ], "Resource": "*", "Condition": { "StringLike": { "aws:ResourceTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowEFSDescribe", "Effect": "Allow", "Action": [ "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets" ], "Resource": "*" }, { "Sid": "AllowEFSTagging", "Effect": "Allow", "Action": "elasticfilesystem:TagResource", "Resource": [ "arn:aws:elasticfilesystem:*:*:access-point/*", "arn:aws:elasticfilesystem:*:*:file-system/*" ], "Condition": { "StringLike": { "aws:ResourceTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowEC2Tagging", "Effect": "Allow", "Action": "ec2:CreateTags", "Resource": [ "arn:aws:ec2:*:*:network-interface/*", "arn:aws:ec2:*:*:security-group/*" ] }, { "Sid": "AllowEC2Operations", "Effect": "Allow", "Action": [ "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteNetworkInterface", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute" ], "Resource": "*" }, { "Sid": "AllowEC2AuthZ", "Effect": "Allow", "Action": [ "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress" ], "Resource": "*", "Condition": { "StringLike": { "ec2:ResourceTag/ManagedByAmazonSageMakerResource": "*" } } }, { "Sid": "AllowIdcOperations", "Effect": "Allow", "Action": [ "sso:CreateManagedApplicationInstance", "sso:DeleteManagedApplicationInstance", "sso:GetManagedApplicationInstance" ], "Resource": "*" }, { "Sid": "AllowSagemakerProfileCreation", "Effect": "Allow", "Action": [ "sagemaker:CreateUserProfile", "sagemaker:DescribeUserProfile" ], "Resource": "*" }, { "Sid": "AllowSagemakerSpaceOperationsForCanvasManagedSpaces", "Effect": "Allow", "Action": [ "sagemaker:CreateSpace", "sagemaker:DescribeSpace", "sagemaker:DeleteSpace", "sagemaker:ListTags" ], "Resource": "arn:aws:sagemaker:*:*:space/*/CanvasManagedSpace-*" }, { "Sid": "AllowSagemakerAddTagsForAppManagedSpaces", "Effect": "Allow", "Action": [ "sagemaker:AddTags" ], "Resource": "arn:aws:sagemaker:*:*:space/*/CanvasManagedSpace-*", "Condition": { "StringEquals": { "sagemaker:TaggingAction": "CreateSpace" } } } ] } ``` ------ ## Amazon SageMaker AI updates to SageMaker AI Notebooks managed policies SageMaker Notebooks policy updates View details about updates to AWS managed policies for Amazon SageMaker AI since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerNotebooksServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerNotebooksServiceRolePolicy) - Update to an existing policy | 10 | Add `fsx:DescribeFileSystems` permission. | November 14, 2024 | | [AmazonSageMakerNotebooksServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerNotebooksServiceRolePolicy) - Update to an existing policy | 9 | Add `sagemaker:DeleteApp` permission. | July 24, 2024 | | AmazonSageMakerNotebooksServiceRolePolicy - Update to an existing policy | 8 | Add `sagemaker:CreateSpace`, `sagemaker:DescribeSpace`, `sagemaker:DeleteSpace`, `sagemaker:ListTags`, and `sagemaker:AddTags` permissions. | May 22, 2024 | | AmazonSageMakerNotebooksServiceRolePolicy - Update to an existing policy | 7 | Add `elasticfilesystem:TagResource` permission. | March 9, 2023 | | AmazonSageMakerNotebooksServiceRolePolicy - Update to an existing policy | 6 | Add `elasticfilesystem:CreateAccessPoint`, `elasticfilesystem:DeleteAccessPoint`, and `elasticfilesystem:DescribeAccessPoints` permissions. | January 12, 2023 | | | | SageMaker AI started tracking changes for its AWS managed policies. | June 1, 2021 | # AWS managed policies for Amazon SageMaker Partner AI Apps Amazon SageMaker Partner AI Apps These AWS managed policies add permissions required to use Amazon SageMaker Partner AI Apps. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerPartnerAppsFullAccess ](#security-iam-awsmanpol-AmazonSageMakerPartnerAppsFullAccess) + [ ## Amazon SageMaker AI updates to Partner AI Apps managed policies ](#security-iam-awsmanpol-partner-apps-updates) ## AWS managed policy: AmazonSageMakerPartnerAppsFullAccess AmazonSageMakerPartnerAppsFullAccess Allows full administrative access to Amazon SageMaker Partner AI Apps. **Permissions details** This AWS managed policy includes the following permissions. + `sagemaker` – Gives Amazon SageMaker Partner AI App users permission to access applications, list available applications, launch application web UIs, and connect using the application SDK. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AmazonSageMakerPartnerListAppsPermission", "Effect": "Allow", "Action": "sagemaker:ListPartnerApps", "Resource": "*" }, { "Sid": "AmazonSageMakerPartnerAppsPermission", "Effect": "Allow", "Action": [ "sagemaker:CreatePartnerAppPresignedUrl", "sagemaker:DescribePartnerApp", "sagemaker:CallPartnerAppApi" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } }, "Resource": "arn:aws:sagemaker:*:*:partner-app/*" } ] } ``` ------ ## Amazon SageMaker AI updates to Partner AI Apps managed policies Partner AI App policy updates View details about updates to AWS managed policies for Partner AI Apps since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the SageMaker AI [Document history page.](doc-history.md) | Policy | Version | Change | Date | | --- | --- | --- | --- | | AmazonSageMakerPartnerAppsFullAccess - New policy | 1 | Initial policy | January 17, 2025 | # AWS Managed Policies for SageMaker Pipelines SageMaker Pipelines These AWS managed policies add permissions required to use SageMaker Pipelines. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. **Topics** + [ ## AWS managed policy: AmazonSageMakerPipelinesIntegrations ](#security-iam-awsmanpol-AmazonSageMakerPipelinesIntegrations) + [ ## Amazon SageMaker AI updates to SageMaker AI Pipelines managed policies ](#security-iam-awsmanpol-pipelines-updates) ## AWS managed policy: AmazonSageMakerPipelinesIntegrations AmazonSageMakerPipelinesIntegrations This AWS managed policy grants permissions commonly needed to use Callback steps and Lambda steps in SageMaker Pipelines. The policy is added to the `AmazonSageMaker-ExecutionRole` that is created when you onboard to Amazon SageMaker Studio Classic. The policy can be attached to any role used for authoring or executing a pipeline. This policy grants appropriate AWS Lambda, Amazon Simple Queue Service (Amazon SQS), Amazon EventBridge, and IAM permissions needed when building pipelines that invoke Lambda functions or include callback steps, which can be used for manual approval steps or running custom workloads. The Amazon SQS permissions allow you to create the Amazon SQS queue needed for receiving callback messages, and also to send messages to that queue. The Lambda permissions allow you to create, read, update, and delete the Lambda functions used in the pipeline steps, and also to invoke those Lambda functions. This policy grants the Amazon EMR permissions needed to run a pipelines Amazon EMR step. **Permissions details** This policy includes the following permissions. + `elasticmapreduce` – Read, add, and cancel steps in a running Amazon EMR cluster. Read, create, and terminate a new Amazon EMR cluster. + `events` – Read, create, update, and add targets to an EventBridge rule named `SageMakerPipelineExecutionEMRStepStatusUpdateRule` and `SageMakerPipelineExecutionEMRClusterStatusUpdateRule`. + `iam` – Pass an IAM role to the AWS Lambda service, Amazon EMR and Amazon EC2. + `lambda` – Create, read, update, delete, and invoke Lambda functions. These permissions are limited to functions whose name includes "sagemaker". + `sqs` – Create an Amazon SQS queue; send an Amazon SQS message. These permissions are limited to queues whose name includes "sagemaker". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:InvokeFunction", "lambda:UpdateFunctionCode" ], "Resource": [ "arn:aws:lambda:*:*:function:*sagemaker*", "arn:aws:lambda:*:*:function:*sageMaker*", "arn:aws:lambda:*:*:function:*SageMaker*" ] }, { "Effect": "Allow", "Action": [ "sqs:CreateQueue", "sqs:SendMessage" ], "Resource": [ "arn:aws:sqs:*:*:*sagemaker*", "arn:aws:sqs:*:*:*sageMaker*", "arn:aws:sqs:*:*:*SageMaker*" ] }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": [ "lambda.amazonaws.com", "elasticmapreduce.amazonaws.com", "ec2.amazonaws.com" ] } } }, { "Effect": "Allow", "Action": [ "events:DescribeRule", "events:PutRule", "events:PutTargets" ], "Resource": [ "arn:aws:events:*:*:rule/SageMakerPipelineExecutionEMRStepStatusUpdateRule", "arn:aws:events:*:*:rule/SageMakerPipelineExecutionEMRClusterStatusUpdateRule" ] }, { "Effect": "Allow", "Action": [ "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:CancelSteps", "elasticmapreduce:DescribeStep", "elasticmapreduce:RunJobFlow", "elasticmapreduce:DescribeCluster", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:ListSteps" ], "Resource": [ "arn:aws:elasticmapreduce:*:*:cluster/*" ] } ] } ``` ------ ## Amazon SageMaker AI updates to SageMaker AI Pipelines managed policies SageMaker Pipelines policy updates View details about updates to AWS managed policies for Amazon SageMaker AI since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerPipelinesIntegrations](#security-iam-awsmanpol-AmazonSageMakerPipelinesIntegrations) - Update to an existing policy | 3 | Added permissions for `elasticmapreduce:RunJobFlows`, `elasticmapreduce:TerminateJobFlows`, `elasticmapreduce:ListSteps`, and `elasticmapreduce:DescribeCluster`. | February 17, 2023 | | [AmazonSageMakerPipelinesIntegrations](#security-iam-awsmanpol-AmazonSageMakerPipelinesIntegrations) - Update to an existing policy | 2 | Added permissions for `lambda:GetFunction`, `events:DescribeRule`, `events:PutRule`, `events:PutTargets`, `elasticmapreduce:AddJobFlowSteps`, `elasticmapreduce:CancelSteps`, and `elasticmapreduce:DescribeStep`. | April 20, 2022 | | AmazonSageMakerPipelinesIntegrations - New policy | 1 | Initial policy | July 30, 2021 | # AWS managed policies for SageMaker training plans SageMaker training plans This AWS managed policy grants permissions needed to create and manage Amazon SageMaker training plans and Reserved Capacity in SageMaker AI. The policy can be attached to IAM roles used for creating and managing training plans and reserved capacity within SageMaker AI including your [SageMaker AI execution role](sagemaker-roles.md). **Topics** + [ ## AWS managed policy: AmazonSageMakerTrainingPlanCreateAccess ](#security-iam-awsmanpol-AmazonSageMakerTrainingPlanCreateAccess) + [ ## AWS managed policy: AmazonSageMakerCapacityReservationServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerCapacityReservationServiceRolePolicy) + [ ## Amazon SageMaker AI updates to SageMaker training plans managed policies ](#security-iam-awsmanpol-training-plan-updates) ## AWS managed policy: AmazonSageMakerTrainingPlanCreateAccess AmazonSageMakerTrainingPlanCreateAccess This policy provides the necessary permissions to create, describe, search for, and list training plans in SageMaker AI. Additionally, it also allows adding tags to training plans and reserved capacity resources under specific conditions. **Permissions details** This policy includes the following permissions. + `sagemaker` – Create training plans and reserved capacity, permits adding tags to training plans and reserved capacity when the tagging action is specifically `CreateTrainingPlan` or `CreateReservedCapacity`, allows describing training plans, permits searching for training plan offerings and listing existing training plans on all resources. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "CreateTrainingPlanPermissions", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingPlan", "sagemaker:CreateReservedCapacity", "sagemaker:DescribeReservedCapacity" ], "Resource": [ "arn:aws:sagemaker:*:*:training-plan/*", "arn:aws:sagemaker:*:*:reserved-capacity/*" ] }, { "Sid": "AggTagsToTrainingPlanPermissions", "Effect": "Allow", "Action": [ "sagemaker:AddTags" ], "Resource": [ "arn:aws:sagemaker:*:*:training-plan/*", "arn:aws:sagemaker:*:*:reserved-capacity/*" ], "Condition": { "StringEquals": { "sagemaker:TaggingAction": ["CreateTrainingPlan","CreateReservedCapacity"] } } }, { "Sid": "DescribeTrainingPlanPermissions", "Effect": "Allow", "Action": "sagemaker:DescribeTrainingPlan", "Resource": [ "arn:aws:sagemaker:*:*:training-plan/*" ] }, { "Sid": "NonResourceLevelTrainingPlanPermissions", "Effect": "Allow", "Action": [ "sagemaker:SearchTrainingPlanOfferings", "sagemaker:ListTrainingPlans" ], "Resource": "*" }, { "Sid": "ListUltraServersByReservedCapacityPermissions", "Effect": "Allow", "Action": "sagemaker:ListUltraServersByReservedCapacity", "Resource": [ "arn:aws:sagemaker:*:*:reserved-capacity/*" ] } ] } ``` ------ ## AWS managed policy: AmazonSageMakerCapacityReservationServiceRolePolicy AmazonSageMakerCapacityReservationServiceRolePolicy This policy is used by the service-linked role named AWSServiceRoleForSageMakerCapacityReservation to publish CloudWatch metrics for Reserved Capacity utilization into customer accounts. The service-linked role is created by the service principal capacityreservation.sagemaker.amazonaws.com. **Note** This is a service-linked role policy. You cannot attach this policy to your IAM identities. SageMaker AI creates this policy and attaches it to a service-linked role that allows SageMaker AI to perform actions on your behalf. **Permissions details** This policy includes the following permissions. + `cloudwatch` – Allows publishing metric data to CloudWatch. This permission is scoped to the `aws/sagemaker/CapacityReservations` namespace using a condition key. ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "CloudwatchPutMetricDataAccess", "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData" ], "Resource": [ "*" ], "Condition": { "StringEquals": { "cloudwatch:namespace": "aws/sagemaker/CapacityReservations" } } } ] } ``` For more information, see [AmazonSageMakerCapacityReservationServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerCapacityReservationServiceRolePolicy.html) in the AWS Managed Policy Reference Guide. ## Amazon SageMaker AI updates to SageMaker training plans managed policies SageMaker training plans policy updates View details about updates to AWS managed policies for Amazon SageMaker AI since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerCapacityReservationServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerCapacityReservationServiceRolePolicy) – New policy | 1 | Initial policy | March 5, 2026 | | AmazonSageMakerTrainingPlanCreateAccess - updated policy | 2 | Updated policy to add permissions to retrieve information about a specific reserved capacity and list all UltraServers in a reserved capacity. | July 29, 2024 | | AmazonSageMakerTrainingPlanCreateAccess - New policy | 1 | Initial policy | December 4, 2024 | # AWS Managed Policies for SageMaker Projects and JumpStart SageMaker Projects and JumpStart These AWS managed policies add permissions to use built-in Amazon SageMaker AI project templates and JumpStart solutions. The policies are available in your AWS account and are used by execution roles created from the SageMaker AI console. SageMaker Projects and JumpStart use AWS Service Catalog to provision AWS resources in customers' accounts. Some created resources need to assume an execution role. For example, if AWS Service Catalog creates a CodePipeline pipeline on behalf of a customer for a SageMaker AI machine learning CI/CD project, then that pipeline requires an IAM role. The [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) role has the permissions required to launch the SageMaker AI portfolio of products from AWS Service Catalog. The [AmazonSageMakerServiceCatalogProductsUseRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsUseRole) role has the permissions required to use the SageMaker AI portfolio of products from AWS Service Catalog. The `AmazonSageMakerServiceCatalogProductsLaunchRole` role passes an `AmazonSageMakerServiceCatalogProductsUseRole` role to the provisioned AWS Service Catalog product resources. **Topics** + [ ## AWS managed policy: AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy) + [ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy ](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy) + [ ## Amazon SageMaker AI updates to AWS Service Catalog AWS managed policies ](#security-iam-awsmanpol-sc-updates) ## AWS managed policy: AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy This service role policy is used by the AWS Service Catalog service to provision products from the Amazon SageMaker AI portfolio. The policy grants permissions to a set of related AWS services including AWS CodePipeline, AWS CodeBuild, AWS CodeCommit, AWS Glue, AWS CloudFormation, and others. The `AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy` policy is intended to be used by the `AmazonSageMakerServiceCatalogProductsLaunchRole` role created from the SageMaker AI console. The policy adds permissions to provision AWS resources for SageMaker Projects and JumpStart using Service Catalog to a customer's account. **Permissions details** This policy includes the following permissions. + `apigateway` – Allows the role to call API Gateway endpoints that are tagged with `sagemaker:launch-source`. + `cloudformation` – Allows AWS Service Catalog to create, update, and delete CloudFormation stacks. Also allows Service Catalog to tag and untag resources. + `codebuild` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to create, update and delete CodeBuild projects. + `codecommit` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to create, update and delete CodeCommit repositories. + `codepipeline` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to create, update and delete CodePipelines. + `codeconnections`, `codestar-connections` – Also allows the role to pass AWS CodeConnections and AWS CodeStar connections. + `cognito-idp` – Allows the role to create, update, and delete groups and user pools. Also allows tagging resources. + `ecr` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to create and delete Amazon ECR repositories. Also allows tagging resources. + `events` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to create and delete EventBridge rules. Used for tying together the various components of the CICD pipeline. + `firehose` – Allows the role to interact with Firehose streams. + `glue` – Allows the role to interact with AWS Glue. + `iam` – Allows the role to pass roles prepended with `AmazonSageMakerServiceCatalog`. This is needed when Projects provisions a AWS Service Catalog product, as a role needs to be passed to AWS Service Catalog. + `lambda` – Allows the role to interact with AWS Lambda. Also allows tagging resources. + `logs` – Allows the role to create, delete and access log streams. + `s3` – Allows the role assumed by AWS Service Catalog and passed to CloudFormation to access Amazon S3 buckets where the Project template code is stored. + `sagemaker` – Allows the role to interact with various SageMaker AI services. This is done both in CloudFormation during template provisioning, as well as in CodeBuild during CICD pipeline execution. Also allows tagging the following resources: endpoints, endpoint configurations, models, pipelines, projects, and model packages. + `states` – Allows the role to create, delete, and update Step Functions prepended with `sagemaker`. To view the permissions for this policy, see [AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy.html) in the AWS Managed Policy Reference. ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy This policy is used by Amazon API Gateway within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by API Gateway that require a role. **Permissions details** This policy includes the following permissions. + `lambda` – Invoke a function created by a partner template. + `sagemaker` – Invoke an endpoint created by a partner template. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "lambda:InvokeFunction", "Resource": "arn:aws:lambda:*:*:function:sagemaker-*", "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" }, "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Effect": "Allow", "Action": "sagemaker:InvokeEndpoint", "Resource": "arn:aws:sagemaker:*:*:endpoint/*", "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" }, "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy This policy is used by AWS CloudFormation within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by CloudFormation that require a role. **Permissions details** This policy includes the following permissions. + `iam` – Pass the `AmazonSageMakerServiceCatalogProductsLambdaRole` and `AmazonSageMakerServiceCatalogProductsApiGatewayRole` roles. + `lambda` – Create, update, delete, and invoke AWS Lambda functions; retrieve, publish, and delete versions of a Lambda layer. + `apigateway` – Create, update, and delete Amazon API Gateway resources. + `s3` – Retrieve the `lambda-auth-code/layer.zip` file from an Amazon Simple Storage Service (Amazon S3) bucket. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerServiceCatalogProductsLambdaRole" ], "Condition": { "StringEquals": { "iam:PassedToService": "lambda.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayRole" ], "Condition": { "StringEquals": { "iam:PassedToService": "apigateway.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "lambda:DeleteFunction", "lambda:UpdateFunctionCode", "lambda:ListTags", "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:*:*:function:sagemaker-*" ], "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" } } }, { "Effect": "Allow", "Action": [ "lambda:CreateFunction", "lambda:TagResource" ], "Resource": [ "arn:aws:lambda:*:*:function:sagemaker-*" ], "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" }, "ForAnyValue:StringEquals": { "aws:TagKeys": [ "sagemaker:project-name", "sagemaker:partner" ] } } }, { "Effect": "Allow", "Action": [ "lambda:PublishLayerVersion", "lambda:GetLayerVersion", "lambda:DeleteLayerVersion", "lambda:GetFunction" ], "Resource": [ "arn:aws:lambda:*:*:layer:sagemaker-*", "arn:aws:lambda:*:*:function:sagemaker-*" ] }, { "Effect": "Allow", "Action": [ "apigateway:GET", "apigateway:DELETE", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT" ], "Resource": [ "arn:aws:apigateway:*::/restapis/*", "arn:aws:apigateway:*::/restapis" ], "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" } } }, { "Effect": "Allow", "Action": [ "apigateway:POST", "apigateway:PUT" ], "Resource": [ "arn:aws:apigateway:*::/restapis", "arn:aws:apigateway:*::/tags/*" ], "Condition": { "Null": { "aws:ResourceTag/sagemaker:project-name": "false", "aws:ResourceTag/sagemaker:partner": "false" }, "ForAnyValue:StringEquals": { "aws:TagKeys": [ "sagemaker:project-name", "sagemaker:partner" ] } } }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::sagemaker-*/lambda-auth-code/layer.zip" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ ## AWS managed policy: AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy This policy is used by AWS Lambda within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by Lambda that require a role. **Permissions details** This policy includes the following permissions. + `secretsmanager` – Retrieve data from partner provided secrets for a partner template. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "secretsmanager:GetSecretValue", "Resource": "arn:aws:secretsmanager:*:*:secret:*", "Condition": { "Null": { "aws:ResourceTag/sagemaker:partner": false }, "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy This policy is used by Amazon API Gateway within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by API Gateway that require a role. **Permissions details** This policy includes the following permissions. + `logs` – Create and read CloudWatch Logs groups, streams, and events; update events; describe various resources. These permissions are limited to resources whose log group prefix starts with "aws/apigateway/". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeResourcePolicies", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/apigateway/*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy This policy is used by AWS CloudFormation within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by CloudFormation that require a role. **Permissions details** This policy includes the following permissions. + `sagemaker` – Allow access to various SageMaker AI resources excluding domains, user-profiles, apps, and flow definitions. + `iam` – Pass the `AmazonSageMakerServiceCatalogProductsCodeBuildRole` and `AmazonSageMakerServiceCatalogProductsExecutionRole` roles. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetSearchSuggestions", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:StartHumanLoop", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateImage", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam" ], "NotResource": [ "arn:aws:sagemaker:*:*:domain/*", "arn:aws:sagemaker:*:*:user-profile/*", "arn:aws:sagemaker:*:*:app/*", "arn:aws:sagemaker:*:*:flow-definition/*" ] }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerServiceCatalogProductsCodeBuildRole", "arn:aws:iam::*:role/service-role/AmazonSageMakerServiceCatalogProductsExecutionRole" ] } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy This policy is used by AWS CodeBuild within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by CodeBuild that require a role. **Permissions details** This policy includes the following permissions. + `sagemaker` – Allow access to various SageMaker AI resources. + `codecommit` – Upload CodeCommit archives to CodeBuild pipelines, get upload status, and cancel uploads; get branch and commit information. These permissions are limited to resources whose name starts with "sagemaker-". + `ecr` – Create Amazon ECR repositories and container images; upload image layers. These permissions are limited to repositories whose name starts with "sagemaker-". `ecr` – Read all resources. + `iam` – Pass the following roles: + `AmazonSageMakerServiceCatalogProductsCloudformationRole` to AWS CloudFormation. + `AmazonSageMakerServiceCatalogProductsCodeBuildRole` to AWS CodeBuild. + `AmazonSageMakerServiceCatalogProductsCodePipelineRole` to AWS CodePipeline. + `AmazonSageMakerServiceCatalogProductsEventsRole` to Amazon EventBridge. + `AmazonSageMakerServiceCatalogProductsExecutionRole` to Amazon SageMaker AI. + `logs` – Create and read CloudWatch Logs groups, streams, and events; update events; describe various resources. These permissions are limited to resources whose name prefix starts with "aws/codebuild/". + `s3` – Create, read, and list Amazon S3 buckets. These permissions are limited to buckets whose name starts with "sagemaker-". + `codeconnections`, `codestar-connections` – Use AWS CodeConnections and AWS CodeStar connections. To view the permissions for this policy, see [AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy.html) in the AWS Managed Policy Reference. ## AWS managed policy: AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy This policy is used by AWS CodePipeline within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by CodePipeline that require a role. **Permissions details** This policy includes the following permissions. + `cloudformation` – Create, read, delete, and update CloudFormation stacks; create, read, delete, and execute change sets; set stack policy; tag and untag resources. These permissions are limited to resources whose name starts with "sagemaker-". + `s3` – Create, read, list, and delete Amazon S3 buckets; add, read, and delete objects from the buckets; read and set the CORS configuration; read the access control list (ACL); and read the AWS Region the bucket resides in. These permissions are limited to buckets whose name starts with "sagemaker-" or "aws-glue-. + `iam` – Pass the `AmazonSageMakerServiceCatalogProductsCloudformationRole` role. + `codebuild` – Get CodeBuild build information and start builds. These permissions are limited to project and build resources whose name starts with "sagemaker-". + `codecommit` – Upload CodeCommit archives to CodeBuild pipelines, get upload status, and cancel uploads; get branch and commit information. + `codeconnections`, `codestar-connections` – Use AWS CodeConnections and AWS CodeStar connections. To view the permissions for this policy, see [AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy.html) in the AWS Managed Policy Reference. ## AWS managed policy: AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy This policy is used by Amazon EventBridge within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by EventBridge that require a role. **Permissions details** This policy includes the following permissions. + `codepipeline` – Start a CodeBuild execution. These permissions are limited to pipelines whose name starts with "sagemaker-". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "codepipeline:StartPipelineExecution", "Resource": "arn:aws:codepipeline:*:*:sagemaker-*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy This policy is used by Amazon Data Firehose within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by Firehose that require a role. **Permissions details** This policy includes the following permissions. + `firehose` – Send Firehose records. These permissions are limited to resources whose delivery stream name starts with "sagemaker-". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "firehose:PutRecord", "firehose:PutRecordBatch" ], "Resource": "arn:aws:firehose:*:*:deliverystream/sagemaker-*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy This policy is used by AWS Glue within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by Glue that require a role. **Permissions details** This policy includes the following permissions. + `glue` – Create, read, and delete AWS Glue partitions, tables, and table versions. These permissions are limited to those resources whose name starts with "sagemaker-". Create and read AWS Glue databases. These permissions are limited to databases whose name is "default", "global\$1temp", or starts with "sagemaker-". Get user defined functions. + `s3` – Create, read, list, and delete Amazon S3 buckets; add, read, and delete objects from the buckets; read and set the CORS configuration; read the access control list (ACL), and read the AWS Region the bucket resides in. These permissions are limited to buckets whose name starts with "sagemaker-" or "aws-glue-". + `logs` – Create, read, and delete CloudWatch Logs log group, streams, and deliveries; and create a resource policy. These permissions are limited to resources whose name prefix starts with "aws/glue/". ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "glue:BatchCreatePartition", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetPartition", "glue:CreateDatabase", "glue:CreatePartition", "glue:CreateTable", "glue:DeletePartition", "glue:DeleteTable", "glue:DeleteTableVersion", "glue:GetDatabase", "glue:GetPartition", "glue:GetPartitions", "glue:GetTable", "glue:GetTables", "glue:GetTableVersion", "glue:GetTableVersions", "glue:SearchTables", "glue:UpdatePartition", "glue:UpdateTable", "glue:GetUserDefinedFunctions" ], "Resource": [ "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/default", "arn:aws:glue:*:*:database/global_temp", "arn:aws:glue:*:*:database/sagemaker-*", "arn:aws:glue:*:*:table/sagemaker-*", "arn:aws:glue:*:*:tableVersion/sagemaker-*" ] }, { "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketAcl", "s3:GetBucketCors", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutBucketCors" ], "Resource": [ "arn:aws:s3:::aws-glue-*", "arn:aws:s3:::sagemaker-*" ] }, { "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::aws-glue-*", "arn:aws:s3:::sagemaker-*" ] }, { "Effect": "Allow", "Action": [ "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:Describe*", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/glue/*" } ] } ``` ------ ## AWS managed policy: AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy This policy is used by AWS Lambda within the AWS Service Catalog provisioned products from the Amazon SageMaker AI portfolio. The policy is intended to be attached to an IAM role that the [AmazonSageMakerServiceCatalogProductsLaunchRole](https://console.aws.amazon.com/iam/home?#/roles/AmazonSageMakerServiceCatalogProductsLaunchRole) passes to the AWS resources created by Lambda that require a role. **Permissions details** This policy includes the following permissions. + `sagemaker` – Allow access to various SageMaker AI resources. + `ecr` – Create and delete Amazon ECR repositories; create, read, and delete container images; upload image layers. These permissions are limited to repositories whose name starts with "sagemaker-". + `events` – Create, read, and delete Amazon EventBridge rules; and create and remove targets. These permissions are limited to rules whose name starts with "sagemaker-". + `s3` – Create, read, list, and delete Amazon S3 buckets; add, read, and delete objects from the buckets; read and set the CORS configuration; read the access control list (ACL), and read the AWS Region the bucket resides in. These permissions are limited to buckets whose name starts with "sagemaker-" or "aws-glue-". + `iam` – Pass the `AmazonSageMakerServiceCatalogProductsExecutionRole` role. + `logs` – Create, read, and delete CloudWatch Logs log group, streams, and deliveries; and create a resource policy. These permissions are limited to resources whose name prefix starts with "aws/lambda/". + `codebuild` – Start and get information about AWS CodeBuild builds. ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid" : "AmazonSageMakerLambdaECRPermission", "Effect": "Allow", "Action": [ "ecr:DescribeImages", "ecr:BatchDeleteImage", "ecr:CompleteLayerUpload", "ecr:CreateRepository", "ecr:DeleteRepository", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart" ], "Resource": [ "arn:aws:ecr:*:*:repository/sagemaker-*" ] }, { "Sid" : "AmazonSageMakerLambdaEventBridgePermission", "Effect": "Allow", "Action": [ "events:DeleteRule", "events:DescribeRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets" ], "Resource": [ "arn:aws:events:*:*:rule/sagemaker-*" ] }, { "Sid" : "AmazonSageMakerLambdaS3BucketPermission", "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketAcl", "s3:GetBucketCors", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutBucketCors" ], "Resource": [ "arn:aws:s3:::aws-glue-*", "arn:aws:s3:::sagemaker-*" ] }, { "Sid" : "AmazonSageMakerLambdaS3ObjectPermission", "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::aws-glue-*", "arn:aws:s3:::sagemaker-*" ] }, { "Sid" : "AmazonSageMakerLambdaSageMakerPermission", "Effect": "Allow", "Action": [ "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetSearchSuggestions", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:StartHumanLoop", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateImage", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam" ], "Resource": [ "arn:aws:sagemaker:*:*:action/*", "arn:aws:sagemaker:*:*:algorithm/*", "arn:aws:sagemaker:*:*:app-image-config/*", "arn:aws:sagemaker:*:*:artifact/*", "arn:aws:sagemaker:*:*:automl-job/*", "arn:aws:sagemaker:*:*:code-repository/*", "arn:aws:sagemaker:*:*:compilation-job/*", "arn:aws:sagemaker:*:*:context/*", "arn:aws:sagemaker:*:*:data-quality-job-definition/*", "arn:aws:sagemaker:*:*:device-fleet/*/device/*", "arn:aws:sagemaker:*:*:device-fleet/*", "arn:aws:sagemaker:*:*:edge-packaging-job/*", "arn:aws:sagemaker:*:*:endpoint/*", "arn:aws:sagemaker:*:*:endpoint-config/*", "arn:aws:sagemaker:*:*:experiment/*", "arn:aws:sagemaker:*:*:experiment-trial/*", "arn:aws:sagemaker:*:*:experiment-trial-component/*", "arn:aws:sagemaker:*:*:feature-group/*", "arn:aws:sagemaker:*:*:human-loop/*", "arn:aws:sagemaker:*:*:human-task-ui/*", "arn:aws:sagemaker:*:*:hyper-parameter-tuning-job/*", "arn:aws:sagemaker:*:*:image/*", "arn:aws:sagemaker:*:*:image-version/*/*", "arn:aws:sagemaker:*:*:inference-recommendations-job/*", "arn:aws:sagemaker:*:*:labeling-job/*", "arn:aws:sagemaker:*:*:model/*", "arn:aws:sagemaker:*:*:model-bias-job-definition/*", "arn:aws:sagemaker:*:*:model-explainability-job-definition/*", "arn:aws:sagemaker:*:*:model-package/*", "arn:aws:sagemaker:*:*:model-package-group/*", "arn:aws:sagemaker:*:*:model-quality-job-definition/*", "arn:aws:sagemaker:*:*:monitoring-schedule/*", "arn:aws:sagemaker:*:*:notebook-instance/*", "arn:aws:sagemaker:*:*:notebook-instance-lifecycle-config/*", "arn:aws:sagemaker:*:*:pipeline/*", "arn:aws:sagemaker:*:*:pipeline/*/execution/*", "arn:aws:sagemaker:*:*:processing-job/*", "arn:aws:sagemaker:*:*:project/*", "arn:aws:sagemaker:*:*:training-job/*", "arn:aws:sagemaker:*:*:transform-job/*", "arn:aws:sagemaker:*:*:workforce/*", "arn:aws:sagemaker:*:*:workteam/*" ] }, { "Sid" : "AmazonSageMakerLambdaPassRolePermission", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerServiceCatalogProductsExecutionRole" ] }, { "Sid" : "AmazonSageMakerLambdaLogPermission", "Effect": "Allow", "Action": [ "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeResourcePolicies", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/lambda/*" }, { "Sid" : "AmazonSageMakerLambdaCodeBuildPermission", "Effect": "Allow", "Action": [ "codebuild:StartBuild", "codebuild:BatchGetBuilds" ], "Resource": "arn:aws:codebuild:*:*:project/sagemaker-*", "Condition": { "StringLike": { "aws:ResourceTag/sagemaker:project-name": "*" } } } ] } ``` ------ ## Amazon SageMaker AI updates to AWS Service Catalog AWS managed policies AWS Service Catalog policy updates View details about updates to AWS managed policies for Amazon SageMaker AI since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy) - Updated policy | 10 | Updated `codestar-connections:PassConnection` and `codeconnections:PassConnection` permissions. | September 27, 2025 | | [AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy) - Updated policy | 3 | Updated `codestar-connections:UseConnection` and `codeconnections:UseConnection` permissions. | September 27, 2025 | | [AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy) - Updated policy | 3 | Updated `codestar-connections:UseConnection` and `codeconnections:UseConnection` permissions. | September 27, 2025 | | [AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy) - Updated policy | 9 | Add `cloudformation:TagResource`, `cloudformation:UntagResource`, and `codeconnections:PassConnection` permissions. | July 1, 2024 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 7 | Roll back the policy to version 7 (v7). Remove `cloudformation:TagResource`, `cloudformation:UntagResource`, and `codeconnections:PassConnection` permissions. | June 12, 2024 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 8 | Add `cloudformation:TagResource`, `cloudformation:UntagResource`, and `codeconnections:PassConnection` permissions. | June 11, 2024 | | [AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy) - Updated policy | 2 | Add `codestar-connections:UseConnection` and `codeconnections:UseConnection` permissions. | June 11, 2024 | | [AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy) - Updated policy | 2 | Add `cloudformation:TagResource`, `cloudformation:UntagResource`, `codestar-connections:UseConnection` and `codeconnections:UseConnection` permissions. | June 11, 2024 | | [AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy) - Updated policy | 2 | Add `codebuild:StartBuild` and `codebuild:BatchGetBuilds` permissions. | June 11, 2024 | | [AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy) | 1 | Initial policy | August 1, 2023 | | [AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy) | 1 | Initial policy | August 1, 2023 | | [AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy) | 1 | Initial policy | August 1, 2023 | | [AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy) - Updated policy | 2 | Add permission for `glue:GetUserDefinedFunctions`. | August 26, 2022 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 7 | Add permission for `sagemaker:AddTags`. | August 2, 2022 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 6 | Add permission for `lambda:TagResource`. | July 14, 2022 | | AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy | 1 | Initial policy | April 4, 2022 | | [AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy) | 1 | Initial policy | March 24, 2022 | | [AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy) | 1 | Initial policy | March 24, 2022 | | AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy | 1 | Initial policy | March 24, 2022 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 5 | Add permission for `ecr-idp:TagResource`. | March 21, 2022 | | AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy | 1 | Initial policy | February 22, 2022 | | [AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy) | 1 | Initial policy | February 22, 2022 | | [AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy](#security-iam-awsmanpol-AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy) | 1 | Initial policy | February 22, 2022 | | AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy | 1 | Initial policy | February 22, 2022 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 4 | Add permissions for `cognito-idp:TagResource` and `s3:PutBucketCORS`. | February 16, 2022 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 3 | Add new permissions for `sagemaker`. Create, read, update, and delete SageMaker Images. | September 15, 2021 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy - Updated policy | 2 | Add permissions for `sagemaker` and `codestar-connections`. Create, read, update, and delete code repositories. Pass AWS CodeStar connections to AWS CodePipeline. | July 1, 2021 | | AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy | 1 | Initial policy | November 27, 2020 | ## SageMaker AI Updates to AWS Managed Policies Amazon SageMaker AI policy updates View details about updates to AWS managed policies for SageMaker AI since this service began tracking these changes. | Policy | Version | Change | Date | | --- | --- | --- | --- | | [AmazonSageMakerFullAccess](#security-iam-awsmanpol-AmazonSageMakerFullAccess) - Update to an existing policy | 27 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol.html) | December 4, 2024 | | [AmazonSageMakerFullAccess](#security-iam-awsmanpol-AmazonSageMakerFullAccess) - Update to an existing policy | 26 | Add `sagemaker:AddTags` permission. | March 29, 2024 | | AmazonSageMakerFullAccess - Update to an existing policy | 25 | Add `sagemaker:CreateApp`, `sagemaker:DescribeApp`, `sagemaker:DeleteApp`, `sagemaker:CreateSpace`, `sagemaker:UpdateSpace`, `sagemaker:DeleteSpace`, `s3express:CreateSession`, `s3express:CreateBucket`, and `s3express:ListAllMyDirectoryBuckets` permissions. | November 30, 2023 | | AmazonSageMakerFullAccess - Update to an existing policy | 24 | Add `sagemaker-geospatial:*`, `sagemaker:AddTags`, `sagemaker-ListTags`, `sagemaker-DescribeSpace`, and `sagemaker:ListSpaces` permissions. | November 30, 2022 | | AmazonSageMakerFullAccess - Update to an existing policy | 23 | Add `glue:UpdateTable`. | June 29, 2022 | | AmazonSageMakerFullAccess - Update to an existing policy | 22 | Add `cloudformation:ListStackResources`. | May 1, 2022 | | [AmazonSageMakerReadOnly](#security-iam-awsmanpol-AmazonSageMakerReadOnly) - Update to an existing policy | 11 | Add `sagemaker:QueryLineage`, `sagemaker:GetLineageGroupPolicy`, `sagemaker:BatchDescribeModelPackage`, `sagemaker:GetModelPackageGroupPolicy` permissions. | December 1, 2021 | | AmazonSageMakerFullAccess - Update to an existing policy | 21 | Add `sns:Publish` permissions for endpoints with Async Inference enabled. | September 8, 2021 | | AmazonSageMakerFullAccess - Update to an existing policy | 20 | Update `iam:PassRole` resources and permissions. | July 15, 2021 | | AmazonSageMakerReadOnly - Update to an existing policy | 10 | New API `BatchGetRecord` added for SageMaker AI Feature Store. | June 10, 2021 | | | | SageMaker AI started tracking changes for its AWS managed policies. | June 1, 2021 | # Troubleshooting Amazon SageMaker AI Identity and Access Troubleshooting Use the following information to help you diagnose and fix common issues that you might encounter when working with SageMaker AI and IAM. **Topics** + [ ## I am not authorized to perform an action in SageMaker AI ](#security_iam_troubleshoot-no-permissions) + [ ## I am not authorized to perform `iam:PassRole` ](#security_iam_troubleshoot-passrole) + [ ## I want to allow people outside of my AWS account to access my SageMaker AI resources ](#security_iam_troubleshoot-cross-account-access) ## I am not authorized to perform an action in SageMaker AI If the AWS Management Console tells you that you're not authorized to perform an action, then you must contact your administrator for assistance. Your administrator is the person that provided you with your sign-in credentials. The following example error occurs when the `mateojackson` IAM user tries to use the console to view details about a training job but does not have `sagemaker:sagemaker:DescribeTrainingJob` permissions. ``` User: arn:aws:iam::123456789012:user/mateojackson is not authorized to perform: sagemaker:DescribeTrainingJob on resource: my-example-widget ``` In this case, Mateo asks his administrator to update his policies to allow him to access the `TrainingJob` resource using the `sagemaker:DescribeTrainingJob` action. ## I am not authorized to perform `iam:PassRole` If you receive an error that you're not authorized to perform the `iam:PassRole` action, your policies must be updated to allow you to pass a role to SageMaker AI. Some AWS services allow you to pass an existing role to that service instead of creating a new service role or service-linked role. To do this, you must have permissions to pass the role to the service. The following example error occurs when an IAM user named `marymajor` tries to use the console to perform an action in SageMaker AI. However, the action requires the service to have permissions that are granted by a service role. Mary does not have permissions to pass the role to the service. ``` User: arn:aws:iam::123456789012:user/marymajor is not authorized to perform: iam:PassRole ``` In this case, Mary's policies must be updated to allow her to perform the `iam:PassRole` action. If you need help, contact your AWS administrator. Your administrator is the person who provided you with your sign-in credentials. ## I want to allow people outside of my AWS account to access my SageMaker AI resources You can create a role that users in other accounts or people outside of your organization can use to access your resources. You can specify who is trusted to assume the role. For services that support resource-based policies or access control lists (ACLs), you can use those policies to grant people access to your resources. To learn more, consult the following: + To learn whether SageMaker AI supports these features, see [How Amazon SageMaker AI works with IAM](security_iam_service-with-iam.md). + To learn how to provide access to your resources across AWS accounts that you own, see [Providing access to an IAM user in another AWS account that you own](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_aws-accounts.html) in the *IAM User Guide*. + To learn how to provide access to your resources to third-party AWS accounts, see [Providing access to AWS accounts owned by third parties](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_third-party.html) in the *IAM User Guide*. + To learn how to provide access through identity federation, see [Providing access to externally authenticated users (identity federation)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_federated-users.html) in the *IAM User Guide*. + To learn the difference between using roles and resource-based policies for cross-account access, see [Cross account resource access in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-cross-account-resource-access.html) in the *IAM User Guide*.