Amazon SageMaker (sagemaker)

2023-11-08

7 new actions, 1 new resource | 6 updated actions

Additions

    Actions
  • CreateInferenceComponent
    • Description:  Grants permission to create an inference component on an endpoint
    • Access:  Write
    • Resources: 

      Name: endpoint

      Required: Yes

      Name: inference-component

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys

      sagemaker:ModelArn
    • Dependents: 

      sagemaker:AddTags
  • DeleteInferenceComponent
    • Description:  Grants permission to delete an inference component. Amazon SageMaker frees up the resources that were reserved when the inference component was created
    • Access:  Write
    • Resources: 

      Name: inference-component

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • DescribeInferenceComponent
    • Description:  Grants permission to return the description of an inference component
    • Access:  Read
    • Resources: 

      Name: inference-component

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • InvokeEndpointWithResponseStream
    • Description:  Grants permission to get the inference response as a stream from the specified endpoint
    • Access:  Read
    • Resources: 

      Name: endpoint

      Required: Yes

      Name: inference-component

      Required: No
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • ListInferenceComponents
    • Description:  Grants permission to list inference components
    • Access:  List
  • UpdateInferenceComponent
    • Description:  Grants permission to update an inference component to use the specification and configurations specified in the request
    • Access:  Write
    • Resources: 

      Name: inference-component

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • UpdateInferenceComponentRuntimeConfig
    • Description:  Grants permission to update the runtime config of a given inference component
    • Access:  Write
    • Resources: 

      Name: inference-component

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
    Resources
  • inference-component
    • Arn:  arn:${Partition}:sagemaker:${Region}:${Account}:inference-component/${InferenceComponentName}
    • Conditions: 

      aws:ResourceTag/${TagKey}

      sagemaker:ResourceTag/${TagKey}

Updates

    Actions
  • CreateEndpointConfig
      Dependents
    • + iam:PassRole
      Conditions
    • + sagemaker:NetworkIsolation
    • + sagemaker:VpcSecurityGroupIds
    • + sagemaker:VpcSubnets
  • InvokeEndpoint
      Conditions
    • + aws:ResourceTag/${TagKey}
      Resources
    • + inference-component
  • AddTags
      Resources
    • + inference-component
  • DeleteTags
      Resources
    • + inference-component
  • InvokeEndpointAsync
      Conditions
    • + aws:ResourceTag/${TagKey}
  • ListTags
      Resources
    • + inference-component