Amazon SageMaker (sagemaker)

2023-12-02

7 new actions, 1 new resource, 2 new conditions | 9 updated actions

Additions

    Actions
  • CreateCluster
    • Description:  Grants permission to create a cluster
    • Access:  Write
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys
    • Dependents: 

      iam:PassRole

      sagemaker:AddTags
  • DeleteCluster
    • Description:  Grants permission to delete a cluster
    • Access:  Write
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • DescribeCluster
    • Description:  Grants permission to return information about a cluster
    • Access:  Read
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • DescribeClusterNode
    • Description:  Grants permission to return information about a cluster node
    • Access:  Read
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • ListClusterNodes
    • Description:  Grants permission to list nodes within a cluster
    • Access:  List
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • ListClusters
    • Description:  Grants permission to list clusters
    • Access:  List
  • UpdateCluster
    • Description:  Grants permission to update a cluster
    • Access:  Write
    • Resources: 

      Name: cluster

      Required: Yes
    • Conditions: 

      aws:ResourceTag/${TagKey}
    • Dependents: 

      iam:PassRole
    Resources
  • cluster
    • Arn:  arn:${Partition}:sagemaker:${Region}:${Account}:cluster/${ClusterId}
    • Conditions: 

      aws:ResourceTag/${TagKey}

      sagemaker:ResourceTag/${TagKey}
    Conditions
  • sagemaker:OwnerUserProfileArn
    • Description:  Filters access by the OwnerUserProfile arn associated with the space in the request
    • Type:  ARN
  • sagemaker:SpaceSharingType
    • Description:  Filters access by the sharing type associated with the space in the request
    • Type:  String

Updates

    Actions
  • AddTags
      Resources
    • + cluster
  • CreateApp
      Conditions
    • + sagemaker:OwnerUserProfileArn
    • + sagemaker:SpaceSharingType
  • CreateSpace
      Conditions
    • + sagemaker:OwnerUserProfileArn
    • + sagemaker:SpaceSharingType
  • DeleteApp
      Conditions
    • + sagemaker:OwnerUserProfileArn
    • + sagemaker:SpaceSharingType
  • DeleteSpace
      Conditions
    • + sagemaker:OwnerUserProfileArn
    • + sagemaker:SpaceSharingType
  • DeleteTags
      Resources
    • + cluster
  • ListTags
      Resources
    • + cluster
  • UpdateDomain
      Conditions
    • + sagemaker:AppNetworkAccessType
    • + sagemaker:VpcSubnets
  • UpdateSpace
      Conditions
    • + sagemaker:OwnerUserProfileArn
    • + sagemaker:SpaceSharingType