IAM policies for Amazon SageMaker
The following example templates show how Amazon Step Functions generates IAM policies based on the resources in your state machine definition. For more information, see IAM Policies for integrated services and Service integration patterns.
Note
For these examples,
refers to the
Amazon Resource Name (ARN) of the IAM role that SageMaker uses to access model artifacts and docker images
for deployment on ML compute instances, or for batch transform jobs. For more information, see
Amazon SageMaker Roles.[[roleArn]]
CreateTrainingJob
Static resources
Dynamic resources
CreateTransformJob
Note
Amazon Step Functions will not automatically create a policy for CreateTransformJob
when you create a state machine that integrates with SageMaker. You must attach an inline policy
to the created role based on one of the following IAM examples.
Static resources
Dynamic resources