适用于 Amazon SageMaker Canvas 的 Amazon 托管式策略
这些 Amazon 托管式策略添加了使用 Amazon SageMaker Canvas 所需的权限。这些策略可在您的 Amazon 账户中提供,并由从 SageMaker AI 控制台创建的执行角色使用。
主题
Amazon 托管式策略:AmazonSageMakerCanvasFullAccess
此策略授予的权限允许通过 Amazon Web Services 管理控制台 和 SDK 完全访问 Amazon SageMaker Canvas。此策略还提供对相关服务 [例如,Amazon Simple Storage Service (Amazon S3)、Amazon Identity and Access Management (IAM)、Amazon Virtual Private Cloud (Amazon VPC)、Amazon Elastic Container Registry (Amazon ECR)、Amazon CloudWatch Logs、Amazon Redshift、Amazon Secrets Manager、Amazon SageMaker Autopilot、SageMaker 模型注册表和 Amazon Forecast] 的部分访问权限。
此策略旨在帮助客户尝试并开始使用 SageMaker Canvas 的所有功能。为了实现更精细的控制,我们建议客户在转向生产工作负载时构建自己的范围缩小版本。有关更多信息,请参阅 IAM 策略类型:如何以及何时使用它们
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
sagemaker- 允许主体在 ARN 包含“Canvas”、“canvas”或“model-compilation-”的资源上创建和托管 SageMaker AI 模型。此外,用户可以在同一个 Amazon 账户中将他们的 SageMaker Canvas 模型注册到 SageMaker AI 模型注册表。还允许主体创建和管理 SageMaker 训练、转换和 AutoML 作业。 -
application-autoscaling- 允许主体自动扩缩 SageMaker AI 推理端点。 -
athena:允许主体从 Amazon Athena 查询数据目录、数据库和表元数据列表,并访问目录中的表。 -
cloudwatch:允许主体创建和管理 Amazon CloudWatch 警报。 -
ec2- 允许主体创建 Amazon VPC 端点。 -
ecr- 允许主体获取有关容器映像的信息。 -
emr-serverless:允许主体创建和管理 Amazon EMR Serverless 应用程序和作业运行。还允许主体标记 SageMaker Canvas 资源。 -
forecast- 允许主体使用 Amazon Forecast。 -
glue:允许主体检索 Amazon Glue 目录中的表格、数据库和分区。 -
iam– 允许主体将 IAM 角色传递给 Amazon SageMaker AI、Amazon Forecast 和 Amazon EMR Serverless。还允许主体创建与服务相关联的角色。 -
kms:允许主体读取带有Source:SageMakerCanvas标记的 Amazon KMS 键。 -
logs- 允许主体发布来自训练作业和端点的日志。 -
quicksight– 允许主体列出 QuickSight 账户中的命名空间。 -
rds- 允许主体返回有关预置 Amazon RDS 实例的信息。 -
redshift- 允许主体获取任何 Amazon Redshift 集群上的“sagemaker_access*”dbuser 的凭证(如果该用户存在)。 -
redshift-data- 允许主体使用 Amazon Redshift Data API 在 Amazon Redshift 上运行查询。这仅提供对 Redshift Data API 本身的访问权限,并不直接提供对您的 Amazon Redshift 集群的访问权限。有关更多信息,请参阅使用 Amazon Redshift Data API。 -
s3- 允许主体从 Amazon S3 存储桶中添加和检索对象。这些对象仅限于名称包含“SageMaker”、“Sagemaker”或“sagemaker”的对象。还允许主体从特定区域内的 ARN 以“jumpstart-cache-prod-”开头的 Amazon S3 存储桶中检索对象。 -
secretsmanager- 允许主体存储客户凭证,以便使用 Secrets Manager 连接到 Snowflake 数据库。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "SageMakerUserDetailsAndPackageOperations", "Effect": "Allow", "Action": [ "sagemaker:DescribeDomain", "sagemaker:DescribeUserProfile", "sagemaker:ListTags", "sagemaker:ListModelPackages", "sagemaker:ListModelPackageGroups", "sagemaker:ListEndpoints" ], "Resource": "*" }, { "Sid": "SageMakerPackageGroupOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelPackage" ], "Resource": [ "arn:aws:sagemaker:*:*:model-package/*", "arn:aws:sagemaker:*:*:model-package-group/*" ] }, { "Sid": "SageMakerTrainingOperations", "Effect": "Allow", "Action": [ "sagemaker:CreateCompilationJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateModel", "sagemaker:CreateProcessingJob", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:DeleteEndpoint", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeModel", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:StopAutoMLJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:AddTags", "sagemaker:DeleteApp" ], "Resource": [ "arn:aws:sagemaker:*:*:*Canvas*", "arn:aws:sagemaker:*:*:*canvas*", "arn:aws:sagemaker:*:*:*model-compilation-*" ] }, { "Sid": "SageMakerHostingOperations", "Effect": "Allow", "Action": [ "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteModel", "sagemaker:InvokeEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:InvokeEndpointAsync" ], "Resource": [ "arn:aws:sagemaker:*:*:*Canvas*", "arn:aws:sagemaker:*:*:*canvas*" ] }, { "Sid": "EC2VPCOperation", "Effect": "Allow", "Action": [ "ec2:CreateVpcEndpoint", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServices" ], "Resource": "*" }, { "Sid": "ECROperations", "Effect": "Allow", "Action": [ "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer", "ecr:GetAuthorizationToken" ], "Resource": "*" }, { "Sid": "IAMGetOperations", "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/*" }, { "Sid": "IAMPassOperation", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } }, { "Sid": "LoggingOperation", "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:log-group:/aws/sagemaker/*" }, { "Sid": "S3Operations", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:CreateBucket", "s3:GetBucketCors", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*" ] }, { "Sid": "ReadSageMakerJumpstartArtifacts", "Effect": "Allow", "Action": "s3:GetObject", "Resource": [ "arn:aws:s3:::jumpstart-cache-prod-us-west-2/*", "arn:aws:s3:::jumpstart-cache-prod-us-east-1/*", "arn:aws:s3:::jumpstart-cache-prod-us-east-2/*", "arn:aws:s3:::jumpstart-cache-prod-eu-west-1/*", "arn:aws:s3:::jumpstart-cache-prod-eu-central-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-south-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-northeast-2/*", "arn:aws:s3:::jumpstart-cache-prod-ap-northeast-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-southeast-1/*", "arn:aws:s3:::jumpstart-cache-prod-ap-southeast-2/*" ] }, { "Sid": "S3ListOperations", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Sid": "GlueOperations", "Effect": "Allow", "Action": "glue:SearchTables", "Resource": [ "arn:aws:glue:*:*:table/*/*", "arn:aws:glue:*:*:database/*", "arn:aws:glue:*:*:catalog" ] }, { "Sid": "SecretsManagerARNBasedOperation", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret", "secretsmanager:PutResourcePolicy" ], "Resource": [ "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" ] }, { "Sid": "SecretManagerTagBasedOperation", "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "*", "Condition": { "StringEquals": { "secretsmanager:ResourceTag/SageMaker": "true" } } }, { "Sid": "RedshiftOperations", "Effect": "Allow", "Action": [ "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable" ], "Resource": "*" }, { "Sid": "RedshiftGetCredentialsOperation", "Effect": "Allow", "Action": [ "redshift:GetClusterCredentials" ], "Resource": [ "arn:aws:redshift:*:*:dbuser:*/sagemaker_access*", "arn:aws:redshift:*:*:dbname:*" ] }, { "Sid": "ForecastOperations", "Effect": "Allow", "Action": [ "forecast:CreateExplainabilityExport", "forecast:CreateExplainability", "forecast:CreateForecastEndpoint", "forecast:CreateAutoPredictor", "forecast:CreateDatasetImportJob", "forecast:CreateDatasetGroup", "forecast:CreateDataset", "forecast:CreateForecast", "forecast:CreateForecastExportJob", "forecast:CreatePredictorBacktestExportJob", "forecast:CreatePredictor", "forecast:DescribeExplainabilityExport", "forecast:DescribeExplainability", "forecast:DescribeAutoPredictor", "forecast:DescribeForecastEndpoint", "forecast:DescribeDatasetImportJob", "forecast:DescribeDataset", "forecast:DescribeForecast", "forecast:DescribeForecastExportJob", "forecast:DescribePredictorBacktestExportJob", "forecast:GetAccuracyMetrics", "forecast:InvokeForecastEndpoint", "forecast:GetRecentForecastContext", "forecast:DescribePredictor", "forecast:TagResource", "forecast:DeleteResourceTree" ], "Resource": [ "arn:aws:forecast:*:*:*Canvas*" ] }, { "Sid": "RDSOperation", "Effect": "Allow", "Action": "rds:DescribeDBInstances", "Resource": "*" }, { "Sid": "IAMPassOperationForForecast", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "forecast.amazonaws.com" } } }, { "Sid": "AutoscalingOperations", "Effect": "Allow", "Action": [ "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget" ], "Resource": "arn:aws:application-autoscaling:*:*:scalable-target/*", "Condition": { "StringEquals": { "application-autoscaling:service-namespace": "sagemaker", "application-autoscaling:scalable-dimension": "sagemaker:variant:DesiredInstanceCount" } } }, { "Sid": "AsyncEndpointOperations", "Effect": "Allow", "Action": [ "cloudwatch:DescribeAlarms", "sagemaker:DescribeEndpointConfig" ], "Resource": "*" }, { "Sid": "DescribeScalingOperations", "Effect": "Allow", "Action": [ "application-autoscaling:DescribeScalingActivities" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "SageMakerCloudWatchUpdate", "Effect": "Allow", "Action": [ "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms" ], "Resource": [ "arn:aws:cloudwatch:*:*:alarm:TargetTracking*" ], "Condition": { "StringEquals": { "aws:CalledViaLast": "application-autoscaling.amazonaws.com" } } }, { "Sid": "AutoscalingSageMakerEndpointOperation", "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint", "Condition": { "StringLike": { "iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com" } } } { "Sid": "AthenaOperation", "Action": [ "athena:ListTableMetadata", "athena:ListDataCatalogs", "athena:ListDatabases" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } }, }, { "Sid": "GlueOperation", "Action": [ "glue:GetDatabases", "glue:GetPartitions", "glue:GetTables" ], "Effect": "Allow", "Resource": [ "arn:aws:glue:*:*:table/*", "arn:aws:glue:*:*:catalog", "arn:aws:glue:*:*:database/*" ], "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "QuicksightOperation", "Action": [ "quicksight:ListNamespaces" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "AllowUseOfKeyInAccount", "Effect": "Allow", "Action": [ "kms:DescribeKey" ], "Resource": "*", "Condition": { "StringEquals": { "aws:ResourceTag/Source": "SageMakerCanvas", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessCreateApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:CreateApplication", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListApplicationOperation", "Effect": "Allow", "Action": "emr-serverless:ListApplications", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessApplicationOperations", "Effect": "Allow", "Action": [ "emr-serverless:UpdateApplication", "emr-serverless:StopApplication", "emr-serverless:GetApplication", "emr-serverless:StartApplication" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessStartJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:StartJobRun", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessListJobRunOperation", "Effect": "Allow", "Action": "emr-serverless:ListJobRuns", "Resource": "arn:aws:emr-serverless:*:*:/applications/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessJobRunOperations", "Effect": "Allow", "Action": [ "emr-serverless:GetJobRun", "emr-serverless:CancelJobRun" ], "Resource": "arn:aws:emr-serverless:*:*:/applications/*/jobruns/*", "Condition": { "StringEquals": { "aws:ResourceTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "EMRServerlessTagResourceOperation", "Effect": "Allow", "Action": "emr-serverless:TagResource", "Resource": "arn:aws:emr-serverless:*:*:/*", "Condition": { "StringEquals": { "aws:RequestTag/sagemaker:is-canvas-resource": "True", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } }, { "Sid": "IAMPassOperationForEMRServerless", "Effect": "Allow", "Action": "iam:PassRole", "Resource": [ "arn:aws:iam::*:role/service-role/AmazonSageMakerCanvasEMRSExecutionAccess-*", "arn:aws:iam::*:role/AmazonSageMakerCanvasEMRSExecutionAccess-*" ], "Condition": { "StringEquals": { "iam:PassedToService": "emr-serverless.amazonaws.com", "aws:ResourceAccount": "${aws:PrincipalAccount}" } } } ] }
Amazon 托管式策略:AmazonSageMakerCanvasDataPrepFullAccess
此策略授予的权限允许完全访问 Amazon SageMaker Canvas 的数据准备功能。该策略还为与数据准备功能集成的服务提供最低权限[例如,Amazon Simple Storage Service (Amazon S3)、Amazon Identity and Access Management (IAM)、Amazon EMR、Amazon EventBridge、Amazon Redshift、Amazon Key Management Service (Amazon KMS) 和 Amazon Secrets Manager]。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
sagemaker:允许主体访问处理作业、训练作业、推理管道、AutoML 作业和特征组。 -
athena:允许主体从 Amazon Athena 查询数据目录、数据库和表元数据列表。 -
elasticmapreduce:允许主体读取和列出 Amazon EMR 集群。 -
emr-serverless:允许主体创建和管理 Amazon EMR Serverless 应用程序和作业运行。还允许主体标记 SageMaker Canvas 资源。 -
events:允许主体为 Amazon EventBridge 规则创建、读取、更新和添加目标,以执行计划作业。 -
glue:允许主体从 Amazon Glue 目录中的数据库获取和搜索表。 -
iam– 允许主体将 IAM 角色传递给 Amazon SageMaker AI、EventBridge 和 Amazon EMR Serverless。还允许主体创建与服务相关联的角色。 -
kms:允许主体检索作业和端点中存储的 Amazon KMS 别名,并访问相关的 KMS 键。 -
logs- 允许主体发布来自训练作业和端点的日志。 -
redshift:允许主体获取访问 Amazon Redshift 数据库的凭证。 -
redshift-data:允许主体运行、取消、描述、列出并获取 Amazon Redshift 查询的结果。还允许主体列出 Amazon Redshift 模式和表。 -
s3- 允许主体从 Amazon S3 存储桶中添加和检索对象。这些对象仅限于名称中包含“SageMaker”、“Sagemaker”或“sagemaker”,或标记为“SageMaker”(不区分大小写)的对象。 -
secretsmanager:允许主体使用保密管理器存储和检索客户数据库凭证。
Amazon 托管式策略:AmazonSageMakerCanvasDirectDeployAccess
此策略授予 Amazon SageMaker Canvas 创建和管理 Amazon SageMaker AI 端点所需的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
sagemaker- 允许主体使用以“Canvas”或“canvas”开头的 ARN 资源名称创建和管理 SageMaker AI 端点。 -
cloudwatch- 允许主体检索 Amazon CloudWatch 指标数据。
Amazon 托管式策略:AmazonSageMakerCanvasAIServicesAccess
此策略授予 Amazon SageMaker Canvas 使用 Amazon Textract、Amazon Rekognition、Amazon Comprehend 和 Amazon Bedrock 的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
textract- 允许主体使用 Amazon Textract 检测图像中的文档、费用和身份。 -
rekognition- 允许主体使用 Amazon Rekognition 检测图像中的标签和文本。 -
comprehend- 允许主体使用 Amazon Comprehend 检测文本文档中的情绪和主要语言,以及姓名和个人身份信息 (PII) 实体。 -
bedrock- 允许主体使用 Amazon Bedrock 列出和调用基础模型。 -
iam:允许主体将 IAM 角色传递给 Amazon Bedrock。
Amazon 托管式策略:AmazonSageMakerCanvasBedrockAccess
此策略授予与 Amazon Bedrock 一起使用 Amazon SageMaker Canvas 时通常需要的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
s3:允许主体从“sagemaker-*/Canvas”目录下的 Amazon S3 存储桶中添加和获取对象。
Amazon 托管式策略:AmazonSageMakerCanvasForecastAccess
此策略授予将 Amazon SageMaker Canvas 与 Amazon Forecast 一起使用时通常所需的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
s3- 允许主体从 Amazon S3 存储桶中添加和检索对象。这些对象仅限于名称以“sagemaker-”开头的对象。
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::sagemaker-*/Canvas", "arn:aws:s3:::sagemaker-*/canvas" ] } { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::sagemaker-*" ] } ] }
Amazon 托管式策略:AmazonSageMakerCanvasEMRServerlessExecutionRolePolicy
此策略授予 Amazon SageMaker Canvas 用于大型数据处理的 Amazon 服务用 Amazon EMR Serverless(如 Amazon S3)的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
s3- 允许主体从 Amazon S3 存储桶中添加和检索对象。这些对象仅限于名称中包含“SageMaker”或“sagemaker”的对象,或标记为“SageMaker”的对象,不区分大小写。
Amazon 托管式策略:AmazonSageMakerCanvasSMDataScienceAssistantAccess
此策略向 Amazon SageMaker Canvas 中的用户授予启动与 Amazon Q 开发者版的对话的权限。此功能同时需要 Amazon Q 开发者版和 SageMaker AI Data Science Assistant 服务的权限。
权限详细信息
此 Amazon 托管式策略包含以下权限。
-
q– 允许主体向 Amazon Q 开发者版发送提示。 -
sagemaker-data-science-assistant– 允许主体向 SageMaker Canvas Data Science Assistant 服务发送提示。
Amazon SageMaker AI 对 Amazon SageMaker Canvas 托管式策略的更新
查看有关适用于 SageMaker Canvas 的 Amazon 托管式策略更新的详细信息(从该服务开始跟踪这些更改开始)。
| 策略 | 版本 | 更改 | 日期 |
|---|---|---|---|
|
AmazonSageMakerCanvasSMDataScienceAssistantAccess – 对现有策略的更新 |
2 |
添加 |
2025 年 1 月 14 日 |
1 |
初始策略 |
2024 年 12 月 4 日 | |
|
AmazonSageMakerCanvasDataPrepFullAccess – 对现有策略的更新 |
4 |
为 |
2024 年 8 月 16 日 |
|
AmazonSageMakerCanvasFullAccess – 对现有策略的更新 |
11 |
为 |
2024 年 8 月 15 日 |
1 |
初始策略 |
2024 年 7 月 26 日 | |
|
AmazonSageMakerCanvasDataPrepFullAccess:更新至现有策略 |
3 |
添加 |
2024 年 7 月 18 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
10 |
添加 添加 添加 添加 添加 |
2024 年 7 月 9 日 |
1 |
初始策略 |
2024 年 2 月 2 日 | |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
9 |
添加 |
2024 年 1 月 24 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
8 |
添加 |
2023 年 12 月 8 日 |
|
AmazonSageMakerCanvasDataPrepFullAccess:更新至现有策略 |
2 |
小幅更新,以执行先前策略第 1 版的意图;未添加或删除任何权限。 |
2023 年 12 月 7 日 |
|
AmazonSageMakerCanvasAIServicesAccess – 对现有策略的更新 |
3 |
添加 |
2023 年 11 月 29 日 |
|
AmazonSageMakerCanvasDataPrepFullAccess:新策略 |
1 |
初始策略 |
2023 年 10 月 26 日 |
1 |
初始策略 |
2023 年 10 月 6 日 | |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
7 |
添加 |
2023 年 9 月 29 日 |
|
AmazonSageMakerCanvasAIServicesAccess:更新现有策略 |
2 |
添加 |
2023 年 9 月 29 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
6 |
添加 |
2023 年 8 月 29 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
5 |
添加 |
2023 年 7 月 24 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
4 |
添加 |
2023 年 5 月 4 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
3 |
添加 |
2023 年 3 月 24 日 |
|
AmazonSageMakerCanvasAIServicesAccess - 新策略 |
1 |
初始策略 |
2023 年 3 月 23 日 |
AmazonSageMakerCanvasFullAccess - 对现有策略的更新 |
2 |
添加 |
2022 年 12 月 6 日 |
AmazonSageMakerCanvasFullAccess - 新策略 |
1 |
初始策略 |
2022 年 9 月 8 日 |
1 |
初始策略 |
2022 年 8 月 24 日 |