Grant Users Permissions to Collaborate with Studio Classic - Amazon SageMaker

Grant Users Permissions to Collaborate with Studio Classic


The functionality described on this page only applies to Amazon SageMaker Studio Classic. Currently, you can only share models to Canvas (or view shared Canvas models) in Studio Classic. If you’re currently using the latest version of Studio, you must run Studio Classic from within the latest version of Studio to share models to Canvas or view models shared from Canvas. For more information about accessing Studio Classic, see the Studio Classic documentation.

Your Amazon SageMaker Canvas users might want to share their models with users in Amazon SageMaker Studio Classic to receive feedback and model updates, and Studio Classic users might want to share models with Canvas users so that they can generate predictions in Canvas. The following permissions grant Canvas users and Studio Classic users access to share models with each other.

For more information about how Canvas users can share models with Studio Classic users, see Collaborate with data scientists. For more information about how Canvas users can bring a model shared from Studio Classic, see Bring your own model to SageMaker Canvas.

Before Canvas and Studio Classic users can collaborate, the users must be in the same Amazon SageMaker domain. Add the following IAM permissions added to the same IAM execution role that you've used for their profiles.

To add the permissions to the users’ IAM role, do the following:

  1. Go to the IAM console.

  2. Choose Roles.

  3. In the search box, search for the user's IAM role by name and select it.

  4. On the page for the user's role, under Permissions, choose Add permissions.

  5. Choose Create inline policy.

  6. In the Policy editor, choose JSON and enter the following IAM policy:

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:CreateSharedModel", "sagemaker:DescribeSharedModel", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModels", "sagemaker:ListSharedModelVersions", "sagemaker:SendSharedModelEvent", "sagemaker:UpdateSharedModel" ], "Resource": "*" } ] }
  7. Choose Next.

  8. Enter a name for the policy in the Policy name field.

  9. Choose Create policy to create the policy and attach it to the role.

For more information about AWS managed policies, see Managed policies and inline policies in the IAM User Guide.