选择您的 Cookie 首选项

我们使用必要 Cookie 和类似工具提供我们的网站和服务。我们使用性能 Cookie 收集匿名统计数据,以便我们可以了解客户如何使用我们的网站并进行改进。必要 Cookie 无法停用,但您可以单击“自定义”或“拒绝”来拒绝性能 Cookie。

如果您同意,AWS 和经批准的第三方还将使用 Cookie 提供有用的网站功能、记住您的首选项并显示相关内容,包括相关广告。要接受或拒绝所有非必要 Cookie,请单击“接受”或“拒绝”。要做出更详细的选择,请单击“自定义”。

SageMakerStudioDomainExecutionRolePolicy - AWS 托管策略

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

SageMakerStudioDomainExecutionRolePolicy

描述:Amazon Studio 使用此政策对亚马逊 SageMaker 工作 SageMaker 室域中的数据进行分类、发现、管理、共享和分析。

SageMakerStudioDomainExecutionRolePolicy 是一项 AWS 托管式策略

使用此策略

您可以将 SageMakerStudioDomainExecutionRolePolicy 附加到您的用户、组和角色。

策略详细信息

  • 类型:服务角色策略

  • 创建时间:世界标准时间 2024 年 11 月 20 日 21:56

  • 编辑时间:世界标准时间 2025 年 1 月 14 日 21:22

  • ARN: arn:aws:iam::aws:policy/service-role/SageMakerStudioDomainExecutionRolePolicy

策略版本

策略版本:v2 (默认值)

此策略的默认版本是定义策略权限的版本。当使用该策略的用户或角色请求访问 AWS 资源时, AWS 会检查策略的默认版本以确定是否允许该请求。

JSON 策略文档

{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "DataZonePermissions", "Effect" : "Allow", "Action" : [ "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddEntityOwner", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetFilter", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateConnection", "datazone:CreateDataProduct", "datazone:CreateDataProductRevision", "datazone:CreateDataSource", "datazone:CreateDomainUnit", "datazone:CreateEnvironment", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:DeleteAsset", "datazone:DeleteAssetFilter", "datazone:DeleteAssetType", "datazone:DeleteConnection", "datazone:DeleteDataProduct", "datazone:DeleteDataSource", "datazone:DeleteDomainUnit", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetFilter", "datazone:GetAssetType", "datazone:GetConnection", "datazone:GetDataProduct", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainUnit", "datazone:GetEnvironment", "datazone:GetEnvironmentAction", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetLineageNode", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetFilters", "datazone:ListAssetRevisions", "datazone:ListConnections", "datazone:ListDataProductRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomainUnitsForParent", "datazone:ListEntityOwners", "datazone:ListEnvironmentActions", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListLineageNodeHistory", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemoveEntityOwner", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:UpdateAssetFilter", "datazone:UpdateConnection", "datazone:UpdateDataSource", "datazone:UpdateDomainUnit", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest" ], "Resource" : "*" }, { "Sid" : "RAMResourceShareStatement", "Effect" : "Allow", "Action" : [ "ram:GetResourceShareAssociations", "ram:GetResourceShares" ], "Resource" : "*" }, { "Sid" : "AmazonQPermissionsStatement", "Effect" : "Allow", "Action" : [ "q:StartConversation", "q:SendMessage", "q:ListConversations", "q:GetConversation", "q:PassRequest", "glue:StartCompletion", "glue:GetCompletion" ], "Resource" : "*" }, { "Sid" : "AllowSetTrustedIdentity", "Effect" : "Allow", "Action" : [ "sts:SetContext" ], "Resource" : "arn:aws:sts::*:self" }, { "Sid" : "SSMGetParameterStatement", "Effect" : "Allow", "Action" : [ "ssm:GetParameter" ], "Resource" : [ "arn:aws:ssm:*:*:parameter/amazon/datazone/q/${aws:PrincipalTag/datazone-domainId}*", "arn:aws:ssm:*:*:parameter/amazon/datazone/genAI/${aws:PrincipalTag/datazone-domainId}/*" ], "Condition" : { "StringEquals" : { "aws:ResourceAccount" : "${aws:PrincipalAccount}" } } }, { "Sid" : "GetCodeConnectionsPermissionsStatement", "Effect" : "Allow", "Action" : [ "codeconnections:GetConnection", "codeconnections:GetHost", "codestar-connections:GetConnection", "codestar-connections:GetHost" ], "Resource" : "*", "Condition" : { "Null" : { "aws:ResourceTag/for-use-with-all-datazone-projects" : "false" }, "StringEquals" : { "aws:ResourceTag/for-use-with-all-datazone-projects" : "true" } } }, { "Sid" : "ListCodeConnectionsPermissionsStatement", "Effect" : "Allow", "Action" : [ "codeconnections:ListConnections", "codeconnections:ListTagsForResource", "codestar-connections:ListConnections", "codestar-connections:ListTagsForResource" ], "Resource" : "*" }, { "Sid" : "UseCodeConnectionsPermissionsStatement", "Effect" : "Allow", "Action" : [ "codeconnections:UseConnection", "codestar-connections:UseConnection" ], "Resource" : "*", "Condition" : { "Null" : { "aws:ResourceTag/for-use-with-all-datazone-projects" : "false" }, "StringEquals" : { "aws:ResourceTag/for-use-with-all-datazone-projects" : "true" } } }, { "Sid" : "ProjectProfilePermissionsStatement", "Effect" : "Allow", "Action" : [ "datazone:GetProjectProfile", "datazone:ListProjectProfiles" ], "Resource" : "arn:aws:datazone:*:*:domain/*" } ] }

了解更多信息

隐私网站条款Cookie 首选项
© 2025, Amazon Web Services, Inc. 或其附属公司。保留所有权利。