Skip to content

Commit 7cfac4f

Browse files
authored
Merge pull request #126 from JahedZ/main
Add missing permissions to the Pivot role, that block Dataset and MLStudio features under specific conditions.
2 parents 19ca19f + 6b7bdab commit 7cfac4f

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

deploy/pivot_role/pivotRole.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -331,6 +331,7 @@ Resources:
331331
- 'sagemaker:ListNotebookInstances'
332332
- 'sagemaker:ListDomains'
333333
- 'sagemaker:ListApps'
334+
- 'sagemaker:DeleteApp'
334335
Resource: '*'
335336
- Effect: Allow
336337
Action:
@@ -513,6 +514,7 @@ Resources:
513514
- 'lakeformation:GetTableObjects'
514515
- 'lakeformation:UpdateTableObjects'
515516
- 'lakeformation:DeleteObjectsOnCancel'
517+
- 'lakeformation:DescribeResource'
516518
Resource: '*'
517519
- Sid: Compute
518520
Effect: Allow
@@ -659,4 +661,4 @@ Outputs:
659661
Description: Platform Pivot Role
660662
Value: PivotRole
661663
Export:
662-
Name: !Sub '${AWS::StackName}-PivotRole'
664+
Name: !Sub '${AWS::StackName}-PivotRole'

0 commit comments

Comments
 (0)