File tree Expand file tree Collapse file tree 2 files changed +34
-9
lines changed
reinforcement_learning/common
sagemaker_rl/orchestrator Expand file tree Collapse file tree 2 files changed +34
-9
lines changed Original file line number Diff line number Diff line change @@ -185,13 +185,36 @@ def generate_help_for_experiment_manager_permissions(role):
185185 {
186186 "Effect": "Allow",
187187 "Action": [
188- "firehose:*",
189- "cloudformation:*",
190- "dynamodb:*",
191- "iam:*",
192- "cloudwatch:*",
193- "glue:*",
194- "athena:*"
188+ "cloudformation:DescribeStacks",
189+ "cloudformation:ValidateTemplate",
190+ "cloudformation:CreateStack",
191+ "dynamodb:DescribeTable",
192+ "dynamodb:CreateTable",
193+ "dynamodb:DeleteTable",
194+ "dynamodb:PutItem",
195+ "dynamodb:UpdateItem",
196+ "dynamodb:DeleteItem",
197+ "dynamodb:Query",
198+ "dynamodb:BatchWriteItem",
199+ "iam:CreateRole",
200+ "iam:GetRole",
201+ "iam:PutRolePolicy",
202+ "iam:DeleteRolePolicy",
203+ "iam:DeleteRole",
204+ "iam:PassRole",
205+ "cloudwatch:PutDashboard",
206+ "firehose:ListDeliveryStreams",
207+ "firehose:DeleteDeliveryStream",
208+ "firehose:DescribeDeliveryStream",
209+ "firehose:CreateDeliveryStream",
210+ "athena:StartQueryExecution",
211+ "athena:GetQueryExecution",
212+ "glue:GetTable",
213+ "glue:DeleteTable",
214+ "glue:GetPartitions",
215+ "glue:UpdateTable",
216+ "glue:CreateTable",
217+ "glue:GetDatabase"
195218 ],
196219 "Resource": [
197220 "*"
Original file line number Diff line number Diff line change @@ -135,8 +135,10 @@ Resources:
135135 - " ecr:BatchCheckLayerAvailability"
136136 - " ecr:GetDownloadUrlForLayer"
137137 - " ecr:BatchGetImage"
138- - " dynamodb:*"
139- - " firehose:*"
138+ - " dynamodb:Query"
139+ - " dynamodb:DescribeTable"
140+ - " firehose:PutRecord"
141+ - " firehose:PutRecordBatch"
140142 Resource :
141143 - " *"
142144 PolicyName : SageMakerAssumedRolePolicy
You can’t perform that action at this time.
0 commit comments