Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Reason why errors occur when starting SageMaker Studio

0

Hello! I have a question about errors found when starting SageMaker Studio (below).

AccessDeniedException User: X is not auth**orized to perform: sagemaker:CreateDomain on resource: arn:aws:sagemaker:ap-northeast-1:XX because no identity-based policy allows the sagemaker:CreateDomain action

ValidationException Access denied in getting/deleting the portfolio shared by SageMaker. Please call withservicecatalog:ListAcceptedPortfolioShares permission.

AccessDeniedException User: X is not authorized to perform: sagemaker:CreateUserProfile on resource: arn:aws:sagemaker:ap-northeast-1:XX because no identity-based policy allows the sagemaker:CreateUserProfile action

I resolved the errors by adding some inline policies, but I cannot understand the reason why the errors occur on my user with S3 Full Access and SageMaker Full Access policies.

I'd happy to tell me any information about the errors. Thank you!

Themen
Maschinelles Lernen & KI
Tags
Amazon SageMaker
Sprache
English
rePost-User-5653075
gefragt vor 2 Jahren1285 Aufrufe
1 Antwort
1

As far as I know, according the aws docs the passRole action should be granted to the SageMake execution role for some cases such as creating images. So your s3:* and sagemaker:* is not enough, but still need to add iam:passRole to policies

hai
beantwortet vor 2 Jahren
  • rePost-User-5653075
    vor 2 Jahren

    hai-san, Thank you for your answer. Now I have no idea about passRole, but I'd like to refer aws docs you showed me.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt