amazon-sagemaker-drift-detection icon indicating copy to clipboard operation
amazon-sagemaker-drift-detection copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

Default AmazonSageMakerExecution Role missing permission to execute clean-up

Open acere opened this issue 4 years ago • 2 comments
trafficstars

The default AmazonSageMakerExecution is missing permissions to list and delete the stacks created by the SageMaker project. In particular, it is missing the following:

"cloudformation:DeleteStack"
"cloudformation:DescribeStacks"

The default role is also missing

"s3:ListBucketVersions"

necessary delete all objects in the artifact bucket.

acere avatar Aug 08 '21 01:08 acere

The BUILD.md page lists additional profile configuration required to run the CDK and other functions within the notebook.

brightsparc avatar Aug 09 '21 22:08 brightsparc

The user running the notebook might have used the quick-start route and not have looked into the BUILD.md instructions. It might be useful to add a note in the notebook to indicate that these permissions are necessary to be able to perform the cleanup.

acere avatar Aug 10 '21 00:08 acere