Our Blog

Amazon SageMaker adds permissions boundaries for SCP compliance

Published
June 1, 2026
https://aws.amazon.com/about-aws/whats-new/2026/05/amazon-sagemaker-scp/

Amazon SageMaker Unified Studio Updates

Amazon SageMaker Unified Studio now supports custom IAM permissions boundaries, allowing organizations with Service Control Policies (SCPs) to adopt SageMaker Unified Studio without modifying their security posture.

When creating a project, SageMaker Unified Studio provisions three IAM roles: a project user role, an Amazon Bedrock service role, and a Bedrock Lambda execution role. Administrators can now specify a permissions boundary in the Tooling blueprint configuration, which is applied to all three roles at creation time. This feature ensures that SCP requirements are met and project provisioning is successful without administrator intervention.

The permissions boundary limits what the provisioned roles can do, giving administrators control over project-level permissions. Since the permissions boundary is set at the blueprint level, it automatically applies to every new project.

This feature is available in all AWS Regions where Amazon SageMaker Unified Studio is available. To learn more, visit the Manage Tooling blueprint parameters documentation.




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/11/amazon-eks-provisioned-control-plane/

Amazon EKS introduces Provisioned Control Plane

Today, Amazon Elastic Kubernetes Service (EKS) introduced Provisioned Control Plane, a new feature that gives you the ability to select your cluster's control plane capacity to ensure predictable, high performance for the most demanding workloads
Read more
https://aws.amazon.com/about-aws/whats-new/2026/04/backup-extends-fsx-support/

AWS Backup extends Amazon FSx support to 5 additional AWS Regions and expands cross-Region and cross-account copy to 14 AWS Regions

AWS Backup is expanding support for Amazon FSx for Windows File Server, Amazon FSx for OpenZFS, and Amazon FSx for Lustre with two regional enhancements
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/amazon-sagemaker-custom-tags-project-resources

Amazon SageMaker launches custom tags for project resources

Today, Amazon SageMaker Unified Studio announced new capabilities allowing SageMaker projects to add custom tags to resources created through the project
Read more
View all