本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# 参考策略
<a name="studio-set-up-emr-permissions-reference"></a>
+ **列出 Amazon EMR 策略**：此策略允许执行以下操作：
  + `AllowPresignedUrl`允许生成预签名， URLs 以便从 Studio 中访问 Spark 用户界面。
  + `AllowClusterDiscovery` 和 `AllowClusterDetailsDiscovery` 允许列出和描述所提供区域和账户中的 Amazon EMR 集群。

------
#### [ JSON ]

****  

  ```
  {
      "Version":"2012-10-17",		 	 	 
      "Statement": [
          {
              "Sid": "AllowPresignedUrl",
              "Effect": "Allow",
              "Action": [
                  "elasticmapreduce:CreatePersistentAppUI",
                  "elasticmapreduce:DescribePersistentAppUI",
                  "elasticmapreduce:GetPersistentAppUIPresignedURL",
                  "elasticmapreduce:GetOnClusterAppUIPresignedURL"
              ],
              "Resource": [
                  "arn:aws:elasticmapreduce:us-east-1:111122223333:cluster/*"
              ]
          },
          {
              "Sid": "AllowClusterDetailsDiscovery",
              "Effect": "Allow",
              "Action": [
                  "elasticmapreduce:DescribeCluster",
                  "elasticmapreduce:ListInstances",
                  "elasticmapreduce:ListInstanceGroups",
                  "elasticmapreduce:DescribeSecurityConfiguration"
              ],
              "Resource": [
                  "arn:aws:elasticmapreduce:us-east-1:111122223333:cluster/*"
              ]
          },
          {
              "Sid": "AllowClusterDiscovery",
              "Effect": "Allow",
              "Action": [
                  "elasticmapreduce:ListClusters"
              ],
              "Resource": "*"
          }
      ]
  }
  ```

------
+ **创建 Amazon EMR 集群策略**：此策略允许执行以下操作：
  + `AllowEMRTemplateDiscovery` 允许在服务目录中搜索 Amazon EMR 模板。Studio 和 Studio Classic 使用此功能显示可用模板。
  + `AllowSagemakerProjectManagement` 可以创建 [什么是 A SageMaker I 项目？](sagemaker-projects-whatis.md)。在 Studio 或 Studio Classic 中 AWS Service Catalog ，访问权限通过管理[什么是 A SageMaker I 项目？](sagemaker-projects-whatis.md)。

  所提供 JSON 中定义的 IAM 策略会授予这些权限。在将声明列表复制到您角色的内联政策之前，请将和替换*region*为您的实际区域和 AWS 账户 ID 值。*accountID*

------
#### [ JSON ]

****  

  ```
  {
      "Version":"2012-10-17",		 	 	 
      "Statement": [
          {
              "Sid": "AllowEMRTemplateDiscovery",
              "Effect": "Allow",
              "Action": [
                  "servicecatalog:SearchProducts"
              ],
              "Resource": "*"
          },
          {
              "Sid": "AllowSagemakerProjectManagement",
              "Effect": "Allow",
              "Action": [
                  "sagemaker:CreateProject",
                  "sagemaker:DeleteProject"
              ],
              "Resource": "arn:aws:sagemaker:us-east-1:111122223333:project/*"
          }
      ]
  }
  ```

------
+ **域、用户配置文件和空间更新操作策略**：以下策略授予在指定区域和 AWS 账户内更新 SageMaker AI 域、用户配置文件和空间的权限。

------
#### [ JSON ]

****  

  ```
  {
      "Version":"2012-10-17",		 	 	 
      "Statement": [
          {
              "Sid": "SageMakerUpdateResourcesPolicy",
              "Effect": "Allow",
              "Action": [
                  "sagemaker:UpdateDomain",
                  "sagemaker:UpdateUserprofile",
                  "sagemaker:UpdateSpace"
              ],
              "Resource": [
                  "arn:aws:sagemaker:us-east-1:111122223333:domain/*",
                  "arn:aws:sagemaker:us-east-1:111122223333:user-profile/*"
              ]
          }
      ]
  }
  ```

------