Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Managing access to Amazon Braket

PDF
Focus mode
Managing access to Amazon Braket - Amazon Braket
Amazon Braket resourcesNotebooks and roles

This chapter describes the permissions that are required to run Amazon Braket, or to restrict the access of specific users and roles. You can grant (or deny) the required permissions to any user or role in your account. To do so, attach the appropriate Amazon Braket policy to that user or role in your account as described in the following sections.

As a prerequisite, you must enable Amazon Braket. To enable Braket, be sure to sign in as a user or role that has (1) administrator permissions or (2) is assigned the AmazonBraketFullAccess policy and has permissions to create Amazon Simple Storage Service (Amazon S3) buckets.

In this section:

Amazon Braket resources

Braket creates one type of resource: the quantum-task resource. The AWS Resource Name (ARN) for this resource type is as follows:

  • Resource Name: AWS::Service::Braket

  • ARN Regex: arn:${Partition}:braket:${Region}:${Account}:quantum-task/${RandomId}

Notebooks and roles

You can use the noteboook resource type in Braket. A notebook is an Amazon SageMaker AI resource that Braket is able to share. To use a notebook with Braket, you must specify an IAM role with a name that begins with AmazonBraketServiceSageMakerNotebook.

To create a notebook, you must use a role with admin permissions or that has the following inline policy attached to it.

{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Effect": "Allow",
           "Action": "iam:CreateRole",
           "Resource": "arn:aws:iam::*:role/service-role/AmazonBraketServiceSageMakerNotebookRole*"
       },
       {
           "Effect": "Allow",
           "Action": "iam:CreatePolicy",
           "Resource": [
               "arn:aws:iam::*:policy/service-role/AmazonBraketServiceSageMakerNotebookAccess*",
               "arn:aws:iam::*:policy/service-role/AmazonBraketServiceSageMakerNotebookRole*"
           ]
       },
       {
           "Effect": "Allow",
           "Action": "iam:AttachRolePolicy",
           "Resource": "arn:aws:iam::*:role/service-role/AmazonBraketServiceSageMakerNotebookRole*",
           "Condition": {
               "StringLike": {
                   "iam:PolicyARN": [
                       "arn:aws:iam::aws:policy/AmazonBraketFullAccess",
                       "arn:aws:iam::*:policy/service-role/AmazonBraketServiceSageMakerNotebookAccess*",
                       "arn:aws:iam::*:policy/service-role/AmazonBraketServiceSageMakerNotebookRole*"
                   ]
               }
           }
       }
   ]
}

To create the role, follow the steps given in the Create a notebook page or have your administrator create it for you. Ensure that the AmazonBraketFullAccess policy is attached.

After you’ve created the role, you can reuse that role for all notebooks you launch in the future.

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.