Domain
data class DomainArgs(val appNetworkAccessType: Output<String>? = null, val appSecurityGroupManagement: Output<String>? = null, val authMode: Output<String>? = null, val defaultSpaceSettings: Output<DomainDefaultSpaceSettingsArgs>? = null, val defaultUserSettings: Output<DomainDefaultUserSettingsArgs>? = null, val domainName: Output<String>? = null, val domainSettings: Output<DomainDomainSettingsArgs>? = null, val kmsKeyId: Output<String>? = null, val retentionPolicy: Output<DomainRetentionPolicyArgs>? = null, val subnetIds: Output<List<String>>? = null, val tagPropagation: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val vpcId: Output<String>? = null) : ConvertibleToJava<DomainArgs>
Provides a SageMaker AI Domain resource.
Example Usage
Basic usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.iam.getPolicyDocument({
statements: [{
actions: ["sts:AssumeRole"],
principals: [{
type: "Service",
identifiers: ["sagemaker.amazonaws.com"],
}],
}],
});
const exampleRole = new aws.iam.Role("example", {
name: "example",
path: "/",
assumeRolePolicy: example.then(example => example.json),
});
const exampleDomain = new aws.sagemaker.Domain("example", {
domainName: "example",
authMode: "IAM",
vpcId: exampleAwsVpc.id,
subnetIds: [exampleAwsSubnet.id],
defaultUserSettings: {
executionRole: exampleRole.arn,
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.iam.get_policy_document(statements=[{
"actions": ["sts:AssumeRole"],
"principals": [{
"type": "Service",
"identifiers": ["sagemaker.amazonaws.com"],
}],
}])
example_role = aws.iam.Role("example",
name="example",
path="/",
assume_role_policy=example.json)
example_domain = aws.sagemaker.Domain("example",
domain_name="example",
auth_mode="IAM",
vpc_id=example_aws_vpc["id"],
subnet_ids=[example_aws_subnet["id"]],
default_user_settings={
"execution_role": example_role.arn,
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Actions = new[]
{
"sts:AssumeRole",
},
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"sagemaker.amazonaws.com",
},
},
},
},
},
});
var exampleRole = new Aws.Iam.Role("example", new()
{
Name = "example",
Path = "/",
AssumeRolePolicy = example.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var exampleDomain = new Aws.Sagemaker.Domain("example", new()
{
DomainName = "example",
AuthMode = "IAM",
VpcId = exampleAwsVpc.Id,
SubnetIds = new[]
{
exampleAwsSubnet.Id,
},
DefaultUserSettings = new Aws.Sagemaker.Inputs.DomainDefaultUserSettingsArgs
{
ExecutionRole = exampleRole.Arn,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
{
Actions: []string{
"sts:AssumeRole",
},
Principals: []iam.GetPolicyDocumentStatementPrincipal{
{
Type: "Service",
Identifiers: []string{
"sagemaker.amazonaws.com",
},
},
},
},
},
}, nil)
if err != nil {
return err
}
exampleRole, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
Name: pulumi.String("example"),
Path: pulumi.String("/"),
AssumeRolePolicy: pulumi.String(example.Json),
})
if err != nil {
return err
}
_, err = sagemaker.NewDomain(ctx, "example", &sagemaker.DomainArgs{
DomainName: pulumi.String("example"),
AuthMode: pulumi.String("IAM"),
VpcId: pulumi.Any(exampleAwsVpc.Id),
SubnetIds: pulumi.StringArray{
exampleAwsSubnet.Id,
},
DefaultUserSettings: &sagemaker.DomainDefaultUserSettingsArgs{
ExecutionRole: exampleRole.Arn,
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.sagemaker.Domain;
import com.pulumi.aws.sagemaker.DomainArgs;
import com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.actions("sts:AssumeRole")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("sagemaker.amazonaws.com")
.build())
.build())
.build());
var exampleRole = new Role("exampleRole", RoleArgs.builder()
.name("example")
.path("/")
.assumeRolePolicy(example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var exampleDomain = new Domain("exampleDomain", DomainArgs.builder()
.domainName("example")
.authMode("IAM")
.vpcId(exampleAwsVpc.id())
.subnetIds(exampleAwsSubnet.id())
.defaultUserSettings(DomainDefaultUserSettingsArgs.builder()
.executionRole(exampleRole.arn())
.build())
.build());
}
}Content copied to clipboard
resources:
exampleDomain:
type: aws:sagemaker:Domain
name: example
properties:
domainName: example
authMode: IAM
vpcId: ${exampleAwsVpc.id}
subnetIds:
- ${exampleAwsSubnet.id}
defaultUserSettings:
executionRole: ${exampleRole.arn}
exampleRole:
type: aws:iam:Role
name: example
properties:
name: example
path: /
assumeRolePolicy: ${example.json}
variables:
example:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- actions:
- sts:AssumeRole
principals:
- type: Service
identifiers:
- sagemaker.amazonaws.comContent copied to clipboard
Using Custom Images
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.sagemaker.Image;
import com.pulumi.aws.sagemaker.ImageArgs;
import com.pulumi.aws.sagemaker.AppImageConfig;
import com.pulumi.aws.sagemaker.AppImageConfigArgs;
import com.pulumi.aws.sagemaker.inputs.AppImageConfigKernelGatewayImageConfigArgs;
import com.pulumi.aws.sagemaker.ImageVersion;
import com.pulumi.aws.sagemaker.ImageVersionArgs;
import com.pulumi.aws.sagemaker.Domain;
import com.pulumi.aws.sagemaker.DomainArgs;
import com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsArgs;
import com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsKernelGatewayAppSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Image("example", ImageArgs.builder()
.imageName("example")
.roleArn(exampleAwsIamRole.arn())
.build());
var exampleAppImageConfig = new AppImageConfig("exampleAppImageConfig", AppImageConfigArgs.builder()
.appImageConfigName("example")
.kernelGatewayImageConfig(AppImageConfigKernelGatewayImageConfigArgs.builder()
.kernelSpecs(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build())
.build());
var exampleImageVersion = new ImageVersion("exampleImageVersion", ImageVersionArgs.builder()
.imageName(example.id())
.baseImage("base-image")
.build());
var exampleDomain = new Domain("exampleDomain", DomainArgs.builder()
.domainName("example")
.authMode("IAM")
.vpcId(exampleAwsVpc.id())
.subnetIds(exampleAwsSubnet.id())
.defaultUserSettings(DomainDefaultUserSettingsArgs.builder()
.executionRole(exampleAwsIamRole.arn())
.kernelGatewayAppSettings(DomainDefaultUserSettingsKernelGatewayAppSettingsArgs.builder()
.customImages(DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImageArgs.builder()
.appImageConfigName(exampleAppImageConfig.appImageConfigName())
.imageName(exampleImageVersion.imageName())
.build())
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:sagemaker:Image
properties:
imageName: example
roleArn: ${exampleAwsIamRole.arn}
exampleAppImageConfig:
type: aws:sagemaker:AppImageConfig
name: example
properties:
appImageConfigName: example
kernelGatewayImageConfig:
kernelSpecs:
- name: example
exampleImageVersion:
type: aws:sagemaker:ImageVersion
name: example
properties:
imageName: ${example.id}
baseImage: base-image
exampleDomain:
type: aws:sagemaker:Domain
name: example
properties:
domainName: example
authMode: IAM
vpcId: ${exampleAwsVpc.id}
subnetIds:
- ${exampleAwsSubnet.id}
defaultUserSettings:
executionRole: ${exampleAwsIamRole.arn}
kernelGatewayAppSettings:
customImages:
- appImageConfigName: ${exampleAppImageConfig.appImageConfigName}
imageName: ${exampleImageVersion.imageName}Content copied to clipboard
Import
Using pulumi import, import SageMaker AI Domains using the id. For example:
$ pulumi import aws:sagemaker/domain:Domain test_domain d-8jgsjtilstu8Content copied to clipboard
Constructors
Link copied to clipboard
constructor(appNetworkAccessType: Output<String>? = null, appSecurityGroupManagement: Output<String>? = null, authMode: Output<String>? = null, defaultSpaceSettings: Output<DomainDefaultSpaceSettingsArgs>? = null, defaultUserSettings: Output<DomainDefaultUserSettingsArgs>? = null, domainName: Output<String>? = null, domainSettings: Output<DomainDomainSettingsArgs>? = null, kmsKeyId: Output<String>? = null, retentionPolicy: Output<DomainRetentionPolicyArgs>? = null, subnetIds: Output<List<String>>? = null, tagPropagation: Output<String>? = null, tags: Output<Map<String, String>>? = null, vpcId: Output<String>? = null)
Properties
Link copied to clipboard
Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. Valid values are PublicInternetOnly and VpcOnly.
Link copied to clipboard
The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Valid values are Service and Customer.
Link copied to clipboard
The default space settings. See default_space_settings Block below.
Link copied to clipboard
The default user settings. See default_user_settings Block below.
Link copied to clipboard
The domain name.
Link copied to clipboard
The domain settings. See domain_settings Block below.
Link copied to clipboard
The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained. See retention_policy Block below.
Link copied to clipboard
Indicates whether custom tag propagation is supported for the domain. Defaults to DISABLED. Valid values are: ENABLED and DISABLED.