├── .gitignore ├── README.md ├── examples └── main.tf ├── outputs.tf ├── sagemaker_app.tf ├── sagemaker_app_image_config.tf ├── sagemaker_code_repository.tf ├── sagemaker_data_quality_job_definition.tf ├── sagemaker_device.tf ├── sagemaker_device_fleet.tf ├── sagemaker_domain.tf ├── sagemaker_endpoint.tf ├── sagemaker_endpoint_configuration.tf ├── sagemaker_feature_group.tf ├── sagemaker_flow_definition.tf ├── sagemaker_human_task_ui.tf ├── sagemaker_image.tf ├── sagemaker_image_version.tf ├── sagemaker_model.tf ├── sagemaker_model_package_group.tf ├── sagemaker_model_package_group_policy.tf ├── sagemaker_monitoring_schedule.tf ├── sagemaker_notebook_instance.tf ├── sagemaker_notebook_instance_lifecycle_configuration.tf ├── sagemaker_project.tf ├── sagemaker_servicecatalog_portfolio_status.tf ├── sagemaker_space.tf ├── sagemaker_studio_lifecycle_config.tf ├── sagemaker_user_profile.tf ├── sagemaker_workforce.tf ├── sagemaker_workteam.tf └── variables.tf /.gitignore: -------------------------------------------------------------------------------- 1 | **/.DS_Store 2 | **/Icon* 3 | **/.terraform 4 | **/*_BK 5 | **/terraform.tfstate 6 | **/terraform.tfstate.backup 7 | !.gitignore 8 | !.pre-commit-config.yaml 9 | !.github 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Work with AWS Sagemaker via terraform 2 | 3 | A terraform module for making Sagemaker. 4 | 5 | *NOTE*: Full list of Terraform modules that I have are located here: [https://github.com/SebastianUA/terraform](https://github.com/SebastianUA/terraform) 6 | 7 | 8 | ## Usage 9 | ---------------------- 10 | Import the module and retrieve with ```terraform get``` or ```terraform get --update```. Adding a module resource to your template, e.g. `main.tf`: 11 | 12 | ``` 13 | # 14 | # MAINTAINER Vitaliy Natarov "vitaliy.natarov@yahoo.com" 15 | # 16 | terraform { 17 | required_version = "~> 1.0" 18 | } 19 | 20 | provider "aws" { 21 | region = "us-east-1" 22 | shared_credentials_files = [pathexpand("~/.aws/credentials")] 23 | } 24 | 25 | # Get the usera and account information 26 | data "aws_caller_identity" "current" { 27 | } 28 | 29 | module "sagemaker" { 30 | source = "../" 31 | name = "TEST" 32 | environment = "stage" 33 | 34 | # Sagemaker model 35 | enable_sagemaker_model = true 36 | sagemaker_model_name = "" 37 | sagemaker_model_execution_role_arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/admin-role" 38 | 39 | sagemaker_model_primary_container = [{ 40 | image = "${data.aws_caller_identity.current.account_id}.dkr.ecr.us-east-1.amazonaws.com/sagemaker-sparkml-serving" 41 | }] 42 | sagemaker_model_container = [] 43 | 44 | # Sagemaker endpoint config 45 | enable_sagemaker_endpoint_configuration = true 46 | sagemaker_endpoint_configuration_name = "" 47 | sagemaker_endpoint_configuration_production_variants = [{ 48 | initial_instance_count = 1 49 | instance_type = "ml.t2.medium" 50 | variant_name = "sage-endpoint-config-1" 51 | }] 52 | 53 | # Sagemaker endpoint 54 | enable_sagemaker_endpoint = true 55 | sagemaker_endpoint_name = "" 56 | 57 | # Sagemaker notebook instance lifecycle configuration 58 | enable_sagemaker_notebook_instance_lifecycle_configuration = true 59 | sagemaker_notebook_instance_lifecycle_configuration_name = "" 60 | sagemaker_notebook_instance_lifecycle_configuration_on_create = null 61 | sagemaker_notebook_instance_lifecycle_configuration_on_start = null 62 | 63 | # Sagemaker notebook instance 64 | enable_sagemaker_notebook_instance = true 65 | sagemaker_notebook_instance_name = "" 66 | sagemaker_notebook_instance_role_arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/admin-role" 67 | sagemaker_notebook_instance_instance_type = "ml.t2.medium" 68 | 69 | sagemaker_notebook_instance_subnet_id = null 70 | sagemaker_notebook_instance_security_groups = null 71 | sagemaker_notebook_instance_kms_key_id = null 72 | sagemaker_notebook_instance_direct_internet_access = null 73 | 74 | tags = tomap({ 75 | "Environment" = "dev", 76 | "Createdby" = "Vitaliy Natarov", 77 | "Orchestration" = "Terraform" 78 | }) 79 | } 80 | 81 | ``` 82 | 83 | ## Module Input Variables 84 | ---------------------- 85 | - `name` - Name to be used on all resources as prefix (`default = TEST`) 86 | - `environment` - Environment for service (`default = STAGE`) 87 | - `tags` - A list of tag blocks. Each element should have keys named key, value, etc. (`default = {}`) 88 | - `enable_sagemaker_model` - Enable sagemaker model usage (`default = False`) 89 | - `sagemaker_model_name` - The name of the model (must be unique). If omitted, Terraform will assign a random, unique name. (`default = ""`) 90 | - `sagemaker_model_execution_role_arn` - (Required) A role that SageMaker can assume to access model artifacts and docker images for deployment. (`default = null`) 91 | - `sagemaker_model_enable_network_isolation` - (Optional) - Isolates the model container. No inbound or outbound network calls can be made to or from the model container. (`default = null`) 92 | - `sagemaker_model_vpc_config` - (Optional) - Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform. (`default = []`) 93 | - `sagemaker_model_inference_execution_config` - (Optional) Specifies details of how containers in a multi-container endpoint are called (`default = []`) 94 | - `sagemaker_model_primary_container` - (Optional) The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the container argument is required. (`default = []`) 95 | - `sagemaker_model_container` - (Optional) - Specifies containers in the inference pipeline. If not specified, the primary_container argument is required. (`default = []`) 96 | - `enable_sagemaker_endpoint_configuration` - Enable sagemaker endpoint configuration usage (`default = False`) 97 | - `sagemaker_endpoint_configuration_name` - (Optional) The name of the endpoint configuration. If omitted, Terraform will assign a random, unique name. (`default = ""`) 98 | - `sagemaker_endpoint_configuration_name_prefix` - (Optional) Creates a unique endpoint configuration name beginning with the specified prefix. Conflicts with name (`default = ""`) 99 | - `sagemaker_endpoint_configuration_kms_key_arn` - (Optional) Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint. (`default = null`) 100 | - `sagemaker_endpoint_configuration_production_variants` - (Required) Fields for endpoint (`default = []`) 101 | - `sagemaker_endpoint_configuration_data_capture_config` - (Optional) Specifies the parameters to capture input/output of SageMaker models endpoints (`default = []`) 102 | - `sagemaker_endpoint_configuration_shadow_production_variants` - (Optional) Array of ProductionVariant objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants.If you use this field, you can only specify one variant for ProductionVariants and one variant for ShadowProductionVariants (`default = []`) 103 | - `sagemaker_endpoint_configuration_async_inference_config` - (Optional) Specifies configuration for how an endpoint performs asynchronous inference. (`default = []`) 104 | - `sagemaker_endpoint_deployment_config` - (Optional) The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations (`default = []`) 105 | - `enable_sagemaker_endpoint` - Enable sagemaker endpoint usage (`default = False`) 106 | - `sagemaker_endpoint_name` - The name of the endpoint. If omitted, Terraform will assign a random, unique name. (`default = null`) 107 | - `sagemaker_endpoint_endpoint_config_name` - The name of the endpoint configuration to use. (`default = ""`) 108 | - `enable_sagemaker_notebook_instance_lifecycle_configuration` - Enable sagemaker notebook instance lifecycle configuration usage (`default = False`) 109 | - `sagemaker_notebook_instance_lifecycle_configuration_name` - The name of the lifecycle configuration (must be unique). If omitted, Terraform will assign a random, unique name. (`default = null`) 110 | - `sagemaker_notebook_instance_lifecycle_configuration_on_create` - (Optional) A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created. (`default = null`) 111 | - `sagemaker_notebook_instance_lifecycle_configuration_on_start` - (Optional) A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created. (`default = null`) 112 | - `enable_sagemaker_notebook_instance` - Enable sagemaker notebook instance usage (`default = False`) 113 | - `sagemaker_notebook_instance_name` - The name of the notebook instance (must be unique). (`default = ""`) 114 | - `sagemaker_notebook_instance_role_arn` - (Required) The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf. (`default = null`) 115 | - `sagemaker_notebook_instance_instance_type` - (Required) The name of ML compute instance type. (`default = ml.t2.medium`) 116 | - `sagemaker_notebook_instance_platform_identifier` - (Optional) The platform identifier of the notebook instance runtime environment. This value can be either notebook-al1-v1, notebook-al2-v1, or notebook-al2-v2, depending on which version of Amazon Linux you require. (`default = null`) 117 | - `sagemaker_notebook_instance_volume_size` - (Optional) The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB. (`default = null`) 118 | - `sagemaker_notebook_instance_subnet_id` - (Optional) The VPC subnet ID. (`default = null`) 119 | - `sagemaker_notebook_instance_security_groups` - (Optional) The associated security groups. (`default = null`) 120 | - `sagemaker_notebook_instance_accelerator_types` - (Optional) A list of Elastic Inference (EI) instance types to associate with this notebook instance. See Elastic Inference Accelerator for more details. Valid values: ml.eia1.medium, ml.eia1.large, ml.eia1.xlarge, ml.eia2.medium, ml.eia2.large, ml.eia2.xlarge (`default = null`) 121 | - `sagemaker_notebook_instance_additional_code_repositories` - (Optional) An array of up to three Git repositories to associate with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in AWS CodeCommit or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. (`default = null`) 122 | - `sagemaker_notebook_instance_default_code_repository` - (Optional) The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in AWS CodeCommit or in any other Git repository. (`default = null`) 123 | - `sagemaker_notebook_instance_root_access` - (Optional) Whether root access is Enabled or Disabled for users of the notebook instance. The default value is Enabled (`default = null`) 124 | - `sagemaker_notebook_instance_kms_key_id` - (Optional) The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. (`default = null`) 125 | - `sagemaker_notebook_instance_lifecycle_config_name` - (Optional) The name of a lifecycle configuration to associate with the notebook instance. (`default = null`) 126 | - `sagemaker_notebook_instance_direct_internet_access` - (Optional) Set to Disabled to disable internet access to notebook. Requires security_groups and subnet_id to be set. Supported values: Enabled (Default) or Disabled. If set to Disabled, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC. (`default = null`) 127 | - `sagemaker_notebook_instance_instance_metadata_service_configuration` - (Optional) Information on the IMDS configuration of the notebook instance (`default = []`) 128 | - `enable_sagemaker_user_profile` - Enable sagemaker user profile usage (`default = False`) 129 | - `sagemaker_user_profile_name` - The name for the User Profile. (`default = ""`) 130 | - `sagemaker_user_profile_domain_id` - The ID of the associated Domain. (`default = ""`) 131 | - `sagemaker_user_profile_single_sign_on_user_value` - (Required) The username of the associated AWS Single Sign-On User for this User Profile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified. (`default = null`) 132 | - `sagemaker_user_profile_single_sign_on_user_identifier` - (Optional) A specifier for the type of value specified in single_sign_on_user_value. Currently, the only supported value is UserName. If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified. (`default = null`) 133 | - `sagemaker_user_profile_user_settings` - AAA (`default = {'execution_role': None, 'security_groups': None}`) 134 | - `enable_sagemaker_domain` - Enable sagemaker domain usage (`default = False`) 135 | - `sagemaker_domain_name` - The domain name. (`default = ""`) 136 | - `sagemaker_domain_auth_mode` - (Required) The mode of authentication that members use to access the domain. Valid values are IAM and SSO (`default = null`) 137 | - `sagemaker_domain_vpc_id` - (Required) The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. (`default = null`) 138 | - `sagemaker_domain_subnet_ids` - (Required) The VPC subnets that Studio uses for communication. (`default = null`) 139 | - `sagemaker_domain_kms_key_id` - (Optional) The AWS KMS customer managed CMK used to encrypt the EFS volume attached to the domain. (`default = null`) 140 | - `sagemaker_domain_app_network_access_type` - (Optional) Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. Valid values are PublicInternetOnly and VpcOnly. (`default = null`) 141 | - `sagemaker_domain_app_security_group_management` - (Optional) The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Valid values are Service and Customer. (`default = null`) 142 | - `sagemaker_domain_default_user_settings` - (Required) The default user settings. (`default = {'execution_role': None, 'security_groups': None}`) 143 | - `sagemaker_domain_default_space_settings` - (Required) The default space settings (`default = []`) 144 | - `sagemaker_domain_settings` - (Optional) The domain's settings. (`default = []`) 145 | - `enable_sagemaker_model_package_group` - Enable sagemaker model package group usage (`default = False`) 146 | - `sagemaker_model_package_group_name` - The name of the model group. (`default = ""`) 147 | - `sagemaker_model_package_group_description` - AAA (`default = null`) 148 | - `enable_sagemaker_image` - Enable sagemaker image usage (`default = False`) 149 | - `sagemaker_image_name` - The name of the image. Must be unique to your account. (`default = ""`) 150 | - `sagemaker_image_role_arn` - (Required) The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf. (`default = null`) 151 | - `sagemaker_image_display_name` - (Optional) The display name of the image. When the image is added to a domain (must be unique to the domain). (`default = null`) 152 | - `sagemaker_image_description` - (Optional) The description of the image. (`default = null`) 153 | - `enable_sagemaker_image_version` - Enable sagemaker image version usage (`default = False`) 154 | - `sagemaker_image_version_image_name` - The name of the image. Must be unique to your account. (`default = ""`) 155 | - `sagemaker_image_version_base_image` - (Required) The registry path of the container image on which this image version is based. (`default = null`) 156 | - `enable_sagemaker_feature_group` - Enable sagemaker feature group usage (`default = False`) 157 | - `sagemaker_feature_group_name` - The name of the Feature Group. The name must be unique within an AWS Region in an AWS account. (`default = ""`) 158 | - `sagemaker_feature_group_record_identifier_feature_name` - The name of the Feature whose value uniquely identifies a Record defined in the Feature Store. Only the latest record per identifier value will be stored in the Online Store. (`default = ""`) 159 | - `sagemaker_feature_group_event_time_feature_name` - The name of the feature that stores the EventTime of a Record in a Feature Group. (`default = ""`) 160 | - `sagemaker_feature_group_role_arn` - (Required) - The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the Offline Store if an offline_store_config is provided. (`default = null`) 161 | - `sagemaker_feature_group_description` - (Optional) - A free-form description of a Feature Group. (`default = null`) 162 | - `sagemaker_feature_group_feature_definition` - (Optional) - A list of Feature names and types. (`default = []`) 163 | - `sagemaker_feature_group_offline_store_config` - (Optional) - The Offline Feature Store Configuration. (`default = []`) 164 | - `sagemaker_feature_group_online_store_config` - (Optional) - The Online Feature Store Configuration. (`default = []`) 165 | - `enable_sagemaker_code_repository` - Enable sagemaker code repository usage (`default = False`) 166 | - `sagemaker_code_repository_name` - The name of the Code Repository (must be unique). (`default = ""`) 167 | - `sagemaker_code_repository_git_config` - (Required) Specifies details about the repository. (`default = []`) 168 | - `enable_sagemaker_app` - Enable sagemaker app usage (`default = False`) 169 | - `sagemaker_app_name` - The name of the app. (`default = ""`) 170 | - `sagemaker_app_type` - (Required) The type of app. Valid values are JupyterServer, KernelGateway and TensorBoard (`default = null`) 171 | - `sagemaker_app_domain_id` - The domain ID. (`default = ""`) 172 | - `sagemaker_app_user_profile_name` - The user profile name. (`default = null`) 173 | - `sagemaker_app_space_name` - (Optional) The name of the space. At least one of user_profile_name or space_name required. (`default = null`) 174 | - `sagemaker_app_resource_spec` - (Optional) The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance (`default = []`) 175 | - `enable_sagemaker_app_image_config` - Enable sagemaker app image config usage (`default = False`) 176 | - `sagemaker_app_image_config_name` - The name of the App Image Config. (`default = ""`) 177 | - `sagemaker_app_image_config_kernel_gateway_image_config` - (Optional) The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. (`default = []`) 178 | - `enable_sagemaker_device_fleet` - Enable sagemaker device fleet usage (`default = False`) 179 | - `sagemaker_device_fleet_name` - Set name for sagemaker device fleet (`default = ""`) 180 | - `sagemaker_device_fleet_role_arn` - (Required) The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT). (`default = null`) 181 | - `sagemaker_device_fleet_description` - (Optional) A description of the fleet. (`default = null`) 182 | - `sagemaker_device_fleet_enable_iot_role_alias` - (Optional) Whether to create an AWS IoT Role Alias during device fleet creation. The name of the role alias generated will match this pattern: 'SageMakerEdge-{DeviceFleetName}'. (`default = null`) 183 | - `sagemaker_device_fleet_output_config` - (Required) Specifies details about the repository. (`default = []`) 184 | - `enable_sagemaker_device` - Enable sagemaker device usage (`default = False`) 185 | - `sagemaker_device_device_fleet_name` - The name of the Device. (`default = ""`) 186 | - `sagemaker_device_devices` - (Required) The list of devices to register with SageMaker Edge Manager. (`default = []`) 187 | - `enable_sagemaker_model_package_group_policy` - Enable sagemaker model package group policy usage (`default = False`) 188 | - `sagemaker_model_package_group_policy_model_package_group_name` - The name of the model package group. (`default = ""`) 189 | - `sagemaker_model_package_group_policy_resource_policy` - The resource policy for the model package group. (`default = null`) 190 | - `enable_sagemaker_project` - Enable sagemaker project usage (`default = False`) 191 | - `sagemaker_project_name` - The name of the Project. (`default = ""`) 192 | - `sagemaker_project_project_description` - (Optional) A description for the project. (`default = null`) 193 | - `sagemaker_project_service_catalog_provisioning_details` - (Required) The product ID and provisioning artifact ID to provision a service catalog (`default = []`) 194 | - `enable_sagemaker_workteam` - Enable sagemaker workteam usage (`default = False`) 195 | - `sagemaker_workteam_name` - The name of the workforce. (`default = ""`) 196 | - `sagemaker_workteam_workforce_name` - The name of the Workteam (must be unique). (`default = ""`) 197 | - `sagemaker_workteam_description` - (Required) A description of the work team. (`default = null`) 198 | - `sagemaker_workteam_member_definition` - (Required) A list of Member Definitions that contains objects that identify the workers that make up the work team. Workforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use cognito_member_definition. For workforces created using your own OIDC identity provider (IdP) use oidc_member_definition. Do not provide input for both of these parameters in a single request. (`default = []`) 199 | - `sagemaker_workteam_notification_configuration` - (Optional) Configures notification of workers regarding available or expiring work items. (`default = []`) 200 | - `enable_sagemaker_workforce` - Enable sagemaker workforce usage (`default = False`) 201 | - `sagemaker_workforce_name` - The name of the Workforce (must be unique). (`default = ""`) 202 | - `sagemaker_workforce_cognito_config` - (Required) Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with oidc_config (`default = []`) 203 | - `sagemaker_workforce_oidc_config` - (Required) Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with cognito_config (`default = []`) 204 | - `sagemaker_workforce_source_ip_config` - (Required) A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. (`default = []`) 205 | - `enable_sagemaker_studio_lifecycle_config` - Enable sagemaker studio lifecycle config usage (`default = False`) 206 | - `sagemaker_studio_lifecycle_config_name` - The name of the Studio Lifecycle Configuration to create. (`default = ""`) 207 | - `sagemaker_studio_lifecycle_config_app_type` - (Required) The App type that the Lifecycle Configuration is attached to. Valid values are JupyterServer and KernelGateway. (`default = null`) 208 | - `sagemaker_studio_lifecycle_config_content` - (Required) The content of your Studio Lifecycle Configuration script. This content must be base64 encoded. (`default = null`) 209 | - `enable_sagemaker_flow_definition` - Enable sagemaker flow definition usage (`default = False`) 210 | - `sagemaker_flow_definition_flow_definition_name` - The name of your flow definition. (`default = ""`) 211 | - `sagemaker_flow_definition_role_arn` - (Required) The Amazon Resource Name (ARN) of the role needed to call other services on your behalf. (`default = null`) 212 | - `sagemaker_flow_definition_human_loop_config` - (Required) An object containing information about the tasks the human reviewers will perform (`default = []`) 213 | - `sagemaker_project_output_config` - (Required) An object containing information about where the human review results will be uploaded. (`default = []`) 214 | - `sagemaker_flow_definition_human_loop_activation_config` - (Optional) An object containing information about the events that trigger a human workflow (`default = []`) 215 | - `sagemaker_flow_definition_human_loop_request_source` - (Optional) Container for configuring the source of human task requests. Use to specify if Amazon Rekognition or Amazon Textract is used as an integration source. (`default = []`) 216 | - `enable_sagemaker_human_task_ui` - Enable sagemaker human task ui usage (`default = False`) 217 | - `sagemaker_human_task_ui_name` - The name of the Human Task UI. (`default = ""`) 218 | - `sagemaker_human_task_ui_template` - (Required) The Liquid template for the worker user interface. (`default = []`) 219 | - `enable_sagemaker_space` - Enable sagemaker space usage (`default = False`) 220 | - `sagemaker_space_name` - The name of the space. (`default = ""`) 221 | - `sagemaker_space_domain_id` - (Required) The ID of the associated Domain. (`default = ""`) 222 | - `sagemaker_space_settings` - (Required) A collection of space settings. (`default = []`) 223 | - `enable_sagemaker_servicecatalog_portfolio_status` - Enable sagemaker servicecatalog portfolio status usage (`default = False`) 224 | - `sagemaker_servicecatalog_portfolio_status` - (Required) Whether Service Catalog is enabled or disabled in SageMaker. Valid values are Enabled and Disabled (`default = null`) 225 | - `enable_sagemaker_monitoring_schedule` - Enable sagemaker monitoring schedule usage (`default = False`) 226 | - `sagemaker_monitoring_schedule_name` - (Optional) The name of the monitoring schedule. The name must be unique within an AWS Region within an AWS account. If omitted, Terraform will assign a random, unique name. (`default = null`) 227 | - `sagemaker_monitoring_schedule_config` - (Required) The configuration object that specifies the monitoring schedule and defines the monitoring job. (`default = []`) 228 | - `enable_sagemaker_data_quality_job_definition` - Enable sagemaker data quality job definition usage (`default = False`) 229 | - `sagemaker_data_quality_job_definition_name` - (Optional) The name of the data quality job definition. If omitted, Terraform will assign a random, unique name. (`default = null`) 230 | - `sagemaker_data_quality_job_definition_role_arn` - (Required) The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf. (`default = null`) 231 | - `sagemaker_data_quality_job_definition_data_quality_app_specification` - (Required) Specifies the container that runs the monitoring job. (`default = []`) 232 | - `sagemaker_data_quality_job_definition_data_quality_job_input` - (Required) A list of inputs for the monitoring job. (`default = []`) 233 | - `sagemaker_data_quality_job_definition_data_quality_job_output_config` - (Required) The output configuration for monitoring jobs (`default = []`) 234 | - `sagemaker_data_quality_job_definition_job_resources` - (Required) Identifies the resources to deploy for a monitoring job. (`default = []`) 235 | - `sagemaker_data_quality_job_definition_data_quality_baseline_config` - (Optional) Configures the constraints and baselines for the monitoring job (`default = []`) 236 | - `sagemaker_data_quality_job_definition_network_config` - (Optional) Specifies networking configuration for the monitoring job. (`default = []`) 237 | - `sagemaker_data_quality_job_definition_stopping_condition` - (Optional) A time limit for how long the monitoring job is allowed to run before stopping. (`default = []`) 238 | 239 | ## Module Output Variables 240 | ---------------------- 241 | - `sagemaker_model_id` - The ID of sagemaker model 242 | - `sagemaker_model_name` - The name of the model. 243 | - `sagemaker_model_arn` - The Amazon Resource Name (ARN) assigned by AWS to this model. 244 | - `sagemaker_endpoint_configuration_id` - The ID of sagemaker endpoint configuration 245 | - `sagemaker_endpoint_configuration_arn` - The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration. 246 | - `sagemaker_endpoint_configuration_name` - The name of the endpoint configuration. 247 | - `sagemaker_endpoint_id` - The ID of sagemaker endpoint 248 | - `sagemaker_endpoint_arn` - The Amazon Resource Name (ARN) assigned by AWS to this endpoint. 249 | - `sagemaker_endpoint_name` - The name of the endpoint. 250 | - `sagemaker_notebook_instance_lifecycle_configuration_id` - The ID of notebook instance lifecycle configuration 251 | - `sagemaker_notebook_instance_lifecycle_configuration_arn` - The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration. 252 | - `sagemaker_notebook_instance_id` - The name of the notebook instance. 253 | - `sagemaker_notebook_instance_arn` - The Amazon Resource Name (ARN) assigned by AWS to this notebook instance. 254 | - `sagemaker_user_profile_id` - The user profile Amazon Resource Name (ARN). 255 | - `sagemaker_user_profile_arn` - The user profile Amazon Resource Name (ARN). 256 | - `sagemaker_user_profile_home_efs_file_system_uid` - The ID of the user's profile in the Amazon Elastic File System (EFS) volume. 257 | - `sagemaker_domain_id` - The ID of the Domain. 258 | - `sagemaker_domain_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Domain. 259 | - `sagemaker_domain_url` - The domain's URL. 260 | - `sagemaker_domain_single_sign_on_managed_application_instance_id` - The SSO managed application instance ID. 261 | - `sagemaker_domain_home_efs_file_system_id` - The ID of the Amazon Elastic File System (EFS) managed by this Domain. 262 | - `sagemaker_model_package_group_id` - The name of the Model Package Group. 263 | - `sagemaker_model_package_group_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Model Package Group. 264 | - `sagemaker_model_package_group_model_package_group_name` - The name of Model Package Group. 265 | - `sagemaker_image_id` - The name of the Image. 266 | - `sagemaker_image_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Image. 267 | - `sagemaker_image_version_id` - The name of the Image version. 268 | - `sagemaker_image_version_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Image version. 269 | - `sagemaker_feature_group_id` - The name of the feature group. 270 | - `sagemaker_feature_group_arn` - The Amazon Resource Name (ARN) assigned by AWS to this feature_group. 271 | - `sagemaker_code_repository_id` - The name of the Code Repository. 272 | - `sagemaker_code_repository_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Code Repository. 273 | - `sagemaker_app_id` - The Amazon Resource Name (ARN) of the app. 274 | - `sagemaker_app_arn` - The Amazon Resource Name (ARN) of the app. 275 | - `sagemaker_app_image_config_id` - The name of the app image config. 276 | - `sagemaker_app_image_config_arn` - The Amazon Resource Name (ARN) assigned by AWS to this App Image Config. 277 | - `sagemaker_device_fleet_id` - The name of the Device Fleet. 278 | - `sagemaker_device_fleet_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Device Fleet. 279 | - `sagemaker_device_fleet_device_fleet_name` - The Name assigned by AWS to this Device Fleet. 280 | - `sagemaker_device_id` - The name of the Device. 281 | - `sagemaker_device_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Device. 282 | - `sagemaker_model_package_group_policy_id` - The name of the Model Package Package Group. 283 | - `sagemaker_project_id` - The name of the Project. 284 | - `sagemaker_project_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Project. 285 | - `sagemaker_project_project_id` - The ID of the project. 286 | - `sagemaker_workteam_id` - The name of the Workteam. 287 | - `sagemaker_workteam_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Workteam. 288 | - `sagemaker_workteam_subdomain` - The subdomain for your OIDC Identity Provider. 289 | - `sagemaker_workforce_id` - The name of the Workforce. 290 | - `sagemaker_workforce_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Workforce. 291 | - `sagemaker_workforce_subdomain` - The subdomain for your OIDC Identity Provider. 292 | - `sagemaker_studio_lifecycle_config_id` - The name of the Studio Lifecycle Config. 293 | - `sagemaker_studio_lifecycle_config_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Studio Lifecycle Config. 294 | - `sagemaker_flow_definition_id` - The name of the Flow Definition. 295 | - `sagemaker_flow_definition_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Flow Definition. 296 | - `sagemaker_human_task_ui_id` - The name of the Human Task UI. 297 | - `sagemaker_human_task_ui_arn` - The Amazon Resource Name (ARN) assigned by AWS to this Human Task UI. 298 | - `sagemaker_human_task_ui_template` - The Liquid template for the worker user interface 299 | - `sagemaker_space_id` - The space's Amazon Resource Name (ARN). 300 | - `sagemaker_space_arn` - The space's Amazon Resource Name (ARN). 301 | - `sagemaker_space_home_efs_file_system_uid` - The ID of the space's profile in the Amazon Elastic File System volume. 302 | - `sagemaker_servicecatalog_portfolio_status_id` - The AWS Region the Servicecatalog portfolio status resides in. 303 | - `sagemaker_monitoring_schedule_id` - ID assigned by AWS to this monitoring schedule. 304 | - `sagemaker_monitoring_schedule_arn` - The Amazon Resource Name (ARN) assigned by AWS to this monitoring schedule. 305 | - `sagemaker_monitoring_schedule_name` - The name of the monitoring schedule. 306 | - `sagemaker_data_quality_job_definition_id` - The ID of the data quality job definition. 307 | - `sagemaker_data_quality_job_definition_arn` - The Amazon Resource Name (ARN) assigned by AWS to this data quality job definition. 308 | - `sagemaker_data_quality_job_definition_name` - The name of the data quality job definition. 309 | 310 | 311 | ## Authors 312 | 313 | Created and maintained by [Vitaliy Natarov](https://github.com/SebastianUA). An email: [vitaliy.natarov@yahoo.com](vitaliy.natarov@yahoo.com). 314 | 315 | ## License 316 | 317 | Apache 2 Licensed. See [LICENSE](https://github.com/SebastianUA/terraform/blob/master/LICENSE) for full details. 318 | -------------------------------------------------------------------------------- /examples/main.tf: -------------------------------------------------------------------------------- 1 | # 2 | # MAINTAINER Vitaliy Natarov "vitaliy.natarov@yahoo.com" 3 | # 4 | terraform { 5 | required_version = "~> 1.0" 6 | } 7 | 8 | provider "aws" { 9 | region = "us-east-1" 10 | shared_credentials_files = [pathexpand("~/.aws/credentials")] 11 | } 12 | 13 | # Get the usera and account information 14 | data "aws_caller_identity" "current" { 15 | } 16 | 17 | module "sagemaker" { 18 | source = "../" 19 | name = "TEST" 20 | environment = "stage" 21 | 22 | # Sagemaker model 23 | enable_sagemaker_model = true 24 | sagemaker_model_name = "" 25 | sagemaker_model_execution_role_arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/admin-role" 26 | 27 | sagemaker_model_primary_container = [{ 28 | image = "${data.aws_caller_identity.current.account_id}.dkr.ecr.us-east-1.amazonaws.com/sagemaker-sparkml-serving" 29 | }] 30 | sagemaker_model_container = [] 31 | 32 | # Sagemaker endpoint config 33 | enable_sagemaker_endpoint_configuration = true 34 | sagemaker_endpoint_configuration_name = "" 35 | sagemaker_endpoint_configuration_production_variants = [{ 36 | initial_instance_count = 1 37 | instance_type = "ml.t2.medium" 38 | variant_name = "sage-endpoint-config-1" 39 | }] 40 | 41 | # Sagemaker endpoint 42 | enable_sagemaker_endpoint = true 43 | sagemaker_endpoint_name = "" 44 | 45 | # Sagemaker notebook instance lifecycle configuration 46 | enable_sagemaker_notebook_instance_lifecycle_configuration = true 47 | sagemaker_notebook_instance_lifecycle_configuration_name = "" 48 | sagemaker_notebook_instance_lifecycle_configuration_on_create = null 49 | sagemaker_notebook_instance_lifecycle_configuration_on_start = null 50 | 51 | # Sagemaker notebook instance 52 | enable_sagemaker_notebook_instance = true 53 | sagemaker_notebook_instance_name = "" 54 | sagemaker_notebook_instance_role_arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/admin-role" 55 | sagemaker_notebook_instance_instance_type = "ml.t2.medium" 56 | 57 | sagemaker_notebook_instance_subnet_id = null 58 | sagemaker_notebook_instance_security_groups = null 59 | sagemaker_notebook_instance_kms_key_id = null 60 | sagemaker_notebook_instance_direct_internet_access = null 61 | 62 | tags = tomap({ 63 | "Environment" = "dev", 64 | "Createdby" = "Vitaliy Natarov", 65 | "Orchestration" = "Terraform" 66 | }) 67 | } 68 | -------------------------------------------------------------------------------- /outputs.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Gagemaker model 3 | #--------------------------------------------------- 4 | output "sagemaker_model_id" { 5 | description = "The ID of sagemaker model" 6 | value = element(concat(aws_sagemaker_model.sagemaker_model.*.id, [""]), 0) 7 | } 8 | 9 | output "sagemaker_model_name" { 10 | description = "The name of the model." 11 | value = element(concat(aws_sagemaker_model.sagemaker_model.*.name, [""]), 0) 12 | } 13 | 14 | output "sagemaker_model_arn" { 15 | description = "The Amazon Resource Name (ARN) assigned by AWS to this model." 16 | value = element(concat(aws_sagemaker_model.sagemaker_model.*.arn, [""]), 0) 17 | } 18 | 19 | #--------------------------------------------------- 20 | # AWS Sagemaker endpoint configuration 21 | #--------------------------------------------------- 22 | output "sagemaker_endpoint_configuration_id" { 23 | description = "The ID of sagemaker endpoint configuration" 24 | value = element(concat(aws_sagemaker_endpoint_configuration.sagemaker_endpoint_configuration.*.id, [""]), 0) 25 | } 26 | 27 | output "sagemaker_endpoint_configuration_arn" { 28 | description = "The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration." 29 | value = element(concat(aws_sagemaker_endpoint_configuration.sagemaker_endpoint_configuration.*.arn, [""]), 0) 30 | } 31 | 32 | output "sagemaker_endpoint_configuration_name" { 33 | description = "The name of the endpoint configuration." 34 | value = element(concat(aws_sagemaker_endpoint_configuration.sagemaker_endpoint_configuration.*.name, [""]), 0) 35 | } 36 | 37 | #--------------------------------------------------- 38 | # AWS Sagemaker endpoint 39 | #--------------------------------------------------- 40 | output "sagemaker_endpoint_id" { 41 | description = "The ID of sagemaker endpoint" 42 | value = element(concat(aws_sagemaker_endpoint.sagemaker_endpoint.*.id, [""]), 0) 43 | } 44 | 45 | output "sagemaker_endpoint_arn" { 46 | description = "The Amazon Resource Name (ARN) assigned by AWS to this endpoint." 47 | value = element(concat(aws_sagemaker_endpoint.sagemaker_endpoint.*.arn, [""]), 0) 48 | } 49 | 50 | output "sagemaker_endpoint_name" { 51 | description = "The name of the endpoint." 52 | value = element(concat(aws_sagemaker_endpoint.sagemaker_endpoint.*.name, [""]), 0) 53 | } 54 | 55 | #--------------------------------------------------- 56 | # AWS sagemaker notebook instance lifecycle configuration 57 | #--------------------------------------------------- 58 | output "sagemaker_notebook_instance_lifecycle_configuration_id" { 59 | description = "The ID of notebook instance lifecycle configuration" 60 | value = element(concat(aws_sagemaker_notebook_instance_lifecycle_configuration.sagemaker_notebook_instance_lifecycle_configuration.*.id, [""]), 0) 61 | } 62 | 63 | output "sagemaker_notebook_instance_lifecycle_configuration_arn" { 64 | description = "The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration." 65 | value = element(concat(aws_sagemaker_notebook_instance_lifecycle_configuration.sagemaker_notebook_instance_lifecycle_configuration.*.arn, [""]), 0) 66 | } 67 | 68 | #--------------------------------------------------- 69 | # AWS Sagemaker notebook instance 70 | #--------------------------------------------------- 71 | output "sagemaker_notebook_instance_id" { 72 | description = "The name of the notebook instance." 73 | value = element(concat(aws_sagemaker_notebook_instance.sagemaker_notebook_instance.*.id, [""]), 0) 74 | } 75 | 76 | output "sagemaker_notebook_instance_arn" { 77 | description = "The Amazon Resource Name (ARN) assigned by AWS to this notebook instance." 78 | value = element(concat(aws_sagemaker_notebook_instance.sagemaker_notebook_instance.*.id, [""]), 0) 79 | } 80 | 81 | #--------------------------------------------------- 82 | # AWS Sagemaker user profile 83 | #--------------------------------------------------- 84 | output "sagemaker_user_profile_id" { 85 | description = "The user profile Amazon Resource Name (ARN)." 86 | value = element(concat(aws_sagemaker_user_profile.sagemaker_user_profile.*.id, [""]), 0) 87 | } 88 | 89 | output "sagemaker_user_profile_arn" { 90 | description = "The user profile Amazon Resource Name (ARN)." 91 | value = element(concat(aws_sagemaker_user_profile.sagemaker_user_profile.*.arn, [""]), 0) 92 | } 93 | 94 | output "sagemaker_user_profile_home_efs_file_system_uid" { 95 | description = "The ID of the user's profile in the Amazon Elastic File System (EFS) volume." 96 | value = element(concat(aws_sagemaker_user_profile.sagemaker_user_profile.*.home_efs_file_system_uid, [""]), 0) 97 | } 98 | 99 | #--------------------------------------------------- 100 | # AWS Sagemaker domain 101 | #--------------------------------------------------- 102 | output "sagemaker_domain_id" { 103 | description = "The ID of the Domain." 104 | value = element(concat(aws_sagemaker_domain.sagemaker_domain.*.id, [""]), 0) 105 | } 106 | 107 | output "sagemaker_domain_arn" { 108 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Domain." 109 | value = element(concat(aws_sagemaker_domain.sagemaker_domain.*.arn, [""]), 0) 110 | } 111 | 112 | output "sagemaker_domain_url" { 113 | description = "The domain's URL." 114 | value = element(concat(aws_sagemaker_domain.sagemaker_domain.*.url, [""]), 0) 115 | } 116 | 117 | output "sagemaker_domain_single_sign_on_managed_application_instance_id" { 118 | description = "The SSO managed application instance ID." 119 | value = element(concat(aws_sagemaker_domain.sagemaker_domain.*.single_sign_on_managed_application_instance_id, [""]), 0) 120 | } 121 | 122 | output "sagemaker_domain_home_efs_file_system_id" { 123 | description = "The ID of the Amazon Elastic File System (EFS) managed by this Domain." 124 | value = element(concat(aws_sagemaker_domain.sagemaker_domain.*.home_efs_file_system_id, [""]), 0) 125 | } 126 | 127 | #--------------------------------------------------- 128 | # AWS sagemaker model package group 129 | #--------------------------------------------------- 130 | output "sagemaker_model_package_group_id" { 131 | description = "The name of the Model Package Group." 132 | value = element(concat(aws_sagemaker_model_package_group.sagemaker_model_package_group.*.id, [""]), 0) 133 | } 134 | 135 | output "sagemaker_model_package_group_arn" { 136 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Model Package Group." 137 | value = element(concat(aws_sagemaker_model_package_group.sagemaker_model_package_group.*.arn, [""]), 0) 138 | } 139 | 140 | output "sagemaker_model_package_group_model_package_group_name" { 141 | description = "The name of Model Package Group." 142 | value = element(concat(aws_sagemaker_model_package_group.sagemaker_model_package_group.*.model_package_group_name, [""]), 0) 143 | } 144 | 145 | #--------------------------------------------------- 146 | # AWS sagemaker image 147 | #--------------------------------------------------- 148 | output "sagemaker_image_id" { 149 | description = "The name of the Image." 150 | value = element(concat(aws_sagemaker_image.sagemaker_image.*.id, [""]), 0) 151 | } 152 | 153 | output "sagemaker_image_arn" { 154 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Image." 155 | value = element(concat(aws_sagemaker_image.sagemaker_image.*.arn, [""]), 0) 156 | } 157 | 158 | #--------------------------------------------------- 159 | # AWS sagemaker image version 160 | #--------------------------------------------------- 161 | output "sagemaker_image_version_id" { 162 | description = "The name of the Image version." 163 | value = element(concat(aws_sagemaker_image_version.sagemaker_image_version.*.id, [""]), 0) 164 | } 165 | 166 | output "sagemaker_image_version_arn" { 167 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Image version." 168 | value = element(concat(aws_sagemaker_image_version.sagemaker_image_version.*.arn, [""]), 0) 169 | } 170 | 171 | #--------------------------------------------------- 172 | # AWS sagemaker feature group 173 | #--------------------------------------------------- 174 | output "sagemaker_feature_group_id" { 175 | description = "The name of the feature group." 176 | value = element(concat(aws_sagemaker_feature_group.sagemaker_feature_group.*.id, [""]), 0) 177 | } 178 | 179 | output "sagemaker_feature_group_arn" { 180 | description = "The Amazon Resource Name (ARN) assigned by AWS to this feature_group." 181 | value = element(concat(aws_sagemaker_feature_group.sagemaker_feature_group.*.arn, [""]), 0) 182 | } 183 | 184 | # output "sagemaker_feature_group_name" { 185 | # description = "The name of the Feature Group." 186 | # value = element(concat(aws_sagemaker_feature_group.sagemaker_feature_group.*.name, [""]), 0) 187 | # } 188 | 189 | #--------------------------------------------------- 190 | # AWS sagemaker code repository 191 | #--------------------------------------------------- 192 | output "sagemaker_code_repository_id" { 193 | description = "The name of the Code Repository." 194 | value = element(concat(aws_sagemaker_code_repository.sagemaker_code_repository.*.id, [""]), 0) 195 | } 196 | 197 | output "sagemaker_code_repository_arn" { 198 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Code Repository." 199 | value = element(concat(aws_sagemaker_code_repository.sagemaker_code_repository.*.arn, [""]), 0) 200 | } 201 | 202 | #--------------------------------------------------- 203 | # AWS sagemaker app 204 | #--------------------------------------------------- 205 | output "sagemaker_app_id" { 206 | description = "The Amazon Resource Name (ARN) of the app." 207 | value = element(concat(aws_sagemaker_app.sagemaker_app.*.id, [""]), 0) 208 | } 209 | 210 | output "sagemaker_app_arn" { 211 | description = "The Amazon Resource Name (ARN) of the app." 212 | value = element(concat(aws_sagemaker_app.sagemaker_app.*.arn, [""]), 0) 213 | } 214 | 215 | #--------------------------------------------------- 216 | # AWS sagemaker app image config 217 | #--------------------------------------------------- 218 | output "sagemaker_app_image_config_id" { 219 | description = "The name of the app image config." 220 | value = element(concat(aws_sagemaker_app_image_config.sagemaker_app_image_config.*.id, [""]), 0) 221 | } 222 | 223 | output "sagemaker_app_image_config_arn" { 224 | description = "The Amazon Resource Name (ARN) assigned by AWS to this App Image Config." 225 | value = element(concat(aws_sagemaker_app_image_config.sagemaker_app_image_config.*.arn, [""]), 0) 226 | } 227 | 228 | #--------------------------------------------------- 229 | # AWS Sagemaker device fleet 230 | #--------------------------------------------------- 231 | output "sagemaker_device_fleet_id" { 232 | description = "The name of the Device Fleet." 233 | value = element(concat(aws_sagemaker_device_fleet.sagemaker_device_fleet.*.id, [""]), 0) 234 | } 235 | 236 | output "sagemaker_device_fleet_arn" { 237 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Device Fleet." 238 | value = element(concat(aws_sagemaker_device_fleet.sagemaker_device_fleet.*.arn, [""]), 0) 239 | } 240 | 241 | output "sagemaker_device_fleet_device_fleet_name" { 242 | description = "The Name assigned by AWS to this Device Fleet." 243 | value = element(concat(aws_sagemaker_device_fleet.sagemaker_device_fleet.*.device_fleet_name, [""]), 0) 244 | } 245 | 246 | #--------------------------------------------------- 247 | # AWS Sagemaker device 248 | #--------------------------------------------------- 249 | output "sagemaker_device_id" { 250 | description = "The name of the Device." 251 | value = element(concat(aws_sagemaker_device.sagemaker_device.*.id, [""]), 0) 252 | } 253 | 254 | output "sagemaker_device_arn" { 255 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Device." 256 | value = element(concat(aws_sagemaker_device.sagemaker_device.*.arn, [""]), 0) 257 | } 258 | 259 | #--------------------------------------------------- 260 | # AWS Sagemaker model package group policy 261 | #--------------------------------------------------- 262 | output "sagemaker_model_package_group_policy_id" { 263 | description = "The name of the Model Package Package Group." 264 | value = element(concat(aws_sagemaker_model_package_group_policy.sagemaker_model_package_group_policy.*.id, [""]), 0) 265 | } 266 | 267 | #--------------------------------------------------- 268 | # AWS Sagemaker project 269 | #--------------------------------------------------- 270 | output "sagemaker_project_id" { 271 | description = "The name of the Project." 272 | value = element(concat(aws_sagemaker_project.sagemaker_project.*.id, [""]), 0) 273 | } 274 | 275 | output "sagemaker_project_arn" { 276 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Project." 277 | value = element(concat(aws_sagemaker_project.sagemaker_project.*.arn, [""]), 0) 278 | } 279 | 280 | output "sagemaker_project_project_id" { 281 | description = "The ID of the project." 282 | value = element(concat(aws_sagemaker_project.sagemaker_project.*.project_id, [""]), 0) 283 | } 284 | 285 | #--------------------------------------------------- 286 | # AWS Sagemaker workteam 287 | #--------------------------------------------------- 288 | output "sagemaker_workteam_id" { 289 | description = "The name of the Workteam." 290 | value = element(concat(aws_sagemaker_workteam.sagemaker_workteam.*.id, [""]), 0) 291 | } 292 | 293 | output "sagemaker_workteam_arn" { 294 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Workteam." 295 | value = element(concat(aws_sagemaker_workteam.sagemaker_workteam.*.arn, [""]), 0) 296 | } 297 | 298 | output "sagemaker_workteam_subdomain" { 299 | description = "The subdomain for your OIDC Identity Provider." 300 | value = element(concat(aws_sagemaker_workteam.sagemaker_workteam.*.subdomain, [""]), 0) 301 | } 302 | 303 | #--------------------------------------------------- 304 | # AWS Sagemaker workforce 305 | #--------------------------------------------------- 306 | output "sagemaker_workforce_id" { 307 | description = "The name of the Workforce." 308 | value = element(concat(aws_sagemaker_workforce.sagemaker_workforce.*.id, [""]), 0) 309 | } 310 | 311 | output "sagemaker_workforce_arn" { 312 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Workforce." 313 | value = element(concat(aws_sagemaker_workforce.sagemaker_workforce.*.arn, [""]), 0) 314 | } 315 | 316 | output "sagemaker_workforce_subdomain" { 317 | description = "The subdomain for your OIDC Identity Provider." 318 | value = element(concat(aws_sagemaker_workforce.sagemaker_workforce.*.subdomain, [""]), 0) 319 | } 320 | 321 | #--------------------------------------------------- 322 | # AWS Sagemaker studio lifecycle config 323 | #--------------------------------------------------- 324 | output "sagemaker_studio_lifecycle_config_id" { 325 | description = "The name of the Studio Lifecycle Config." 326 | value = element(concat(aws_sagemaker_studio_lifecycle_config.sagemaker_studio_lifecycle_config.*.id, [""]), 0) 327 | } 328 | 329 | output "sagemaker_studio_lifecycle_config_arn" { 330 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Studio Lifecycle Config." 331 | value = element(concat(aws_sagemaker_studio_lifecycle_config.sagemaker_studio_lifecycle_config.*.arn, [""]), 0) 332 | } 333 | 334 | #--------------------------------------------------- 335 | # AWS Sagemaker flow definition 336 | #--------------------------------------------------- 337 | output "sagemaker_flow_definition_id" { 338 | description = "The name of the Flow Definition." 339 | value = element(concat(aws_sagemaker_flow_definition.sagemaker_flow_definition.*.id, [""]), 0) 340 | } 341 | 342 | output "sagemaker_flow_definition_arn" { 343 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Flow Definition." 344 | value = element(concat(aws_sagemaker_flow_definition.sagemaker_flow_definition.*.arn, [""]), 0) 345 | } 346 | 347 | #--------------------------------------------------- 348 | # AWS Sagemaker human task ui 349 | #--------------------------------------------------- 350 | output "sagemaker_human_task_ui_id" { 351 | description = "The name of the Human Task UI." 352 | value = element(concat(aws_sagemaker_human_task_ui.sagemaker_human_task_ui.*.id, [""]), 0) 353 | } 354 | 355 | output "sagemaker_human_task_ui_arn" { 356 | description = "The Amazon Resource Name (ARN) assigned by AWS to this Human Task UI." 357 | value = element(concat(aws_sagemaker_human_task_ui.sagemaker_human_task_ui.*.arn, [""]), 0) 358 | } 359 | 360 | output "sagemaker_human_task_ui_template" { 361 | description = "The Liquid template for the worker user interface" 362 | value = concat(aws_sagemaker_human_task_ui.sagemaker_human_task_ui.*.ui_template, [""]) 363 | } 364 | 365 | #--------------------------------------------------- 366 | # AWS Sagemaker space 367 | #--------------------------------------------------- 368 | output "sagemaker_space_id" { 369 | description = "The space's Amazon Resource Name (ARN)." 370 | value = element(concat(aws_sagemaker_space.sagemaker_space.*.id, [""]), 0) 371 | } 372 | 373 | output "sagemaker_space_arn" { 374 | description = "The space's Amazon Resource Name (ARN)." 375 | value = element(concat(aws_sagemaker_space.sagemaker_space.*.arn, [""]), 0) 376 | } 377 | 378 | output "sagemaker_space_home_efs_file_system_uid" { 379 | description = "The ID of the space's profile in the Amazon Elastic File System volume." 380 | value = element(concat(aws_sagemaker_space.sagemaker_space.*.home_efs_file_system_uid, [""]), 0) 381 | } 382 | 383 | #--------------------------------------------------- 384 | # AWS Sagemaker servicecatalog portfolio status 385 | #--------------------------------------------------- 386 | output "sagemaker_servicecatalog_portfolio_status_id" { 387 | description = "The AWS Region the Servicecatalog portfolio status resides in." 388 | value = element(concat(aws_sagemaker_servicecatalog_portfolio_status.sagemaker_servicecatalog_portfolio_status.*.id, [""]), 0) 389 | } 390 | 391 | #--------------------------------------------------- 392 | # AWS Sagemaker monitoring schedule 393 | #--------------------------------------------------- 394 | output "sagemaker_monitoring_schedule_id" { 395 | description = "ID assigned by AWS to this monitoring schedule." 396 | value = element(concat(aws_sagemaker_monitoring_schedule.sagemaker_monitoring_schedule.*.id, [""]), 0) 397 | } 398 | 399 | output "sagemaker_monitoring_schedule_arn" { 400 | description = "The Amazon Resource Name (ARN) assigned by AWS to this monitoring schedule." 401 | value = element(concat(aws_sagemaker_monitoring_schedule.sagemaker_monitoring_schedule.*.arn, [""]), 0) 402 | } 403 | 404 | output "sagemaker_monitoring_schedule_name" { 405 | description = "The name of the monitoring schedule." 406 | value = element(concat(aws_sagemaker_monitoring_schedule.sagemaker_monitoring_schedule.*.name, [""]), 0) 407 | } 408 | 409 | #--------------------------------------------------- 410 | # AWS Sagemaker data quality job definition 411 | #--------------------------------------------------- 412 | output "sagemaker_data_quality_job_definition_id" { 413 | description = "The ID of the data quality job definition." 414 | value = element(concat(aws_sagemaker_data_quality_job_definition.sagemaker_data_quality_job_definition.*.id, [""]), 0) 415 | } 416 | 417 | output "sagemaker_data_quality_job_definition_arn" { 418 | description = "The Amazon Resource Name (ARN) assigned by AWS to this data quality job definition." 419 | value = element(concat(aws_sagemaker_data_quality_job_definition.sagemaker_data_quality_job_definition.*.arn, [""]), 0) 420 | } 421 | 422 | output "sagemaker_data_quality_job_definition_name" { 423 | description = "The name of the data quality job definition." 424 | value = element(concat(aws_sagemaker_data_quality_job_definition.sagemaker_data_quality_job_definition.*.name, [""]), 0) 425 | } 426 | -------------------------------------------------------------------------------- /sagemaker_app.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker app 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_app" "sagemaker_app" { 5 | count = var.enable_sagemaker_app ? 1 : 0 6 | 7 | app_name = var.sagemaker_app_name != "" ? var.sagemaker_app_name : "${lower(var.name)}-app-${lower(var.environment)}" 8 | app_type = var.sagemaker_app_type 9 | domain_id = var.sagemaker_app_domain_id != "" ? var.sagemaker_app_domain_id : (var.enable_sagemaker_domain ? aws_sagemaker_domain.sagemaker_domain[count.index].id : null) 10 | 11 | user_profile_name = var.sagemaker_app_user_profile_name != "" ? var.sagemaker_app_user_profile_name : (var.enable_sagemaker_user_profile ? aws_sagemaker_user_profile.sagemaker_user_profile[count.index].user_profile_name : null) 12 | space_name = var.sagemaker_app_space_name 13 | 14 | dynamic "resource_spec" { 15 | iterator = resource_spec 16 | for_each = var.sagemaker_app_resource_spec 17 | 18 | content { 19 | instance_type = lookup(resource_spec.value, "instance_type", null) 20 | lifecycle_config_arn = lookup(resource_spec.value, "lifecycle_config_arn", null) 21 | sagemaker_image_arn = lookup(resource_spec.value, "sagemaker_image_arn", null) 22 | sagemaker_image_version_arn = lookup(resource_spec.value, "sagemaker_image_version_arn", null) 23 | } 24 | } 25 | 26 | tags = merge( 27 | { 28 | Name = var.sagemaker_app_name != "" ? var.sagemaker_app_name : "${lower(var.name)}-app-${lower(var.environment)}" 29 | }, 30 | var.tags 31 | ) 32 | 33 | lifecycle { 34 | create_before_destroy = true 35 | ignore_changes = [] 36 | } 37 | 38 | depends_on = [ 39 | aws_sagemaker_domain.sagemaker_domain, 40 | aws_sagemaker_user_profile.sagemaker_user_profile 41 | ] 42 | } -------------------------------------------------------------------------------- /sagemaker_app_image_config.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker app image config 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_app_image_config" "sagemaker_app_image_config" { 5 | count = var.enable_sagemaker_app_image_config ? 1 : 0 6 | 7 | app_image_config_name = var.sagemaker_app_image_config_name != "" ? lower(var.sagemaker_app_image_config_name) : "${lower(var.name)}-app-image-config-${lower(var.environment)}" 8 | 9 | dynamic "kernel_gateway_image_config" { 10 | iterator = kernel_gateway_image_config 11 | for_each = var.sagemaker_app_image_config_kernel_gateway_image_config 12 | 13 | content { 14 | dynamic "kernel_spec" { 15 | iterator = kernel_spec 16 | for_each = length(keys(lookup(kernel_gateway_image_config.value, "kernel_spec", {}))) > 0 ? [lookup(kernel_gateway_image_config.value, "kernel_spec", {})] : [] 17 | 18 | content { 19 | name = lookup(kernel_spec.value, "name", null) 20 | 21 | display_name = lookup(kernel_spec.value, "display_name", null) 22 | } 23 | } 24 | 25 | dynamic "file_system_config" { 26 | iterator = file_system_config 27 | for_each = length(keys(lookup(kernel_gateway_image_config.value, "file_system_config", {}))) > 0 ? [lookup(kernel_gateway_image_config.value, "file_system_config", {})] : [] 28 | 29 | content { 30 | default_gid = lookup(file_system_config.value, "default_gid", null) 31 | default_uid = lookup(file_system_config.value, "default_uid", null) 32 | mount_path = lookup(file_system_config.value, "mount_path", null) 33 | } 34 | } 35 | } 36 | 37 | } 38 | 39 | lifecycle { 40 | create_before_destroy = true 41 | ignore_changes = [] 42 | } 43 | 44 | depends_on = [] 45 | } -------------------------------------------------------------------------------- /sagemaker_code_repository.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker code repository 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_code_repository" "sagemaker_code_repository" { 5 | count = var.enable_sagemaker_code_repository ? 1 : 0 6 | 7 | code_repository_name = var.sagemaker_code_repository_name != "" ? lower(var.sagemaker_code_repository_name) : "${lower(var.name)}-code-repository-${lower(var.environment)}" 8 | 9 | dynamic "git_config" { 10 | iterator = git_config 11 | for_each = var.sagemaker_code_repository_git_config 12 | 13 | content { 14 | repository_url = lookup(git_config.value, "repository_url", null) 15 | 16 | branch = lookup(git_config.value, "branch", null) 17 | secret_arn = lookup(git_config.value, "secret_arn", null) 18 | } 19 | } 20 | 21 | lifecycle { 22 | create_before_destroy = true 23 | ignore_changes = [] 24 | } 25 | 26 | depends_on = [] 27 | } -------------------------------------------------------------------------------- /sagemaker_data_quality_job_definition.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker data quality job definition 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_data_quality_job_definition" "sagemaker_data_quality_job_definition" { 5 | count = var.enable_sagemaker_data_quality_job_definition ? 1 : 0 6 | 7 | name = var.sagemaker_data_quality_job_definition_name != "" ? var.sagemaker_data_quality_job_definition_name : "${lower(var.name)}-data-quality-job-definition-${lower(var.environment)}" 8 | 9 | role_arn = var.sagemaker_data_quality_job_definition_role_arn 10 | 11 | data_quality_app_specification { 12 | image_uri = lookup(var.sagemaker_data_quality_job_definition_data_quality_app_specification, "image_uri", null) 13 | 14 | environment = lookup(var.sagemaker_data_quality_job_definition_data_quality_app_specification, "environment", null) 15 | post_analytics_processor_source_uri = lookup(var.sagemaker_data_quality_job_definition_data_quality_app_specification, "post_analytics_processor_source_uri", null) 16 | record_preprocessor_source_uri = lookup(var.sagemaker_data_quality_job_definition_data_quality_app_specification, "record_preprocessor_source_uri", null) 17 | } 18 | 19 | data_quality_job_input { 20 | dynamic "batch_transform_input" { 21 | iterator = batch_transform_input 22 | for_each = length(keys(lookup(var.sagemaker_data_quality_job_definition_data_quality_job_input, "batch_transform_input", {}))) > 0 ? [lookup(var.sagemaker_data_quality_job_definition_data_quality_job_input, "batch_transform_input", {})] : [] 23 | 24 | content { 25 | data_captured_destination_s3_uri = lookup(batch_transform_input.value, "data_captured_destination_s3_uri", null) 26 | 27 | dynamic "dataset_format" { 28 | iterator = dataset_format 29 | for_each = length(keys(lookup(batch_transform_input.value, "dataset_format", {}))) > 0 ? [lookup(batch_transform_input.value, "dataset_format", {})] : [] 30 | 31 | content { 32 | dynamic "csv" { 33 | iterator = csv 34 | for_each = length(keys(lookup(dataset_format.value, "csv", {}))) > 0 ? [lookup(dataset_format.value, "csv", {})] : [] 35 | 36 | content { 37 | header = lookup(csv.value, "header", null) 38 | } 39 | } 40 | 41 | dynamic "json" { 42 | iterator = json 43 | for_each = length(keys(lookup(dataset_format.value, "json", {}))) > 0 ? [lookup(dataset_format.value, "json", {})] : [] 44 | 45 | content { 46 | line = lookup(json.value, "line", null) 47 | } 48 | } 49 | } 50 | } 51 | 52 | local_path = lookup(batch_transform_input.value, "local_path", null) 53 | s3_data_distribution_type = lookup(batch_transform_input.value, "s3_data_distribution_type", null) 54 | s3_input_mode = lookup(batch_transform_input.value, "s3_input_mode", null) 55 | } 56 | } 57 | 58 | dynamic "endpoint_input" { 59 | iterator = endpoint_input 60 | for_each = length(keys(lookup(var.sagemaker_data_quality_job_definition_data_quality_job_input, "endpoint_input", {}))) > 0 ? [lookup(var.sagemaker_data_quality_job_definition_data_quality_job_input, "endpoint_input", {})] : [] 61 | 62 | content { 63 | endpoint_name = lookup(endpoint_input.value, "endpoint_name", null) 64 | 65 | local_path = lookup(endpoint_input.value, "local_path", null) 66 | s3_data_distribution_type = lookup(endpoint_input.value, "s3_data_distribution_type", null) 67 | s3_input_mode = lookup(endpoint_input.value, "s3_input_mode", null) 68 | } 69 | } 70 | } 71 | 72 | data_quality_job_output_config { 73 | kms_key_id = lookup(var.sagemaker_data_quality_job_definition_data_quality_job_output_config, "kms_key_id", null) 74 | 75 | dynamic "monitoring_outputs" { 76 | iterator = monitoring_outputs 77 | for_each = length(keys(lookup(var.sagemaker_data_quality_job_definition_data_quality_job_output_config, "monitoring_outputs", {}))) > 0 ? [lookup(var.sagemaker_data_quality_job_definition_data_quality_job_output_config, "monitoring_outputs", {})] : [] 78 | 79 | content { 80 | dynamic "s3_output" { 81 | iterator = s3_output 82 | for_each = length(keys(lookup(monitoring_outputs.value, "s3_output", {}))) > 0 ? [lookup(monitoring_outputs.value, "s3_output", {})] : [] 83 | 84 | content { 85 | s3_uri = lookup(s3_output.value, "s3_uri", null) 86 | 87 | local_path = lookup(s3_output.value, "local_path", null) 88 | s3_upload_mode = lookup(s3_output.value, "s3_upload_mode", null) 89 | 90 | } 91 | } 92 | } 93 | } 94 | } 95 | 96 | job_resources { 97 | dynamic "cluster_config" { 98 | iterator = cluster_config 99 | for_each = length(keys(lookup(var.sagemaker_data_quality_job_definition_job_resources, "cluster_config", {}))) > 0 ? [lookup(var.sagemaker_data_quality_job_definition_job_resources, "cluster_config", {})] : [] 100 | 101 | content { 102 | instance_count = lookup(cluster_config.value, "instance_count", null) 103 | instance_type = lookup(cluster_config.value, "instance_type", null) 104 | volume_size_in_gb = lookup(cluster_config.value, "volume_size_in_gb", null) 105 | 106 | volume_kms_key_id = lookup(cluster_config.value, "volume_kms_key_id", null) 107 | } 108 | } 109 | } 110 | 111 | dynamic "data_quality_baseline_config" { 112 | iterator = data_quality_baseline_config 113 | for_each = var.sagemaker_data_quality_job_definition_data_quality_baseline_config 114 | 115 | content { 116 | dynamic "constraints_resource" { 117 | iterator = constraints_resource 118 | for_each = length(keys(lookup(data_quality_baseline_config.value, "constraints_resource", {}))) > 0 ? [lookup(data_quality_baseline_config.value, "constraints_resource", {})] : [] 119 | 120 | content { 121 | s3_uri = lookup(constraints_resource.value, "s3_uri", null) 122 | } 123 | } 124 | 125 | dynamic "statistics_resource" { 126 | iterator = statistics_resource 127 | for_each = length(keys(lookup(var.sagemaker_data_quality_job_definition_job_resources, "statistics_resource", {}))) > 0 ? [lookup(var.sagemaker_data_quality_job_definition_job_resources, "statistics_resource", {})] : [] 128 | 129 | content { 130 | s3_uri = lookup(statistics_resource.value, "s3_uri", null) 131 | } 132 | } 133 | } 134 | } 135 | 136 | dynamic "network_config" { 137 | iterator = network_config 138 | for_each = var.sagemaker_data_quality_job_definition_network_config 139 | 140 | content { 141 | enable_inter_container_traffic_encryption = lookup(network_config.value, "enable_inter_container_traffic_encryption", null) 142 | enable_network_isolation = lookup(network_config.value, "enable_network_isolation", null) 143 | 144 | dynamic "vpc_config" { 145 | iterator = vpc_config 146 | for_each = length(keys(lookup(network_config.value, "vpc_config", {}))) > 0 ? [lookup(network_config.value, "vpc_config", {})] : [] 147 | 148 | content { 149 | security_group_ids = lookup(vpc_config.value, "security_group_ids", null) 150 | subnets = lookup(vpc_config.value, "subnets", null) 151 | } 152 | } 153 | } 154 | } 155 | 156 | dynamic "stopping_condition" { 157 | iterator = stopping_condition 158 | for_each = var.sagemaker_data_quality_job_definition_stopping_condition 159 | 160 | content { 161 | max_runtime_in_seconds = lookup(stopping_condition.value, "max_runtime_in_seconds", null) 162 | } 163 | } 164 | 165 | tags = merge( 166 | { 167 | Name = var.sagemaker_data_quality_job_definition_name != "" ? var.sagemaker_data_quality_job_definition_name : "${lower(var.name)}-data-quality-job-definition-${lower(var.environment)}" 168 | }, 169 | var.tags 170 | ) 171 | 172 | lifecycle { 173 | create_before_destroy = true 174 | ignore_changes = [] 175 | } 176 | 177 | depends_on = [] 178 | } 179 | -------------------------------------------------------------------------------- /sagemaker_device.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker device 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_device" "sagemaker_device" { 5 | count = var.enable_sagemaker_device ? 1 : 0 6 | 7 | device_fleet_name = var.sagemaker_device_device_fleet_name != "" ? var.sagemaker_device_device_fleet_name : (var.enable_sagemaker_device_fleet ? aws_sagemaker_device_fleet.sagemaker_device_fleet[count.index].device_fleet_name : null) 8 | 9 | dynamic "device" { 10 | iterator = device 11 | for_each = var.sagemaker_device_devices 12 | 13 | content { 14 | description = lookup(device.value, "description", null) 15 | 16 | device_name = lookup(device.value, "device_name", null) 17 | iot_thing_name = lookup(device.value, "iot_thing_name", null) 18 | } 19 | } 20 | 21 | lifecycle { 22 | create_before_destroy = true 23 | ignore_changes = [] 24 | } 25 | 26 | depends_on = [ 27 | aws_sagemaker_device_fleet.sagemaker_device_fleet 28 | ] 29 | } 30 | -------------------------------------------------------------------------------- /sagemaker_device_fleet.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker device fleet 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_device_fleet" "sagemaker_device_fleet" { 5 | count = var.enable_sagemaker_device_fleet ? 1 : 0 6 | 7 | device_fleet_name = var.sagemaker_device_fleet_name != "" ? var.sagemaker_device_fleet_name : "${lower(var.name)}-device-fleet-${lower(var.environment)}" 8 | role_arn = var.sagemaker_device_fleet_role_arn 9 | 10 | description = var.sagemaker_device_fleet_description 11 | enable_iot_role_alias = var.sagemaker_device_fleet_enable_iot_role_alias 12 | 13 | dynamic "output_config" { 14 | iterator = output_config 15 | for_each = var.sagemaker_device_fleet_output_config 16 | 17 | content { 18 | s3_output_location = lookup(output_config.value, "s3_output_location", null) 19 | 20 | kms_key_id = lookup(output_config.value, "kms_key_id", null) 21 | } 22 | } 23 | 24 | tags = merge( 25 | { 26 | Name = var.sagemaker_device_fleet_name != "" ? var.sagemaker_device_fleet_name : "${lower(var.name)}-device-fleet-${lower(var.environment)}" 27 | }, 28 | var.tags 29 | ) 30 | 31 | lifecycle { 32 | create_before_destroy = true 33 | ignore_changes = [] 34 | } 35 | 36 | depends_on = [] 37 | } -------------------------------------------------------------------------------- /sagemaker_domain.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker domain 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_domain" "sagemaker_domain" { 5 | count = var.enable_sagemaker_domain ? 1 : 0 6 | 7 | domain_name = var.sagemaker_domain_name != "" ? lower(var.sagemaker_domain_name) : "${lower(var.name)}-domain-${lower(var.environment)}" 8 | auth_mode = var.sagemaker_domain_auth_mode 9 | vpc_id = var.sagemaker_domain_vpc_id 10 | subnet_ids = var.sagemaker_domain_subnet_ids 11 | 12 | kms_key_id = var.sagemaker_domain_kms_key_id 13 | app_network_access_type = var.sagemaker_domain_app_network_access_type 14 | app_security_group_management = var.sagemaker_domain_app_security_group_management 15 | 16 | dynamic "default_space_settings" { 17 | iterator = default_space_settings 18 | for_each = var.sagemaker_domain_default_space_settings 19 | 20 | content { 21 | execution_role = lookup(default_space_settings.value, "execution_role", null) 22 | 23 | security_groups = lookup(default_space_settings.value, "security_groups", null) 24 | 25 | dynamic "jupyter_server_app_settings" { 26 | iterator = jupyter_server_app_settings 27 | for_each = lookup(default_space_settings.value, "jupyter_server_app_settings", []) 28 | 29 | content { 30 | dynamic "default_resource_spec" { 31 | iterator = default_resource_spec 32 | for_each = lookup(jupyter_server_app_settings.value, "default_resource_spec", []) 33 | 34 | content { 35 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 36 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 37 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 38 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 39 | } 40 | } 41 | } 42 | } 43 | 44 | dynamic "kernel_gateway_app_settings" { 45 | iterator = kernel_gateway_app_settings 46 | for_each = lookup(default_space_settings.value, "kernel_gateway_app_settings", []) 47 | 48 | content { 49 | dynamic "default_resource_spec" { 50 | iterator = default_resource_spec 51 | for_each = lookup(kernel_gateway_app_settings.value, "default_resource_spec", []) 52 | 53 | content { 54 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 55 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 56 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 57 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 58 | } 59 | } 60 | 61 | dynamic "custom_image" { 62 | iterator = custom_image 63 | for_each = lookup(kernel_gateway_app_settings.value, "custom_image", []) 64 | 65 | content { 66 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 67 | image_name = lookup(custom_image.value, "image_name", null) 68 | 69 | image_version_number = lookup(custom_image.value, "image_version_number", null) 70 | } 71 | } 72 | } 73 | } 74 | 75 | } 76 | } 77 | 78 | dynamic "domain_settings" { 79 | iterator = domain_settings 80 | for_each = var.sagemaker_domain_settings 81 | 82 | content { 83 | 84 | security_group_ids = lookup(domain_settings.value, "security_group_ids", null) 85 | execution_role_identity_config = lookup(domain_settings.value, "execution_role_identity_config", null) 86 | 87 | dynamic "r_studio_server_pro_domain_settings" { 88 | iterator = r_studio_server_pro_domain_settings 89 | for_each = lookup(domain_settings.value, "r_studio_server_pro_domain_settings", []) 90 | 91 | content { 92 | domain_execution_role_arn = lookup(r_studio_server_pro_domain_settings.value, "domain_execution_role_arn", null) 93 | 94 | r_studio_connect_url = lookup(r_studio_server_pro_domain_settings.value, "r_studio_connect_url", null) 95 | r_studio_package_manager_url = lookup(r_studio_server_pro_domain_settings.value, "r_studio_package_manager_url", null) 96 | 97 | dynamic "default_resource_spec" { 98 | iterator = default_resource_spec 99 | for_each = lookup(r_studio_server_pro_domain_settings.value, "default_resource_spec", []) 100 | 101 | content { 102 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 103 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 104 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 105 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 106 | } 107 | } 108 | } 109 | } 110 | } 111 | } 112 | 113 | dynamic "retention_policy" { 114 | iterator = retention_policy 115 | for_each = length(keys(var.sagemaker_domain_retention_policy)) > 0 ? [var.sagemaker_domain_retention_policy] : [] 116 | 117 | content { 118 | home_efs_file_system = lookup(retention_policy.value, "home_efs_file_system", null) 119 | } 120 | } 121 | 122 | dynamic "default_user_settings" { 123 | iterator = default_user_settings 124 | for_each = length(keys(var.sagemaker_domain_default_user_settings)) > 0 ? [var.sagemaker_domain_default_user_settings] : [] 125 | 126 | content { 127 | execution_role = lookup(default_user_settings.value, "execution_role", null) 128 | 129 | security_groups = lookup(default_user_settings.value, "security_groups", null) 130 | 131 | dynamic "canvas_app_settings" { 132 | iterator = canvas_app_settings 133 | for_each = lookup(default_user_settings.value, "canvas_app_settings", []) 134 | 135 | content { 136 | dynamic "model_register_settings" { 137 | iterator = model_register_settings 138 | for_each = lookup(canvas_app_settings.value, "model_register_settings", []) 139 | 140 | content { 141 | cross_account_model_register_role_arn = lookup(model_register_settings.value, "cross_account_model_register_role_arn", null) 142 | status = lookup(model_register_settings.value, "status", null) 143 | } 144 | } 145 | 146 | dynamic "time_series_forecasting_settings" { 147 | iterator = time_series_forecasting_settings 148 | for_each = lookup(canvas_app_settings.value, "time_series_forecasting_settings", []) 149 | 150 | content { 151 | amazon_forecast_role_arn = lookup(time_series_forecasting_settings.value, "amazon_forecast_role_arn", null) 152 | status = lookup(time_series_forecasting_settings.value, "status", null) 153 | } 154 | } 155 | 156 | dynamic "workspace_settings" { 157 | iterator = workspace_settings 158 | for_each = lookup(canvas_app_settings.value, "workspace_settings", []) 159 | 160 | content { 161 | s3_artifact_path = lookup(workspace_settings.value, "s3_artifact_path", null) 162 | s3_kms_key_id = lookup(workspace_settings.value, "s3_kms_key_id", null) 163 | } 164 | } 165 | } 166 | } 167 | 168 | dynamic "jupyter_server_app_settings" { 169 | iterator = jupyter_server_app_settings 170 | for_each = lookup(var.sagemaker_domain_default_user_settings, "jupyter_server_app_settings", []) 171 | 172 | content { 173 | dynamic "default_resource_spec" { 174 | iterator = default_resource_spec 175 | for_each = lookup(jupyter_server_app_settings.value, "default_resource_spec", []) 176 | 177 | content { 178 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 179 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 180 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 181 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 182 | } 183 | } 184 | } 185 | } 186 | 187 | 188 | dynamic "kernel_gateway_app_settings" { 189 | iterator = kernel_gateway_app_settings 190 | for_each = lookup(var.sagemaker_domain_default_user_settings, "kernel_gateway_app_settings", []) 191 | 192 | content { 193 | dynamic "default_resource_spec" { 194 | iterator = default_resource_spec 195 | for_each = lookup(kernel_gateway_app_settings.value, "default_resource_spec", []) 196 | 197 | content { 198 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 199 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 200 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 201 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 202 | } 203 | } 204 | 205 | dynamic "custom_image" { 206 | iterator = custom_image 207 | for_each = lookup(kernel_gateway_app_settings.value, "custom_image", []) 208 | 209 | content { 210 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 211 | image_name = lookup(custom_image.value, "image_name", null) 212 | 213 | image_version_number = lookup(custom_image.value, "image_version_number", null) 214 | } 215 | } 216 | } 217 | } 218 | 219 | dynamic "r_session_app_settings" { 220 | iterator = r_session_app_settings 221 | for_each = lookup(default_user_settings.value, "r_session_app_settings", []) 222 | 223 | content { 224 | dynamic "default_resource_spec" { 225 | iterator = default_resource_spec 226 | for_each = lookup(r_session_app_settings.value, "default_resource_spec", []) 227 | 228 | content { 229 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 230 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 231 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 232 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 233 | } 234 | } 235 | 236 | dynamic "custom_image" { 237 | iterator = custom_image 238 | for_each = lookup(r_session_app_settings.value, "custom_image", []) 239 | 240 | content { 241 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 242 | image_name = lookup(custom_image.value, "image_name", null) 243 | 244 | image_version_number = lookup(custom_image.value, "image_version_number", null) 245 | } 246 | } 247 | } 248 | } 249 | 250 | dynamic "r_studio_server_pro_app_settings" { 251 | iterator = r_studio_server_pro_app_settings 252 | for_each = lookup(default_user_settings.value, "r_studio_server_pro_app_settings", []) 253 | 254 | content { 255 | access_status = lookup(r_studio_server_pro_app_settings.value, "access_status", null) 256 | user_group = lookup(r_studio_server_pro_app_settings.value, "user_group", null) 257 | } 258 | } 259 | 260 | dynamic "sharing_settings" { 261 | iterator = sharing_settings 262 | for_each = lookup(var.sagemaker_domain_default_user_settings, "sharing_settings", []) 263 | 264 | content { 265 | notebook_output_option = lookup(sharing_settings.value, "notebook_output_option", null) 266 | s3_kms_key_id = lookup(sharing_settings.value, "s3_kms_key_id", null) 267 | s3_output_path = lookup(sharing_settings.value, "s3_output_path", null) 268 | } 269 | } 270 | 271 | dynamic "tensor_board_app_settings" { 272 | iterator = tensor_board_app_settings 273 | for_each = lookup(var.sagemaker_domain_default_user_settings, "tensor_board_app_settings", []) 274 | 275 | content { 276 | dynamic "default_resource_spec" { 277 | iterator = default_resource_spec 278 | for_each = lookup(tensor_board_app_settings.value, "default_resource_spec", []) 279 | 280 | content { 281 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 282 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 283 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 284 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 285 | } 286 | } 287 | } 288 | } 289 | } 290 | 291 | } 292 | 293 | tags = merge( 294 | { 295 | Name = var.sagemaker_domain_name != "" ? lower(var.sagemaker_domain_name) : "${lower(var.name)}-sagemaker-domain-${lower(var.environment)}" 296 | }, 297 | var.tags 298 | ) 299 | 300 | lifecycle { 301 | create_before_destroy = true 302 | ignore_changes = [] 303 | } 304 | 305 | depends_on = [] 306 | } 307 | -------------------------------------------------------------------------------- /sagemaker_endpoint.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker endpoint 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_endpoint" "sagemaker_endpoint" { 5 | count = var.enable_sagemaker_endpoint ? 1 : 0 6 | 7 | name = var.sagemaker_endpoint_name != "" ? lower(var.sagemaker_endpoint_name) : "${lower(var.name)}-endpoint-${lower(var.environment)}" 8 | endpoint_config_name = var.sagemaker_endpoint_endpoint_config_name != "" && !var.enable_sagemaker_endpoint_configuration ? var.sagemaker_endpoint_endpoint_config_name : element(concat(aws_sagemaker_endpoint_configuration.sagemaker_endpoint_configuration.*.name, [""]), 0) 9 | 10 | 11 | dynamic "deployment_config" { 12 | iterator = deployment_config 13 | for_each = var.sagemaker_endpoint_deployment_config 14 | 15 | content { 16 | dynamic "blue_green_update_policy" { 17 | iterator = blue_green_update_policy 18 | for_each = length(keys(lookup(deployment_config.value, "blue_green_update_policy", {}))) > 0 ? [lookup(deployment_config.value, "blue_green_update_policy", {})] : [] 19 | 20 | content { 21 | dynamic "traffic_routing_configuration" { 22 | iterator = traffic_routing_configuration 23 | for_each = length(keys(lookup(blue_green_update_policy.value, "traffic_routing_configuration", {}))) > 0 ? [lookup(blue_green_update_policy.value, "traffic_routing_configuration", {})] : [] 24 | 25 | content { 26 | type = lookup(traffic_routing_configuration.value, "type", null) 27 | wait_interval_in_seconds = lookup(traffic_routing_configuration.value, "wait_interval_in_seconds", null) 28 | 29 | dynamic "canary_size" { 30 | iterator = canary_size 31 | for_each = length(keys(lookup(traffic_routing_configuration.value, "canary_size", {}))) > 0 ? [lookup(traffic_routing_configuration.value, "canary_size", {})] : [] 32 | 33 | content { 34 | type = lookup(canary_size.value, "type", null) 35 | value = lookup(canary_size.value, "value", null) 36 | } 37 | } 38 | dynamic "linear_step_size" { 39 | iterator = linear_step_size 40 | for_each = length(keys(lookup(traffic_routing_configuration.value, "linear_step_size", {}))) > 0 ? [lookup(traffic_routing_configuration.value, "linear_step_size", {})] : [] 41 | 42 | content { 43 | type = lookup(linear_step_size.value, "type", null) 44 | value = lookup(linear_step_size.value, "value", null) 45 | } 46 | } 47 | } 48 | } 49 | 50 | maximum_execution_timeout_in_seconds = lookup(blue_green_update_policy.value, "maximum_execution_timeout_in_seconds", null) 51 | termination_wait_in_seconds = lookup(blue_green_update_policy.value, "termination_wait_in_seconds", null) 52 | } 53 | } 54 | 55 | dynamic "auto_rollback_configuration" { 56 | iterator = auto_rollback_configuration 57 | for_each = length(keys(lookup(deployment_config.value, "auto_rollback_configuration", {}))) > 0 ? [lookup(deployment_config.value, "auto_rollback_configuration", {})] : [] 58 | 59 | content { 60 | dynamic "alarms" { 61 | iterator = alarms 62 | for_each = length(keys(lookup(auto_rollback_configuration.value, "alarms", {}))) > 0 ? [lookup(auto_rollback_configuration.value, "alarms", {})] : [] 63 | 64 | content { 65 | alarm_name = lookup(alarms.value, "alarm_name", null) 66 | } 67 | } 68 | } 69 | } 70 | 71 | } 72 | } 73 | 74 | tags = merge( 75 | { 76 | Name = var.sagemaker_endpoint_name != "" ? lower(var.sagemaker_endpoint_name) : "${lower(var.name)}-endpoint-${lower(var.environment)}" 77 | }, 78 | var.tags 79 | ) 80 | 81 | lifecycle { 82 | create_before_destroy = true 83 | ignore_changes = [] 84 | } 85 | 86 | depends_on = [ 87 | aws_sagemaker_endpoint_configuration.sagemaker_endpoint_configuration 88 | ] 89 | } 90 | -------------------------------------------------------------------------------- /sagemaker_endpoint_configuration.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker endpoint configuration 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_endpoint_configuration" "sagemaker_endpoint_configuration" { 5 | count = var.enable_sagemaker_endpoint_configuration ? 1 : 0 6 | 7 | name = var.sagemaker_endpoint_configuration_name != "" ? lower(var.sagemaker_endpoint_configuration_name) : null 8 | name_prefix = var.sagemaker_endpoint_configuration_name_prefix != "" ? lower(var.sagemaker_endpoint_configuration_name_prefix) : null 9 | 10 | kms_key_arn = var.sagemaker_endpoint_configuration_kms_key_arn 11 | dynamic "production_variants" { 12 | iterator = production_variants 13 | for_each = var.sagemaker_endpoint_configuration_production_variants 14 | 15 | content { 16 | model_name = lookup(production_variants.value, "model_name", element(concat(aws_sagemaker_model.sagemaker_model.*.name, [""]), 0)) 17 | initial_instance_count = lookup(production_variants.value, "initial_instance_count", 0) 18 | instance_type = lookup(production_variants.value, "instance_type", "ml.t2.medium") 19 | 20 | variant_name = lookup(production_variants.value, "variant_name", null) 21 | accelerator_type = lookup(production_variants.value, "accelerator_type", null) 22 | initial_variant_weight = lookup(production_variants.value, "initial_variant_weight", null) 23 | } 24 | } 25 | 26 | dynamic "data_capture_config" { 27 | iterator = data_capture_config 28 | for_each = var.sagemaker_endpoint_configuration_data_capture_config 29 | 30 | content { 31 | initial_sampling_percentage = lookup(data_capture_config.value, "initial_sampling_percentage", null) 32 | destination_s3_uri = lookup(data_capture_config.value, "destination_s3_uri", null) 33 | 34 | dynamic "capture_options" { 35 | iterator = capture_options 36 | for_each = length(keys(lookup(data_capture_config.value, "capture_options", {}))) > 0 ? [lookup(data_capture_config.value, "capture_options", {})] : [] 37 | 38 | content { 39 | capture_mode = lookup(capture_options.value, "capture_mode", null) 40 | } 41 | } 42 | 43 | kms_key_id = lookup(data_capture_config.value, "kms_key_id", null) 44 | enable_capture = lookup(data_capture_config.value, "enable_capture", null) 45 | 46 | dynamic "capture_content_type_header" { 47 | iterator = capture_content_type_header 48 | for_each = length(keys(lookup(data_capture_config.value, "capture_content_type_header", {}))) > 0 ? [lookup(data_capture_config.value, "capture_content_type_header", {})] : [] 49 | 50 | content { 51 | csv_content_types = lookup(capture_content_type_header.value, "csv_content_types", null) 52 | json_content_types = lookup(capture_content_type_header.value, "json_content_types", null) 53 | } 54 | } 55 | } 56 | } 57 | 58 | dynamic "shadow_production_variants" { 59 | iterator = shadow_production_variants 60 | for_each = var.sagemaker_endpoint_configuration_shadow_production_variants 61 | 62 | content { 63 | model_name = lookup(production_variants.value, "model_name", null) 64 | initial_instance_count = lookup(production_variants.value, "initial_instance_count", null) 65 | instance_type = lookup(production_variants.value, "instance_type", null) 66 | 67 | variant_name = lookup(production_variants.value, "variant_name", null) 68 | accelerator_type = lookup(production_variants.value, "accelerator_type", null) 69 | initial_variant_weight = lookup(production_variants.value, "initial_variant_weight", null) 70 | } 71 | } 72 | 73 | dynamic "async_inference_config" { 74 | iterator = async_inference_config 75 | for_each = var.sagemaker_endpoint_configuration_async_inference_config 76 | 77 | content { 78 | dynamic "output_config" { 79 | iterator = output_config 80 | for_each = length(keys(lookup(async_inference_config.value, "output_config", {}))) > 0 ? [lookup(async_inference_config.value, "output_config", {})] : [] 81 | 82 | content { 83 | s3_output_path = lookup(output_config.value, "s3_output_path", null) 84 | 85 | s3_failure_path = lookup(output_config.value, "s3_failure_path", null) 86 | kms_key_id = lookup(output_config.value, "kms_key_id", null) 87 | 88 | dynamic "notification_config" { 89 | iterator = notification_config 90 | for_each = length(keys(lookup(output_config.value, "notification_config", {}))) > 0 ? [lookup(output_config.value, "notification_config", {})] : [] 91 | 92 | content { 93 | include_inference_response_in = lookup(notification_config.value, "include_inference_response_in", null) 94 | error_topic = lookup(notification_config.value, "error_topic", null) 95 | success_topic = lookup(notification_config.value, "success_topic", null) 96 | } 97 | } 98 | } 99 | } 100 | 101 | dynamic "client_config" { 102 | iterator = client_config 103 | for_each = length(keys(lookup(async_inference_config.value, "client_config", {}))) > 0 ? [lookup(async_inference_config.value, "client_config", {})] : [] 104 | 105 | content { 106 | max_concurrent_invocations_per_instance = lookup(client_config.value, "max_concurrent_invocations_per_instance", null) 107 | } 108 | } 109 | } 110 | } 111 | 112 | tags = merge( 113 | { 114 | Name = var.sagemaker_endpoint_configuration_name != "" ? lower(var.sagemaker_endpoint_configuration_name) : "${lower(var.name)}-sagemaker-endpoint-conf-${lower(var.environment)}" 115 | }, 116 | var.tags 117 | ) 118 | 119 | lifecycle { 120 | create_before_destroy = true 121 | ignore_changes = [] 122 | } 123 | 124 | depends_on = [ 125 | aws_sagemaker_model.sagemaker_model 126 | ] 127 | } 128 | -------------------------------------------------------------------------------- /sagemaker_feature_group.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker feature group 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_feature_group" "sagemaker_feature_group" { 5 | count = var.enable_sagemaker_feature_group ? 1 : 0 6 | 7 | feature_group_name = var.sagemaker_feature_group_name != "" ? lower(var.sagemaker_feature_group_name) : "${lower(var.name)}-feature-group-${lower(var.environment)}" 8 | record_identifier_feature_name = var.sagemaker_feature_group_record_identifier_feature_name != "" ? lower(var.sagemaker_feature_group_record_identifier_feature_name) : "${lower(var.name)}-feature-group-${lower(var.environment)}" 9 | event_time_feature_name = var.sagemaker_feature_group_event_time_feature_name != "" ? lower(var.sagemaker_feature_group_event_time_feature_name) : "${lower(var.name)}-feature-group-${lower(var.environment)}" 10 | role_arn = var.sagemaker_feature_group_role_arn 11 | 12 | description = var.sagemaker_feature_group_description 13 | 14 | dynamic "feature_definition" { 15 | iterator = feature_definition 16 | for_each = var.sagemaker_feature_group_feature_definition 17 | 18 | content { 19 | feature_name = lookup(feature_definition.value, "feature_name", null) 20 | feature_type = lookup(feature_definition.value, "feature_type", null) 21 | } 22 | } 23 | 24 | dynamic "offline_store_config" { 25 | iterator = offline_store_config 26 | for_each = var.sagemaker_feature_group_offline_store_config 27 | 28 | content { 29 | dynamic "s3_storage_config" { 30 | iterator = s3_storage_config 31 | for_each = length(keys(lookup(offline_store_config.value, "s3_storage_config", {}))) > 0 ? [lookup(offline_store_config.value, "s3_storage_config", {})] : [] 32 | 33 | content { 34 | s3_uri = lookup(s3_storage_config.value, "s3_uri", null) 35 | 36 | kms_key_id = lookup(s3_storage_config.value, "kms_key_id", null) 37 | } 38 | } 39 | 40 | dynamic "data_catalog_config" { 41 | iterator = data_catalog_config 42 | for_each = length(keys(lookup(offline_store_config.value, "data_catalog_config", {}))) > 0 ? [lookup(offline_store_config.value, "data_catalog_config", {})] : [] 43 | 44 | content { 45 | catalog = lookup(data_catalog_config.value, "catalog", null) 46 | database = lookup(data_catalog_config.value, "database", null) 47 | table_name = lookup(data_catalog_config.value, "table_name", null) 48 | } 49 | } 50 | } 51 | 52 | } 53 | 54 | dynamic "online_store_config" { 55 | iterator = online_store_config 56 | for_each = var.sagemaker_feature_group_online_store_config 57 | 58 | content { 59 | dynamic "security_config" { 60 | iterator = security_config 61 | for_each = length(keys(lookup(online_store_config.value, "security_config", {}))) > 0 ? [lookup(online_store_config.value, "security_config", {})] : [] 62 | 63 | content { 64 | kms_key_id = lookup(security_config.value, "kms_key_id", null) 65 | } 66 | } 67 | } 68 | } 69 | 70 | lifecycle { 71 | create_before_destroy = true 72 | ignore_changes = [] 73 | } 74 | 75 | depends_on = [] 76 | } 77 | -------------------------------------------------------------------------------- /sagemaker_flow_definition.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker flow definition 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_flow_definition" "sagemaker_flow_definition" { 5 | count = var.enable_sagemaker_flow_definition ? 1 : 0 6 | 7 | flow_definition_name = var.sagemaker_flow_definition_flow_definition_name != "" ? var.sagemaker_flow_definition_flow_definition_name : "${lower(var.name)}-flow-definition-${lower(var.environment)}" 8 | role_arn = var.sagemaker_flow_definition_role_arn 9 | 10 | dynamic "human_loop_config" { 11 | iterator = human_loop_config 12 | for_each = var.sagemaker_flow_definition_human_loop_config 13 | 14 | content { 15 | human_task_ui_arn = lookup(human_loop_config.value, "human_task_ui_arn", (var.enable_sagemaker_human_task_ui ? aws_sagemaker_human_task_ui.sagemaker_human_task_ui[count.index].arn : null)) 16 | task_availability_lifetime_in_seconds = lookup(human_loop_config.value, "task_availability_lifetime_in_seconds", null) 17 | task_count = lookup(human_loop_config.value, "task_count", null) 18 | task_description = lookup(human_loop_config.value, "task_description", null) 19 | task_title = lookup(human_loop_config.value, "task_title", null) 20 | workteam_arn = lookup(human_loop_config.value, "workteam_arn", (var.enable_sagemaker_workteam ? aws_sagemaker_workteam.sagemaker_workteam[count.index].arn : null)) 21 | 22 | task_keywords = lookup(human_loop_config.value, "task_keywords", null) 23 | task_time_limit_in_seconds = lookup(human_loop_config.value, "task_time_limit_in_seconds", null) 24 | 25 | 26 | dynamic "public_workforce_task_price" { 27 | iterator = public_workforce_task_price 28 | for_each = length(keys(lookup(human_loop_config.value, "public_workforce_task_price", {}))) > 0 ? [lookup(human_loop_config.value, "public_workforce_task_price", {})] : [] 29 | 30 | content { 31 | dynamic "amount_in_usd" { 32 | iterator = amount_in_usd 33 | for_each = length(keys(lookup(public_workforce_task_price.value, "amount_in_usd", {}))) > 0 ? [lookup(public_workforce_task_price.value, "amount_in_usd", {})] : [] 34 | 35 | content { 36 | cents = lookup(amount_in_usd.value, "cents", null) 37 | tenth_fractions_of_a_cent = lookup(amount_in_usd.value, "tenth_fractions_of_a_cent", null) 38 | dollars = lookup(amount_in_usd.value, "dollars", null) 39 | } 40 | } 41 | } 42 | } 43 | } 44 | } 45 | 46 | dynamic "output_config" { 47 | iterator = output_config 48 | for_each = var.sagemaker_project_output_config 49 | 50 | content { 51 | s3_output_path = lookup(output_config.value, "s3_output_path", null) 52 | 53 | kms_key_id = lookup(output_config.value, "kms_key_id", null) 54 | } 55 | } 56 | 57 | dynamic "human_loop_activation_config" { 58 | iterator = human_loop_activation_config 59 | for_each = var.sagemaker_flow_definition_human_loop_activation_config 60 | 61 | content { 62 | dynamic "human_loop_activation_conditions_config" { 63 | iterator = human_loop_activation_conditions_config 64 | for_each = length(keys(lookup(human_loop_activation_config.value, "human_loop_activation_conditions_config", {}))) > 0 ? [lookup(human_loop_activation_config.value, "human_loop_activation_conditions_config", {})] : [] 65 | 66 | content { 67 | human_loop_activation_conditions = lookup(human_loop_activation_conditions_config.value, "human_loop_activation_conditions", null) 68 | } 69 | } 70 | } 71 | } 72 | 73 | dynamic "human_loop_request_source" { 74 | iterator = human_loop_request_source 75 | for_each = var.sagemaker_flow_definition_human_loop_request_source 76 | 77 | content { 78 | aws_managed_human_loop_request_source = lookup(human_loop_request_source.value, "aws_managed_human_loop_request_source", null) 79 | } 80 | } 81 | 82 | tags = merge( 83 | { 84 | Name = var.sagemaker_flow_definition_flow_definition_name != "" ? var.sagemaker_flow_definition_flow_definition_name : "${lower(var.name)}-flow-definition-${lower(var.environment)}" 85 | }, 86 | var.tags 87 | ) 88 | 89 | lifecycle { 90 | create_before_destroy = true 91 | ignore_changes = [] 92 | } 93 | 94 | depends_on = [ 95 | aws_sagemaker_human_task_ui.sagemaker_human_task_ui, 96 | aws_sagemaker_workteam.sagemaker_workteam 97 | ] 98 | } -------------------------------------------------------------------------------- /sagemaker_human_task_ui.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker human task ui 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_human_task_ui" "sagemaker_human_task_ui" { 5 | count = var.enable_sagemaker_human_task_ui ? 1 : 0 6 | 7 | human_task_ui_name = var.sagemaker_human_task_ui_name != "" ? var.sagemaker_human_task_ui_name : "${lower(var.name)}-human-task-ui-${lower(var.environment)}" 8 | 9 | dynamic "ui_template" { 10 | iterator = ui_template 11 | for_each = var.sagemaker_human_task_ui_template 12 | 13 | content { 14 | content = lookup(ui_template.value, "content", null) 15 | } 16 | } 17 | 18 | tags = merge( 19 | { 20 | Name = var.sagemaker_human_task_ui_name != "" ? var.sagemaker_human_task_ui_name : "${lower(var.name)}-human-task-ui-${lower(var.environment)}" 21 | }, 22 | var.tags 23 | ) 24 | 25 | lifecycle { 26 | create_before_destroy = true 27 | ignore_changes = [] 28 | } 29 | 30 | depends_on = [] 31 | } -------------------------------------------------------------------------------- /sagemaker_image.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker image 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_image" "sagemaker_image" { 5 | count = var.enable_sagemaker_image ? 1 : 0 6 | 7 | image_name = var.sagemaker_image_name != "" ? lower(var.sagemaker_image_name) : "${lower(var.name)}-image-${lower(var.environment)}" 8 | role_arn = var.sagemaker_image_role_arn 9 | 10 | display_name = var.sagemaker_image_display_name 11 | description = var.sagemaker_image_description 12 | 13 | tags = merge( 14 | { 15 | Name = var.sagemaker_image_name != "" ? lower(var.sagemaker_image_name) : "${lower(var.name)}-image-${lower(var.environment)}" 16 | }, 17 | var.tags 18 | ) 19 | 20 | lifecycle { 21 | create_before_destroy = true 22 | ignore_changes = [] 23 | } 24 | 25 | depends_on = [] 26 | } -------------------------------------------------------------------------------- /sagemaker_image_version.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker image version 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_image_version" "sagemaker_image_version" { 5 | count = var.enable_sagemaker_image_version ? 1 : 0 6 | 7 | image_name = var.sagemaker_image_version_image_name != "" ? var.sagemaker_image_version_image_name : (var.enable_sagemaker_image ? aws_sagemaker_image.sagemaker_image.0.id : null) 8 | base_image = var.sagemaker_image_version_base_image 9 | 10 | lifecycle { 11 | create_before_destroy = true 12 | ignore_changes = [] 13 | } 14 | 15 | depends_on = [ 16 | aws_sagemaker_image.sagemaker_image 17 | ] 18 | } -------------------------------------------------------------------------------- /sagemaker_model.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Gagemaker model 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_model" "sagemaker_model" { 5 | count = var.enable_sagemaker_model ? 1 : 0 6 | 7 | name = var.sagemaker_model_name != "" ? lower(var.sagemaker_model_name) : "${lower(var.name)}-model-${lower(var.environment)}" 8 | execution_role_arn = var.sagemaker_model_execution_role_arn 9 | 10 | enable_network_isolation = var.sagemaker_model_enable_network_isolation 11 | 12 | dynamic "inference_execution_config" { 13 | iterator = inference_execution_config 14 | for_each = var.sagemaker_model_inference_execution_config 15 | 16 | content { 17 | mode = lookup(inference_execution_config.value, "mode", null) 18 | } 19 | } 20 | 21 | dynamic "primary_container" { 22 | iterator = primary_container 23 | for_each = var.sagemaker_model_primary_container 24 | 25 | content { 26 | image = lookup(primary_container.value, "image", null) 27 | 28 | model_data_url = lookup(primary_container.value, "model_data_url", null) 29 | container_hostname = lookup(primary_container.value, "container_hostname", null) 30 | environment = lookup(primary_container.value, "environment", null) 31 | } 32 | } 33 | 34 | dynamic "container" { 35 | iterator = container 36 | for_each = var.sagemaker_model_container 37 | 38 | content { 39 | image = lookup(container.value, "image", null) 40 | 41 | model_data_url = lookup(container.value, "model_data_url", null) 42 | container_hostname = lookup(container.value, "container_hostname", null) 43 | environment = lookup(container.value, "environment", null) 44 | } 45 | } 46 | 47 | dynamic "vpc_config" { 48 | iterator = vpc_config 49 | for_each = var.sagemaker_model_vpc_config 50 | 51 | content { 52 | subnets = lookup(vpc_config.value, "subnets", null) 53 | security_group_ids = lookup(vpc_config.value, "security_group_ids", null) 54 | } 55 | } 56 | 57 | tags = merge( 58 | { 59 | Name = var.sagemaker_model_name != "" ? lower(var.sagemaker_model_name) : "${lower(var.name)}-model-${lower(var.environment)}" 60 | }, 61 | var.tags 62 | ) 63 | 64 | lifecycle { 65 | create_before_destroy = true 66 | ignore_changes = [] 67 | } 68 | 69 | depends_on = [] 70 | } 71 | -------------------------------------------------------------------------------- /sagemaker_model_package_group.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker model package group 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_model_package_group" "sagemaker_model_package_group" { 5 | count = var.enable_sagemaker_model_package_group ? 1 : 0 6 | 7 | model_package_group_name = var.sagemaker_model_package_group_name != "" ? lower(var.sagemaker_model_package_group_name) : "${lower(var.name)}-user-profile-${lower(var.environment)}" 8 | 9 | model_package_group_description = var.sagemaker_model_package_group_description 10 | 11 | tags = merge( 12 | { 13 | Name = var.sagemaker_model_package_group_name != "" ? lower(var.sagemaker_model_package_group_name) : "${lower(var.name)}-model-package-group-${lower(var.environment)}" 14 | }, 15 | var.tags 16 | ) 17 | 18 | lifecycle { 19 | create_before_destroy = true 20 | ignore_changes = [] 21 | } 22 | 23 | depends_on = [] 24 | } -------------------------------------------------------------------------------- /sagemaker_model_package_group_policy.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker model package group policy 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_model_package_group_policy" "sagemaker_model_package_group_policy" { 5 | count = var.enable_sagemaker_model_package_group_policy ? 1 : 0 6 | 7 | model_package_group_name = var.sagemaker_model_package_group_policy_model_package_group_name != "" ? var.sagemaker_model_package_group_policy_model_package_group_name : (var.enable_sagemaker_model_package_group ? aws_sagemaker_model_package_group.sagemaker_model_package_group[count.index].model_package_group_name : null) 8 | resource_policy = var.sagemaker_model_package_group_policy_resource_policy 9 | 10 | lifecycle { 11 | create_before_destroy = true 12 | ignore_changes = [] 13 | } 14 | 15 | depends_on = [ 16 | aws_sagemaker_device_fleet.sagemaker_device_fleet 17 | ] 18 | } -------------------------------------------------------------------------------- /sagemaker_monitoring_schedule.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker monitoring schedule 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_monitoring_schedule" "sagemaker_monitoring_schedule" { 5 | count = var.enable_sagemaker_monitoring_schedule ? 1 : 0 6 | 7 | name = var.sagemaker_monitoring_schedule_name != "" ? var.sagemaker_monitoring_schedule_name : "${lower(var.name)}-monitoring-schedule-${lower(var.environment)}" 8 | 9 | dynamic "monitoring_schedule_config" { 10 | iterator = monitoring_schedule_config 11 | for_each = var.sagemaker_monitoring_schedule_config 12 | 13 | content { 14 | monitoring_job_definition_name = lookup(monitoring_schedule_config.value, "monitoring_job_definition_name", null) 15 | monitoring_type = lookup(monitoring_schedule_config.value, "monitoring_type", null) 16 | 17 | dynamic "schedule_config" { 18 | iterator = schedule_config 19 | for_each = length(keys(lookup(monitoring_schedule_config.value, "schedule_config", {}))) > 0 ? [lookup(monitoring_schedule_config.value, "schedule_config", {})] : [] 20 | 21 | content { 22 | schedule_expression = lookup(schedule_config.value, "schedule_expression", null) 23 | } 24 | } 25 | } 26 | } 27 | 28 | tags = merge( 29 | { 30 | Name = var.sagemaker_monitoring_schedule_name != "" ? var.sagemaker_monitoring_schedule_name : "${lower(var.name)}-monitoring-schedule-${lower(var.environment)}" 31 | }, 32 | var.tags 33 | ) 34 | 35 | lifecycle { 36 | create_before_destroy = true 37 | ignore_changes = [] 38 | } 39 | 40 | depends_on = [] 41 | } 42 | -------------------------------------------------------------------------------- /sagemaker_notebook_instance.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker notebook instance 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_notebook_instance" "sagemaker_notebook_instance" { 5 | count = var.enable_sagemaker_notebook_instance ? 1 : 0 6 | 7 | name = var.sagemaker_notebook_instance_name != "" ? lower(var.sagemaker_notebook_instance_name) : "${lower(var.name)}-notebook-instance-${lower(var.environment)}" 8 | role_arn = var.sagemaker_notebook_instance_role_arn 9 | instance_type = var.sagemaker_notebook_instance_instance_type 10 | 11 | platform_identifier = var.sagemaker_notebook_instance_platform_identifier 12 | volume_size = var.sagemaker_notebook_instance_volume_size 13 | subnet_id = var.sagemaker_notebook_instance_subnet_id 14 | security_groups = var.sagemaker_notebook_instance_security_groups 15 | accelerator_types = var.sagemaker_notebook_instance_accelerator_types 16 | additional_code_repositories = var.sagemaker_notebook_instance_additional_code_repositories 17 | default_code_repository = var.sagemaker_notebook_instance_default_code_repository 18 | kms_key_id = var.sagemaker_notebook_instance_kms_key_id 19 | lifecycle_config_name = var.sagemaker_notebook_instance_lifecycle_config_name != "" && !var.enable_sagemaker_notebook_instance_lifecycle_configuration ? var.sagemaker_notebook_instance_lifecycle_config_name : element(concat(aws_sagemaker_notebook_instance_lifecycle_configuration.sagemaker_notebook_instance_lifecycle_configuration.*.id, [""]), 0) 20 | direct_internet_access = var.sagemaker_notebook_instance_direct_internet_access 21 | root_access = var.sagemaker_notebook_instance_root_access 22 | 23 | dynamic "instance_metadata_service_configuration" { 24 | iterator = instance_metadata_service_configuration 25 | for_each = var.sagemaker_notebook_instance_instance_metadata_service_configuration 26 | 27 | content { 28 | minimum_instance_metadata_service_version = lookup(instance_metadata_service_configuration.value, "minimum_instance_metadata_service_version", null) 29 | } 30 | } 31 | 32 | tags = merge( 33 | { 34 | Name = var.sagemaker_notebook_instance_name != "" ? lower(var.sagemaker_notebook_instance_name) : "${lower(var.name)}-notebook-instance-${lower(var.environment)}" 35 | }, 36 | var.tags 37 | ) 38 | 39 | lifecycle { 40 | create_before_destroy = true 41 | ignore_changes = [] 42 | } 43 | 44 | depends_on = [ 45 | aws_sagemaker_notebook_instance_lifecycle_configuration.sagemaker_notebook_instance_lifecycle_configuration 46 | ] 47 | } 48 | -------------------------------------------------------------------------------- /sagemaker_notebook_instance_lifecycle_configuration.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS sagemaker notebook instance lifecycle configuration 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_notebook_instance_lifecycle_configuration" "sagemaker_notebook_instance_lifecycle_configuration" { 5 | count = var.enable_sagemaker_notebook_instance_lifecycle_configuration ? 1 : 0 6 | 7 | name = var.sagemaker_notebook_instance_lifecycle_configuration_name != "" ? lower(var.sagemaker_notebook_instance_lifecycle_configuration_name) : "${lower(var.name)}-notebook-inst-lc-conf-${lower(var.environment)}" 8 | on_create = var.sagemaker_notebook_instance_lifecycle_configuration_on_create 9 | on_start = var.sagemaker_notebook_instance_lifecycle_configuration_on_start 10 | 11 | lifecycle { 12 | create_before_destroy = true 13 | ignore_changes = [] 14 | } 15 | 16 | depends_on = [] 17 | } 18 | -------------------------------------------------------------------------------- /sagemaker_project.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker project 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_project" "sagemaker_project" { 5 | count = var.enable_sagemaker_project ? 1 : 0 6 | 7 | project_name = var.sagemaker_project_name != "" ? var.sagemaker_project_name : "${lower(var.name)}-project-${lower(var.environment)}" 8 | 9 | project_description = var.sagemaker_project_project_description 10 | 11 | dynamic "service_catalog_provisioning_details" { 12 | iterator = service_catalog_provisioning_details 13 | for_each = var.sagemaker_project_service_catalog_provisioning_details 14 | 15 | content { 16 | product_id = lookup(service_catalog_provisioning_details.value, "product_id", null) 17 | 18 | path_id = lookup(service_catalog_provisioning_details.value, "path_id", null) 19 | provisioning_artifact_id = lookup(service_catalog_provisioning_details.value, "provisioning_artifact_id", null) 20 | 21 | dynamic "provisioning_parameter" { 22 | iterator = provisioning_parameter 23 | for_each = lookup(service_catalog_provisioning_details.value, "provisioning_parameter", []) 24 | 25 | content { 26 | key = lookup(provisioning_parameter.value, "key", null) 27 | 28 | value = lookup(provisioning_parameter.value, "value", null) 29 | } 30 | } 31 | } 32 | } 33 | 34 | tags = merge( 35 | { 36 | Name = var.sagemaker_project_name != "" ? var.sagemaker_project_name : "${lower(var.name)}-project-${lower(var.environment)}" 37 | }, 38 | var.tags 39 | ) 40 | 41 | lifecycle { 42 | create_before_destroy = true 43 | ignore_changes = [] 44 | } 45 | 46 | depends_on = [] 47 | } -------------------------------------------------------------------------------- /sagemaker_servicecatalog_portfolio_status.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker servicecatalog portfolio status 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_servicecatalog_portfolio_status" "sagemaker_servicecatalog_portfolio_status" { 5 | count = var.enable_sagemaker_servicecatalog_portfolio_status ? 1 : 0 6 | 7 | status = var.sagemaker_servicecatalog_portfolio_status 8 | 9 | lifecycle { 10 | create_before_destroy = true 11 | ignore_changes = [] 12 | } 13 | 14 | depends_on = [] 15 | } 16 | -------------------------------------------------------------------------------- /sagemaker_space.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker space 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_space" "sagemaker_space" { 5 | count = var.enable_sagemaker_space ? 1 : 0 6 | 7 | space_name = var.sagemaker_space_name != "" ? var.sagemaker_space_name : "${lower(var.name)}-space-${lower(var.environment)}" 8 | domain_id = var.sagemaker_space_domain_id != "" ? var.sagemaker_space_domain_id : (var.enable_sagemaker_domain ? aws_sagemaker_domain.sagemaker_domain.0.id : null) 9 | 10 | dynamic "space_settings" { 11 | iterator = space_settings 12 | for_each = var.sagemaker_space_settings 13 | 14 | content { 15 | dynamic "jupyter_server_app_settings" { 16 | iterator = jupyter_server_app_settings 17 | for_each = length(keys(lookup(space_settings.value, "jupyter_server_app_settings", {}))) > 0 ? [lookup(space_settings.value, "jupyter_server_app_settings", {})] : [] 18 | 19 | content { 20 | lifecycle_config_arns = lookup(jupyter_server_app_settings.value, "lifecycle_config_arns", null) 21 | 22 | dynamic "code_repository" { 23 | iterator = code_repository 24 | for_each = length(keys(lookup(jupyter_server_app_settings.value, "code_repository", {}))) > 0 ? [lookup(jupyter_server_app_settings.value, "code_repository", {})] : [] 25 | 26 | content { 27 | repository_url = lookup(code_repository.value, "repository_url", null) 28 | } 29 | } 30 | 31 | dynamic "default_resource_spec" { 32 | iterator = default_resource_spec 33 | for_each = length(keys(lookup(jupyter_server_app_settings.value, "default_resource_spec", {}))) > 0 ? [lookup(jupyter_server_app_settings.value, "default_resource_spec", {})] : [] 34 | 35 | content { 36 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 37 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 38 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 39 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 40 | } 41 | } 42 | } 43 | } 44 | 45 | dynamic "kernel_gateway_app_settings" { 46 | iterator = kernel_gateway_app_settings 47 | for_each = length(keys(lookup(space_settings.value, "kernel_gateway_app_settings", {}))) > 0 ? [lookup(space_settings.value, "kernel_gateway_app_settings", {})] : [] 48 | 49 | content { 50 | lifecycle_config_arns = lookup(kernel_gateway_app_settings.value, "lifecycle_config_arns", null) 51 | 52 | dynamic "default_resource_spec" { 53 | iterator = default_resource_spec 54 | for_each = length(keys(lookup(kernel_gateway_app_settings.value, "default_resource_spec", {}))) > 0 ? [lookup(kernel_gateway_app_settings.value, "default_resource_spec", {})] : [] 55 | 56 | content { 57 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 58 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 59 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 60 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 61 | } 62 | } 63 | 64 | dynamic "custom_image" { 65 | iterator = custom_image 66 | for_each = length(keys(lookup(kernel_gateway_app_settings.value, "custom_image", {}))) > 0 ? [lookup(kernel_gateway_app_settings.value, "custom_image", {})] : [] 67 | 68 | content { 69 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 70 | image_name = lookup(custom_image.value, "image_name", null) 71 | 72 | image_version_number = lookup(custom_image.value, "image_version_number", null) 73 | } 74 | } 75 | } 76 | } 77 | } 78 | } 79 | 80 | tags = merge( 81 | { 82 | Name = var.sagemaker_space_name != "" ? var.sagemaker_space_name : "${lower(var.name)}-space-${lower(var.environment)}" 83 | }, 84 | var.tags 85 | ) 86 | 87 | lifecycle { 88 | create_before_destroy = true 89 | ignore_changes = [] 90 | } 91 | 92 | depends_on = [ 93 | aws_sagemaker_domain.sagemaker_domain 94 | ] 95 | } 96 | -------------------------------------------------------------------------------- /sagemaker_studio_lifecycle_config.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker studio lifecycle config 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_studio_lifecycle_config" "sagemaker_studio_lifecycle_config" { 5 | count = var.enable_sagemaker_studio_lifecycle_config ? 1 : 0 6 | 7 | studio_lifecycle_config_name = var.sagemaker_studio_lifecycle_config_name != "" ? var.sagemaker_studio_lifecycle_config_name : "${lower(var.name)}-studio-lifecycle-config-${lower(var.environment)}" 8 | studio_lifecycle_config_app_type = var.sagemaker_studio_lifecycle_config_app_type 9 | studio_lifecycle_config_content = var.sagemaker_studio_lifecycle_config_content 10 | 11 | tags = merge( 12 | { 13 | Name = var.sagemaker_studio_lifecycle_config_name != "" ? var.sagemaker_studio_lifecycle_config_name : "${lower(var.name)}-studio-lifecycle-config-${lower(var.environment)}" 14 | }, 15 | var.tags 16 | ) 17 | 18 | lifecycle { 19 | create_before_destroy = true 20 | ignore_changes = [] 21 | } 22 | 23 | depends_on = [] 24 | } -------------------------------------------------------------------------------- /sagemaker_user_profile.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker user profile 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_user_profile" "sagemaker_user_profile" { 5 | count = var.enable_sagemaker_user_profile ? 1 : 0 6 | 7 | user_profile_name = var.sagemaker_user_profile_name != "" ? lower(var.sagemaker_user_profile_name) : "${lower(var.name)}-user-profile-${lower(var.environment)}" 8 | domain_id = var.sagemaker_user_profile_domain_id != "" ? var.sagemaker_user_profile_domain_id : (var.enable_sagemaker_domain ? aws_sagemaker_domain.sagemaker_domain.0.id : null) 9 | single_sign_on_user_value = var.sagemaker_user_profile_single_sign_on_user_value 10 | 11 | single_sign_on_user_identifier = var.sagemaker_user_profile_single_sign_on_user_identifier 12 | 13 | dynamic "default_user_settings" { 14 | iterator = default_user_settings 15 | for_each = length(keys(var.sagemaker_user_profile_user_settings)) > 0 ? [var.sagemaker_domain_default_user_settings] : [] 16 | 17 | content { 18 | execution_role = lookup(default_user_settings.value, "execution_role", null) 19 | 20 | security_groups = lookup(default_user_settings.value, "execution_role", null) 21 | 22 | dynamic "r_session_app_settings" { 23 | iterator = r_session_app_settings 24 | for_each = lookup(default_user_settings.value, "r_session_app_settings", []) 25 | 26 | content { 27 | dynamic "default_resource_spec" { 28 | iterator = default_resource_spec 29 | for_each = lookup(r_session_app_settings.value, "default_resource_spec", []) 30 | 31 | content { 32 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 33 | lifecycle_config_arn = lookup(default_resource_spec.value, "lifecycle_config_arn", null) 34 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 35 | sagemaker_image_version_arn = lookup(default_resource_spec.value, "sagemaker_image_version_arn", null) 36 | } 37 | } 38 | 39 | dynamic "custom_image" { 40 | iterator = custom_image 41 | for_each = lookup(r_session_app_settings.value, "custom_image", []) 42 | 43 | content { 44 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 45 | image_name = lookup(custom_image.value, "image_name", null) 46 | 47 | image_version_number = lookup(custom_image.value, "image_version_number", null) 48 | } 49 | } 50 | } 51 | } 52 | 53 | dynamic "r_studio_server_pro_app_settings" { 54 | iterator = r_studio_server_pro_app_settings 55 | for_each = lookup(default_user_settings.value, "r_studio_server_pro_app_settings", []) 56 | 57 | content { 58 | access_status = lookup(r_studio_server_pro_app_settings.value, "access_status", null) 59 | user_group = lookup(r_studio_server_pro_app_settings.value, "user_group", null) 60 | } 61 | } 62 | 63 | dynamic "canvas_app_settings" { 64 | iterator = canvas_app_settings 65 | for_each = lookup(default_user_settings.value, "canvas_app_settings", []) 66 | 67 | content { 68 | dynamic "model_register_settings" { 69 | iterator = model_register_settings 70 | for_each = lookup(canvas_app_settings.value, "model_register_settings", []) 71 | 72 | content { 73 | cross_account_model_register_role_arn = lookup(model_register_settings.value, "cross_account_model_register_role_arn", null) 74 | status = lookup(model_register_settings.value, "status", null) 75 | } 76 | } 77 | 78 | dynamic "time_series_forecasting_settings" { 79 | iterator = time_series_forecasting_settings 80 | for_each = lookup(canvas_app_settings.value, "time_series_forecasting_settings", []) 81 | 82 | content { 83 | amazon_forecast_role_arn = lookup(time_series_forecasting_settings.value, "amazon_forecast_role_arn", null) 84 | status = lookup(time_series_forecasting_settings.value, "status", null) 85 | } 86 | } 87 | 88 | dynamic "workspace_settings" { 89 | iterator = workspace_settings 90 | for_each = lookup(canvas_app_settings.value, "workspace_settings", []) 91 | 92 | content { 93 | s3_artifact_path = lookup(workspace_settings.value, "s3_artifact_path", null) 94 | s3_kms_key_id = lookup(workspace_settings.value, "s3_kms_key_id", null) 95 | } 96 | } 97 | } 98 | } 99 | 100 | dynamic "sharing_settings" { 101 | iterator = sharing_settings 102 | for_each = lookup(default_user_settings.value, "sharing_settings", []) 103 | 104 | content { 105 | notebook_output_option = lookup(sharing_settings.value, "notebook_output_option", null) 106 | s3_kms_key_id = lookup(sharing_settings.value, "s3_kms_key_id", null) 107 | s3_output_path = lookup(sharing_settings.value, "s3_output_path", null) 108 | } 109 | } 110 | 111 | dynamic "tensor_board_app_settings" { 112 | iterator = tensor_board_app_settings 113 | for_each = lookup(default_user_settings.value, "tensor_board_app_settings", []) 114 | 115 | content { 116 | dynamic "default_resource_spec" { 117 | iterator = default_resource_spec 118 | for_each = lookup(tensor_board_app_settings.value, "default_resource_spec", []) 119 | 120 | content { 121 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 122 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 123 | } 124 | } 125 | } 126 | } 127 | 128 | dynamic "jupyter_server_app_settings" { 129 | iterator = jupyter_server_app_settings 130 | for_each = lookup(default_user_settings.value, "jupyter_server_app_settings", []) 131 | 132 | content { 133 | dynamic "default_resource_spec" { 134 | iterator = default_resource_spec 135 | for_each = lookup(jupyter_server_app_settings.value, "default_resource_spec", []) 136 | 137 | content { 138 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 139 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 140 | } 141 | } 142 | } 143 | } 144 | 145 | dynamic "kernel_gateway_app_settings" { 146 | iterator = kernel_gateway_app_settings 147 | for_each = lookup(default_user_settings.value, "kernel_gateway_app_settings", []) 148 | 149 | content { 150 | dynamic "default_resource_spec" { 151 | iterator = default_resource_spec 152 | for_each = lookup(kernel_gateway_app_settings.value, "default_resource_spec", []) 153 | 154 | content { 155 | instance_type = lookup(default_resource_spec.value, "instance_type", null) 156 | sagemaker_image_arn = lookup(default_resource_spec.value, "sagemaker_image_arn", null) 157 | } 158 | } 159 | 160 | dynamic "custom_image" { 161 | iterator = custom_image 162 | for_each = lookup(kernel_gateway_app_settings.value, "custom_image", []) 163 | 164 | content { 165 | app_image_config_name = lookup(custom_image.value, "app_image_config_name", null) 166 | image_name = lookup(custom_image.value, "image_name", null) 167 | 168 | image_version_number = lookup(custom_image.value, "image_version_number", null) 169 | } 170 | } 171 | } 172 | } 173 | } 174 | } 175 | 176 | tags = merge( 177 | { 178 | Name = var.sagemaker_user_profile_name != "" ? lower(var.sagemaker_user_profile_name) : "${lower(var.name)}-user-profile-${lower(var.environment)}" 179 | }, 180 | var.tags 181 | ) 182 | 183 | lifecycle { 184 | create_before_destroy = true 185 | ignore_changes = [] 186 | } 187 | 188 | depends_on = [ 189 | aws_sagemaker_domain.sagemaker_domain 190 | ] 191 | } 192 | -------------------------------------------------------------------------------- /sagemaker_workforce.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker workforce 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_workforce" "sagemaker_workforce" { 5 | count = var.enable_sagemaker_workforce ? 1 : 0 6 | 7 | workforce_name = var.sagemaker_workforce_name != "" ? var.sagemaker_workforce_name : "${lower(var.name)}-workforce-${lower(var.environment)}" 8 | 9 | dynamic "cognito_config" { 10 | iterator = cognito_config 11 | for_each = var.sagemaker_workforce_cognito_config 12 | 13 | content { 14 | client_id = lookup(cognito_config.value, "client_id", null) 15 | user_pool = lookup(cognito_config.value, "user_pool", null) 16 | } 17 | } 18 | 19 | dynamic "oidc_config" { 20 | iterator = oidc_config 21 | for_each = var.sagemaker_workforce_oidc_config 22 | 23 | content { 24 | authorization_endpoint = lookup(oidc_config.value, "authorization_endpoint", null) 25 | client_id = lookup(oidc_config.value, "client_id", null) 26 | client_secret = lookup(oidc_config.value, "client_secret", null) 27 | issuer = lookup(oidc_config.value, "issuer", null) 28 | jwks_uri = lookup(oidc_config.value, "jwks_uri", null) 29 | logout_endpoint = lookup(oidc_config.value, "logout_endpoint", null) 30 | token_endpoint = lookup(oidc_config.value, "token_endpoint", null) 31 | user_info_endpoint = lookup(oidc_config.value, "user_info_endpoint", null) 32 | } 33 | } 34 | 35 | dynamic "source_ip_config" { 36 | iterator = source_ip_config 37 | for_each = var.sagemaker_workforce_source_ip_config 38 | 39 | content { 40 | cidrs = lookup(source_ip_config.value, "cidrs", null) 41 | } 42 | } 43 | 44 | lifecycle { 45 | create_before_destroy = true 46 | ignore_changes = [] 47 | } 48 | 49 | depends_on = [] 50 | } -------------------------------------------------------------------------------- /sagemaker_workteam.tf: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------- 2 | # AWS Sagemaker workteam 3 | #--------------------------------------------------- 4 | resource "aws_sagemaker_workteam" "sagemaker_workteam" { 5 | count = var.enable_sagemaker_workteam ? 1 : 0 6 | 7 | workteam_name = var.sagemaker_workteam_name != "" ? var.sagemaker_workteam_name : "${lower(var.name)}-workteam-${lower(var.environment)}" 8 | workforce_name = var.sagemaker_workteam_workforce_name != "" ? var.sagemaker_workteam_workforce_name : (var.enable_sagemaker_workforce ? aws_sagemaker_workforce.sagemaker_workforce[count.index].id : null) 9 | description = var.sagemaker_workteam_description 10 | 11 | dynamic "member_definition" { 12 | iterator = member_definition 13 | for_each = var.sagemaker_workteam_member_definition 14 | 15 | content { 16 | dynamic "cognito_member_definition" { 17 | iterator = cognito_member_definition 18 | for_each = length(keys(lookup(member_definition.value, "cognito_member_definition", {}))) > 0 ? [lookup(member_definition.value, "cognito_member_definition", {})] : [] 19 | 20 | content { 21 | client_id = lookup(cognito_member_definition.value, "client_id", null) 22 | user_pool = lookup(cognito_member_definition.value, "user_pool", null) 23 | user_group = lookup(cognito_member_definition.value, "user_group", null) 24 | } 25 | } 26 | 27 | dynamic "oidc_member_definition" { 28 | iterator = oidc_member_definition 29 | for_each = length(keys(lookup(member_definition.value, "oidc_member_definition", {}))) > 0 ? [lookup(member_definition.value, "oidc_member_definition", {})] : [] 30 | 31 | content { 32 | groups = lookup(oidc_member_definition.value, "groups", null) 33 | } 34 | } 35 | } 36 | } 37 | 38 | dynamic "notification_configuration" { 39 | iterator = notification_configuration 40 | for_each = var.sagemaker_workteam_notification_configuration 41 | 42 | content { 43 | notification_topic_arn = lookup(notification_configuration.value, "notification_topic_arn", null) 44 | } 45 | } 46 | 47 | tags = merge( 48 | { 49 | Name = var.sagemaker_workteam_name != "" ? var.sagemaker_workteam_name : "${lower(var.name)}-workteam-${lower(var.environment)}" 50 | }, 51 | var.tags 52 | ) 53 | 54 | lifecycle { 55 | create_before_destroy = true 56 | ignore_changes = [] 57 | } 58 | 59 | depends_on = [ 60 | aws_sagemaker_workforce.sagemaker_workforce 61 | ] 62 | } -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | #----------------------------------------------------------- 2 | # Global or/and default variables 3 | #----------------------------------------------------------- 4 | variable "name" { 5 | description = "Name to be used on all resources as prefix" 6 | default = "TEST" 7 | } 8 | 9 | variable "environment" { 10 | description = "Environment for service" 11 | default = "STAGE" 12 | } 13 | 14 | variable "tags" { 15 | description = "A list of tag blocks. Each element should have keys named key, value, etc." 16 | type = map(string) 17 | default = {} 18 | } 19 | 20 | #--------------------------------------------------- 21 | # AWS Gagemaker model 22 | #--------------------------------------------------- 23 | variable "enable_sagemaker_model" { 24 | description = "Enable sagemaker model usage" 25 | default = false 26 | } 27 | 28 | variable "sagemaker_model_name" { 29 | description = "The name of the model (must be unique). If omitted, Terraform will assign a random, unique name." 30 | default = "" 31 | } 32 | 33 | variable "sagemaker_model_execution_role_arn" { 34 | description = "(Required) A role that SageMaker can assume to access model artifacts and docker images for deployment." 35 | default = null 36 | } 37 | 38 | variable "sagemaker_model_enable_network_isolation" { 39 | description = "(Optional) - Isolates the model container. No inbound or outbound network calls can be made to or from the model container." 40 | default = null 41 | } 42 | 43 | variable "sagemaker_model_vpc_config" { 44 | description = "(Optional) - Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform." 45 | default = [] 46 | } 47 | 48 | variable "sagemaker_model_inference_execution_config" { 49 | description = "(Optional) Specifies details of how containers in a multi-container endpoint are called" 50 | default = [] 51 | } 52 | 53 | variable "sagemaker_model_primary_container" { 54 | description = "(Optional) The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the container argument is required." 55 | default = [] 56 | } 57 | 58 | variable "sagemaker_model_container" { 59 | description = "(Optional) - Specifies containers in the inference pipeline. If not specified, the primary_container argument is required." 60 | default = [] 61 | } 62 | 63 | #--------------------------------------------------- 64 | # AWS Sagemaker endpoint configuration 65 | #--------------------------------------------------- 66 | variable "enable_sagemaker_endpoint_configuration" { 67 | description = "Enable sagemaker endpoint configuration usage" 68 | default = false 69 | } 70 | 71 | variable "sagemaker_endpoint_configuration_name" { 72 | description = "(Optional) The name of the endpoint configuration. If omitted, Terraform will assign a random, unique name." 73 | default = "" 74 | } 75 | 76 | variable "sagemaker_endpoint_configuration_name_prefix" { 77 | description = "(Optional) Creates a unique endpoint configuration name beginning with the specified prefix. Conflicts with name" 78 | default = "" 79 | } 80 | 81 | variable "sagemaker_endpoint_configuration_kms_key_arn" { 82 | description = "(Optional) Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint." 83 | default = null 84 | } 85 | 86 | variable "sagemaker_endpoint_configuration_production_variants" { 87 | description = "(Required) Fields for endpoint" 88 | default = [] 89 | } 90 | 91 | variable "sagemaker_endpoint_configuration_data_capture_config" { 92 | description = "(Optional) Specifies the parameters to capture input/output of SageMaker models endpoints" 93 | default = [] 94 | } 95 | 96 | variable "sagemaker_endpoint_configuration_shadow_production_variants" { 97 | description = "(Optional) Array of ProductionVariant objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants.If you use this field, you can only specify one variant for ProductionVariants and one variant for ShadowProductionVariants" 98 | default = [] 99 | } 100 | 101 | variable "sagemaker_endpoint_configuration_async_inference_config" { 102 | description = "(Optional) Specifies configuration for how an endpoint performs asynchronous inference." 103 | default = [] 104 | } 105 | 106 | variable "sagemaker_endpoint_deployment_config" { 107 | description = "(Optional) The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations" 108 | default = [] 109 | } 110 | 111 | #--------------------------------------------------- 112 | # AWS Sagemaker endpoint 113 | #--------------------------------------------------- 114 | variable "enable_sagemaker_endpoint" { 115 | description = "Enable sagemaker endpoint usage" 116 | default = false 117 | } 118 | 119 | variable "sagemaker_endpoint_name" { 120 | description = "The name of the endpoint. If omitted, Terraform will assign a random, unique name." 121 | default = null 122 | } 123 | 124 | variable "sagemaker_endpoint_endpoint_config_name" { 125 | description = "The name of the endpoint configuration to use." 126 | default = "" 127 | } 128 | 129 | #--------------------------------------------------- 130 | # AWS sagemaker notebook instance lifecycle configuration 131 | #--------------------------------------------------- 132 | variable "enable_sagemaker_notebook_instance_lifecycle_configuration" { 133 | description = "Enable sagemaker notebook instance lifecycle configuration usage" 134 | default = false 135 | } 136 | 137 | variable "sagemaker_notebook_instance_lifecycle_configuration_name" { 138 | description = "The name of the lifecycle configuration (must be unique). If omitted, Terraform will assign a random, unique name." 139 | default = null 140 | } 141 | 142 | variable "sagemaker_notebook_instance_lifecycle_configuration_on_create" { 143 | description = "(Optional) A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created." 144 | default = null 145 | } 146 | 147 | variable "sagemaker_notebook_instance_lifecycle_configuration_on_start" { 148 | description = "(Optional) A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created." 149 | default = null 150 | } 151 | 152 | #--------------------------------------------------- 153 | # AWS Sagemaker notebook instance 154 | #--------------------------------------------------- 155 | variable "enable_sagemaker_notebook_instance" { 156 | description = "Enable sagemaker notebook instance usage" 157 | default = false 158 | } 159 | 160 | variable "sagemaker_notebook_instance_name" { 161 | description = "The name of the notebook instance (must be unique)." 162 | default = "" 163 | } 164 | 165 | variable "sagemaker_notebook_instance_role_arn" { 166 | description = "(Required) The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf." 167 | default = null 168 | } 169 | 170 | variable "sagemaker_notebook_instance_instance_type" { 171 | description = "(Required) The name of ML compute instance type." 172 | default = "ml.t2.medium" 173 | } 174 | 175 | variable "sagemaker_notebook_instance_platform_identifier" { 176 | description = "(Optional) The platform identifier of the notebook instance runtime environment. This value can be either notebook-al1-v1, notebook-al2-v1, or notebook-al2-v2, depending on which version of Amazon Linux you require." 177 | default = null 178 | } 179 | 180 | variable "sagemaker_notebook_instance_volume_size" { 181 | description = "(Optional) The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB." 182 | default = null 183 | } 184 | 185 | variable "sagemaker_notebook_instance_subnet_id" { 186 | description = "(Optional) The VPC subnet ID." 187 | default = null 188 | } 189 | 190 | variable "sagemaker_notebook_instance_security_groups" { 191 | description = "(Optional) The associated security groups." 192 | default = null 193 | } 194 | 195 | variable "sagemaker_notebook_instance_accelerator_types" { 196 | description = "(Optional) A list of Elastic Inference (EI) instance types to associate with this notebook instance. See Elastic Inference Accelerator for more details. Valid values: ml.eia1.medium, ml.eia1.large, ml.eia1.xlarge, ml.eia2.medium, ml.eia2.large, ml.eia2.xlarge" 197 | default = null 198 | } 199 | 200 | variable "sagemaker_notebook_instance_additional_code_repositories" { 201 | description = "(Optional) An array of up to three Git repositories to associate with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in AWS CodeCommit or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance." 202 | default = null 203 | } 204 | 205 | variable "sagemaker_notebook_instance_default_code_repository" { 206 | description = "(Optional) The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in AWS CodeCommit or in any other Git repository." 207 | default = null 208 | } 209 | 210 | variable "sagemaker_notebook_instance_root_access" { 211 | description = "(Optional) Whether root access is Enabled or Disabled for users of the notebook instance. The default value is Enabled" 212 | default = null 213 | } 214 | 215 | variable "sagemaker_notebook_instance_kms_key_id" { 216 | description = "(Optional) The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." 217 | default = null 218 | } 219 | 220 | variable "sagemaker_notebook_instance_lifecycle_config_name" { 221 | description = "(Optional) The name of a lifecycle configuration to associate with the notebook instance." 222 | default = null 223 | } 224 | 225 | variable "sagemaker_notebook_instance_direct_internet_access" { 226 | description = "(Optional) Set to Disabled to disable internet access to notebook. Requires security_groups and subnet_id to be set. Supported values: Enabled (Default) or Disabled. If set to Disabled, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC." 227 | default = null 228 | } 229 | 230 | variable "sagemaker_notebook_instance_instance_metadata_service_configuration" { 231 | description = "(Optional) Information on the IMDS configuration of the notebook instance" 232 | default = [] 233 | } 234 | 235 | #--------------------------------------------------- 236 | # AWS Sagemaker user profile 237 | #--------------------------------------------------- 238 | variable "enable_sagemaker_user_profile" { 239 | description = "Enable sagemaker user profile usage" 240 | default = false 241 | } 242 | 243 | variable "sagemaker_user_profile_name" { 244 | description = "The name for the User Profile." 245 | default = "" 246 | } 247 | 248 | variable "sagemaker_user_profile_domain_id" { 249 | description = "The ID of the associated Domain." 250 | default = "" 251 | } 252 | 253 | variable "sagemaker_user_profile_single_sign_on_user_value" { 254 | description = "(Required) The username of the associated AWS Single Sign-On User for this User Profile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified." 255 | default = null 256 | } 257 | 258 | variable "sagemaker_user_profile_single_sign_on_user_identifier" { 259 | description = "(Optional) A specifier for the type of value specified in single_sign_on_user_value. Currently, the only supported value is UserName. If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified." 260 | default = null 261 | } 262 | 263 | variable "sagemaker_user_profile_user_settings" { 264 | description = "AAA" 265 | default = { 266 | execution_role = null 267 | 268 | security_groups = null 269 | } 270 | } 271 | 272 | #--------------------------------------------------- 273 | # AWS Sagemaker domain 274 | #--------------------------------------------------- 275 | variable "enable_sagemaker_domain" { 276 | description = "Enable sagemaker domain usage" 277 | default = false 278 | } 279 | 280 | variable "sagemaker_domain_name" { 281 | description = "The domain name." 282 | default = "" 283 | } 284 | 285 | variable "sagemaker_domain_auth_mode" { 286 | description = "(Required) The mode of authentication that members use to access the domain. Valid values are IAM and SSO" 287 | default = null 288 | } 289 | 290 | variable "sagemaker_domain_vpc_id" { 291 | description = "(Required) The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication." 292 | default = null 293 | } 294 | 295 | variable "sagemaker_domain_subnet_ids" { 296 | description = "(Required) The VPC subnets that Studio uses for communication." 297 | default = null 298 | } 299 | 300 | variable "sagemaker_domain_kms_key_id" { 301 | description = "(Optional) The AWS KMS customer managed CMK used to encrypt the EFS volume attached to the domain." 302 | default = null 303 | } 304 | 305 | variable "sagemaker_domain_app_network_access_type" { 306 | description = "(Optional) Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. Valid values are PublicInternetOnly and VpcOnly." 307 | default = null 308 | } 309 | 310 | variable "sagemaker_domain_app_security_group_management" { 311 | description = "(Optional) The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Valid values are Service and Customer." 312 | default = null 313 | } 314 | 315 | variable "sagemaker_domain_retention_policy" { 316 | description = "(Optional) The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained" 317 | default = {} 318 | } 319 | 320 | variable "sagemaker_domain_default_user_settings" { 321 | description = "(Required) The default user settings." 322 | default = { 323 | execution_role = null 324 | 325 | security_groups = null 326 | } 327 | } 328 | 329 | variable "sagemaker_domain_default_space_settings" { 330 | description = "(Required) The default space settings" 331 | default = [] 332 | } 333 | 334 | variable "sagemaker_domain_settings" { 335 | description = "(Optional) The domain's settings." 336 | default = [] 337 | } 338 | 339 | #--------------------------------------------------- 340 | # AWS sagemaker model package group 341 | #--------------------------------------------------- 342 | variable "enable_sagemaker_model_package_group" { 343 | description = "Enable sagemaker model package group usage" 344 | default = false 345 | } 346 | 347 | variable "sagemaker_model_package_group_name" { 348 | description = "The name of the model group." 349 | default = "" 350 | } 351 | 352 | variable "sagemaker_model_package_group_description" { 353 | description = "AAA" 354 | default = null 355 | } 356 | 357 | #--------------------------------------------------- 358 | # AWS sagemaker image 359 | #--------------------------------------------------- 360 | variable "enable_sagemaker_image" { 361 | description = "Enable sagemaker image usage" 362 | default = false 363 | } 364 | 365 | variable "sagemaker_image_name" { 366 | description = "The name of the image. Must be unique to your account." 367 | default = "" 368 | } 369 | 370 | variable "sagemaker_image_role_arn" { 371 | description = "(Required) The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf." 372 | default = null 373 | } 374 | 375 | variable "sagemaker_image_display_name" { 376 | description = "(Optional) The display name of the image. When the image is added to a domain (must be unique to the domain)." 377 | default = null 378 | } 379 | 380 | variable "sagemaker_image_description" { 381 | description = "(Optional) The description of the image." 382 | default = null 383 | } 384 | 385 | #--------------------------------------------------- 386 | # AWS sagemaker image version 387 | #--------------------------------------------------- 388 | variable "enable_sagemaker_image_version" { 389 | description = "Enable sagemaker image version usage" 390 | default = false 391 | } 392 | 393 | variable "sagemaker_image_version_image_name" { 394 | description = "The name of the image. Must be unique to your account." 395 | default = "" 396 | } 397 | 398 | variable "sagemaker_image_version_base_image" { 399 | description = "(Required) The registry path of the container image on which this image version is based." 400 | default = null 401 | } 402 | 403 | #--------------------------------------------------- 404 | # AWS sagemaker feature group 405 | #--------------------------------------------------- 406 | variable "enable_sagemaker_feature_group" { 407 | description = "Enable sagemaker feature group usage" 408 | default = false 409 | } 410 | 411 | variable "sagemaker_feature_group_name" { 412 | description = "The name of the Feature Group. The name must be unique within an AWS Region in an AWS account." 413 | default = "" 414 | } 415 | 416 | variable "sagemaker_feature_group_record_identifier_feature_name" { 417 | description = "The name of the Feature whose value uniquely identifies a Record defined in the Feature Store. Only the latest record per identifier value will be stored in the Online Store." 418 | default = "" 419 | } 420 | 421 | variable "sagemaker_feature_group_event_time_feature_name" { 422 | description = "The name of the feature that stores the EventTime of a Record in a Feature Group." 423 | default = "" 424 | } 425 | 426 | variable "sagemaker_feature_group_role_arn" { 427 | description = "(Required) - The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the Offline Store if an offline_store_config is provided." 428 | default = null 429 | } 430 | 431 | variable "sagemaker_feature_group_description" { 432 | description = "(Optional) - A free-form description of a Feature Group." 433 | default = null 434 | } 435 | 436 | variable "sagemaker_feature_group_feature_definition" { 437 | description = "(Optional) - A list of Feature names and types." 438 | default = [] 439 | } 440 | 441 | variable "sagemaker_feature_group_offline_store_config" { 442 | description = "(Optional) - The Offline Feature Store Configuration." 443 | default = [] 444 | } 445 | 446 | variable "sagemaker_feature_group_online_store_config" { 447 | description = "(Optional) - The Online Feature Store Configuration." 448 | default = [] 449 | } 450 | 451 | #--------------------------------------------------- 452 | # AWS sagemaker code repository 453 | #--------------------------------------------------- 454 | variable "enable_sagemaker_code_repository" { 455 | description = "Enable sagemaker code repository usage" 456 | default = false 457 | } 458 | 459 | variable "sagemaker_code_repository_name" { 460 | description = "The name of the Code Repository (must be unique)." 461 | default = "" 462 | } 463 | 464 | variable "sagemaker_code_repository_git_config" { 465 | description = "(Required) Specifies details about the repository." 466 | default = [] 467 | } 468 | 469 | 470 | #--------------------------------------------------- 471 | # AWS sagemaker app 472 | #--------------------------------------------------- 473 | variable "enable_sagemaker_app" { 474 | description = "Enable sagemaker app usage" 475 | default = false 476 | } 477 | 478 | variable "sagemaker_app_name" { 479 | description = "The name of the app." 480 | default = "" 481 | } 482 | 483 | variable "sagemaker_app_type" { 484 | description = "(Required) The type of app. Valid values are JupyterServer, KernelGateway and TensorBoard" 485 | default = null 486 | } 487 | 488 | variable "sagemaker_app_domain_id" { 489 | description = "The domain ID." 490 | default = "" 491 | } 492 | 493 | variable "sagemaker_app_user_profile_name" { 494 | description = "The user profile name." 495 | default = null 496 | } 497 | 498 | variable "sagemaker_app_space_name" { 499 | description = "(Optional) The name of the space. At least one of user_profile_name or space_name required." 500 | default = null 501 | } 502 | 503 | variable "sagemaker_app_resource_spec" { 504 | description = "(Optional) The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance" 505 | default = [] 506 | } 507 | 508 | #--------------------------------------------------- 509 | # AWS sagemaker app image config 510 | #--------------------------------------------------- 511 | variable "enable_sagemaker_app_image_config" { 512 | description = "Enable sagemaker app image config usage" 513 | default = false 514 | } 515 | 516 | variable "sagemaker_app_image_config_name" { 517 | description = "The name of the App Image Config." 518 | default = "" 519 | } 520 | 521 | variable "sagemaker_app_image_config_kernel_gateway_image_config" { 522 | description = "(Optional) The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app." 523 | default = [] 524 | } 525 | 526 | #--------------------------------------------------- 527 | # AWS Sagemaker device fleet 528 | #--------------------------------------------------- 529 | variable "enable_sagemaker_device_fleet" { 530 | description = "Enable sagemaker device fleet usage" 531 | default = false 532 | } 533 | 534 | variable "sagemaker_device_fleet_name" { 535 | description = "Set name for sagemaker device fleet" 536 | default = "" 537 | } 538 | 539 | variable "sagemaker_device_fleet_role_arn" { 540 | description = "(Required) The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT)." 541 | default = null 542 | } 543 | 544 | variable "sagemaker_device_fleet_description" { 545 | description = "(Optional) A description of the fleet." 546 | default = null 547 | } 548 | 549 | variable "sagemaker_device_fleet_enable_iot_role_alias" { 550 | description = "(Optional) Whether to create an AWS IoT Role Alias during device fleet creation. The name of the role alias generated will match this pattern: 'SageMakerEdge-{DeviceFleetName}'." 551 | default = null 552 | } 553 | 554 | variable "sagemaker_device_fleet_output_config" { 555 | description = "(Required) Specifies details about the repository." 556 | default = [] 557 | } 558 | 559 | #--------------------------------------------------- 560 | # AWS Sagemaker device 561 | #--------------------------------------------------- 562 | variable "enable_sagemaker_device" { 563 | description = "Enable sagemaker device usage" 564 | default = false 565 | } 566 | 567 | variable "sagemaker_device_device_fleet_name" { 568 | description = "The name of the Device." 569 | default = "" 570 | } 571 | 572 | variable "sagemaker_device_devices" { 573 | description = "(Required) The list of devices to register with SageMaker Edge Manager." 574 | default = [] 575 | } 576 | 577 | #--------------------------------------------------- 578 | # AWS Sagemaker model package group policy 579 | #--------------------------------------------------- 580 | variable "enable_sagemaker_model_package_group_policy" { 581 | description = "Enable sagemaker model package group policy usage" 582 | default = false 583 | } 584 | 585 | variable "sagemaker_model_package_group_policy_model_package_group_name" { 586 | description = "The name of the model package group." 587 | default = "" 588 | } 589 | 590 | variable "sagemaker_model_package_group_policy_resource_policy" { 591 | description = "The resource policy for the model package group." 592 | default = null 593 | } 594 | 595 | #--------------------------------------------------- 596 | # AWS Sagemaker project 597 | #--------------------------------------------------- 598 | variable "enable_sagemaker_project" { 599 | description = "Enable sagemaker project usage" 600 | default = false 601 | } 602 | 603 | variable "sagemaker_project_name" { 604 | description = "The name of the Project." 605 | default = "" 606 | } 607 | 608 | variable "sagemaker_project_project_description" { 609 | description = "(Optional) A description for the project." 610 | default = null 611 | } 612 | 613 | variable "sagemaker_project_service_catalog_provisioning_details" { 614 | description = "(Required) The product ID and provisioning artifact ID to provision a service catalog" 615 | default = [] 616 | } 617 | 618 | #--------------------------------------------------- 619 | # AWS Sagemaker workteam 620 | #--------------------------------------------------- 621 | variable "enable_sagemaker_workteam" { 622 | description = "Enable sagemaker workteam usage" 623 | default = false 624 | } 625 | 626 | variable "sagemaker_workteam_name" { 627 | description = "The name of the workforce." 628 | default = "" 629 | } 630 | 631 | variable "sagemaker_workteam_workforce_name" { 632 | description = "The name of the Workteam (must be unique)." 633 | default = "" 634 | } 635 | 636 | variable "sagemaker_workteam_description" { 637 | description = "(Required) A description of the work team." 638 | default = null 639 | } 640 | 641 | variable "sagemaker_workteam_member_definition" { 642 | description = "(Required) A list of Member Definitions that contains objects that identify the workers that make up the work team. Workforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use cognito_member_definition. For workforces created using your own OIDC identity provider (IdP) use oidc_member_definition. Do not provide input for both of these parameters in a single request." 643 | default = [] 644 | } 645 | 646 | variable "sagemaker_workteam_notification_configuration" { 647 | description = "(Optional) Configures notification of workers regarding available or expiring work items." 648 | default = [] 649 | } 650 | 651 | #--------------------------------------------------- 652 | # AWS Sagemaker workforce 653 | #--------------------------------------------------- 654 | variable "enable_sagemaker_workforce" { 655 | description = "Enable sagemaker workforce usage" 656 | default = false 657 | } 658 | 659 | variable "sagemaker_workforce_name" { 660 | description = "The name of the Workforce (must be unique)." 661 | default = "" 662 | } 663 | 664 | variable "sagemaker_workforce_cognito_config" { 665 | description = "(Required) Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with oidc_config" 666 | default = [] 667 | } 668 | 669 | variable "sagemaker_workforce_oidc_config" { 670 | description = "(Required) Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with cognito_config" 671 | default = [] 672 | } 673 | 674 | variable "sagemaker_workforce_source_ip_config" { 675 | description = "(Required) A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. " 676 | default = [] 677 | } 678 | 679 | #--------------------------------------------------- 680 | # AWS Sagemaker studio lifecycle config 681 | #--------------------------------------------------- 682 | variable "enable_sagemaker_studio_lifecycle_config" { 683 | description = "Enable sagemaker studio lifecycle config usage" 684 | default = false 685 | } 686 | 687 | variable "sagemaker_studio_lifecycle_config_name" { 688 | description = "The name of the Studio Lifecycle Configuration to create." 689 | default = "" 690 | } 691 | 692 | variable "sagemaker_studio_lifecycle_config_app_type" { 693 | description = "(Required) The App type that the Lifecycle Configuration is attached to. Valid values are JupyterServer and KernelGateway." 694 | default = null 695 | } 696 | 697 | variable "sagemaker_studio_lifecycle_config_content" { 698 | description = "(Required) The content of your Studio Lifecycle Configuration script. This content must be base64 encoded." 699 | default = null 700 | } 701 | 702 | #--------------------------------------------------- 703 | # AWS Sagemaker flow definition 704 | #--------------------------------------------------- 705 | variable "enable_sagemaker_flow_definition" { 706 | description = "Enable sagemaker flow definition usage" 707 | default = false 708 | } 709 | 710 | variable "sagemaker_flow_definition_flow_definition_name" { 711 | description = "The name of your flow definition." 712 | default = "" 713 | } 714 | 715 | variable "sagemaker_flow_definition_role_arn" { 716 | description = "(Required) The Amazon Resource Name (ARN) of the role needed to call other services on your behalf." 717 | default = null 718 | } 719 | 720 | variable "sagemaker_flow_definition_human_loop_config" { 721 | description = "(Required) An object containing information about the tasks the human reviewers will perform" 722 | default = [] 723 | } 724 | 725 | variable "sagemaker_project_output_config" { 726 | description = "(Required) An object containing information about where the human review results will be uploaded." 727 | default = [] 728 | } 729 | 730 | variable "sagemaker_flow_definition_human_loop_activation_config" { 731 | description = "(Optional) An object containing information about the events that trigger a human workflow" 732 | default = [] 733 | } 734 | 735 | variable "sagemaker_flow_definition_human_loop_request_source" { 736 | description = "(Optional) Container for configuring the source of human task requests. Use to specify if Amazon Rekognition or Amazon Textract is used as an integration source." 737 | default = [] 738 | } 739 | 740 | #--------------------------------------------------- 741 | # AWS Sagemaker human task ui 742 | #--------------------------------------------------- 743 | variable "enable_sagemaker_human_task_ui" { 744 | description = "Enable sagemaker human task ui usage" 745 | default = false 746 | } 747 | 748 | variable "sagemaker_human_task_ui_name" { 749 | description = "The name of the Human Task UI." 750 | default = "" 751 | } 752 | 753 | variable "sagemaker_human_task_ui_template" { 754 | description = "(Required) The Liquid template for the worker user interface." 755 | default = [] 756 | } 757 | 758 | #--------------------------------------------------- 759 | # AWS Sagemaker space 760 | #--------------------------------------------------- 761 | variable "enable_sagemaker_space" { 762 | description = "Enable sagemaker space usage" 763 | default = false 764 | } 765 | 766 | variable "sagemaker_space_name" { 767 | description = "The name of the space." 768 | default = "" 769 | } 770 | 771 | variable "sagemaker_space_domain_id" { 772 | description = "(Required) The ID of the associated Domain." 773 | default = "" 774 | } 775 | 776 | variable "sagemaker_space_settings" { 777 | description = "(Required) A collection of space settings." 778 | default = [] 779 | } 780 | 781 | #--------------------------------------------------- 782 | # AWS Sagemaker servicecatalog portfolio status 783 | #--------------------------------------------------- 784 | variable "enable_sagemaker_servicecatalog_portfolio_status" { 785 | description = "Enable sagemaker servicecatalog portfolio status usage" 786 | default = false 787 | } 788 | 789 | variable "sagemaker_servicecatalog_portfolio_status" { 790 | description = "(Required) Whether Service Catalog is enabled or disabled in SageMaker. Valid values are Enabled and Disabled" 791 | default = null 792 | } 793 | 794 | #--------------------------------------------------- 795 | # AWS Sagemaker monitoring schedule 796 | #--------------------------------------------------- 797 | variable "enable_sagemaker_monitoring_schedule" { 798 | description = "Enable sagemaker monitoring schedule usage" 799 | default = false 800 | } 801 | 802 | variable "sagemaker_monitoring_schedule_name" { 803 | description = "(Optional) The name of the monitoring schedule. The name must be unique within an AWS Region within an AWS account. If omitted, Terraform will assign a random, unique name." 804 | default = null 805 | } 806 | 807 | variable "sagemaker_monitoring_schedule_config" { 808 | description = "(Required) The configuration object that specifies the monitoring schedule and defines the monitoring job." 809 | default = [] 810 | } 811 | 812 | #--------------------------------------------------- 813 | # AWS Sagemaker data quality job definition 814 | #--------------------------------------------------- 815 | variable "enable_sagemaker_data_quality_job_definition" { 816 | description = "Enable sagemaker data quality job definition usage" 817 | default = false 818 | } 819 | 820 | variable "sagemaker_data_quality_job_definition_name" { 821 | description = "(Optional) The name of the data quality job definition. If omitted, Terraform will assign a random, unique name." 822 | default = null 823 | } 824 | 825 | variable "sagemaker_data_quality_job_definition_role_arn" { 826 | description = "(Required) The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." 827 | default = null 828 | } 829 | 830 | variable "sagemaker_data_quality_job_definition_data_quality_app_specification" { 831 | description = "(Required) Specifies the container that runs the monitoring job." 832 | default = [] 833 | } 834 | 835 | variable "sagemaker_data_quality_job_definition_data_quality_job_input" { 836 | description = "(Required) A list of inputs for the monitoring job." 837 | default = [] 838 | } 839 | 840 | variable "sagemaker_data_quality_job_definition_data_quality_job_output_config" { 841 | description = "(Required) The output configuration for monitoring jobs" 842 | default = [] 843 | } 844 | 845 | variable "sagemaker_data_quality_job_definition_job_resources" { 846 | description = "(Required) Identifies the resources to deploy for a monitoring job." 847 | default = [] 848 | } 849 | 850 | variable "sagemaker_data_quality_job_definition_data_quality_baseline_config" { 851 | description = "(Optional) Configures the constraints and baselines for the monitoring job" 852 | default = [] 853 | } 854 | 855 | variable "sagemaker_data_quality_job_definition_network_config" { 856 | description = "(Optional) Specifies networking configuration for the monitoring job." 857 | default = [] 858 | } 859 | 860 | variable "sagemaker_data_quality_job_definition_stopping_condition" { 861 | description = "(Optional) A time limit for how long the monitoring job is allowed to run before stopping." 862 | default = [] 863 | } --------------------------------------------------------------------------------