Class CfnDomain
Creates a Domain .
Inherited Members
Namespace: Amazon.CDK.AWS.Sagemaker
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnDomain : CfnResource, IInspectable, ITaggableSyntax (vb)
Public Class CfnDomain Inherits CfnResource Implements IInspectable, ITaggableRemarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Sagemaker;
var cfnDomain = new CfnDomain(this, "MyCfnDomain", new CfnDomainProps {
AuthMode = "authMode",
DefaultUserSettings = new UserSettingsProperty {
ExecutionRole = "executionRole",
// the properties below are optional
AutoMountHomeEfs = "autoMountHomeEfs",
CodeEditorAppSettings = new CodeEditorAppSettingsProperty {
AppLifecycleManagement = new AppLifecycleManagementProperty {
IdleSettings = new IdleSettingsProperty {
IdleTimeoutInMinutes = 123,
LifecycleManagement = "lifecycleManagement",
MaxIdleTimeoutInMinutes = 123,
MinIdleTimeoutInMinutes = 123
}
},
BuiltInLifecycleConfigArn = "builtInLifecycleConfigArn",
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
CustomFileSystemConfigs = new [] { new CustomFileSystemConfigProperty {
EfsFileSystemConfig = new EFSFileSystemConfigProperty {
FileSystemId = "fileSystemId",
// the properties below are optional
FileSystemPath = "fileSystemPath"
},
FSxLustreFileSystemConfig = new FSxLustreFileSystemConfigProperty {
FileSystemId = "fileSystemId",
// the properties below are optional
FileSystemPath = "fileSystemPath"
}
} },
CustomPosixUserConfig = new CustomPosixUserConfigProperty {
Gid = 123,
Uid = 123
},
DefaultLandingUri = "defaultLandingUri",
JupyterLabAppSettings = new JupyterLabAppSettingsProperty {
AppLifecycleManagement = new AppLifecycleManagementProperty {
IdleSettings = new IdleSettingsProperty {
IdleTimeoutInMinutes = 123,
LifecycleManagement = "lifecycleManagement",
MaxIdleTimeoutInMinutes = 123,
MinIdleTimeoutInMinutes = 123
}
},
BuiltInLifecycleConfigArn = "builtInLifecycleConfigArn",
CodeRepositories = new [] { new CodeRepositoryProperty {
RepositoryUrl = "repositoryUrl"
} },
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
JupyterServerAppSettings = new JupyterServerAppSettingsProperty {
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
KernelGatewayAppSettings = new KernelGatewayAppSettingsProperty {
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
RSessionAppSettings = new RSessionAppSettingsProperty {
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
}
},
RStudioServerProAppSettings = new RStudioServerProAppSettingsProperty {
AccessStatus = "accessStatus",
UserGroup = "userGroup"
},
SecurityGroups = new [] { "securityGroups" },
SharingSettings = new SharingSettingsProperty {
NotebookOutputOption = "notebookOutputOption",
S3KmsKeyId = "s3KmsKeyId",
S3OutputPath = "s3OutputPath"
},
SpaceStorageSettings = new DefaultSpaceStorageSettingsProperty {
DefaultEbsStorageSettings = new DefaultEbsStorageSettingsProperty {
DefaultEbsVolumeSizeInGb = 123,
MaximumEbsVolumeSizeInGb = 123
}
},
StudioWebPortal = "studioWebPortal",
StudioWebPortalSettings = new StudioWebPortalSettingsProperty {
HiddenAppTypes = new [] { "hiddenAppTypes" },
HiddenInstanceTypes = new [] { "hiddenInstanceTypes" },
HiddenMlTools = new [] { "hiddenMlTools" },
HiddenSageMakerImageVersionAliases = new [] { new HiddenSageMakerImageProperty {
SageMakerImageName = "sageMakerImageName",
VersionAliases = new [] { "versionAliases" }
} }
}
},
DomainName = "domainName",
SubnetIds = new [] { "subnetIds" },
VpcId = "vpcId",
// the properties below are optional
AppNetworkAccessType = "appNetworkAccessType",
AppSecurityGroupManagement = "appSecurityGroupManagement",
DefaultSpaceSettings = new DefaultSpaceSettingsProperty {
ExecutionRole = "executionRole",
// the properties below are optional
CustomFileSystemConfigs = new [] { new CustomFileSystemConfigProperty {
EfsFileSystemConfig = new EFSFileSystemConfigProperty {
FileSystemId = "fileSystemId",
// the properties below are optional
FileSystemPath = "fileSystemPath"
},
FSxLustreFileSystemConfig = new FSxLustreFileSystemConfigProperty {
FileSystemId = "fileSystemId",
// the properties below are optional
FileSystemPath = "fileSystemPath"
}
} },
CustomPosixUserConfig = new CustomPosixUserConfigProperty {
Gid = 123,
Uid = 123
},
JupyterLabAppSettings = new JupyterLabAppSettingsProperty {
AppLifecycleManagement = new AppLifecycleManagementProperty {
IdleSettings = new IdleSettingsProperty {
IdleTimeoutInMinutes = 123,
LifecycleManagement = "lifecycleManagement",
MaxIdleTimeoutInMinutes = 123,
MinIdleTimeoutInMinutes = 123
}
},
BuiltInLifecycleConfigArn = "builtInLifecycleConfigArn",
CodeRepositories = new [] { new CodeRepositoryProperty {
RepositoryUrl = "repositoryUrl"
} },
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
JupyterServerAppSettings = new JupyterServerAppSettingsProperty {
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
KernelGatewayAppSettings = new KernelGatewayAppSettingsProperty {
CustomImages = new [] { new CustomImageProperty {
AppImageConfigName = "appImageConfigName",
ImageName = "imageName",
// the properties below are optional
ImageVersionNumber = 123
} },
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
LifecycleConfigArns = new [] { "lifecycleConfigArns" }
},
SecurityGroups = new [] { "securityGroups" },
SpaceStorageSettings = new DefaultSpaceStorageSettingsProperty {
DefaultEbsStorageSettings = new DefaultEbsStorageSettingsProperty {
DefaultEbsVolumeSizeInGb = 123,
MaximumEbsVolumeSizeInGb = 123
}
}
},
DomainSettings = new DomainSettingsProperty {
DockerSettings = new DockerSettingsProperty {
EnableDockerAccess = "enableDockerAccess",
VpcOnlyTrustedAccounts = new [] { "vpcOnlyTrustedAccounts" }
},
ExecutionRoleIdentityConfig = "executionRoleIdentityConfig",
RStudioServerProDomainSettings = new RStudioServerProDomainSettingsProperty {
DomainExecutionRoleArn = "domainExecutionRoleArn",
// the properties below are optional
DefaultResourceSpec = new ResourceSpecProperty {
InstanceType = "instanceType",
LifecycleConfigArn = "lifecycleConfigArn",
SageMakerImageArn = "sageMakerImageArn",
SageMakerImageVersionArn = "sageMakerImageVersionArn"
},
RStudioConnectUrl = "rStudioConnectUrl",
RStudioPackageManagerUrl = "rStudioPackageManagerUrl"
},
SecurityGroupIds = new [] { "securityGroupIds" }
},
KmsKeyId = "kmsKeyId",
TagPropagation = "tagPropagation",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
});Synopsis
Constructors
| CfnDomain(Construct, string, ICfnDomainProps) | Creates a |
Properties
| AppNetworkAccessType | Specifies the VPC used for non-EFS traffic. |
| AppSecurityGroupManagement | The entity that creates and manages the required security groups for inter-app communication in |
| AttrDomainArn | The Amazon Resource Name (ARN) of the Domain, such as |
| AttrDomainId | The Domain ID. |
| AttrHomeEfsFileSystemId | The ID of the Amazon Elastic File System (EFS) managed by this Domain. |
| AttrSecurityGroupIdForDomainBoundary | The ID of the security group that authorizes traffic between the |
| AttrSingleSignOnApplicationArn | The ARN of the application managed by SageMaker in IAM Identity Center. |
| AttrSingleSignOnManagedApplicationInstanceId | The IAM Identity Center managed application instance ID. |
| AttrUrl | The URL for the Domain. |
| AuthMode | The mode of authentication that members use to access the Domain. |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | Creates a |
| DefaultSpaceSettings | The default settings for shared spaces that users create in the domain. |
| DefaultUserSettings | The default user settings. |
| DomainName | The domain name. |
| DomainSettings | A collection of settings that apply to the |
| KmsKeyId | SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. |
| SubnetIds | The VPC subnets that Studio uses for communication. |
| TagPropagation | Indicates whether the tags added to Domain, User Profile and Space entity is propagated to all SageMaker resources. |
| Tags | Tag Manager which manages the tags for this resource. |
| TagsRaw | Tags to associated with the Domain. |
| VpcId | The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication. |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| RenderProperties(IDictionary<string, object>) | Creates a |
Constructors
CfnDomain(Construct, string, ICfnDomainProps)
Creates a Domain .
public CfnDomain(Construct scope, string id, ICfnDomainProps props)Parameters
- scope Construct
Scope in which this resource is defined.
- id string
Construct identifier for this resource (unique in its scope).
- props ICfnDomainProps
Resource properties.
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
Properties
AppNetworkAccessType
Specifies the VPC used for non-EFS traffic.
public virtual string? AppNetworkAccessType { get; set; }Property Value
Remarks
The default value is PublicInternetOnly .
AppSecurityGroupManagement
The entity that creates and manages the required security groups for inter-app communication in VpcOnly mode.
public virtual string? AppSecurityGroupManagement { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
AttrDomainArn
The Amazon Resource Name (ARN) of the Domain, such as arn:aws:sagemaker:us-west-2:account-id:domain/my-domain-name .
public virtual string AttrDomainArn { get; }Property Value
Remarks
CloudformationAttribute: DomainArn
AttrDomainId
The Domain ID.
public virtual string AttrDomainId { get; }Property Value
Remarks
CloudformationAttribute: DomainId
AttrHomeEfsFileSystemId
The ID of the Amazon Elastic File System (EFS) managed by this Domain.
public virtual string AttrHomeEfsFileSystemId { get; }Property Value
Remarks
CloudformationAttribute: HomeEfsFileSystemId
AttrSecurityGroupIdForDomainBoundary
The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app.
public virtual string AttrSecurityGroupIdForDomainBoundary { get; }Property Value
Remarks
CloudformationAttribute: SecurityGroupIdForDomainBoundary
AttrSingleSignOnApplicationArn
The ARN of the application managed by SageMaker in IAM Identity Center.
public virtual string AttrSingleSignOnApplicationArn { get; }Property Value
Remarks
This value is only returned for domains created after October 1, 2023.
CloudformationAttribute: SingleSignOnApplicationArn
AttrSingleSignOnManagedApplicationInstanceId
The IAM Identity Center managed application instance ID.
public virtual string AttrSingleSignOnManagedApplicationInstanceId { get; }Property Value
Remarks
CloudformationAttribute: SingleSignOnManagedApplicationInstanceId
AttrUrl
The URL for the Domain.
public virtual string AttrUrl { get; }Property Value
Remarks
CloudformationAttribute: Url
AuthMode
The mode of authentication that members use to access the Domain.
public virtual string AuthMode { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
CfnProperties
Creates a Domain .
protected override IDictionary<string, object> CfnProperties { get; }Property Value
Overrides
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
DefaultSpaceSettings
The default settings for shared spaces that users create in the domain.
public virtual object? DefaultSpaceSettings { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
DefaultUserSettings
The default user settings.
public virtual object DefaultUserSettings { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
DomainName
The domain name.
public virtual string DomainName { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
DomainSettings
A collection of settings that apply to the SageMaker Domain .
public virtual object? DomainSettings { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
KmsKeyId
SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default.
public virtual string? KmsKeyId { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
SubnetIds
The VPC subnets that Studio uses for communication.
public virtual string[] SubnetIds { get; set; }Property Value
string[]
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
TagPropagation
Indicates whether the tags added to Domain, User Profile and Space entity is propagated to all SageMaker resources.
public virtual string? TagPropagation { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
Tags
Tag Manager which manages the tags for this resource.
public virtual TagManager Tags { get; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
TagsRaw
Tags to associated with the Domain.
public virtual ICfnTag[]? TagsRaw { get; set; }Property Value
ICfnTag[]
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
VpcId
The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.
public virtual string VpcId { get; set; }Property Value
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated
RenderProperties(IDictionary<string, object>)
Creates a Domain .
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props IDictionary<string, object>
Returns
Overrides
Remarks
A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.
EFS storage
When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.
SageMaker AI uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .
VPC configuration
All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:
When internet access is disabled, you won't be able to run a Amazon SageMaker AI Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker AI API and runtime or a NAT gateway and your security groups allow outbound connections.
NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker AI Studio app successfully.
For more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html
CloudformationResource: AWS::SageMaker::Domain
ExampleMetadata: fixture=_generated