java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
All Implemented Interfaces:
IInspectable, ITaggable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.101.0 (build b95fe5d)", date="2024-07-22T22:42:57.787Z") @Stability(Stable) public class CfnDomain extends CfnResource implements IInspectable, ITaggable
Creates a Domain .

A domain consists of an associated Amazon Elastic File System volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.

EFS storage

When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.

SageMaker uses the AWS Key Management Service ( AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .

VPC configuration

All traffic between the domain and the Amazon EFS volume is through the specified VPC and subnets. For other traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to the domain. The following options are available:

  • PublicInternetOnly - Non-EFS traffic goes through a VPC managed by Amazon SageMaker, which allows internet access. This is the default value.
  • VpcOnly - All traffic is through the specified VPC and subnets. Internet access is disabled by default. To allow internet access, you must specify a NAT gateway.

When internet access is disabled, you won't be able to run a Amazon SageMaker Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker API and runtime or a NAT gateway and your security groups allow outbound connections.

NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a Amazon SageMaker Studio app successfully.

For more information, see Connect Amazon SageMaker Studio Notebooks to Resources in a VPC .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.sagemaker.*;
 CfnDomain cfnDomain = CfnDomain.Builder.create(this, "MyCfnDomain")
         .authMode("authMode")
         .defaultUserSettings(UserSettingsProperty.builder()
                 .executionRole("executionRole")
                 // the properties below are optional
                 .codeEditorAppSettings(CodeEditorAppSettingsProperty.builder()
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .lifecycleConfigArns(List.of("lifecycleConfigArns"))
                         .build())
                 .customFileSystemConfigs(List.of(CustomFileSystemConfigProperty.builder()
                         .efsFileSystemConfig(EFSFileSystemConfigProperty.builder()
                                 .fileSystemId("fileSystemId")
                                 // the properties below are optional
                                 .fileSystemPath("fileSystemPath")
                                 .build())
                         .build()))
                 .customPosixUserConfig(CustomPosixUserConfigProperty.builder()
                         .gid(123)
                         .uid(123)
                         .build())
                 .defaultLandingUri("defaultLandingUri")
                 .jupyterLabAppSettings(JupyterLabAppSettingsProperty.builder()
                         .codeRepositories(List.of(CodeRepositoryProperty.builder()
                                 .repositoryUrl("repositoryUrl")
                                 .build()))
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .lifecycleConfigArns(List.of("lifecycleConfigArns"))
                         .build())
                 .jupyterServerAppSettings(JupyterServerAppSettingsProperty.builder()
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .build())
                 .kernelGatewayAppSettings(KernelGatewayAppSettingsProperty.builder()
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .build())
                 .rSessionAppSettings(RSessionAppSettingsProperty.builder()
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .build())
                 .rStudioServerProAppSettings(RStudioServerProAppSettingsProperty.builder()
                         .accessStatus("accessStatus")
                         .userGroup("userGroup")
                         .build())
                 .securityGroups(List.of("securityGroups"))
                 .sharingSettings(SharingSettingsProperty.builder()
                         .notebookOutputOption("notebookOutputOption")
                         .s3KmsKeyId("s3KmsKeyId")
                         .s3OutputPath("s3OutputPath")
                         .build())
                 .spaceStorageSettings(DefaultSpaceStorageSettingsProperty.builder()
                         .defaultEbsStorageSettings(DefaultEbsStorageSettingsProperty.builder()
                                 .defaultEbsVolumeSizeInGb(123)
                                 .maximumEbsVolumeSizeInGb(123)
                                 .build())
                         .build())
                 .studioWebPortal("studioWebPortal")
                 .build())
         .domainName("domainName")
         .subnetIds(List.of("subnetIds"))
         .vpcId("vpcId")
         // the properties below are optional
         .appNetworkAccessType("appNetworkAccessType")
         .appSecurityGroupManagement("appSecurityGroupManagement")
         .defaultSpaceSettings(DefaultSpaceSettingsProperty.builder()
                 .executionRole("executionRole")
                 // the properties below are optional
                 .customFileSystemConfigs(List.of(CustomFileSystemConfigProperty.builder()
                         .efsFileSystemConfig(EFSFileSystemConfigProperty.builder()
                                 .fileSystemId("fileSystemId")
                                 // the properties below are optional
                                 .fileSystemPath("fileSystemPath")
                                 .build())
                         .build()))
                 .customPosixUserConfig(CustomPosixUserConfigProperty.builder()
                         .gid(123)
                         .uid(123)
                         .build())
                 .jupyterLabAppSettings(JupyterLabAppSettingsProperty.builder()
                         .codeRepositories(List.of(CodeRepositoryProperty.builder()
                                 .repositoryUrl("repositoryUrl")
                                 .build()))
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .lifecycleConfigArns(List.of("lifecycleConfigArns"))
                         .build())
                 .jupyterServerAppSettings(JupyterServerAppSettingsProperty.builder()
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .build())
                 .kernelGatewayAppSettings(KernelGatewayAppSettingsProperty.builder()
                         .customImages(List.of(CustomImageProperty.builder()
                                 .appImageConfigName("appImageConfigName")
                                 .imageName("imageName")
                                 // the properties below are optional
                                 .imageVersionNumber(123)
                                 .build()))
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .build())
                 .securityGroups(List.of("securityGroups"))
                 .spaceStorageSettings(DefaultSpaceStorageSettingsProperty.builder()
                         .defaultEbsStorageSettings(DefaultEbsStorageSettingsProperty.builder()
                                 .defaultEbsVolumeSizeInGb(123)
                                 .maximumEbsVolumeSizeInGb(123)
                                 .build())
                         .build())
                 .build())
         .domainSettings(DomainSettingsProperty.builder()
                 .dockerSettings(DockerSettingsProperty.builder()
                         .enableDockerAccess("enableDockerAccess")
                         .vpcOnlyTrustedAccounts(List.of("vpcOnlyTrustedAccounts"))
                         .build())
                 .rStudioServerProDomainSettings(RStudioServerProDomainSettingsProperty.builder()
                         .domainExecutionRoleArn("domainExecutionRoleArn")
                         // the properties below are optional
                         .defaultResourceSpec(ResourceSpecProperty.builder()
                                 .instanceType("instanceType")
                                 .lifecycleConfigArn("lifecycleConfigArn")
                                 .sageMakerImageArn("sageMakerImageArn")
                                 .sageMakerImageVersionArn("sageMakerImageVersionArn")
                                 .build())
                         .rStudioConnectUrl("rStudioConnectUrl")
                         .rStudioPackageManagerUrl("rStudioPackageManagerUrl")
                         .build())
                 .securityGroupIds(List.of("securityGroupIds"))
                 .build())
         .kmsKeyId("kmsKeyId")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();
 

See Also:
  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.
  • Constructor Details

    • CfnDomain

      protected CfnDomain(software.amazon.jsii.JsiiObjectRef objRef)
    • CfnDomain

      protected CfnDomain(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • CfnDomain

      @Stability(Stable) public CfnDomain(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnDomainProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.
  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.
    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.
    • getAttrDomainArn

      @Stability(Stable) @NotNull public String getAttrDomainArn()
      The Amazon Resource Name (ARN) of the Domain, such as arn:aws:sagemaker:us-west-2:account-id:domain/my-domain-name .
    • getAttrDomainId

      @Stability(Stable) @NotNull public String getAttrDomainId()
      The Domain ID.
    • getAttrHomeEfsFileSystemId

      @Stability(Stable) @NotNull public String getAttrHomeEfsFileSystemId()
      The ID of the Amazon Elastic File System (EFS) managed by this Domain.
    • getAttrSecurityGroupIdForDomainBoundary

      @Stability(Stable) @NotNull public String getAttrSecurityGroupIdForDomainBoundary()
      The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app.
    • getAttrSingleSignOnApplicationArn

      @Stability(Stable) @NotNull public String getAttrSingleSignOnApplicationArn()
      The ARN of the application managed by SageMaker in IAM Identity Center.

      This value is only returned for domains created after October 1, 2023.

    • getAttrSingleSignOnManagedApplicationInstanceId

      @Stability(Stable) @NotNull public String getAttrSingleSignOnManagedApplicationInstanceId()
      The IAM Identity Center managed application instance ID.
    • getAttrUrl

      @Stability(Stable) @NotNull public String getAttrUrl()
      The URL for the Domain.
    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource
    • getTags

      @Stability(Stable) @NotNull public TagManager getTags()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getTags in interface ITaggable
    • getAuthMode

      @Stability(Stable) @NotNull public String getAuthMode()
      The mode of authentication that members use to access the Domain.
    • setAuthMode

      @Stability(Stable) public void setAuthMode(@NotNull String value)
      The mode of authentication that members use to access the Domain.
    • getDefaultUserSettings

      @Stability(Stable) @NotNull public Object getDefaultUserSettings()
      The default user settings.
    • setDefaultUserSettings

      @Stability(Stable) public void setDefaultUserSettings(@NotNull IResolvable value)
      The default user settings.
    • setDefaultUserSettings

      @Stability(Stable) public void setDefaultUserSettings(@NotNull CfnDomain.UserSettingsProperty value)
      The default user settings.
    • getDomainName

      @Stability(Stable) @NotNull public String getDomainName()
      The domain name.
    • setDomainName

      @Stability(Stable) public void setDomainName(@NotNull String value)
      The domain name.
    • getSubnetIds

      @Stability(Stable) @NotNull public List<String> getSubnetIds()
      The VPC subnets that Studio uses for communication.
    • setSubnetIds

      @Stability(Stable) public void setSubnetIds(@NotNull List<String> value)
      The VPC subnets that Studio uses for communication.
    • getVpcId

      @Stability(Stable) @NotNull public String getVpcId()
      The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.
    • setVpcId

      @Stability(Stable) public void setVpcId(@NotNull String value)
      The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.
    • getAppNetworkAccessType

      @Stability(Stable) @Nullable public String getAppNetworkAccessType()
      Specifies the VPC used for non-EFS traffic.

      The default value is PublicInternetOnly .

    • setAppNetworkAccessType

      @Stability(Stable) public void setAppNetworkAccessType(@Nullable String value)
      Specifies the VPC used for non-EFS traffic.

      The default value is PublicInternetOnly .

    • getAppSecurityGroupManagement

      @Stability(Stable) @Nullable public String getAppSecurityGroupManagement()
      The entity that creates and manages the required security groups for inter-app communication in VpcOnly mode.
    • setAppSecurityGroupManagement

      @Stability(Stable) public void setAppSecurityGroupManagement(@Nullable String value)
      The entity that creates and manages the required security groups for inter-app communication in VpcOnly mode.
    • getDefaultSpaceSettings

      @Stability(Stable) @Nullable public Object getDefaultSpaceSettings()
      A collection of settings that apply to spaces created in the domain.
    • setDefaultSpaceSettings

      @Stability(Stable) public void setDefaultSpaceSettings(@Nullable IResolvable value)
      A collection of settings that apply to spaces created in the domain.
    • setDefaultSpaceSettings

      @Stability(Stable) public void setDefaultSpaceSettings(@Nullable CfnDomain.DefaultSpaceSettingsProperty value)
      A collection of settings that apply to spaces created in the domain.
    • getDomainSettings

      @Stability(Stable) @Nullable public Object getDomainSettings()
      A collection of settings that apply to the SageMaker Domain .
    • setDomainSettings

      @Stability(Stable) public void setDomainSettings(@Nullable IResolvable value)
      A collection of settings that apply to the SageMaker Domain .
    • setDomainSettings

      @Stability(Stable) public void setDomainSettings(@Nullable CfnDomain.DomainSettingsProperty value)
      A collection of settings that apply to the SageMaker Domain .
    • getKmsKeyId

      @Stability(Stable) @Nullable public String getKmsKeyId()
      SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default.
    • setKmsKeyId

      @Stability(Stable) public void setKmsKeyId(@Nullable String value)
      SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default.
    • getTagsRaw

      @Stability(Stable) @Nullable public List<CfnTag> getTagsRaw()
      Tags to associated with the Domain.
    • setTagsRaw

      @Stability(Stable) public void setTagsRaw(@Nullable List<CfnTag> value)
      Tags to associated with the Domain.