AWS::SageMaker::Model
The AWS::SageMaker::Model resource to create a model to host at an Amazon
SageMaker endpoint. For more information, see Deploying a Model on Amazon
SageMaker Hosting Services in the Amazon SageMaker Developer
Guide.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::SageMaker::Model", "Properties" : { "Containers" :[ ContainerDefinition, ... ], "EnableNetworkIsolation" :Boolean, "ExecutionRoleArn" :String, "InferenceExecutionConfig" :InferenceExecutionConfig, "ModelName" :String, "PrimaryContainer" :ContainerDefinition, "Tags" :[ Tag, ... ], "VpcConfig" :VpcConfig} }
YAML
Type: AWS::SageMaker::Model Properties: Containers:- ContainerDefinitionEnableNetworkIsolation:BooleanExecutionRoleArn:StringInferenceExecutionConfig:InferenceExecutionConfigModelName:StringPrimaryContainer:ContainerDefinitionTags:- TagVpcConfig:VpcConfig
Properties
Containers-
Specifies the containers in the inference pipeline.
Required: No
Type: Array of ContainerDefinition
Maximum:
15Update requires: Replacement
EnableNetworkIsolation-
Isolates the model container. No inbound or outbound network calls can be made to or from the model container.
Required: No
Type: Boolean
Update requires: Replacement
ExecutionRoleArn-
The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see SageMaker Roles.
Note
To be able to pass this role to SageMaker, the caller of this API must have the
iam:PassRolepermission.Required: No
Type: String
Pattern:
^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$Minimum:
20Maximum:
2048Update requires: Replacement
InferenceExecutionConfig-
Specifies details of how containers in a multi-container endpoint are called.
Required: No
Type: InferenceExecutionConfig
Update requires: Replacement
ModelName-
The name of the new model.
Required: No
Type: String
Pattern:
^[a-zA-Z0-9]([\-a-zA-Z0-9]*[a-zA-Z0-9])?Maximum:
63Update requires: Replacement
PrimaryContainer-
The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.
Required: No
Type: ContainerDefinition
Update requires: Replacement
-
A list of key-value pairs to apply to this resource.
For more information, see Resource Tag and Using Cost Allocation Tags in the AWS Billing and Cost Management User Guide.
Required: No
Type: Array of Tag
Minimum:
0Maximum:
50Update requires: No interruption
VpcConfig-
A VpcConfig object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC.
VpcConfigis used in hosting services and in batch transform. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud and Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud.Required: No
Type: VpcConfig
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the Amazon Resource Name (ARN) of the model, such as
arn:aws:sagemaker:us-west-2:012345678901:model/mymodel.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
ModelName-
The name of the model, such as
MyModel.
Examples
SageMaker Model Endpoint Example
The following example creates an endpoint configuration from a trained model, and then creates an endpoint.
JSON
{ "Description": "Basic Hosting entities test. We need models to create endpoint configs.", "Mappings": { "RegionMap": { "us-west-2": { "NullTransformer": "12345678901.dkr.ecr.us-west-2.amazonaws.com/mymodel:latest" }, "us-east-2": { "NullTransformer": "12345678901.dkr.ecr.us-east-2.amazonaws.com/mymodel:latest" }, "us-east-1": { "NullTransformer": "12345678901.dkr.ecr.us-east-1.amazonaws.com/mymodel:latest" }, "eu-west-1": { "NullTransformer": "12345678901.dkr.ecr.eu-west-1.amazonaws.com/mymodel:latest" }, "ap-northeast-1": { "NullTransformer": "12345678901.dkr.ecr.ap-northeast-1.amazonaws.com/mymodel:latest" }, "ap-northeast-2": { "NullTransformer": "12345678901.dkr.ecr.ap-northeast-2.amazonaws.com/mymodel:latest" }, "ap-southeast-2": { "NullTransformer": "12345678901.dkr.ecr.ap-southeast-2.amazonaws.com/mymodel:latest" }, "eu-central-1": { "NullTransformer": "12345678901.dkr.ecr.eu-central-1.amazonaws.com/mymodel:latest" } } }, "Resources": { "Endpoint": { "Type": "AWS::SageMaker::Endpoint", "Properties": { "EndpointConfigName": { "Fn::GetAtt" : ["EndpointConfig", "EndpointConfigName" ] } } }, "EndpointConfig": { "Type": "AWS::SageMaker::EndpointConfig", "Properties": { "ProductionVariants": [ { "InitialInstanceCount": 1, "InitialVariantWeight": 1, "InstanceType": "ml.t2.large", "ModelName": { "Fn::GetAtt" : ["Model", "ModelName" ] }, "VariantName": { "Fn::GetAtt" : ["Model", "ModelName" ] } } ] } }, "Model": { "Type": "AWS::SageMaker::Model", "Properties": { "PrimaryContainer": { "Image": { "Fn::FindInMap" : [ "AWS::Region", "NullTransformer"] } }, "ExecutionRoleArn": { "Fn::GetAtt" : [ "ExecutionRole", "Arn" ] } } }, "ExecutionRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "sagemaker.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Path": "/", "Policies": [ { "PolicyName": "root", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "*", "Resource": "*" } ] } } ] } } }, "Outputs": { "EndpointId": { "Value": { "Ref" : "Endpoint" } }, "EndpointName": { "Value": { "Fn::GetAtt" : [ "Endpoint", "EndpointName" ] } } } }
YAML
Description: "Basic Hosting entities test. We need models to create endpoint configs." Mappings: RegionMap: "us-west-2": "NullTransformer": "123456789012.dkr.ecr.us-west-2.amazonaws.com/mymodel:latest" "us-east-2": "NullTransformer": "123456789012.dkr.ecr.us-east-2.amazonaws.com/mymodel:latest" "us-east-1": "NullTransformer": "123456789012.dkr.ecr.us-east-1.amazonaws.com/mymodel:latest" "eu-west-1": "NullTransformer": "123456789012.dkr.ecr.eu-west-1.amazonaws.com/mymodel:latest" "ap-northeast-1": "NullTransformer": "123456789012.dkr.ecr.ap-northeast-1.amazonaws.com/mymodel:latest" "ap-northeast-2": "NullTransformer": "123456789012.dkr.ecr.ap-northeast-2.amazonaws.com/mymodel:latest" "ap-southeast-2": "NullTransformer": "123456789012.dkr.ecr.ap-southeast-2.amazonaws.com/mymodel:latest" "eu-central-1": "NullTransformer": "123456789012.dkr.ecr.eu-central-1.amazonaws.com/mymodel:latest" Resources: Endpoint: Type: "AWS::SageMaker::Endpoint" Properties: EndpointConfigName: !GetAtt EndpointConfig.EndpointConfigName EndpointConfig: Type: "AWS::SageMaker::EndpointConfig" Properties: ProductionVariants: - InitialInstanceCount: 1 InitialVariantWeight: 1.0 InstanceType: ml.t2.large ModelName: !GetAtt Model.ModelName VariantName: !GetAtt Model.ModelName Model: Type: "AWS::SageMaker::Model" Properties: PrimaryContainer: Image: !FindInMap [RegionMap, !Ref "AWS::Region", "NullTransformer"] ExecutionRoleArn: !GetAtt ExecutionRole.Arn ExecutionRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: - "sagemaker.amazonaws.com" Action: - "sts:AssumeRole" Path: "/" Policies: - PolicyName: "root" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: "*" Resource: "*" Outputs: EndpointId: Value: !Ref Endpoint EndpointName: Value: !GetAtt Endpoint.EndpointName
