ProductionVariantCoreDumpConfig - Amazon SageMaker

ProductionVariantCoreDumpConfig

Specifies configuration for a core dump from the model container when the process crashes.

Contents

DestinationS3Uri

The Amazon S3 bucket to send the core dump to.

Type: String

Length Constraints: Maximum length of 512.

Pattern: ^(https|s3)://([^/])/?(.*)$

Required: Yes

KmsKeyId

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the core dump data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats:

  • // KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

  • // Amazon Resource Name (ARN) of a KMS Key

    "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"

  • // KMS Key Alias

    "alias/ExampleAlias"

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

If you use a KMS key ID or an alias of your KMS key, the Amazon SageMaker execution role must include permissions to call kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker uses server-side encryption with KMS-managed keys for OutputDataConfig. If you use a bucket policy with an s3:PutObject permission that only allows objects with server-side encryption, set the condition key of s3:x-amz-server-side-encryption to "aws:kms". For more information, see KMS-Managed Encryption Keys in the Amazon Simple Storage Service Developer Guide.

The KMS key policy must grant permission to the IAM role that you specify in your CreateEndpoint and UpdateEndpoint requests. For more information, see Using Key Policies in AWS KMS in the AWS Key Management Service Developer Guide.

Type: String

Length Constraints: Maximum length of 2048.

Pattern: .*

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: