Class: Aws::SageMaker::Types::ProductionVariantCoreDumpConfig
- Inherits:
-
Struct
- Object
- Struct
- Aws::SageMaker::Types::ProductionVariantCoreDumpConfig
- Includes:
- Aws::Structure
- Defined in:
- lib/aws-sdk-sagemaker/types.rb
Overview
Specifies configuration for a core dump from the model container when the process crashes.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#destination_s3_uri ⇒ String
The Amazon S3 bucket to send the core dump to.
-
#kms_key_id ⇒ String
The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker uses to encrypt the core dump data at rest using Amazon S3 server-side encryption.
Instance Attribute Details
#destination_s3_uri ⇒ String
The Amazon S3 bucket to send the core dump to.
33502 33503 33504 33505 33506 33507 |
# File 'lib/aws-sdk-sagemaker/types.rb', line 33502 class ProductionVariantCoreDumpConfig < Struct.new( :destination_s3_uri, :kms_key_id) SENSITIVE = [] include Aws::Structure end |
#kms_key_id ⇒ String
The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker uses to encrypt the core dump data at rest using Amazon S3 server-side encryption. The ‘KmsKeyId` can be any of the following formats:
-
// KMS Key ID
‘“1234abcd-12ab-34cd-56ef-1234567890ab”`
-
// Amazon Resource Name (ARN) of a KMS Key
‘“arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab”`
-
// KMS Key Alias
‘“alias/ExampleAlias”`
-
// Amazon Resource Name (ARN) of a KMS Key Alias
‘“arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias”`
If you use a KMS key ID or an alias of your KMS key, the SageMaker execution role must include permissions to call ‘kms:Encrypt`. If you don’t provide a KMS key ID, SageMaker uses the default KMS key for Amazon S3 for your role’s account. SageMaker uses server-side encryption with KMS-managed keys for ‘OutputDataConfig`. If you use a bucket policy with an `s3:PutObject` permission that only allows objects with server-side encryption, set the condition key of `s3:x-amz-server-side-encryption` to `“aws:kms”`. For more information, see [KMS-Managed Encryption Keys] in the *Amazon Simple Storage Service Developer Guide.*
The KMS key policy must grant permission to the IAM role that you specify in your ‘CreateEndpoint` and `UpdateEndpoint` requests. For more information, see [Using Key Policies in Amazon Web Services KMS] in the *Amazon Web Services Key Management Service Developer Guide*.
[1]: docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html [2]: docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
33502 33503 33504 33505 33506 33507 |
# File 'lib/aws-sdk-sagemaker/types.rb', line 33502 class ProductionVariantCoreDumpConfig < Struct.new( :destination_s3_uri, :kms_key_id) SENSITIVE = [] include Aws::Structure end |