[ aws . sagemaker ]

create-domain

Description

Creates a Domain used by Amazon SageMaker Studio. A domain consists of an associated Amazon Elastic File System (EFS) volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files and other artifacts with each other.

EFS storage

When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.

SageMaker uses the Amazon Web Services Key Management Service (Amazon Web Services KMS) to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key by default. For more control, you can specify a customer managed key. For more information, see Protect Data at Rest Using Encryption .

VPC configuration

All SageMaker Studio traffic between the domain and the EFS volume is through the specified VPC and subnets. For other Studio traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to Studio. The following options are available:

  • PublicInternetOnly - Non-EFS traffic goes through a VPC managed by Amazon SageMaker, which allows internet access. This is the default value.
  • VpcOnly - All Studio traffic is through the specified VPC and subnets. Internet access is disabled by default. To allow internet access, you must specify a NAT gateway. When internet access is disabled, you won’t be able to run a Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker API and runtime or a NAT gateway and your security groups allow outbound connections.

Warning

NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules in order to launch a SageMaker Studio app successfully.

For more information, see Connect SageMaker Studio Notebooks to Resources in a VPC .

See also: AWS API Documentation

Synopsis

  create-domain
--domain-name <value>
--auth-mode <value>
--default-user-settings <value>
--subnet-ids <value>
--vpc-id <value>
[--tags <value>]
[--app-network-access-type <value>]
[--home-efs-file-system-kms-key-id <value>]
[--kms-key-id <value>]
[--app-security-group-management <value>]
[--domain-settings <value>]
[--default-space-settings <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]
[--no-cli-pager]
[--cli-auto-prompt]
[--no-cli-auto-prompt]

Options

--domain-name (string)

A name for the domain.

--auth-mode (string)

The mode of authentication that members use to access the domain.

Possible values:

  • SSO
  • IAM

--default-user-settings (structure)

The default settings to use to create a user profile when UserSettings isn’t specified in the call to the CreateUserProfile API.

SecurityGroups is aggregated when specified in both calls. For all other settings in UserSettings , the values specified in CreateUserProfile take precedence over those specified in CreateDomain .

ExecutionRole -> (string)

The execution role for the user.

SecurityGroups -> (list)

The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.

Optional when the CreateDomain.AppNetworkAccessType parameter is set to PublicInternetOnly .

Required when the CreateDomain.AppNetworkAccessType parameter is set to VpcOnly , unless specified as part of the DefaultUserSettings for the domain.

Amazon SageMaker adds a security group to allow NFS traffic from SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.

(string)

SharingSettings -> (structure)

Specifies options for sharing SageMaker Studio notebooks.

NotebookOutputOption -> (string)

Whether to include the notebook cell output when sharing the notebook. The default is Disabled .

S3OutputPath -> (string)

When NotebookOutputOption is Allowed , the Amazon S3 bucket used to store the shared notebook snapshots.

S3KmsKeyId -> (string)

When NotebookOutputOption is Allowed , the Amazon Web Services Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.

JupyterServerAppSettings -> (structure)

The Jupyter server’s app settings.

DefaultResourceSpec -> (structure)

The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. If you use the LifecycleConfigArns parameter, then this parameter is also required.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

LifecycleConfigArns -> (list)

The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the DefaultResourceSpec parameter is also required.

Note

To remove a Lifecycle Config, you must set LifecycleConfigArns to an empty list.

(string)

CodeRepositories -> (list)

A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application.

(structure)

A Git repository that SageMaker automatically displays to users for cloning in the JupyterServer application.

RepositoryUrl -> (string)

The URL of the Git repository.

KernelGatewayAppSettings -> (structure)

The kernel gateway app settings.

DefaultResourceSpec -> (structure)

The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.

Note

The Amazon SageMaker Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the Amazon Web Services Command Line Interface or Amazon Web Services CloudFormation and the instance type parameter value is not passed.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

CustomImages -> (list)

A list of custom SageMaker images that are configured to run as a KernelGateway app.

(structure)

A custom SageMaker image. For more information, see Bring your own SageMaker image .

ImageName -> (string)

The name of the CustomImage. Must be unique to your account.

ImageVersionNumber -> (integer)

The version number of the CustomImage.

AppImageConfigName -> (string)

The name of the AppImageConfig.

LifecycleConfigArns -> (list)

The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.

Note

To remove a Lifecycle Config, you must set LifecycleConfigArns to an empty list.

(string)

TensorBoardAppSettings -> (structure)

The TensorBoard app settings.

DefaultResourceSpec -> (structure)

The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

RStudioServerProAppSettings -> (structure)

A collection of settings that configure user interaction with the RStudioServerPro app.

AccessStatus -> (string)

Indicates whether the current user has access to the RStudioServerPro app.

UserGroup -> (string)

The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard.

RSessionAppSettings -> (structure)

A collection of settings that configure the RSessionGateway app.

DefaultResourceSpec -> (structure)

Specifies the ARN’s of a SageMaker image and SageMaker image version, and the instance type that the version runs on.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

CustomImages -> (list)

A list of custom SageMaker images that are configured to run as a RSession app.

(structure)

A custom SageMaker image. For more information, see Bring your own SageMaker image .

ImageName -> (string)

The name of the CustomImage. Must be unique to your account.

ImageVersionNumber -> (integer)

The version number of the CustomImage.

AppImageConfigName -> (string)

The name of the AppImageConfig.

CanvasAppSettings -> (structure)

The Canvas app settings.

TimeSeriesForecastingSettings -> (structure)

Time series forecast settings for the Canvas application.

Status -> (string)

Describes whether time series forecasting is enabled or disabled in the Canvas application.

AmazonForecastRoleArn -> (string)

The IAM role that Canvas passes to Amazon Forecast for time series forecasting. By default, Canvas uses the execution role specified in the UserProfile that launches the Canvas application. If an execution role is not specified in the UserProfile , Canvas uses the execution role specified in the Domain that owns the UserProfile . To allow time series forecasting, this IAM role should have the AmazonSageMakerCanvasForecastAccess policy attached and forecast.amazonaws.com added in the trust relationship as a service principal.

ModelRegisterSettings -> (structure)

The model registry settings for the SageMaker Canvas application.

Status -> (string)

Describes whether the integration to the model registry is enabled or disabled in the Canvas application.

CrossAccountModelRegisterRoleArn -> (string)

The Amazon Resource Name (ARN) of the SageMaker model registry account. Required only to register model versions created by a different SageMaker Canvas Amazon Web Services account than the Amazon Web Services account in which SageMaker model registry is set up.

JSON Syntax:

{
  "ExecutionRole": "string",
  "SecurityGroups": ["string", ...],
  "SharingSettings": {
    "NotebookOutputOption": "Allowed"|"Disabled",
    "S3OutputPath": "string",
    "S3KmsKeyId": "string"
  },
  "JupyterServerAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    },
    "LifecycleConfigArns": ["string", ...],
    "CodeRepositories": [
      {
        "RepositoryUrl": "string"
      }
      ...
    ]
  },
  "KernelGatewayAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    },
    "CustomImages": [
      {
        "ImageName": "string",
        "ImageVersionNumber": integer,
        "AppImageConfigName": "string"
      }
      ...
    ],
    "LifecycleConfigArns": ["string", ...]
  },
  "TensorBoardAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    }
  },
  "RStudioServerProAppSettings": {
    "AccessStatus": "ENABLED"|"DISABLED",
    "UserGroup": "R_STUDIO_ADMIN"|"R_STUDIO_USER"
  },
  "RSessionAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    },
    "CustomImages": [
      {
        "ImageName": "string",
        "ImageVersionNumber": integer,
        "AppImageConfigName": "string"
      }
      ...
    ]
  },
  "CanvasAppSettings": {
    "TimeSeriesForecastingSettings": {
      "Status": "ENABLED"|"DISABLED",
      "AmazonForecastRoleArn": "string"
    },
    "ModelRegisterSettings": {
      "Status": "ENABLED"|"DISABLED",
      "CrossAccountModelRegisterRoleArn": "string"
    }
  }
}

--subnet-ids (list)

The VPC subnets that Studio uses for communication.

(string)

Syntax:

"string" "string" ...

--vpc-id (string)

The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.

--tags (list)

Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.

Tags that you specify for the Domain are also added to all Apps that the Domain launches.

(structure)

A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources.

You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags .

For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources . For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy .

Key -> (string)

The tag key. Tag keys must be unique per resource.

Value -> (string)

The tag value.

Shorthand Syntax:

Key=string,Value=string ...

JSON Syntax:

[
  {
    "Key": "string",
    "Value": "string"
  }
  ...
]

--app-network-access-type (string)

Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly .

  • PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access
  • VpcOnly - All Studio traffic is through the specified VPC and subnets

Possible values:

  • PublicInternetOnly
  • VpcOnly

--home-efs-file-system-kms-key-id (string)

Use KmsKeyId .

--kms-key-id (string)

SageMaker uses Amazon Web Services KMS to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key by default. For more control, specify a customer managed key.

--app-security-group-management (string)

The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided. If setting up the domain for use with RStudio, this value must be set to Service .

Possible values:

  • Service
  • Customer

--domain-settings (structure)

A collection of Domain settings.

SecurityGroupIds -> (list)

The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps.

(string)

RStudioServerProDomainSettings -> (structure)

A collection of settings that configure the RStudioServerPro Domain-level app.

DomainExecutionRoleArn -> (string)

The ARN of the execution role for the RStudioServerPro Domain-level app.

RStudioConnectUrl -> (string)

A URL pointing to an RStudio Connect server.

RStudioPackageManagerUrl -> (string)

A URL pointing to an RStudio Package Manager server.

DefaultResourceSpec -> (structure)

Specifies the ARN’s of a SageMaker image and SageMaker image version, and the instance type that the version runs on.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

ExecutionRoleIdentityConfig -> (string)

The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key .

Shorthand Syntax:

SecurityGroupIds=string,string,RStudioServerProDomainSettings={DomainExecutionRoleArn=string,RStudioConnectUrl=string,RStudioPackageManagerUrl=string,DefaultResourceSpec={SageMakerImageArn=string,SageMakerImageVersionArn=string,InstanceType=string,LifecycleConfigArn=string}},ExecutionRoleIdentityConfig=string

JSON Syntax:

{
  "SecurityGroupIds": ["string", ...],
  "RStudioServerProDomainSettings": {
    "DomainExecutionRoleArn": "string",
    "RStudioConnectUrl": "string",
    "RStudioPackageManagerUrl": "string",
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    }
  },
  "ExecutionRoleIdentityConfig": "USER_PROFILE_NAME"|"DISABLED"
}

--default-space-settings (structure)

The default settings used to create a space.

ExecutionRole -> (string)

The ARN of the execution role for the space.

SecurityGroups -> (list)

The security group IDs for the Amazon Virtual Private Cloud that the space uses for communication.

(string)

JupyterServerAppSettings -> (structure)

The JupyterServer app settings.

DefaultResourceSpec -> (structure)

The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. If you use the LifecycleConfigArns parameter, then this parameter is also required.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

LifecycleConfigArns -> (list)

The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the DefaultResourceSpec parameter is also required.

Note

To remove a Lifecycle Config, you must set LifecycleConfigArns to an empty list.

(string)

CodeRepositories -> (list)

A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application.

(structure)

A Git repository that SageMaker automatically displays to users for cloning in the JupyterServer application.

RepositoryUrl -> (string)

The URL of the Git repository.

KernelGatewayAppSettings -> (structure)

The KernelGateway app settings.

DefaultResourceSpec -> (structure)

The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.

Note

The Amazon SageMaker Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the Amazon Web Services Command Line Interface or Amazon Web Services CloudFormation and the instance type parameter value is not passed.

SageMakerImageArn -> (string)

The ARN of the SageMaker image that the image version belongs to.

SageMakerImageVersionArn -> (string)

The ARN of the image version created on the instance.

InstanceType -> (string)

The instance type that the image version runs on.

Note

JupyterServer apps only support the system value.

For KernelGateway apps , the system value is translated to ml.t3.medium . KernelGateway apps also support all other values for available instance types.

LifecycleConfigArn -> (string)

The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.

CustomImages -> (list)

A list of custom SageMaker images that are configured to run as a KernelGateway app.

(structure)

A custom SageMaker image. For more information, see Bring your own SageMaker image .

ImageName -> (string)

The name of the CustomImage. Must be unique to your account.

ImageVersionNumber -> (integer)

The version number of the CustomImage.

AppImageConfigName -> (string)

The name of the AppImageConfig.

LifecycleConfigArns -> (list)

The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.

Note

To remove a Lifecycle Config, you must set LifecycleConfigArns to an empty list.

(string)

JSON Syntax:

{
  "ExecutionRole": "string",
  "SecurityGroups": ["string", ...],
  "JupyterServerAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    },
    "LifecycleConfigArns": ["string", ...],
    "CodeRepositories": [
      {
        "RepositoryUrl": "string"
      }
      ...
    ]
  },
  "KernelGatewayAppSettings": {
    "DefaultResourceSpec": {
      "SageMakerImageArn": "string",
      "SageMakerImageVersionArn": "string",
      "InstanceType": "system"|"ml.t3.micro"|"ml.t3.small"|"ml.t3.medium"|"ml.t3.large"|"ml.t3.xlarge"|"ml.t3.2xlarge"|"ml.m5.large"|"ml.m5.xlarge"|"ml.m5.2xlarge"|"ml.m5.4xlarge"|"ml.m5.8xlarge"|"ml.m5.12xlarge"|"ml.m5.16xlarge"|"ml.m5.24xlarge"|"ml.m5d.large"|"ml.m5d.xlarge"|"ml.m5d.2xlarge"|"ml.m5d.4xlarge"|"ml.m5d.8xlarge"|"ml.m5d.12xlarge"|"ml.m5d.16xlarge"|"ml.m5d.24xlarge"|"ml.c5.large"|"ml.c5.xlarge"|"ml.c5.2xlarge"|"ml.c5.4xlarge"|"ml.c5.9xlarge"|"ml.c5.12xlarge"|"ml.c5.18xlarge"|"ml.c5.24xlarge"|"ml.p3.2xlarge"|"ml.p3.8xlarge"|"ml.p3.16xlarge"|"ml.p3dn.24xlarge"|"ml.g4dn.xlarge"|"ml.g4dn.2xlarge"|"ml.g4dn.4xlarge"|"ml.g4dn.8xlarge"|"ml.g4dn.12xlarge"|"ml.g4dn.16xlarge"|"ml.r5.large"|"ml.r5.xlarge"|"ml.r5.2xlarge"|"ml.r5.4xlarge"|"ml.r5.8xlarge"|"ml.r5.12xlarge"|"ml.r5.16xlarge"|"ml.r5.24xlarge"|"ml.g5.xlarge"|"ml.g5.2xlarge"|"ml.g5.4xlarge"|"ml.g5.8xlarge"|"ml.g5.16xlarge"|"ml.g5.12xlarge"|"ml.g5.24xlarge"|"ml.g5.48xlarge"|"ml.geospatial.interactive"|"ml.p4d.24xlarge"|"ml.p4de.24xlarge",
      "LifecycleConfigArn": "string"
    },
    "CustomImages": [
      {
        "ImageName": "string",
        "ImageVersionNumber": integer,
        "AppImageConfigName": "string"
      }
      ...
    ],
    "LifecycleConfigArns": ["string", ...]
  }
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command. The generated JSON skeleton is not stable between versions of the AWS CLI and there are no backwards compatibility guarantees in the JSON skeleton generated.

Global Options

--debug (boolean)

Turn on debug logging.

--endpoint-url (string)

Override command’s default URL with the given URL.

--no-verify-ssl (boolean)

By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.

--no-paginate (boolean)

Disable automatic pagination.

--output (string)

The formatting style for command output.

  • json
  • text
  • table
  • yaml
  • yaml-stream

--query (string)

A JMESPath query to use in filtering the response data.

--profile (string)

Use a specific profile from your credential file.

--region (string)

The region to use. Overrides config/env settings.

--version (string)

Display the version of this tool.

--color (string)

Turn on/off color output.

  • on
  • off
  • auto

--no-sign-request (boolean)

Do not sign requests. Credentials will not be loaded if this argument is provided.

--ca-bundle (string)

The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.

--cli-read-timeout (int)

The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.

--cli-connect-timeout (int)

The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.

--cli-binary-format (string)

The formatting style to be used for binary blobs. The default format is base64. The base64 format expects binary blobs to be provided as a base64 encoded string. The raw-in-base64-out format preserves compatibility with AWS CLI V1 behavior and binary values must be passed literally. When providing contents from a file that map to a binary blob fileb:// will always be treated as binary and use the file contents directly regardless of the cli-binary-format setting. When using file:// the file contents will need to properly formatted for the configured cli-binary-format.

  • base64
  • raw-in-base64-out

--no-cli-pager (boolean)

Disable cli pager for output.

--cli-auto-prompt (boolean)

Automatically prompt for CLI input parameters.

--no-cli-auto-prompt (boolean)

Disable automatically prompt for CLI input parameters.

Output

DomainArn -> (string)

The Amazon Resource Name (ARN) of the created domain.

Url -> (string)

The URL to the created domain.