Skip to content

Commit

Permalink
sagemaker_domain add docker_settings & fix domain_settings update
Browse files Browse the repository at this point in the history
  • Loading branch information
@deepakbshetty
deepakbshetty committed Jan 25, 2024
1 parent 73bd1c7 commit eb4db26
Show file tree
Hide file tree
Showing 4 changed files with 187 additions and 8 deletions.
102 changes: 101 additions & 1 deletion internal/service/sagemaker/domain.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -680,7 +680,6 @@ func ResourceDomain() *schema.Resource {
"user_group": {
Type: schema.TypeString,
Optional: true,
Default: sagemaker.RStudioServerProUserGroupRStudioUser,
ValidateFunc: validation.StringInSlice(sagemaker.RStudioServerProUserGroup_Values(), false),
},
},
Expand Down Expand Up @@ -871,6 +870,29 @@ func ResourceDomain() *schema.Resource {
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"docker_settings": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enable_docker_access": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice(sagemaker.FeatureStatus_Values(), false),
},
"vpc_only_trusted_accounts": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: verify.ValidAccountID,
},
MaxItems: 10,
},
},
},
},
"execution_role_identity_config": {
Type: schema.TypeString,
Optional: true,
Expand Down Expand Up @@ -1171,6 +1193,10 @@ func expandDomainSettings(l []interface{}) *sagemaker.DomainSettings {

config := &sagemaker.DomainSettings{}

if v, ok := m["docker_settings"].([]interface{}); ok && len(v) > 0 {
config.DockerSettings = expandDockerSettings(v)
}

if v, ok := m["execution_role_identity_config"].(string); ok && v != "" {
config.ExecutionRoleIdentityConfig = aws.String(v)
}
Expand All @@ -1186,6 +1212,26 @@ func expandDomainSettings(l []interface{}) *sagemaker.DomainSettings {
return config
}

func expandDockerSettings(l []interface{}) *sagemaker.DockerSettings {
if len(l) == 0 || l[0] == nil {
return nil
}

m := l[0].(map[string]interface{})

config := &sagemaker.DockerSettings{}

if v, ok := m["enable_docker_access"].(string); ok && v != "" {
config.EnableDockerAccess = aws.String(v)
}

if v, ok := m["vpc_only_trusted_accounts"].(*schema.Set); ok && v.Len() > 0 {
config.VpcOnlyTrustedAccounts = flex.ExpandStringSet(v)
}

return config
}

func expandRStudioServerProDomainSettings(l []interface{}) *sagemaker.RStudioServerProDomainSettings {
if len(l) == 0 || l[0] == nil {
return nil
Expand Down Expand Up @@ -1223,10 +1269,50 @@ func expandDomainSettingsUpdate(l []interface{}) *sagemaker.DomainSettingsForUpd

config := &sagemaker.DomainSettingsForUpdate{}

if v, ok := m["docker_settings"].([]interface{}); ok && len(v) > 0 {
config.DockerSettings = expandDockerSettings(v)
}

if v, ok := m["execution_role_identity_config"].(string); ok && v != "" {
config.ExecutionRoleIdentityConfig = aws.String(v)
}

if v, ok := m["security_group_ids"].(*schema.Set); ok && v.Len() > 0 {
config.SecurityGroupIds = flex.ExpandStringSet(v)
}

if v, ok := m["r_studio_server_pro_domain_settings"].([]interface{}); ok && len(v) > 0 {
config.RStudioServerProDomainSettingsForUpdate = expandRStudioServerProDomainSettingsUpdate(v)
}

return config
}

func expandRStudioServerProDomainSettingsUpdate(l []interface{}) *sagemaker.RStudioServerProDomainSettingsForUpdate {
if len(l) == 0 || l[0] == nil {
return nil
}

m := l[0].(map[string]interface{})

config := &sagemaker.RStudioServerProDomainSettingsForUpdate{}

if v, ok := m["default_resource_spec"].([]interface{}); ok && len(v) > 0 {
config.DefaultResourceSpec = expandResourceSpec(v)
}

if v, ok := m["domain_execution_role_arn"].(string); ok && v != "" {
config.DomainExecutionRoleArn = aws.String(v)
}

if v, ok := m["r_studio_connect_url"].(string); ok && v != "" {
config.RStudioConnectUrl = aws.String(v)
}

if v, ok := m["r_studio_packageManager_url"].(string); ok && v != "" {
config.RStudioPackageManagerUrl = aws.String(v)
}

return config
}

Expand Down Expand Up @@ -2178,6 +2264,7 @@ func flattenDomainSettings(config *sagemaker.DomainSettings) []map[string]interf
}

m := map[string]interface{}{
"docker_settings": flattenDockerSettings(config.DockerSettings),
"execution_role_identity_config": aws.StringValue(config.ExecutionRoleIdentityConfig),
"r_studio_server_pro_domain_settings": flattenRStudioServerProDomainSettings(config.RStudioServerProDomainSettings),
"security_group_ids": flex.FlattenStringSet(config.SecurityGroupIds),
Expand All @@ -2186,6 +2273,19 @@ func flattenDomainSettings(config *sagemaker.DomainSettings) []map[string]interf
return []map[string]interface{}{m}
}

func flattenDockerSettings(config *sagemaker.DockerSettings) []map[string]interface{} {
if config == nil {
return []map[string]interface{}{}
}

m := map[string]interface{}{
"enable_docker_access": aws.StringValue(config.EnableDockerAccess),
"vpc_only_trusted_accounts": flex.FlattenStringSet(config.VpcOnlyTrustedAccounts),
}

return []map[string]interface{}{m}
}

func flattenRStudioServerProDomainSettings(config *sagemaker.RStudioServerProDomainSettings) []map[string]interface{} {
if config == nil {
return []map[string]interface{}{}
Expand Down
72 changes: 72 additions & 0 deletions internal/service/sagemaker/domain_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,48 @@ func testAccDomain_domainSettings(t *testing.T) {
})
}

func testAccDomain_domainSettingsDockerSettingsUpdated(t *testing.T) {
ctx := acctest.Context(t)
var domain sagemaker.DescribeDomainOutput
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_sagemaker_domain.test"

resource.Test(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(ctx, t) },
ErrorCheck: acctest.ErrorCheck(t, sagemaker.EndpointsID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckDomainDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccDomainConfig_domainSettingsDockerSettings(rName, "DISABLED"),
Check: resource.ComposeTestCheckFunc(
testAccCheckDomainExists(ctx, resourceName, &domain),
resource.TestCheckResourceAttr(resourceName, "domain_settings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.0.enable_docker_access", "DISABLED"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.0.vpc_only_trusted_accounts.#", "1"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"retention_policy"},
},
{
Config: testAccDomainConfig_domainSettingsDockerSettings(rName, "ENABLED"),
Check: resource.ComposeTestCheckFunc(
testAccCheckDomainExists(ctx, resourceName, &domain),
resource.TestCheckResourceAttr(resourceName, "domain_settings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.0.enable_docker_access", "ENABLED"),
resource.TestCheckResourceAttr(resourceName, "domain_settings.0.docker_settings.0.vpc_only_trusted_accounts.#", "1"),
),
},
},
})
}

func testAccDomain_kms(t *testing.T) {
ctx := acctest.Context(t)
var domain sagemaker.DescribeDomainOutput
Expand Down Expand Up @@ -1245,6 +1287,36 @@ resource "aws_sagemaker_domain" "test" {
`, rName, config))
}

func testAccDomainConfig_domainSettingsDockerSettings(rName, config string) string {
return acctest.ConfigCompose(testAccDomainConfig_base(rName), fmt.Sprintf(`
data "aws_caller_identity" "current" {}
resource "aws_sagemaker_domain" "test" {
domain_name = %[1]q
auth_mode = "IAM"
vpc_id = aws_vpc.test.id
subnet_ids = aws_subnet.test[*].id
default_user_settings {
execution_role = aws_iam_role.test.arn
}
app_network_access_type = "VpcOnly"
domain_settings {
docker_settings {
enable_docker_access = %[2]q
vpc_only_trusted_accounts = [data.aws_caller_identity.current.account_id]
}
}
retention_policy {
home_efs_file_system = "Delete"
}
}
`, rName, config))
}

func testAccDomainConfig_kms(rName string) string {
return acctest.ConfigCompose(testAccDomainConfig_base(rName), fmt.Sprintf(`
resource "aws_kms_key" "test" {
Expand Down
15 changes: 8 additions & 7 deletions internal/service/sagemaker/sagemaker_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,13 +61,14 @@ func TestAccSageMaker_serial(t *testing.T) {
"kendraSettings": testAccDomain_kendraSettings,
"workspaceSettings": testAccDomain_workspaceSettings,
"domainSettings": testAccDomain_domainSettings,
"rSessionAppSettings": testAccDomain_rSessionAppSettings,
"rStudioServerProAppSettings": testAccDomain_rStudioServerProAppSettings,
"spaceSettingsKernelGatewayAppSettings": testAccDomain_spaceSettingsKernelGatewayAppSettings,
"code": testAccDomain_jupyterServerAppSettings_code,
"efs": testAccDomain_efs,
"posix": testAccDomain_posix,
"spaceStorageSettings": testAccDomain_spaceStorageSettings,
"domainSettingsDockerSettingsUpdated": testAccDomain_domainSettingsDockerSettingsUpdated,
"rSessionAppSettings": testAccDomain_rSessionAppSettings,
"rStudioServerProAppSettings": testAccDomain_rStudioServerProAppSettings,
"spaceSettingsKernelGatewayAppSettings": testAccDomain_spaceSettingsKernelGatewayAppSettings,
"code": testAccDomain_jupyterServerAppSettings_code,
"efs": testAccDomain_efs,
"posix": testAccDomain_posix,
"spaceStorageSettings": testAccDomain_spaceStorageSettings,
},
"FlowDefinition": {
"basic": testAccFlowDefinition_basic,
Expand Down
6 changes: 6 additions & 0 deletions website/docs/r/sagemaker_domain.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,10 +257,16 @@ The following arguments are optional:

### domain_settings

* `docker_settings` - (Optional) A collection of settings that configure the domain’s Docker interaction. see [`docker_settings` Block](#docker_settings-block) below.
* `execution_role_identity_config` - (Optional) The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key [AWS Docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html). Valid values are `USER_PROFILE_NAME` and `DISABLED`.
* `r_studio_server_pro_domain_settings` - (Optional) A collection of settings that configure the RStudioServerPro Domain-level app. see [RStudioServerProDomainSettings](#r_studio_server_pro_domain_settings) below.
* `security_group_ids` - (Optional) The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps.

#### `docker_settings` Block

* `enable_docker_access` - (Optional) Indicates whether the domain can access Docker. Valid values are `ENABLED` and `DISABLED`.
* `vpc_only_trusted_accounts` - (Optional) The list of Amazon Web Services accounts that are trusted when the domain is created in VPC-only mode.

#### r_studio_server_pro_domain_settings

* `default_resource_spec` - (Optional) The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see [Default Resource Spec](#default_resource_spec) below.
Expand Down

0 comments on commit eb4db26

Please sign in to comment.