AWS Amazon SageMaker Workforce

This page shows how to write Terraform for Amazon SageMaker Workforce and write them securely.

aws_sagemaker_workforce (Terraform)

The Workforce in Amazon SageMaker can be configured in Terraform with the resource name aws_sagemaker_workforce. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

The following arguments are supported:

  • workforce_name - (Required) The name of the Workforce (must be unique).
  • cognito_config - (Required) Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with oidc_config. see Cognito Config details below.
  • oidc_config - (Required) Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with cognito_config. see OIDC Config details below.
  • source_ip_config - (Required) A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. see Source Ip Config details below.

Cognito Config

  • client_id - (Required) The client ID for your Amazon Cognito user pool.
  • user_pool - (Required) The id for your Amazon Cognito user pool.

Oidc Config

  • authorization_endpoint - (Required) The OIDC IdP authorization endpoint used to configure your private workforce.
  • client_id - (Required) The OIDC IdP client ID used to configure your private workforce.
  • client_secret - (Required) The OIDC IdP client secret used to configure your private workforce.
  • issuer - (Required) The OIDC IdP issuer used to configure your private workforce.
  • jwks_uri - (Required) The OIDC IdP JSON Web Key Set (Jwks) URI used to configure your private workforce.
  • logout_endpoint - (Required) The OIDC IdP logout endpoint used to configure your private workforce.
  • token_endpoint - (Required) The OIDC IdP token endpoint used to configure your private workforce.
  • user_info_endpoint - (Required) The OIDC IdP user information endpoint used to configure your private workforce.

Source Ip Config

  • cidrs - (Required) A list of up to 10 CIDR values.

In addition to all arguments above, the following attributes are exported:

  • arn - The Amazon Resource Name (ARN) assigned by AWS to this Workforce.
  • id - The name of the Workforce.
  • subdomain - The subdomain for your OIDC Identity Provider.

Explanation in Terraform Registry

Provides a Sagemaker Workforce resource.

CloudFormation Example

CloudFormation code does not have the related resource.

Frequently asked questions

What is AWS Amazon SageMaker Workforce?

AWS Amazon SageMaker Workforce is a resource for Amazon SageMaker of Amazon Web Service. Settings can be wrote in Terraform.

security-icon

Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.