createDomain method

Future<CreateDomainResponse> createDomain({
  1. required AuthMode authMode,
  2. required UserSettings defaultUserSettings,
  3. required String domainName,
  4. required List<String> subnetIds,
  5. required String vpcId,
  6. AppNetworkAccessType? appNetworkAccessType,
  7. String? homeEfsFileSystemKmsKeyId,
  8. String? kmsKeyId,
  9. List<Tag>? tags,
})

Creates a Domain used by Amazon SageMaker Studio. A domain consists of an associated Amazon Elastic File System (EFS) volume, a list of authorized users, and a variety of security, application, policy, and Amazon Virtual Private Cloud (VPC) configurations. An AWS account is limited to one domain per region. Users within a domain can share notebook files and other artifacts with each other.

EFS storage

When a domain is created, an EFS volume is created for use by all of the users within the domain. Each user receives a private home directory within the EFS volume for notebooks, Git repositories, and data files.

SageMaker uses the AWS Key Management Service (AWS KMS) to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default. For more control, you can specify a customer managed CMK. For more information, see Protect Data at Rest Using Encryption.

VPC configuration

All SageMaker Studio traffic between the domain and the EFS volume is through the specified VPC and subnets. For other Studio traffic, you can specify the AppNetworkAccessType parameter. AppNetworkAccessType corresponds to the network access type that you choose when you onboard to Studio. The following options are available:

  • PublicInternetOnly - Non-EFS traffic goes through a VPC managed by Amazon SageMaker, which allows internet access. This is the default value.
  • VpcOnly - All Studio traffic is through the specified VPC and subnets. Internet access is disabled by default. To allow internet access, you must specify a NAT gateway.

    When internet access is disabled, you won't be able to run a Studio notebook or to train or host models unless your VPC has an interface endpoint to the SageMaker API and runtime or a NAT gateway and your security groups allow outbound connections.

For more information, see Connect SageMaker Studio Notebooks to Resources in a VPC.

May throw ResourceLimitExceeded. May throw ResourceInUse.

Parameter authMode : The mode of authentication that members use to access the domain.

Parameter defaultUserSettings : The default user settings.

Parameter domainName : A name for the domain.

Parameter subnetIds : The VPC subnets that Studio uses for communication.

Parameter vpcId : The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.

Parameter appNetworkAccessType : Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly.

  • PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access
  • VpcOnly - All Studio traffic is through the specified VPC and subnets

Parameter homeEfsFileSystemKmsKeyId : This member is deprecated and replaced with KmsKeyId.

Parameter kmsKeyId : SageMaker uses AWS KMS to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.

Parameter tags : Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.

Implementation

Future<CreateDomainResponse> createDomain({
  required AuthMode authMode,
  required UserSettings defaultUserSettings,
  required String domainName,
  required List<String> subnetIds,
  required String vpcId,
  AppNetworkAccessType? appNetworkAccessType,
  String? homeEfsFileSystemKmsKeyId,
  String? kmsKeyId,
  List<Tag>? tags,
}) async {
  ArgumentError.checkNotNull(authMode, 'authMode');
  ArgumentError.checkNotNull(defaultUserSettings, 'defaultUserSettings');
  ArgumentError.checkNotNull(domainName, 'domainName');
  _s.validateStringLength(
    'domainName',
    domainName,
    0,
    63,
    isRequired: true,
  );
  ArgumentError.checkNotNull(subnetIds, 'subnetIds');
  ArgumentError.checkNotNull(vpcId, 'vpcId');
  _s.validateStringLength(
    'vpcId',
    vpcId,
    0,
    32,
    isRequired: true,
  );
  _s.validateStringLength(
    'homeEfsFileSystemKmsKeyId',
    homeEfsFileSystemKmsKeyId,
    0,
    2048,
  );
  _s.validateStringLength(
    'kmsKeyId',
    kmsKeyId,
    0,
    2048,
  );
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'SageMaker.CreateDomain'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'AuthMode': authMode.toValue(),
      'DefaultUserSettings': defaultUserSettings,
      'DomainName': domainName,
      'SubnetIds': subnetIds,
      'VpcId': vpcId,
      if (appNetworkAccessType != null)
        'AppNetworkAccessType': appNetworkAccessType.toValue(),
      if (homeEfsFileSystemKmsKeyId != null)
        'HomeEfsFileSystemKmsKeyId': homeEfsFileSystemKmsKeyId,
      if (kmsKeyId != null) 'KmsKeyId': kmsKeyId,
      if (tags != null) 'Tags': tags,
    },
  );

  return CreateDomainResponse.fromJson(jsonResponse.body);
}