我正在尝试使用CDK [python]从S3中的模型工件部署sagemaker端点。
Sagemaker模型需要execution_rol_arn。因此,我使用CDK创建了一个角色,并将其作为sagemaker模型的参数传递。但是它说在创建模型时角色并不存在。但是如果通过这个命令添加对资源的依赖,sagemaker_model.add_depends_on(model_role)。它给了我这个错误。
type of argument target must be aws_cdk.CfnResource; got aws_cdk.aws_iam.Role instead
我的sagemaker模型和我的角色的cdk代码
sagemaker_model = aws_sagemaker.CfnModel(
self,
model_name,
execution_role_arn=model_role.role_arn,
model_name=model_name,
primary_container=sagemaker_primary_container_definition,
)
model_role = Role(
self,
f"{construct_id}_role",
assumed_by=ServicePrincipal("sagemaker.amazonaws.com"),
)
model_role.add_to_policy(PolicyStatement(
resources=["*"],
actions= [
"cloudwatch:PutMetricData",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:CreateLogGroup",
"logs:DescribeLogStreams",
"s3:GetObject",
"s3:ListBucket",
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage"
]
))
当您在L1 (CfnModel)和L2 (Role)抽象级别之间移动时,事情变得有点混乱。您需要使用所谓的escape hatch语法:
cfnRole = cast(iam.CfnRole, model_role.node.default_child) # cast if using typings
sagemaker_model.add_depends_on(cfnRole)