Class: Aws::SageMaker::Types::IamPolicyConstraints

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-sagemaker/types.rb

Overview

Use this parameter to specify a supported global condition key that is added to the IAM policy.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#source_ipString

When ‘SourceIp` is `Enabled` the worker’s IP address when a task is rendered in the worker portal is added to the IAM policy as a ‘Condition` used to generate the Amazon S3 presigned URL. This IP address is checked by Amazon S3 and must match in order for the Amazon S3 resource to be rendered in the worker portal.

Returns:

  • (String)


23912
23913
23914
23915
23916
23917
# File 'lib/aws-sdk-sagemaker/types.rb', line 23912

class IamPolicyConstraints < Struct.new(
  :source_ip,
  :vpc_source_ip)
  SENSITIVE = []
  include Aws::Structure
end

#vpc_source_ipString

When ‘VpcSourceIp` is `Enabled` the worker’s IP address when a task is rendered in private worker portal inside the VPC is added to the IAM policy as a ‘Condition` used to generate the Amazon S3 presigned URL. To render the task successfully Amazon S3 checks that the presigned URL is being accessed over an Amazon S3 VPC Endpoint, and that the worker’s IP address matches the IP address in the IAM policy. To learn more about configuring private worker portal, see [Use Amazon VPC mode from a private worker portal].

[1]: docs.aws.amazon.com/sagemaker/latest/dg/samurai-vpc-worker-portal.html

Returns:

  • (String)


23912
23913
23914
23915
23916
23917
# File 'lib/aws-sdk-sagemaker/types.rb', line 23912

class IamPolicyConstraints < Struct.new(
  :source_ip,
  :vpc_source_ip)
  SENSITIVE = []
  include Aws::Structure
end