# AWS::SageMaker::Domain Resource Type definition for AWS::SageMaker::Domain ## Syntax To declare this entity in your AWS CloudFormation template, use the following syntax: ### JSON

{
    "Type" : "AWS::SageMaker::Domain",
    "Properties" : {
        "AppNetworkAccessType" : String,
        "AuthMode" : String,
        "DefaultUserSettings" : UserSettings,
        "DefaultSpaceSettings" : DefaultSpaceSettings,
        "DomainName" : String,
        "KmsKeyId" : String,
        "SubnetIds" : [ String, ... ],
        "Tags" : [ Tag, ... ],
        "VpcId" : String,
        "DomainSettings" : DomainSettings,
        "AppSecurityGroupManagement" : String,
    }
}

### YAML

Type: AWS::SageMaker::Domain
Properties:
    AppNetworkAccessType: String
    AuthMode: String
    DefaultUserSettings: UserSettings
    DefaultSpaceSettings: DefaultSpaceSettings
    DomainName: String
    KmsKeyId: String
    SubnetIds: 
      - String
    Tags: 
      - Tag
    VpcId: String
    DomainSettings: DomainSettings
    AppSecurityGroupManagement: String

## Properties #### AppNetworkAccessType Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. _Required_: No _Type_: String _Allowed Values_: PublicInternetOnly | VpcOnly _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### AuthMode The mode of authentication that members use to access the domain. _Required_: Yes _Type_: String _Allowed Values_: SSO | IAM _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### DefaultUserSettings A collection of settings that apply to users of Amazon SageMaker Studio. These settings are specified when the CreateUserProfile API is called, and as DefaultUserSettings when the CreateDomain API is called. _Required_: Yes _Type_: UserSettings _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) #### DefaultSpaceSettings A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the Create/Update Domain API is called. _Required_: No _Type_: DefaultSpaceSettings _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) #### DomainName A name for the domain. _Required_: Yes _Type_: String _Maximum_: 63 _Pattern_: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62} _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### KmsKeyId SageMaker uses AWS KMS to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default. _Required_: No _Type_: String _Maximum_: 2048 _Pattern_: .* _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### SubnetIds The VPC subnets that Studio uses for communication. _Required_: Yes _Type_: List of String _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### Tags A list of tags to apply to the user profile. _Required_: No _Type_: List of Tag _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### VpcId The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. _Required_: Yes _Type_: String _Maximum_: 32 _Pattern_: [-0-9a-zA-Z]+ _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) #### DomainSettings A collection of Domain settings. _Required_: No _Type_: DomainSettings _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) #### AppSecurityGroupManagement The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided. _Required_: No _Type_: String _Allowed Values_: Service | Customer _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) ## Return Values ### Ref When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the DomainId. ### Fn::GetAtt The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values. For more information about using the `Fn::GetAtt` intrinsic function, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html). #### DomainArn The Amazon Resource Name (ARN) of the created domain. #### Url The URL to the created domain. #### DomainId The domain name. #### HomeEfsFileSystemId The ID of the Amazon Elastic File System (EFS) managed by this Domain. #### SecurityGroupIdForDomainBoundary The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app. #### SingleSignOnManagedApplicationInstanceId The SSO managed application instance ID.