apiVersion: v1 kind: Namespace metadata: labels: control-plane: controller-manager name: PLACEHOLDER-NAMESPACE --- apiVersion: v1 kind: ServiceAccount metadata: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/DELETE_ME name: sagemaker-k8s-operator-default namespace: PLACEHOLDER-NAMESPACE --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: sagemaker-k8s-operator-leader-election-role namespace: PLACEHOLDER-NAMESPACE rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - configmaps/status verbs: - get - update - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: creationTimestamp: null name: sagemaker-k8s-operator-manager-role namespace: PLACEHOLDER-NAMESPACE rules: - apiGroups: - sagemaker.aws.amazon.com resources: - batchtransformjobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - batchtransformjobs/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - endpointconfigs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - endpointconfigs/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - hostingautoscalingpolicies verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - hostingautoscalingpolicies/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - hostingdeployments verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - hostingdeployments/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - hyperparametertuningjobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - hyperparametertuningjobs/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - models verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - models/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - processingjobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - processingjobs/status verbs: - get - patch - update - apiGroups: - sagemaker.aws.amazon.com resources: - trainingjobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - sagemaker.aws.amazon.com resources: - trainingjobs/status verbs: - get - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: sagemaker-k8s-operator-proxy-role namespace: PLACEHOLDER-NAMESPACE rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: sagemaker-k8s-operator-leader-election-rolebinding namespace: PLACEHOLDER-NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: sagemaker-k8s-operator-leader-election-role subjects: - kind: ServiceAccount name: sagemaker-k8s-operator-default namespace: PLACEHOLDER-NAMESPACE --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: sagemaker-k8s-operator-manager-rolebinding namespace: PLACEHOLDER-NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: sagemaker-k8s-operator-manager-role subjects: - kind: ServiceAccount name: sagemaker-k8s-operator-default namespace: PLACEHOLDER-NAMESPACE --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: sagemaker-k8s-operator-proxy-rolebinding namespace: PLACEHOLDER-NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: sagemaker-k8s-operator-proxy-role subjects: - kind: ServiceAccount name: sagemaker-k8s-operator-default namespace: PLACEHOLDER-NAMESPACE --- apiVersion: v1 kind: Service metadata: annotations: prometheus.io/port: "8443" prometheus.io/scheme: https prometheus.io/scrape: "true" labels: control-plane: controller-manager name: sagemaker-k8s-operator-controller-manager-metrics-service namespace: PLACEHOLDER-NAMESPACE spec: ports: - name: https port: 8443 targetPort: https selector: control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: controller-manager name: sagemaker-k8s-operator-controller-manager namespace: PLACEHOLDER-NAMESPACE spec: replicas: 1 selector: matchLabels: control-plane: controller-manager template: metadata: labels: control-plane: controller-manager spec: containers: - args: - --metrics-addr=127.0.0.1:8080 - --namespace=PLACEHOLDER-NAMESPACE command: - /manager env: - name: AWS_DEFAULT_SAGEMAKER_ENDPOINT value: "" image: 099223943020.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-sagemaker-operator-for-k8s:v1 imagePullPolicy: Always name: manager resources: limits: cpu: 100m memory: 30Mi requests: cpu: 100m memory: 20Mi serviceAccountName: sagemaker-k8s-operator-default terminationGracePeriodSeconds: 10