/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include namespace Aws { namespace Utils { namespace Json { class JsonValue; class JsonView; } // namespace Json } // namespace Utils namespace SageMaker { namespace Model { /** *

Provides information about how to store model training results (model * artifacts).

See Also:

AWS * API Reference

*/ class AWS_SAGEMAKER_API OutputDataConfig { public: OutputDataConfig(); OutputDataConfig(Aws::Utils::Json::JsonView jsonValue); OutputDataConfig& operator=(Aws::Utils::Json::JsonView jsonValue); Aws::Utils::Json::JsonValue Jsonize() const; /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline const Aws::String& GetKmsKeyId() const{ return m_kmsKeyId; } /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline bool KmsKeyIdHasBeenSet() const { return m_kmsKeyIdHasBeenSet; } /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline void SetKmsKeyId(const Aws::String& value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId = value; } /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline void SetKmsKeyId(Aws::String&& value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId = std::move(value); } /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline void SetKmsKeyId(const char* value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId.assign(value); } /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline OutputDataConfig& WithKmsKeyId(const Aws::String& value) { SetKmsKeyId(value); return *this;} /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline OutputDataConfig& WithKmsKeyId(Aws::String&& value) { SetKmsKeyId(std::move(value)); return *this;} /** *

The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to * encrypt the model artifacts at rest using Amazon S3 server-side encryption. The * KmsKeyId can be any of the following formats:

  • // * KMS Key ID

    "1234abcd-12ab-34cd-56ef-1234567890ab"

    *

  • // Amazon Resource Name (ARN) of a KMS Key

    * "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" *

  • // KMS Key Alias

    "alias/ExampleAlias" *

  • // Amazon Resource Name (ARN) of a KMS Key Alias

    * "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"

    • *

If you use a KMS key ID or an alias of your master key, the Amazon * SageMaker execution role must include permissions to call * kms:Encrypt. If you don't provide a KMS key ID, Amazon SageMaker * uses the default KMS key for Amazon S3 for your role's account. Amazon SageMaker * uses server-side encryption with KMS-managed keys for * OutputDataConfig. If you use a bucket policy with an * s3:PutObject permission that only allows objects with server-side * encryption, set the condition key of * s3:x-amz-server-side-encryption to "aws:kms". For more * information, see KMS-Managed * Encryption Keys in the Amazon Simple Storage Service Developer Guide. *

The KMS key policy must grant permission to the IAM role that you * specify in your CreateTrainingJob, CreateTransformJob, * or CreateHyperParameterTuningJob requests. For more information, * see Using * Key Policies in AWS KMS in the AWS Key Management Service Developer * Guide.

*/ inline OutputDataConfig& WithKmsKeyId(const char* value) { SetKmsKeyId(value); return *this;} /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline const Aws::String& GetS3OutputPath() const{ return m_s3OutputPath; } /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline bool S3OutputPathHasBeenSet() const { return m_s3OutputPathHasBeenSet; } /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline void SetS3OutputPath(const Aws::String& value) { m_s3OutputPathHasBeenSet = true; m_s3OutputPath = value; } /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline void SetS3OutputPath(Aws::String&& value) { m_s3OutputPathHasBeenSet = true; m_s3OutputPath = std::move(value); } /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline void SetS3OutputPath(const char* value) { m_s3OutputPathHasBeenSet = true; m_s3OutputPath.assign(value); } /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline OutputDataConfig& WithS3OutputPath(const Aws::String& value) { SetS3OutputPath(value); return *this;} /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline OutputDataConfig& WithS3OutputPath(Aws::String&& value) { SetS3OutputPath(std::move(value)); return *this;} /** *

Identifies the S3 path where you want Amazon SageMaker to store the model * artifacts. For example, s3://bucket-name/key-name-prefix.

*/ inline OutputDataConfig& WithS3OutputPath(const char* value) { SetS3OutputPath(value); return *this;} private: Aws::String m_kmsKeyId; bool m_kmsKeyIdHasBeenSet; Aws::String m_s3OutputPath; bool m_s3OutputPathHasBeenSet; }; } // namespace Model } // namespace SageMaker } // namespace Aws