'Do the underlying resources that get used by AWS SageMaker have to be tagged independently (since tagging is only permitted at the domain level)?
SageMaker has many components that do not show up in the resource tag editor. So the individual components of SageMaker end up showing up as non-allocated costs.
So tags can be placed at the SageMaker domain level, BUT... does this also mean that tags will propagate to the resources spun up within that domain (jobs, instances, volumes, etc.)?
In other words, do the underlying resources that get used by SageMaker have to be tagged independently?
amazon-web-servicesSolution 1:[1]
In SageMaker Studio, you can assign custom tags to SageMaker Studio domain as well as users who are provisioned access to the domain. SageMaker Studio will automatically copy and assign these tags to the SageMaker Studio Notebooks created by the users.
At this time, tags are not propagated automatically to the jobs you launch from Studio, for example, training jobs, processing jobs, etc. You can enforce a policy in Studio Execution role for a User Profile such that tags are passed when jobs are created. Below is a sample policy for enforcing tags on training jobs.
{
"Sid": "AmazonSageMakerCreate",
"Effect": "Allow",
"Action": [
"sagemaker:CreateTrainingJob"
],
"Resource": "*",
"Condition": {
"StringLike": {
"aws:RequestTag/env": [
"dev",
"staging",
"prod"
]
}
}
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | RamaT |