I have been given AmazonSagemakerFullAccess by my companie's AWS admin. No one at our company can figure out why I can't get this line to run to launch the model.
***** CODE PRODUCING ERROR *****
lang_id = sagemaker.Model(
image_uri=container, model_data=model_location, role=role, sagemaker_session=sess
)
lang_id.deploy(initial_instance_count=1, instance_type="ml.t2.medium")
***** ERROR MESSAGE *****
ClientError Traceback (most recent call last)
<ipython-input-5-4c80ec284a4b> in <module>
2 image_uri=container, model_data=model_location, role=role, sagemaker_session=sess
3 )
----> 4 lang_id.deploy(initial_instance_count=1, instance_type="ml.t2.medium")
5
6 from sagemaker.deserializers import JSONDeserializer
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/sagemaker/model.py in deploy(self, initial_instance_count, instance_type, serializer, deserializer, accelerator_type, endpoint_name, tags, kms_key, wait, data_capture_config, async_inference_config, serverless_inference_config, **kwargs)
1132
1133 self._create_sagemaker_model(
-> 1134 instance_type, accelerator_type, tags, serverless_inference_config
1135 )
1136
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/sagemaker/model.py in _create_sagemaker_model(self, instance_type, accelerator_type, tags, serverless_inference_config)
671 tags=tags,
672 )
--> 673 self.sagemaker_session.create_model(**create_model_args)
674
675 def _ensure_base_name_if_needed(self, image_uri, script_uri, model_uri):
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/sagemaker/session.py in create_model(self, name, role, container_defs, vpc_config, enable_network_isolation, primary_container, tags)
2715 raise
2716
-> 2717 self._intercept_create_request(create_model_request, submit, self.create_model.name)
2718 return name
2719
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/sagemaker/session.py in _intercept_create_request(self, request, create, func_name)
4294 func_name (str): the name of the function needed intercepting
4295 """
-> 4296 return create(request)
4297
4298
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/sagemaker/session.py in submit(request)
2703 LOGGER.debug("CreateModel request: %s", json.dumps(request, indent=4))
2704 try:
-> 2705 self.sagemaker_client.create_model(**request)
2706 except ClientError as e:
2707 error_code = e.response["Error"]["Code"]
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/botocore/client.py in _api_call(self, *args, **kwargs)
506 )
507 # The "self" in this scope is referring to the BaseClient.
--> 508 return self._make_api_call(operation_name, kwargs)
509
510 _api_call.name = str(py_operation_name)
~/anaconda3/envs/tensorflow2_p36/lib/python3.6/site-packages/botocore/client.py in _make_api_call(self, operation_name, api_params)
909 error_code = parsed_response.get("Error", {}).get("Code")
910 error_class = self.exceptions.from_code(error_code)
--> 911 raise error_class(parsed_response, operation_name)
912 else:
913 return parsed_response
ClientError: An error occurred (AccessDeniedException) when calling the CreateModel operation: User: arn:aws:sts::XXXXXXXXXX:assumed-role/sagemakeraccesstoservices/SageMaker is not authorized to perform: sagemaker:CreateModel on resource: arn:aws:sagemaker:us-east-2:XXXXXXXXXX:model/blazingtext-2022-08-09-13-58-21-739 because no identity-based policy allows the sagemaker:CreateModel action