Error while creating SageMaker domain
Hi AWS, I am creating SageMaker domain but this time using Standard setup option as Quick setup is failing which I have raised in the thread https://repost.aws/questions/QULk3cThfOTc21vRT0LmZJ0A/could-not-create-sagemaker-domain-due-to-s3-bucket-creation-failure, even though the IAM role is having sufficient permissions. But now again a weird error is coming when I am trying to create the domain i.e. PermissionError: Unable to create Amazon EFS for domain 'd-g8mohmstv7ec' because you don't have permissions to use the specified resource as again the IAM role is having elasticfilesystem:* access for Resource: "*", still this error is not sorted.
Please guide the series of steps I need to follow as AWS Support is not able to solve either of the errors.
- Newest
- Most votes
- Most comments
Relevant content
- asked 3 months ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
can you shed more light into the specific permissions error you got? (double check IAM permissions on the SageMaker roles) - also check out: SageMaker Create Domain API reference https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html
Are you you using the default domain setting or VPCOnly mode? Are you seeing any KMS related permissions errors?
Below is a list of required permissions for creating a domain: sagemaker:CreateDomain iam:CreateServiceLinkedRole iam:PassRole
Required if a KMS customer managed key is specified for KmsKeyId: elasticfilesystem:CreateFileSystem kms:CreateGrant kms:Decrypt kms:DescribeKey kms:GenerateDataKeyWithoutPlainText
Required to create a domain that supports RStudio: sagemaker:CreateApp