forked from aws-samples/sagemaker-ssh-helper
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsm-init-ssm
60 lines (48 loc) · 2.59 KB
/
sm-init-ssm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/bash
# Creates a new hybrid activation in SSM and reports back the managed instance ID
# If successful, the log line with the instance ID will look like this:
# Successfully registered the instance with AWS SSM using Managed instance-id: mi-01234567890abcdef
# Requires environment variable SSH_SSM_ROLE to be passed as an argument
# The role for SSM is not a full IAM ARN, but only the last part of it such as 'service-role/SageMakerRole'
set -e
dir=$(dirname "$0")
source "$dir"/sm-helper-functions
CURRENT_REGION=$(aws configure get region || echo "$AWS_REGION")
SSH_CREATOR=$(aws sts get-caller-identity | jq --raw-output '.UserId')
SSH_TIMESTAMP=$(date +%s)
if [ -f /opt/ml/metadata/resource-metadata.json ]; then
# SageMaker Studio and notebook instances
RESOURCE_NAME=$(jq --raw-output '.ResourceName' < /opt/ml/metadata/resource-metadata.json)
RESOURCE_ARN=$(jq --raw-output '.ResourceArn' < /opt/ml/metadata/resource-metadata.json)
elif [ -f /opt/ml/config/processingjobconfig.json ]; then
# Processing job
RESOURCE_NAME=$(jq --raw-output '.ProcessingJobName' < /opt/ml/config/processingjobconfig.json)
RESOURCE_ARN=$(jq --raw-output '.ProcessingJobArn' < /opt/ml/config/processingjobconfig.json)
elif [[ "$TRAINING_JOB_NAME" != "" ]]; then
# Training job
RESOURCE_NAME=$TRAINING_JOB_NAME
RESOURCE_ARN=$TRAINING_JOB_ARN # empty for local mode
elif [[ "$TRANSFORM_JOB_ARN" != "" ]]; then
# Transform job
RESOURCE_NAME=$(echo $TRANSFORM_JOB_ARN | awk -F/ '{print $2}')
RESOURCE_ARN=$TRANSFORM_JOB_ARN
else
# Probably, endpoint
RESOURCE_NAME=""
RESOURCE_ARN=""
fi
echo "sm-init-ssm: Detected SageMaker resource: $RESOURCE_NAME [$RESOURCE_ARN]"
SSH_SSM_TAGS="[{\"Key\": \"SSHOwner\", \"Value\": \"$SSH_OWNER_TAG\"}, {\"Key\": \"SSHCreator\", \"Value\": \"$SSH_CREATOR\"}, {\"Key\": \"SSHTimestamp\", \"Value\": \"$SSH_TIMESTAMP\"}, {\"Key\": \"SSHResourceName\", \"Value\": \"$RESOURCE_NAME\"}, {\"Key\": \"SSHResourceArn\", \"Value\": \"$RESOURCE_ARN\"}]"
response=$(aws ssm create-activation \
--description "Activation for Amazon SageMaker integration with SSH and IDEs" \
--iam-role "$SSH_SSM_ROLE" \
--registration-limit 1 \
--region "$CURRENT_REGION" \
--tags "$SSH_SSM_TAGS")
acode=$(echo $response | jq --raw-output '.ActivationCode')
aid=$(echo $response | jq --raw-output '.ActivationId')
if [[ -n $(_print_sm_user_profile_name) && $(_print_sm_user_profile_name) != "null" ]]; then
echo Yes | amazon-ssm-agent -register -id "$aid" -code "$acode" -region "$CURRENT_REGION"
else
echo Yes | sudo amazon-ssm-agent -register -id "$aid" -code "$acode" -region "$CURRENT_REGION"
fi