Skip to content

awsandy/secure-ds-workshop-terraform

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

awsandyawsandy
up
Oct 19, 2023
46a008e · Oct 19, 2023

History

80 Commits
.tools
.tools
Aug 25, 2022
00-cloudformation
00-cloudformation
Oct 4, 2023
01-populate-ecr
01-populate-ecr
Oct 4, 2023
01a-lambda-project
01a-lambda-project
Oct 13, 2023
02-infra-domain
02-infra-domain
Oct 19, 2023
03-populate-artifacts
03-populate-artifacts
Oct 4, 2023
04-service-catalog
04-service-catalog
Oct 4, 2023
.DS_Store
.DS_Store
Oct 13, 2023
.gitignore
.gitignore
Mar 7, 2022
README.md
README.md
Oct 3, 2023

Repository files navigation

Terraform components for Secure Data Science Workshop

https://catalog.us-east-1.prod.workshops.aws/v2/workshops/c882cd42-8ec8-4112-9469-9fab33471e85/en-US/

Pre Requisites

Follow the workshop material:

  • Create a Cloud9 Environment

  • Perform these steps in lab1:

cd ~/environment
sudo yum install jq -y
git clone https://github.com/aws-samples/amazon-sagemaker-studio-secure-data-science-workshop.git
cd ~/environment/amazon-sagemaker-studio-secure-data-science-workshop
if [[ "${C9_PROJECT}" ]]; then
  echo "In AWS Cloud9 environment"
  export AWS_ACCOUNT_ID=`curl -s http://169.254.169.254/latest/dynamic/instance-identity/document|jq -r .accountId`
  export AWS_DEFAULT_REGION=`curl -s http://169.254.169.254/latest/dynamic/instance-identity/document|jq -r .region`
fi
./package_cloudformation.sh

Do not run any other steps in Lab 1 Do not do anything in Lab 2

Instead we will use Terraform to:

  • Provision and populate the ECR repo.
  • Create the VPC, subnets, VPC Endpoints, IAM Roles and Policies.
  • Create the SageMaker domain needed by the lab.
  • Create the Code Artifact repos - populated with the required packages.
  • Create the Service Catalog products for provisioning the secure team environment and SageMaker user profiles.

Prepare modified CloudFormation

Step 00 - Copy modified CloudFormation

Copy the modified Cloud Formation Templates into place (used in step 04)

cd ~/environment/secure-ds-workshop-terraform/00-cloudformation
./copy-cf-tos3.sh

Terraform steps

Step 01 - Build private ECR and load custom image

cd ~/environment/secure-ds-workshop-terraform/01-populate-ecr
terraform init
terraform validate && terraform plan -out tfplan 
terraform apply tfplan

Step 02 - Build main Infrastructure and SageMaker Domain

Build the VPC, Artifact rpo and SageMaker Domain

cd ~/environment/secure-ds-workshop-terraform/02-infra-domain
terraform init
terraform validate && terraform plan -out tfplan 
terraform apply tfplan

Step 03

cd ~/environment/secure-ds-workshop-terraform/03-populate-artifacts
terraform init
terraform validate && terraform plan -out tfplan 
terraform apply tfplan

Step 04

cd ~/environment/secure-ds-workshop-terraform/04-service-catalog
terraform init
terraform validate && terraform plan -out tfplan 
terraform apply tfplan

Now proceed with the workshop as usual from

### Lab 3: Secure Team Environment

https://catalog.us-east-1.prod.workshops.aws/v2/workshops/c882cd42-8ec8-4112-9469-9fab33471e85/en-US/security-for-sysops/team-resources/secure-environment-lab

The Terraform content was created using: https://github.com/aws-samples/aws2tf

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages