If you find this project helpful, please consider giving ZenML a star on GitHub. Your support helps promote the project and lets others know it's worth checking out.
Thank you for your support! 🌟
This Terraform module sets up the necessary AWS infrastructure for a ZenML stack. It provisions various AWS services and resources, and registers a ZenML stack using these resources with your ZenML server, allowing you to create an internal MLOps platform for your entire machine learning team.
- Terraform installed (version >= 1.9")
- AWS account set up
- To authenticate with AWS, you need to have the AWS CLI
installed on your machine and you need to have run
aws configure
to set up your credentials. - ZenML (version >= 0.62.0) installed and configured. You'll need a Zenml server deployed in a remote setting where it can be accessed from AWS. You have the option to either self-host a ZenML server or register for a free ZenML Pro account.
The Terraform module in this repository creates the following resources in your AWS account:
- an S3 bucket
- an ECR repository
- an IAM role with the minimum necessary permissions to access the S3 bucket and the ECR repository to build and push container images, store artifacts and run pipelines with SageMaker or SkyPilot.
- depending on the target ZenML Server capabilities, different authentication methods are used:
- for a self-hosted ZenML server, an IAM user is created and a secret key is configured for it and shared with the ZenML server
- for a ZenML Pro account, direct inter-account AWS role assumption is used to authenticate implicitly with the ZenML server, so that no sensitive credentials are shared with the ZenML server. There's only one exception: when the SkyPilot orchestrator is used, this authentication method is not supported, so the IAM user and secret key are used instead.
To use the ZenML stack, you will need to install the required integrations:
- for SageMaker:
zenml integration install aws s3
- for SkyPilot:
zenml integration install aws s3 skypilot_aws
The Terraform module automatically registers a fully functional AWS ZenML stack directly with your ZenML server. The ZenML stack is based on the provisioned AWS resources and is ready to be used to run machine learning pipelines.
The ZenML stack configuration is the following:
- an S3 Artifact Store linked to the S3 bucket
- an ECR Container Registry linked to the ECR repository
- depending on the
orchestrator
input variable:
- a local Orchestrator, if
orchestrator
is set tolocal
. This can be used in combination with the SageMaker Step Operator to selectively run some steps locally and some on SageMaker. - a SageMaker Orchestrator linked to the AWS account, if
orchestrator
is set tosagemaker
(default) - a SkyPilot Orchestrator linked to the AWS account, if
orchestrator
is set toskypilot
- a SageMaker Step Operator linked to the AWS account
- an AWS Service Connector configured with the IAM role credentials and used to authenticate all ZenML components with the AWS account
To use this module, aside from the prerequisites mentioned above, you also need to create a ZenML Service Account API key for your ZenML Server. You can do this by running the following command in a terminal where you have the ZenML CLI installed:
zenml service-account create <service-account-name>
module "zenml_stack" {
source = "zenml-io/zenml-stack/aws"
region = "us-west-2"
orchestrator = "sagemaker" # or "skypilot" or "local"
zenml_server_url = "https://your-zenml-server-url.com"
zenml_api_key = "ZENKEY_1234567890..."
}
output "zenml_stack_id" {
value = module.zenml_stack.zenml_stack_id
}
output "zenml_stack_name" {
value = module.zenml_stack.zenml_stack_name
}
ZenML Documentation ZenML Starter Guide ZenML Examples ZenML Blog
If you need assistance, join our Slack community or open an issue on our GitHub repo.
Features · Roadmap · Report Bug · Sign up for ZenML Pro · Read Blog · Contribute to Open Source · Projects Showcase