Jump to content

Connect SuperML | Leeroopedia MCP: Equip your AI agents with best practices, code verification, and debugging knowledge. Powered by Leeroo — building Organizational Superintelligence. Contact us at founders@leeroo.com.

Implementation:PacktPublishing LLM Engineers Handbook Create Sagemaker User

From Leeroopedia


Knowledge Sources
Domains Infrastructure, AWS, IAM
Last Updated 2026-02-08 08:00 GMT

Overview

Concrete tool for creating an AWS IAM user with SageMaker deployment permissions and generating programmatic access credentials.

Description

The create_sagemaker_user function provisions a dedicated IAM user for SageMaker operations. It creates the user via boto3, attaches five AWS managed policies (AmazonSageMakerFullAccess, AWSCloudFormationFullAccess, IAMFullAccess, AmazonEC2ContainerRegistryFullAccess, AmazonS3FullAccess), and generates an access key pair. The returned dictionary contains the AccessKeyId and SecretAccessKey needed for programmatic AWS access. The __main__ block creates a user named sagemaker-deployer and saves the credentials to a JSON file.

Usage

Run this script as a one-time setup step to create a dedicated IAM user that other deployment scripts use for programmatic AWS access. The generated credentials are consumed by the project's Settings class (via AWS_ACCESS_KEY and AWS_SECRET_KEY environment variables). Must be executed by an AWS principal with IAM administrative permissions.

Code Reference

Source Location

Signature

def create_sagemaker_user(username: str) -> dict:
    """
    Creates an IAM user with SageMaker permissions and generates access credentials.

    Args:
        username: Name for the IAM user to create.

    Returns:
        dict: {"AccessKeyId": str, "SecretAccessKey": str}
    """

Import

from llm_engineering.infrastructure.aws.roles.create_sagemaker_role import create_sagemaker_user

I/O Contract

Inputs

Name Type Required Description
username str Yes Name for the IAM user (e.g., "sagemaker-deployer")

Implicit Requirements:

  • settings.AWS_REGION must be set
  • settings.AWS_ACCESS_KEY must be set
  • settings.AWS_SECRET_KEY must be set
  • boto3 must be installed (poetry install --with aws)

Outputs

Name Type Description
return value dict {"AccessKeyId": str, "SecretAccessKey": str}
sagemaker_user_credentials.json File (side effect) JSON file with credentials when run as __main__

Usage Examples

Direct Function Call

from llm_engineering.infrastructure.aws.roles.create_sagemaker_role import create_sagemaker_user

# Create the deployer user
credentials = create_sagemaker_user("sagemaker-deployer")
print(f"Access Key ID: {credentials['AccessKeyId']}")
# Store SecretAccessKey securely - it cannot be retrieved again

Command-Line Execution

python -m llm_engineering.infrastructure.aws.roles.create_sagemaker_role
# Output: Credentials saved to 'sagemaker_user_credentials.json'

Related Pages

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment
Retrieved from "https://leeroopedia.com/index.php?title=Implementation:PacktPublishing_LLM_Engineers_Handbook_Create_Sagemaker_User&oldid=16906"