From f17bfa6bc32af242238dac46ebe33574eb2fba3c Mon Sep 17 00:00:00 2001 From: Sergey Novikov Date: Thu, 31 Oct 2024 17:40:12 +0100 Subject: [PATCH] OPS-6304 Fix dynamic blocks --- examples/titan/README.md | 15 ++++++- examples/titan/main.tf | 85 ++++++++++++++++++++++++++++++++------ examples/titan/outputs.tf | 9 ++++ examples/titan/train.jsonl | 1 + 4 files changed, 96 insertions(+), 14 deletions(-) create mode 100644 examples/titan/outputs.tf create mode 100644 examples/titan/train.jsonl diff --git a/examples/titan/README.md b/examples/titan/README.md index 0badb4b..4a0cb82 100644 --- a/examples/titan/README.md +++ b/examples/titan/README.md @@ -10,7 +10,9 @@ ## Providers -No providers. +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | ~> 5.73 | ## Modules @@ -20,7 +22,16 @@ No providers. ## Resources -No resources. +| Name | Type | +|------|------| +| [aws_iam_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_s3_bucket.output](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | +| [aws_s3_bucket.training](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | +| [aws_s3_object.data](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | +| [aws_iam_policy_document.s3_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.trust_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | ## Inputs diff --git a/examples/titan/main.tf b/examples/titan/main.tf index 7e08c28..a3c3530 100644 --- a/examples/titan/main.tf +++ b/examples/titan/main.tf @@ -1,11 +1,78 @@ +# Inspired by: https://docs.aws.amazon.com/bedrock/latest/userguide/model-customization-code-samples.html + +resource "aws_s3_bucket" "training" { + bucket = "bedrock-data-test-training" +} + +resource "aws_s3_bucket" "output" { + bucket = "bedrock-data-test-output" +} + +data "aws_iam_policy_document" "trust_policy" { + statement { + actions = ["sts:AssumeRole"] + + principals { + type = "Service" + identifiers = ["bedrock.amazonaws.com"] + } + } +} + +data "aws_iam_policy_document" "s3_access" { + statement { + actions = [ + "s3:GetObject", + "s3:ListBucket" + ] + resources = [ + "arn:aws:s3:::${aws_s3_bucket.training.id}", + "arn:aws:s3:::${aws_s3_bucket.training.id}/*" + ] + } + statement { + actions = [ + "s3:GetObject", + "s3:PutObject", + "s3:ListBucket" + ] + resources = [ + "arn:aws:s3:::${aws_s3_bucket.output.id}", + "arn:aws:s3:::${aws_s3_bucket.output.id}/*" + ] + } +} + +resource "aws_iam_role" "this" { + name = "CustomModelRole" + assume_role_policy = data.aws_iam_policy_document.trust_policy.json +} + +resource "aws_iam_policy" "this" { + name = "CustomModelRolePolicy" + policy = data.aws_iam_policy_document.s3_access.json +} + +resource "aws_iam_role_policy_attachment" "this" { + role = aws_iam_role.this.name + policy_arn = aws_iam_policy.this.arn +} + +resource "aws_s3_object" "data" { + bucket = aws_s3_bucket.training.id + key = "train.jsonl" + source = "train.jsonl" +} + module "model" { source = "../../" name = "titan" job_name = "titan-job-1" foundation_model_id = "amazon.titan-text-express-v1" - model_role_arn = "arn:aws:iam::123456789101:role/TitanModelRole" + model_role_arn = aws_iam_role.this.arn + model_customization_type = "FINE_TUNING" model_hyperparameters = { "epochCount" = "1" "batchSize" = "1" @@ -13,16 +80,10 @@ module "model" { "learningRateWarmupSteps" = "0" } - output_data_s3_uri = "s3://titan-output-data/data/" - training_data_s3_uri = "s3://titan-training-data/data/train.jsonl" -} - -output "custom_model_arn" { - description = "The ARN of the output model." - value = module.model.custom_model_arn -} + output_data_s3_uri = "s3://${aws_s3_bucket.output.id}" + training_data_s3_uri = "s3://${aws_s3_bucket.training.id}/train.jsonl" -output "job_arn" { - description = "The ARN of the customization job." - value = module.model.job_arn + depends_on = [ + aws_s3_object.data + ] } diff --git a/examples/titan/outputs.tf b/examples/titan/outputs.tf new file mode 100644 index 0000000..8efbd3c --- /dev/null +++ b/examples/titan/outputs.tf @@ -0,0 +1,9 @@ +output "custom_model_arn" { + description = "The ARN of the output model." + value = module.model.custom_model_arn +} + +output "job_arn" { + description = "The ARN of the customization job." + value = module.model.job_arn +} diff --git a/examples/titan/train.jsonl b/examples/titan/train.jsonl new file mode 100644 index 0000000..1911564 --- /dev/null +++ b/examples/titan/train.jsonl @@ -0,0 +1 @@ +{"prompt": "what is AWS", "completion": "it's Amazon Web Services"}