I am currently in the process of setting something up with Sagemaker studio in my research lab. However, my supervisor was wondering whether is there a way to set the permissions such that no new user is allowed to spin up a new kernel/instance in sagemaker studio is the cost exceeds a specific amount/threshold?
Thank you, and hope that somebody can provide a bit of insight as I am currently struggling to try to convince my supervisor about it.
It's not available out of the box. You can use CostExplorer or the AWS Pricing API and find the approximate costs, then update the IAM role to deny CreateApp if the costs exceed a threshold.
That said, I would recommend to preventatively restrict the types of instances a user can launch using IAM policies. You can work backwards from the budget and the use cases for your Studio users and set a list of acceptable instance types for Studio (see here for a sample policy). This way, your users' productivity is not affected suddenly due to them reaching the budget threshold.
Secondly, use the auto shutdown extension to shut down apps when they're not in use, and save on costs. See the blog here and a Lifecycle script here
Lastly, one call out - these refer to Studio usage costs only. If your users spin up training jobs and endpoints from Studio - you will have to account for those costs as well.