AWS Config Rule: SageMaker Endpoint Configuration KMS Key Configured
SAGEMAKER_ENDPOINT_CONFIGURATION_KMS_KEY_CONFIGURED
Fernando Honig
Last Update 2 months ago
Description: Checks whether AWS Key Management Service (KMS) key is configured for an Amazon SageMaker endpoint configuration. The rule is NON_COMPLIANT if 'KmsKeyId' is not specified for the Amazon SageMaker endpoint configuration.
Trigger type: Periodic
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
To resolve this manually, head to the AWS SageMaker dashboard in the AWS Console and take a look at the right hand side options. You want to select Inference / Endpoints.
Once here, you will be able to review your current SageMaker endpoints. For New Endpoint configurations, or to edit an existing one, you will need to ensure that the optional encryption key is selected, or a valid KMS key ARN is defined, similar to the image shown below which is an example configuration.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
