AWS Config Rule: SageMaker Notebook No Direct Internet Access

SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS

Fernando Honig

Last Update hace 7 meses

Description: Checks whether direct internet access is disabled for an Amazon SageMaker notebook instance. The rule is NON_COMPLIANT if Amazon SageMaker notebook instances are internet-enabled.


Trigger type: Periodic


AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region


How to Resolve Manually

To resolve this manually, head to your AWS SageMaker Dashboard within the AWS Console and take a look at the left hand side menu, you'll want to navigate to Notebook / Notebook Instances.


When configuring or modifying a notebook instance, if you take a look at the settings within the Network tab, you will see Direct Internet Access. This setting will either allow access to the internet through Amazon SageMaker directly (enabled), or you can gain access through a VPC (disabled)


For the latter, ensure you choose a VPC in the settings and assign a Subnet, and one or more Security Groups.


Be sure to allow your VPC access to the internet through a NAT Gateway and that your network configuration is allowing outbound access.


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us