AWS Config Rule: SageMaker Notebook No Direct Internet Access
SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS
Fernando Honig
Last Update hace 7 meses
Description: Checks whether direct internet access is disabled for an Amazon SageMaker notebook instance. The rule is NON_COMPLIANT if Amazon SageMaker notebook instances are internet-enabled.
Trigger type: Periodic
AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region
How to Resolve Manually
To resolve this manually, head to your AWS SageMaker Dashboard within the AWS Console and take a look at the left hand side menu, you'll want to navigate to Notebook / Notebook Instances.
When configuring or modifying a notebook instance, if you take a look at the settings within the Network tab, you will see Direct Internet Access. This setting will either allow access to the internet through Amazon SageMaker directly (enabled), or you can gain access through a VPC (disabled)
For the latter, ensure you choose a VPC in the settings and assign a Subnet, and one or more Security Groups.
Be sure to allow your VPC access to the internet through a NAT Gateway and that your network configuration is allowing outbound access.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here