Amazon_SageMaker_3

Ensure that SageMaker Notebook does not have direct internet access

Description

When your AWS SageMaker notebook instances are publicly accessible, any machine outside the VPC can establish a connection to these instances,

Remediation

There is no possibility to disable Direct Internet Access to your SageMaker. To ensure that your AWS SageMaker notebook instances do not have direct internet access, you need to re-create these:


While creating a new SageMaker, ensure notebook instances do not have direct internet access.

1. Log in to the AWS Management Console:

2. Go to to SageMaker service dashboard at https://console.aws.amazon.com/sagemaker/

3. Create notebook Instance.

4. Under Network – Select VPC and ensure that Direct internet access” is set to “Disable — Access the internet through a VPC”.

5. For More Information refer here: https://docs.aws.amazon.com/sagemaker/latest/dg/gs-setup-working-env.html

Service

SageMaker

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!