Notebook Direct Internet Access

01 Sign in to the AWS Management Console.

02 Navigate to Amazon SageMaker console at https://console.aws.amazon.com/sagemaker/.

03 In the main navigation panel, select Notebook, then choose Notebook instances.

04 Click on the name (link) of the notebook instance that you want to examine.

05 In the Network section, check for any VPC network configuration information such as VPC subnet IDs and security group IDs. If the VPC configuration information is not available in the Network section, instead the following status is displayed: "No custom VPC settings applied.", the selected SageMaker Studio notebook instance is not running within a VPC network, therefore you can follow the steps outlined in this conformity rule to deploy the selected instance to a VPC. Otherwise, if the notebook instance is configured to run within a VPC, check the Direct internet access setting status. If Direct internet access is set to Enabled, the selected Amazon SageMaker Studio notebook instance is publicly accessible.

06 Repeat steps no. 4 and 5 for each notebook instance provisioned within the current AWS region.

07 Change the AWS cloud region from the navigation bar and repeat the Audit process for other regions.

01 Runlist-notebook-instances command (OSX/Linux/UNIX) to list the name of each SageMaker Studio notebook instance provisioned in the selected AWS region:

aws sagemaker list-notebook-instances
  --region us-east-1
  --query 'NotebookInstances[*].NotebookInstanceName'

02 The command output should return the requested notebook instance names:

[
	"cc-sagemaker-ml-instance",
	"cc-ml-notebook-instance"
]

03 Rundescribe-notebook-instancecommand (OSX/Linux/UNIX) using the name of the Amazon SageMaker Studio notebook instance that you want to examine as the identifier parameter and custom query filters to describe the ID of the VPC subnet where the selected instance was deployed:

aws sagemaker describe-notebook-instance
  --region us-east-1
  --notebook-instance-name cc-sagemaker-ml-instance
  --query 'SubnetId'

04 The command output should return the one of the following values:

1. If the describe-notebook-instance command output returns null, as shown in the example below, the selected SageMaker Studio notebook instance is not running inside a VPC network, therefore the Audit process ends here. To deploy your notebook instance to a Virtual Private Cloud (VPC), follow the steps outlined in this conformity rule:
   null
   

2. If the command output returns the requested information, i.e. the ID of the VPC subnet where the notebook instance was deployed, as shown in the example below, continue the Audit process with the next step:
   "subnet-abcd1234abcd1234"
   

05 Rundescribe-notebook-instance command (OSX/Linux/UNIX) using the name of the VPC-enabled notebook instance that you want to examine as the identifier parameter, to describe the direct internet access settings status available for the selected notebook instance:

aws sagemaker describe-notebook-instance
  --region us-east-1
  --notebook-instance-name cc-sagemaker-ml-instance
  --query 'DirectInternetAccess'

06 The command output should return the requested configuration setting status:

"Enabled"

07 Repeat steps no. 3 – 6 for each notebook instance provisioned in the selected AWS region.

08 Change the AWS cloud region by updating the --region command parameter value and repeat steps no. 1 – 7 to perform the Audit process for other regions.

01 CloudFormation template (JSON):

{
	"AWSTemplateFormatVersion": "2010-09-09",
	"Description": "Disable Direct Internet Access",
	"Resources": {
		"VpcNetwork": {
			"Type": "AWS::EC2::VPC",
			"Properties": {
				"CidrBlock": "10.0.0.0/16",
				"EnableDnsHostnames": true,
				"EnableDnsSupport": true,
				"InstanceTenancy": "default"
			}
		},
		"SageMakerInstanceExecutionRole": {
			"Type": "AWS::IAM::Role",
			"Properties": {
				"AssumeRolePolicyDocument": {
					"Version": "2012-10-17",
					"Statement": [
						{
							"Effect": "Allow",
							"Principal": {
								"Service": [
									"sagemaker.amazonaws.com"
								]
							},
							"Action": [
								"sts:AssumeRole"
							]
						}
					]
				},
				"Path": "/",
				"ManagedPolicyArns": [
					"arn:aws:iam::aws:policy/AmazonSageMakerReadOnly"
				]
			}
		},
		"SageMakerNotebookSubnet": {
			"Type": "AWS::EC2::Subnet",
			"Properties": {
				"VpcId": {
					"Ref": "VpcNetwork"
				}
			}
		},
		"SageMakerNotebookInstance": {
			"Type": "AWS::SageMaker::NotebookInstance",
			"Properties": {
				"InstanceType": "ml.t2.large",
				"RoleArn": {
					"Fn::GetAtt": [
						"SageMakerInstanceExecutionRole",
						"Arn"
					]
				},
				"SecurityGroupIds": [
					"sg-0abcd1234abcd1234",
					"sg-01234abcd1234abcd"
				],
				"SubnetId": {
					"Ref": "SageMakerNotebookSubnet"
				},
				"DirectInternetAccess": "Disabled"
			}
		}
	}
}

02 CloudFormation template (YAML):

AWSTemplateFormatVersion: '2010-09-09'
	Description: Disable Direct Internet Access
	Resources:
	VpcNetwork:
		Type: AWS::EC2::VPC
		Properties:
		CidrBlock: 10.0.0.0/16
		EnableDnsHostnames: true
		EnableDnsSupport: true
		InstanceTenancy: default
	SageMakerInstanceExecutionRole:
		Type: AWS::IAM::Role
		Properties:
		AssumeRolePolicyDocument:
			Version: '2012-10-17'
			Statement:
			- Effect: Allow
				Principal:
				Service:
					- sagemaker.amazonaws.com
				Action:
				- sts:AssumeRole
		Path: /
		ManagedPolicyArns:
			- arn:aws:iam::aws:policy/AmazonSageMakerReadOnly
	SageMakerNotebookSubnet:
		Type: AWS::EC2::Subnet
		Properties:
		VpcId: !Ref 'VpcNetwork'
	SageMakerNotebookInstance:
		Type: AWS::SageMaker::NotebookInstance
		Properties:
		InstanceType: ml.t2.large
		RoleArn: !GetAtt 'SageMakerInstanceExecutionRole.Arn'
		SecurityGroupIds:
			- sg-0abcd1234abcd1234
			- sg-01234abcd1234abcd
		SubnetId: !Ref 'SageMakerNotebookSubnet'
		DirectInternetAccess: Disabled

01 Terraform configuration file (.tf):

terraform {
	required_providers {
		aws = {
			source  = "hashicorp/aws"
			version = "~> 4.0"
		}
	}

	required_version = ">= 0.14.9"
}

provider "aws" {
	profile = "default"
	region  = "us-east-1"
}

resource "aws_vpc" "vpc-network" {
	cidr_block = "10.0.0.0/16"
	enable_dns_hostnames = true
	enable_dns_support = true
	instance_tenancy = "default"  
}

resource "aws_iam_role" "iam-role" {
	name = "sagemaker-instance-execution-role"
	path = "/"
	managed_policy_arns = [ "arn:aws:iam::aws:policy/AmazonSageMakerReadOnly" ]
	assume_role_policy = <<EOF
	{
		"Version": "2012-10-17",
		"Statement": [
			{
				"Action": "sts:AssumeRole",
				"Principal": {
					"Service": "sagemaker.amazonaws.com"
				},
				"Effect": "Allow"
			}
		]
	}
	EOF
}

resource "aws_subnet" "sagemaker-notebook-subnet" {
	vpc_id     = aws_vpc.vpc-network.id
	cidr_block = "10.0.1.0/24"
}

resource "aws_sagemaker_notebook_instance" "sagemaker-notebook-instance" {
	name            = "cc-prod-notebook-instance"
	instance_type   = "ml.t2.medium"
	role_arn        = aws_iam_role.iam-role.arn
	subnet_id       = aws_subnet.sagemaker-notebook-subnet.id
	security_groups = [ "sg-0abcd1234abcd1234", "sg-01234abcd1234abcd" ]

	# Disable Direct Internet Access
	direct_internet_access = Disabled
}

01 Sign in to the AWS Management Console.

02 Navigate to Amazon SageMaker console at https://console.aws.amazon.com/sagemaker/.

03 To prevent Amazon SageMaker from providing Internet access to your SageMaker Studio notebooks as a first layer of protection, you must disable Internet access by configuring your domain to use the VPC Only mode for network access. To enable VPC Only for your SageMaker domain, follow the steps presented here to re-deploy your domain with the required network access configuration.

04 After VPC Only is enabled for your SageMaker domain, you can disable direct internet access for your notebook instances as a second layer of protection. To get started, in the main navigation panel, select Notebook, then choose Notebook instances.

05 Click on the name of the notebook instance that you want to reconfigure and copy the instance configuration details such as instance type, volume size, instance permissions, etc.

06 Navigate back to the Notebook instances listing page, and choose Create notebook instance to initiate the launch process.

07 On Create notebook instance setup page, perform the following actions:

1. For Notebook instance name, provide a unique name for the new SageMaker Studio notebook instance.
2. From the Notebook instance type dropdown list, select the same instance type as the source notebook instance, copied at step no. 5.
3. (Optional) Choose the type of the Amazon Elastic Inference (EI) that you want to use for your instance, from the Elastic Inference dropdown list.
4. Select the same platform as the source notebook instance from Platform identifier dropdown list.
5. Select Additional configuration, and perform the following actions:
   • From Lifecycle configuration – optional dropdown list, select the available lifecycle configuration to customize your notebook environment with default scripts and plugins.
   • For Volume size in GB – optional, enter the volume size of the notebook instance in GB, copied at step no. 5.
6. Choose the same IAM role as the one created for the source notebook instance from the IAM role dropdown list.
7. For Root access – optional, choose whether or not to give users root access to your new netbook instance.
8. Select the name (alias) of the KMS key that you want to use for storage volume encryption from the Encryption key – optional dropdown list.
9. Select Network – optional and choose the ID of the VPC network where you want to deploy your new notebook instance, from the VPC – optional dropdown list.
10. Choose the ID of the VPC subnet that you want to use for your notebook instance from the Subnet dropdown list.
11. For Security group(s), select one or more security groups based on your access policy requirements.
12. For Direct internet access, select Disable — Access the internet through a VPC to disable direct internet access and protect against unintended access. If Internet access is required to train or host models, make sure that your VPC network has an interface endpoint (i.e. AWS PrivateLink) configured or NAT gateway installed, and your security group allows outbound connections.
13. Select Git repositories – optional and configure any required Git repositories.
14. Choose Tags – optional, and create any necessary tags, according to the source instance tagging scheme.
15. ChooseCreate notebook instance to launch your new Amazon SageMaker Studio notebook instance.

08 Once your notebook instance is created, copy the data from the source instance to the new (destination) instance.

09 (Optional) You can remove the source notebook instance from your AWS cloud account to avoid further charges. To delete the unneeded notebook instance, perform the following operations:

1. Select the SageMaker Studio notebook instance that you want to remove.
2. Choose Actions and select the Delete option.
3. Inside the Delete <notebook-instance-name> confirmation box, choose Delete to remove the instance from your AWS account.

10 Repeat steps no. 5 – 9 for each notebook instance available within the current AWS region.

11 Change the AWS cloud region from the navigation bar and repeat the Remediation process for other regions.

01 To prevent Amazon SageMaker from providing Internet access to your SageMaker Studio notebooks, you must disable Internet access by configuring your domain to use the VPC Only mode for network access. To enable VPC Only for your SageMaker domain, follow the steps outlined here to re-deploy your domain with the required network access configuration.

02 Run describe-notebook-instance command (OSX/Linux/UNIX) using the name of the SageMaker Studio notebook instance that you want to re-create as the identifier parameter, to describe the configuration information available for the selected notebook instance, information required for the next steps when the new instance will be created:

aws sagemaker describe-notebook-instance
  --region us-east-1
  --notebook-instance-name cc-sagemaker-ml-instance

03 The command output should return the requested configuration details:

{
	"NotebookInstanceStatus": "InService",
	"Url": "cc-sagemaker-ml-instance.notebook.us-east-1.sagemaker.aws",
	"RoleArn": "arn:aws:iam::123456789012:role/service-role/AmazonSageMaker-ExecutionPolicy-20180921T204001",
	"NotebookInstanceName": "cc-sagemaker-ml-instance",
	"CreationTime": 1537512545.117,
	"NotebookInstanceArn": "arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/cc-sagemaker-ml-instance",
	"SecurityGroups": [
		"sg-aabbccdd012345678"
	],
	"SubnetId": "subnet-1234abcd",
	"LastModifiedTime": 1537514345.153,
	"InstanceType": "ml.t2.large"
}

04 Run create-notebook-instance command (OSX/Linux/UNIX) using the configuration information returned at the previous step to relaunch your SageMaker Studio notebook instance without direct internet access, in order to protect the instance against unauthorized access. If Internet access is required to train or host models, ensure that your VPC has an interface endpoint (i.e. AWS PrivateLink) configured or NAT gateway installed, and your security group allows outbound connections:

aws sagemaker create-notebook-instance
  --region us-east-1
  --notebook-instance-name cc-direct-sagemaker-ml-instance
  --instance-type ml.t2.large
  --role-arn arn:aws:iam::123456789012:role/service-role/AmazonSageMaker-ExecutionRole-20220816T204001
  --subnet-id subnet-1234abcd1234abcd
  --security-group-ids sg-aabbccdd012345678
  --direct-internet-access Disabled

05 The command output should return the ARN of the new SageMaker Studio notebook instance:

{
	"NotebookInstanceArn": "arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/cc-direct-sagemaker-ml-instance"
}

06 Copy the data from the source notebook instance to the new (destination) instance.

07 (Optional) You can remove the source SageMaker Studio notebook instance from your AWS account in order to avoid further charges. To delete the unneeded notebook instance, run delete-notebook-instance command (OSX/Linux/UNIX), using the name of the instance that you want to delete as the identifier parameter (the command does not produce an output):

aws sagemaker delete-notebook-instance
  --region us-east-1
  --notebook-instance-name cc-sagemaker-ml-instance

08 Repeat steps no. 1 – 7 for each notebook instance provisioned in the selected AWS region.

09 Change the AWS cloud region by updating the --region command parameter value and repeat the Remediation process for other regions.