Profile Applicability:

  • Level 1

Description:

Amazon SageMaker is a fully managed service that allows data scientists and developers to quickly build, train, and deploy machine learning models. SageMaker Notebook Instances are managed Jupyter notebook environments for running machine learning code. This SOP ensures that SageMaker Notebook Instances are not configured with direct internet access unless absolutely necessary. Allowing direct internet access can expose the instances to security risks. Typically, internet access should be controlled through a VPC with proper security mechanisms.

Rationale:

  • Security: Allowing direct internet access to SageMaker Notebook Instances can expose them to security threats, such as unauthorized data access or malware.

  • Compliance: Security standards and compliance frameworks (such as SOC 2 and HIPAA) recommend limiting internet access to sensitive services, ensuring that the communication is securely managed through a VPC or private network.

  • Control: Restricting internet access to SageMaker Notebook Instances ensures that only authorized communication occurs, protecting sensitive data and preventing external threats.

Impact:

Pros:

  • Improved Security: Reduces the potential attack surface by blocking unnecessary internet access.

  • Compliance: Helps meet security requirements for network isolation, which is part of many compliance frameworks.

  • Control over Network Traffic: Ensures that internet traffic is routed through controlled, secure environments such as VPC.

Cons:

  • Limited Access: Some use cases may require internet access for downloading datasets or accessing external APIs. Restrictions could require workarounds.

  • Increased Complexity: Additional configurations, such as setting up a NAT Gateway for controlled access to the internet, may be required.

Default Value:

By default, SageMaker Notebook Instances are not configured with internet access, and they are typically deployed in a private subnet within a VPC. Direct internet access should be explicitly configured.

Pre-requisite:

  • AWS IAM Permissions:

    • sagemaker:DescribeNotebookInstance

    • ec2:DescribeSubnets

  • AWS CLI installed and configured.

  • SageMaker Notebook Instance is created and operational.

  • VPC setup with either private or public subnets configured.

Test Plan:

Using AWS Console:

  1. Sign in to the AWS Management Console.

  2. Navigate to Amazon SageMaker under Services.

  3. In the SageMaker Dashboard, select Notebook instances.

  4. Choose the Notebook Instance you want to review.

  5. Under Notebook Instance settings, check if the instance is deployed in a VPC:

    • If the instance is in a private subnet without Internet Gateway (IGW) or NAT Gateway configured, it does not have direct internet access.

    • If the instance is in a public subnet or has NAT Gateway configured, it has direct internet access.

  6. Review the Security Group attached to the Notebook Instance to ensure that no inbound or outbound rules allow unrestricted internet access.

Using AWS CLI:

  1. To describe the SageMaker Notebook Instance and verify the VPC and subnet configuration, run:

    aws sagemaker describe-notebook-instance --notebook-instance-name <notebook-instance-name> --query 'NotebookInstanceArn'

  2. Once you have the Notebook Instance ARN, use the EC2 CLI to describe the subnet:

    aws ec2 describe-subnets --subnet-ids <subnet-id> --query 'Subnets[*].{SubnetId:SubnetId,MapPublicIpOnLaunch:MapPublicIpOnLaunch}'

  3. If the MapPublicIpOnLaunch is true, the instance has internet access through the public subnet. If it's false, the instance is likely configured for private access.

Implementation Steps:

Using AWS Console:

  1. Sign in to the AWS Management Console and navigate to Amazon SageMaker.

  2. In the SageMaker Dashboard, select Notebook instances.

  3. Choose the Notebook Instance and check its configuration:

    • If the instance has direct internet access, consider moving it to a private subnet within a VPC with restricted internet access through NAT Gateway or VPN.

  4. Ensure that Security Groups are configured to restrict inbound and outbound internet traffic unless necessary.

  5. If necessary, modify the subnet or security groups for appropriate isolation.

Using AWS CLI:

  1. To modify the Notebook Instance configuration to restrict internet access, ensure it is deployed in a private subnet without Internet Gateway or NAT Gateway.

  2. Update the VPC and subnet configurations if necessary:

    aws ec2 modify-subnet-attribute --subnet-id <subnet-id> --no-map-public-ip-on-launch


Backout Plan:

Using AWS Console:

  1. If restricting internet access causes issues with external dependencies, navigate to the SageMaker Notebook instance settings.

  2. Modify the network configuration:

    • If needed, reassign the instance to a public subnet with a public IP for internet access.

  3. Save the changes and verify that the notebook instance has internet access again.

Using AWS CLI:

  1. If network restrictions cause issues, reconfigure the subnet and security group to allow internet access:

    aws ec2 modify-subnet-attribute --subnet-id <SUBNET_ID> --map-public-ip-on-launch
aws ec2 authorize-security-group-egress --group-id <SECURITY_GROUP_ID> --cidr 0.0.0.0/0 --protocol tcp --port 443 --region <REGION>

  1. Verify that the notebook instance now has internet access:

    aws sagemaker describe-notebook-instance --notebook-instance-name <NOTEBOOK_INSTANCE_NAME> --region <RE

References:

CIS Controls Mapping:

Version

Control ID

Control Description

IG1

IG2

IG3

v8

3.4

Encrypt Data on End-User Devices – Ensure data encryption during file system access.

v8

6.7

Implement Application Layer Filtering and Content Control – Ensure appropriate content filtering is applied to sensitive files.

v8

6.8

Define and Maintain Role-Based Access Control – Implement and manage role-based access for file systems.

v8

14.6

Protect Information Through Access Control Lists – Apply strict access control to file systems.