Network misconfigurations

AWS SageMaker notebook instance is not launched within a custom VPC

Platform(s)
Compliance Frameworks

Description

AWS SageMaker is a service that enables to create, train, and deploy machine-learning models in the cloud. AWS SageMaker notebook instance provides a Jupyter notebook app through a fully managed machine learning AWS EC2 instance, and used to perform advanced data exploration. When you launch a notebook instance without specifying a custom VPC, the instance will be launched in the default SageMaker service VPC. It was detected that the AWS SageMaker notebook instance {AwsSagemakerNotebookInstance} is not launched within a custom virtual private cloud (VPC). It is advised to keep your resources inside a custom VPC whenever possible to ensure secure network protection of your infrastructure. With an Amazon VPC, you can control the network access and internet connectivity of your SageMaker Studio and notebook instances.

  • Recommended Mitigation

    Since it's impossible to change the VPC setting after creating a notebook instance, it is recommended to delete and recreate the instance.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.