CloudWiki
Rules
Medium

Ensure SageMaker Notebook Direct Internet Access is disabled

Security & Compliance
APRA
GDPR
HIPAA
NIST4
PCI-DSS
AWS Foundational Security Best Practices Controls
ISO 27701
Description

Amazon SageMaker Notebook instances can be configured to allow or deny direct internet access. If direct internet access is allowed, it may pose security risks as the instances can potentially communicate with the internet and expose sensitive data or resources. Ensuring that SageMaker Notebook Direct Internet Access is disabled is triggered when a notebook instance is detected to have direct internet access enabled. The violation is raised to alert the user to disable direct internet access to the notebook instance to reduce the risk of unauthorized access to the instance and data. This rule is particularly relevant in cases where the notebook instances are used for sensitive data processing or analysis.‍

Remediation

To ensure SageMaker Notebook Direct Internet Access is disabled, you can take the following steps:

  1. Open the SageMaker console and choose the notebook instance you want to modify.
  2. Choose "Edit" from the "Actions" drop-down menu.
  3. In the "Networking" section, select "No internet access".
  4. Choose "Save" to apply the changes.
  5. Test the notebook instance to ensure that it has no direct internet access by attempting to access a public internet resource.
  6. Repeat these steps for any other notebook instances that need to have direct internet access disabled.

It is important to note that disabling direct internet access may impact the functionality of some notebooks that require internet access to function properly. Therefore, it is recommended that you test the notebook instance thoroughly after disabling direct internet access to ensure that it continues to function as intended.

Enforced Resources
SageMaker Notebook
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.