Posted On: Oct 9, 2020
Amazon SageMaker Studio is the first fully integrated development environment (IDE) for machine learning (ML). With a single click, data scientists and developers can quickly spin up SageMaker Studio Notebooks for exploring datasets and building models. Starting today, you can choose to launch SageMaker Studio in your Amazon Virtual Private Cloud (VPC) for fine-grained control on network access and internet connectivity of SageMaker Studio Notebooks. You can choose to completely disable public internet access for notebooks to add an additional layer of security.
SageMaker Studio Notebooks are internet-enabled by default, so you can download popular software packages, datasets, and sample notebooks for customizing your ML development environment. However, access to internet may open an avenue for unintended download of malicious code or unauthorized access to your systems. You can now choose to launch SageMaker Studio in your VPC to control network access of Studio notebooks. When launched in your VPC, the SageMaker Studio Notebooks can be configured without direct internet access. In this case all the notebook traffic will be securely restricted only to your VPC. This is also useful when you want to connect Studio notebooks to other Amazon Web Services resources such as databases and code repositories hosted in your VPC. In addition, you can make secure, private connections from your SageMaker Studio notebooks to several Amazon Web Services Services using their Amazon PrivateLink or VPC interface endpoints.
The feature is now available in both Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by NWCD. You can enable this feature using Amazon CLI, Amazon SDK, and Amazon Web Services management console for SageMaker. Visit the Amazon SageMaker documentation for more details.