Connect to a Notebook Instance Through a VPC Interface Endpoint - Amazon SageMaker

Connect to a Notebook Instance Through a VPC Interface Endpoint

You can connect to your notebook instance from your VPC through an interface endpoint in your Virtual Private Cloud (VPC) instead of connecting over the public internet. When you use a VPC interface endpoint, communication between your VPC and the notebook instance is conducted entirely and securely within the AWS network.

SageMaker notebook instances support Amazon Virtual Private Cloud (Amazon VPC) interface endpoints that are powered by AWS PrivateLink. Each VPC endpoint is represented by one or more Elastic Network Interfaces with private IP addresses in your VPC subnets.

Note

Before you create an interface VPC endpoint to connect to a notebook instance, create an interface VPC endpoint to connect to the SageMaker API. That way, when users call 
CreatePresignedNotebookInstanceUrl to get the URL to connect to the notebook instance, that call also goes through the interface VPC endpoint. For information, see Connect to SageMaker Within your VPC.

You can create an interface endpoint to connect to your notebook instance with either the AWS Management Console or AWS Command Line Interface (AWS CLI) commands. For instructions, see Creating an Interface Endpoint. Make sure that you create an interface endpoint for all of the subnets in your VPC from which you want to connect to the notebook instance.

When you create the interface endpoint, specify aws.sagemaker.Region.notebook as the service name. After you create a VPC endpoint, enable private DNS for your VPC endpoint. Anyone using the SageMaker API, the AWS CLI, or the console to connect to the notebook instance from within the VPC connects to the notebook instance through the VPC endpoint instead of the public internet.

SageMaker notebook instances support VPC endpoints in all AWS Regions where both Amazon VPC and SageMaker are available.

To connect to your notebook instance through your VPC, you either have to connect from an instance that is inside the VPC, or connect your private network to your VPC by using an AWS Virtual Private Network (AWS VPN) or AWS Direct Connect. For information about AWS VPN, see VPN Connections in the Amazon Virtual Private Cloud User Guide. For information about AWS Direct Connect, see Creating a Connection in the AWS Direct Connect User Guide.

You can create a policy for Amazon VPC endpoints for SageMaker notebook instances to specify the following:

  • The principal that can perform actions.

  • The actions that can be performed.

  • The resources on which actions can be performed.

For more information, see Controlling Access to Services with VPC Endpoints in the Amazon VPC User Guide.

The following example of a VPC endpoint policy specifies that all users that have access to the endpoint are allowed to access the notebook instance named myNotebookInstance.

{ "Statement": [ { "Action": "sagemaker:CreatePresignedNotebookInstanceUrl", "Effect": "Allow", "Resource": "arn:aws:sagemaker:us-west-2:123456789012:notebook-instance/myNotebookInstance", "Principal": "*" } ] }

Access to other notebook instances is denied.

Even if you set up an interface endpoint in your VPC, individuals outside the VPC can connect to the notebook instance over the internet.

Important

If you apply an IAM policy similar to one of the following, users can't access the specified SageMaker APIs or the notebook instance through the console.

To restrict access to only connections made from within your VPC, create an AWS Identity and Access Management policy that restricts access to only calls that come from within your VPC. Then add that policy to every AWS Identity and Access Management user, group, or role used to access the notebook instance.

Note

This policy allows connections only to callers within a subnet where you created an interface endpoint.

{ "Id": "notebook-example-1", "Version": "2012-10-17", "Statement": [ { "Sid": "Enable Notebook Access", "Effect": "Allow", "Action": [ "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:DescribeNotebookInstance" ], "Resource": "*", "Condition": { "StringEquals": { "aws:SourceVpc": "vpc-111bbaaa" } } } ] }

If you want to restrict access to the notebook instance to only connections made using the interface endpoint, use the aws:SourceVpce condition key instead of aws:SourceVpc:

{ "Id": "notebook-example-1", "Version": "2012-10-17", "Statement": [ { "Sid": "Enable Notebook Access", "Effect": "Allow", "Action": [ "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:DescribeNotebookInstance" ], "Resource": "*", "Condition": { "ForAnyValue:StringEquals": { "aws:sourceVpce": [ "vpce-111bbccc", "vpce-111bbddd" ] } } } ] }

Both of these policy examples assume that you have also created an interface endpoint for the SageMaker API. For more information, see Connect to SageMaker Within your VPC. In the second example, one of the values for aws:SourceVpce is the ID of the interface endpoint for the notebook instance. The other is the ID of the interface endpoint for the SageMaker API.

The policy examples here include 
 DescribeNotebookInstance, because typically you would call DescribeNotebookInstance to make sure that the NotebookInstanceStatus is InService before you try to connect to it. For example:

aws sagemaker describe-notebook-instance \ --notebook-instance-name myNotebookInstance { "NotebookInstanceArn": "arn:aws:sagemaker:us-west-2:1234567890ab:notebook-instance/mynotebookinstance", "NotebookInstanceName": "myNotebookInstance", "NotebookInstanceStatus": "InService", "Url": "mynotebookinstance.notebook.us-west-2.sagemaker.aws", "InstanceType": "ml.m4.xlarge", "RoleArn": "arn:aws:iam::1234567890ab:role/service-role/AmazonSageMaker-ExecutionRole-12345678T123456", "LastModifiedTime": 1540334777.501, "CreationTime": 1523050674.078, "DirectInternetAccess": "Disabled" } aws sagemaker create-presigned-notebook-instance-url --notebook-instance-name myNotebookInstance { "AuthorizedUrl": "https://mynotebookinstance.notebook.us-west-2.sagemaker.aws?authToken=AuthToken }
Note

The presigned-notebook-instance-url, AuthorizedUrl, generated can be used from anywhere on the internet.

For both of these calls, if you did not enable private DNS hostnames for your VPC endpoint, or if you are using a version of the AWS SDK that was released before August 13, 2018, you must specify the endpoint URL in the call. For example, the call to create-presigned-notebook-instance-url is:

aws sagemaker create-presigned-notebook-instance-url --notebook-instance-name myNotebookInstance --endpoint-url VPC_Endpoint_ID.api.sagemaker.Region.vpce.amazonaws.com