Menu
Amazon SageMaker
Developer Guide

Step 2: Create an Amazon SageMaker Notebook Instance

An Amazon SageMaker notebook instance is a fully managed machine learning (ML) EC2 compute instance running the Jupyter Notebook App. For more information, see .

Note

If necessary, you can change the notebook instance settings, including the ML compute instance type, later.

To create an Amazon SageMaker notebook instance

  1. Open the Amazon SageMaker console at https://console.aws.amazon.com/sagemaker/.

  2. Choose Notebook instances, then choose Create notebook instance.

  3. On the Create notebook instance page, provide the following information:

    1. For Notebook instance name, type ExampleNotebookInstance.

    2. For Instance type, choose ml.t2.medium.

    3. For IAM role, create an IAM role.

      1. Choose Create a new role.

      2. (Optional) If you want to use S3 buckets other than the one you created in Step 1 of this tutorial to store your input data and output, choose them.

        In Step 1 of this tutorial, you created an S3 bucket with sagemaker in its name. This IAM role automatically has permissions to use that bucket. The AmazonSageMakerFullAccess policy, which Amazon SageMaker attaches to the role, gives the role those permissions.

        The bucket that you created in Step 1 is sufficient for the model training exercise in Getting Started. However, as you explore Amazon SageMaker, you might want to access other S3 buckets from your notebook instance. Give Amazon SageMaker permissions to access those buckets.

        To access more S3 buckets from your Amazon SageMaker notebook instance

        1. If you're not concerned about users in your AWS account accessing your data, choose Any S3 bucket.

        2. If your account has sensitive data (such as Human Resources information), restrict access by choosing Specific S3 buckets. You can update the permissions policy attached to the role you are creating later.

          To explicitly control access, Restrict access by choosing None. use bucket and object names and tags as supported by the AmazonSageMakerFullAccess policy. For more information, see Using the AWS Managed Permission Policy (AmazonSageMakerFullAccess) for an Execution Role.

      3. Choose Create role.

        Amazon SageMaker creates an IAM role named AmazonSageMaker-ExecutionRole-YYYYMMDDTHHmmSS. For example, AmazonSageMaker-ExecutionRole-20171125T090800.

        To see the policies that are attached to the role, use the IAM console.

        Open the IAM console at https://console.aws.amazon.com/iam/.

        The following policies are attached to the role:

        • A trust policy that allows Amazon SageMaker to assume the role.

        • The AmazonSageMakerFullAccess AWS managed policy.

        • If you specified access to additional S3 bucket(s) when creating theis role, the customer managed policy attached to the role. The name of the customer managed policy is AmazonSageMaker-ExecutionPolicy-YYYYMMDDTHHmmSS.

        For more information about creating your own IAM role, see Amazon SageMaker Roles .

    4. (Optional) Choose to access resources in a Virtual Private Cloud (VPC).

      To access resources in your VPC from the notebook instance

      1. Choose the VPC and a SubnetId.

      2. For Security Group, choose your VPCs default security group. For the exercises in this guide, the inbound and outbound rules of the default security group are sufficient.

      3. To enable connecting to a resource in your VPC, ensure that the resource resolves to a private IP address in your VPC. For example, to ensure that an Amazon Redshift DNS name resolves to a private IP address, do one of the following:

    5. If you chose to access resources from your VPC, enable direct internet access. For Direct internet access, choose Enable. Otherwise, this notebook instance won't have internet access. Without internet access, you can't train or host models from notebooks on this notebook instance unless your VPC has a NAT gateway and your security group allows outbound connections. For more information, see Notebook Instances Are Enabled with Internet Access by Default.

    6. (Optional) To use shell scripts that run when you create or start the instance, specify a lifecycle configuration. For information, see Step 2.1: (Optional) Customize a Notebook Instance

    7. (Optional) If you want Amazon SageMaker to use an AWS Key Management Service key to encrypt data in the ML storage volume attached to the notebook instance, specify the key.

    8. Choose Create notebook instance.

      In a few minutes, Amazon SageMaker launches an ML compute instance—in this case, a notebook instance—and attaches an ML storage volume to it. The notebook instance has a preconfigured Jupyter notebook server and a set of Anaconda libraries. For more information, see the CreateNotebookInstance API.

  4. When the status of the notebook instance is InService, choose Open next to its name to open the Jupyter dashboard.

    The dashboard provides access to:

    • A folder that contains sample notebooks. To use a sample notebook, on the Files tab, choose the sample_notebook folder. For information about the sample notebooks, see the Amazon SageMaker GitHub repository.

    • The kernels for Jupyter, including those that provide support for Python 2 and 3, Apache MXNet, TensorFlow, and PySpark. To choose a kernel for your notebook instance, use the New menu.

    For more information, see The Jupyter notebook.

Next Step

You are now ready to train your first model. For step-by-step instructions, see Step 3: Train a Model with a Built-in Algorithm and Deploy It.

On this page: