Best practice rules for Amazon SageMaker
Trend Micro Cloud One™ – Conformity monitors Amazon SageMaker with the following rules:
- Amazon SageMaker Notebook Instance In VPC
Ensure Amazon SageMaker notebook instances are running inside a Virtual Private Cloud (VPC).
- Notebook Data Encrypted
Ensure that data available on Amazon SageMaker notebook instances is encrypted.
- Notebook Data Encrypted With KMS Customer Master Keys
Ensure Amazon SageMaker notebook instances enforce data-at-rest encryption using KMS CMKs.
- Notebook Direct Internet Access
Ensure Notebook instance is not publicly available