Ensure that Amazon SageMaker notebook instances are not publicly accessible
This rule can help you with the following compliance standards:
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
When your AWS SageMaker notebook instances are publicly accessible, any machine outside the VPC can establish a connection to these instances, increasing the attack surface and the opportunity for malicious activity.
To determine if your VPC-based Amazon SageMaker notebook instances don't have direct internet access feature enabled, perform the following:
To ensure that your Amazon SageMaker notebook instances do not have direct internet access, you need to re-create these instances with the necessary network configuration. To disable direct internet access for an AWS SageMaker notebook instance deployed within a VPC, perform the following actions: