Direct internet access enabled for SageMaker Notebook Instance Affecting Sagemaker service in AWS

Snyk CCSS

Network / Best Practices

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CSA-CCM ISO-27001 SOC-2

Snyk ID SNYK-CC-00308
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

The compromised instance will be able to exfiltrate data without any restrictions.

How to fix?

Set Properties.DirectInternetAccess attribute to Disabled. Note you will have to configure required VPC configuration to establish any network connectivity to the Internet.

CloudFormation

Terraform

References

infrastructure-connect-to-resources.html