Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Please validate: SageMaker Endpoint URL Authentication/Authorization

0

Need validation:

  • Once the SageMaker endpoint is deployed. It can be invoked with the Sagemaker Runtime API InvokeEndpoint OR it can be invoked using the endpoint URL+HTTP AZ headers (below).

  • Successful deployment also exposes a URL (on the console) that has the format:

https://runtime.sagemaker.us-east-1.amazonaws.com/endpoints/ENDPOINT-NAME/invocations

What is the purpose of this URL (shown on console)?

In my understanding this URL Cannot be invoked w/o appropriate headers as then there will be a need to have globally unique endpoint name!! THAT IS to invoke this URL it needs to have the "HTTP Authorization headers" (refer: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html)

I have a customer who is concerned that anyone can invoke the URL even from the internet. Tried to do it and received the <MissingTokenException> so I know it can't be done but just want to ensure I have the right explanation. (Test with HTTP/AZ headers pending)

Temas
Aprendizaje automático e IA
Etiquetas
Amazon SageMaker
Idioma
English
AWS
Rajeev Sakhuja
preguntada hace 4 años2268 visualizaciones
1 Respuesta
0
Respuesta aceptada

Your understanding is correct. From the docs:

Amazon SageMaker strips all POST headers except those supported by the API. Amazon SageMaker might add additional headers. You should not rely on the behavior of headers outside those enumerated in the request syntax.

Calls to InvokeEndpoint are authenticated by using AWS Signature Version 4.

AWS
AWS-User-6881815
respondido hace 4 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante