Complete a 3 Question Survey and Earn a re:Post Badge

Help improve AWS Support Official channel in re:Post and share your experience - complete a quick three-question survey to earn a re:Post badge!

Ce contenu n'est pas disponible dans la langue sélectionnée

Nous nous efforçons constamment de rendre le contenu disponible dans la langue sélectionnée. Merci pour votre patience.

How do I configure KMS encryption in a SageMaker AI Notebook instance?

Lecture de 2 minute(s)

I want to configure AWS Key Management Service (AWS KMS) encryption in my Amazon SageMaker AI Notebook instance.

Short description

SageMaker AI Notebook instances support the use of AWS KMS keys to encrypt the storage volumes for protection of your notebook data.

Note: To complete the steps in this article, you must have an existing KMS key.

Resolution

SageMaker AI Notebook instances support the use of AWS KMS keys to encrypt the storage volumes for protection of your notebook data.

Important: To configure your AWS Key encryption, you must have an existing KMS key.

You can add a KMS key to only a new SageMaker AI Notebook instance. Complete the following steps:

Open the SageMaker AI console.
In the navigation pane, choose Notebooks.
Choose Create Notebook Instance, and then enter a name for your notebook instance.

In the Permissions and encryption section, under Encryption key, select your AWS KMS key from the dropdown list. Or, enter an ARN.
Note: Check that the role has sufficient access to the key.

Example:

{
"Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "kms:CreateGrant",
                "kms:Decrypt",
                "kms:GenerateDataKey",
                "kms:GenerateDataKeyWithoutPlaintext",
                "kms:DescribeKey"
            ],
            "Resource": [
              "<KMS key ARN>"
            ],
            "Effect": "Allow"
        }
    ]
}

Review the remaining settings, and then choose Create notebook instance.

To add or edit your custom AWS KMS key to an existing SageMaker AI Notebook instance, create a backup of the notebook instance. Then, create a new notebook instance that you can sync the backup to. Complete the following steps:

Complete the steps in Migrate your work to an Amazon SageMaker notebook instance with Amazon Linux 2.
Note: Review the Considerations section.
When your sync completes, launch the new notebook instance, and then confirm that the content has synced.

Note: For notebook instances that don't have a specified AWS KMS key, SageMaker AI encrypts the storage volumes with a system-managed KMS key.

Sujets

Machine Learning et AI Stockage

Balises

Amazon SageMaker

Langue

English

AWS OFFICIELA mis à jour il y a 8 jours

Aucun commentaire

Contenus pertinents

Serais-je facturée pour des tâches d'étiquetage qui ont été stoppées ?
ldelb
demandé il y a 2 ans
Bedrock Titan completionReason CONTENT_FILTERED
Trento58
demandé il y a un an
Impossible de stop mon instance SageMaker
rePost-User-9472894
demandé il y a 2 ans
Erreur "Amazon Rekognition experienced a service issue." quand je souhaite entrainer mon model
rePost-User-1814428
demandé il y a 2 ans
Désactiver le chiffrement côté serveur sur Amazon S3
rePost-User-6017646
demandé il y a 2 ans
Comment puis-je sauvegarder les données de mon instance de notebook SageMaker AI ?
AWS OFFICIELA mis à jour il y a un mois
Comment ajouter des référentiels de code à mon instance de notebook SageMaker AI ?
AWS OFFICIELA mis à jour il y a un mois
Comment résoudre les erreurs de capacité insuffisante lorsque je lance mes ressources SageMaker AI ?
AWS OFFICIELA mis à jour il y a 2 mois
Comment puis-je vérifier l'utilisation des ressources pour mon instance de bloc-notes SageMaker AI ?
AWS OFFICIELA mis à jour il y a un mois