We plan to provide a machine learning algorithm via a [container image](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-byoc-containers.html) and are concerned about. Is it possible that other parties download the docker image for local inspection?

Inspection of algorithm containers for Sagemaker

We plan to provide a machine learning algorithm via a container image and are concerned about. Is it possible that other parties download the docker image for local inspection?

Durga_S
il y a 2 ans
Can you clarify your question? Would you want members in your team to be able to download a custom image you have created? I'm assuming this question is specific to model monitoring.
Norbert
il y a 2 ans
Thanks Durga_S, to clarify: is it possible for unrelated parties to get the source contained in the container image? That is, if the container contains for example Python code that is not open source, would it be possible for unrelated entities to obtain the Python sources?

Sujets

Machine Learning et AI Conteneurs

Balises

Amazon SageMaker Machine Learning et AI Conteneurs

Langue

English

Norbert

demandé il y a 2 ans310 vues

2 réponses

Le plus récent
Le plus de votes
La plupart des commentaires

Ces réponses sont-elles utiles ? Votez pour la bonne réponse pour aider la communauté à bénéficier de vos connaissances.

As long as you have the image pushed to an ECR repository you should be fine, you will want to check access and control permissions to your repository and if you want it in a VPC or not.

AWS-User-7417937

répondu il y a 2 ans

Norbert
il y a 2 ans
Yes, we are pushing to an ECR repository. One more thing I would like to clarify: We want third parties to use the container in sagemaker, but not inspect the containers. Does this align with your understanding? Thanks a lot!

That is, if the container contains for example Python code that is not open source, would it be possible for unrelated entities to obtain the Python sources?

Third parties who can access or download the image will be able to access the internals, i.e. via docker run -it your_secret_image /bin/bash. If you are distributing your container for use, you are distributing the contents of the container for access as well.

jggoyder_CloudStrife

répondu il y a 2 ans

Norbert
il y a 2 ans
Thanks, and yes, I am aware of the fact that if the image is generally available for download, then it can be inspected.

The question is whether sagemaker algorithm containers can be used within sagemaker (that is on the AWS cloud servers) AND at the same time set to NOT be downloadable to unrelated computers.

My idea of how it "should" work is that Sagemaker algorithm containers can be deployed to cloud nodes via the Python API, but not pulled via docker pull etc. That would protect the content of the image and still make the functionality available in sagemaker.

Contenus pertinents

Compte bloque je n'arrive plus a acceder au compt
Shekina Banza
demandé il y a 2 mois
Pourquoi ma facture a doublée
rePost-User-7168342
demandé il y a un an
démarrage d'instances a mon insu
marc
demandé il y a 7 mois
Erreur "Amazon Rekognition experienced a service issue." quand je souhaite entrainer mon model
rePost-User-1814428
demandé il y a un an
Comment résoudre l'erreur d'inférence d’Amazon SageMaker « délai en amont expiré (110 : la connexion a expiré) lors de la lecture de l'en-tête de réponse en amont » ?
AWS OFFICIELA mis à jour il y a 2 ans
Comment résoudre les problèmes liés au transfert de mon conteneur personnalisé vers Amazon SageMaker à des fins d'entraînement ou d'inférence ?
AWS OFFICIELA mis à jour il y a 2 ans
Comment résoudre l’erreur « [AWS service] was unable to place a task because no container instance met all of its requirements » rencontrée dans Amazon ECS ?
AWS OFFICIELA mis à jour il y a un an
Comment puis-je déterminer quelle instance de bloc-notes SageMaker a effectué un appel d'API particulier si toutes les instances utilisent le même rôle IAM ?
AWS OFFICIELA mis à jour il y a 2 ans