# Connect to SageMaker AI Within your VPC
You can connect directly to the SageMaker API or to Amazon SageMaker Runtime through an [interface endpoint](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpce-interface.html) in your virtual private cloud (VPC) instead of connecting over the internet. When you use a VPC interface endpoint, communication between your VPC and the SageMaker AI API or Runtime is conducted entirely and securely within an AWS network.
## Connect to SageMaker AI through a VPC interface endpoint
The SageMaker API and SageMaker AI Runtime support [Amazon Virtual Private Cloud](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html) (Amazon VPC) interface endpoints that are powered by [AWS PrivateLink](https://aws.amazon.com/privatelink). Each VPC endpoint is represented by one or more [Elastic Network Interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) with private IP addresses in your VPC subnets. For example, an application inside your VPC uses AWS PrivateLink to communicate with SageMaker AI Runtime. SageMaker AI Runtime in turn communicates with the SageMaker AI endpoint. Using AWS PrivateLink allows you to invoke your SageMaker AI endpoint from within your VPC, as shown in the following diagram.
![\[\]](http://docs.aws.amazon.com/sagemaker/latest/dg/images/security-vpc-SM.png)
The VPC interface endpoint connects your VPC directly to the SageMaker API or SageMaker AI Runtime using AWS PrivateLink without using an internet gateway, NAT device, VPN connection, or Direct Connect connection. The instances in your VPC do not need to connect to the public internet in order to communicate with the SageMaker API or SageMaker AI Runtime.
You can create an AWS PrivateLink interface endpoint to connect to SageMaker AI or to SageMaker AI Runtime using either the AWS Management Console or AWS Command Line Interface (AWS CLI). For instructions, see [Access an AWS service using an interface VPC endpoint](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpce-interface.html#create-interface-endpoint).
If you haven't enabled a private Domain Name System (DNS) hostname for your VPC endpoint, *after you have created a VPC endpoint*, specify the internet endpoint URL to the SageMaker API or SageMaker AI Runtime. Example code using AWS CLI commands to specify the `endpoint-url` parameter follows.
```
aws sagemaker list-notebook-instances --endpoint-url VPC_Endpoint_ID.api.sagemaker.Region.vpce.amazonaws.com
aws sagemaker list-training-jobs --endpoint-url VPC_Endpoint_ID.api.sagemaker.Region.vpce.amazonaws.com
aws sagemaker-runtime invoke-endpoint --endpoint-url https://VPC_Endpoint_ID.runtime.sagemaker.Region.vpce.amazonaws.com \
--endpoint-name Endpoint_Name \
--body "Endpoint_Body" \
--content-type "Content_Type" \
Output_File
```
If you enable private DNS hostnames for your VPC endpoint, you don't need to specify the endpoint URL because the default hostname (https://api.sagemaker.*Region*.amazon.com) resolves to your VPC endpoint. Similarly, the default SageMaker AI Runtime DNS hostname (https://runtime.sagemaker.*Region*.amazonaws.com) also resolves to your VPC endpoint.
The SageMaker API and SageMaker AI Runtime support VPC endpoints in all AWS Regions where both [Amazon VPC](https://docs.aws.amazon.com/general/latest/gr/rande.html#vpc_region) and [SageMaker AI](https://docs.aws.amazon.com/general/latest/gr/rande.html#sagemaker_region) ares available. SageMaker AI supports making calls to all of its [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Operations.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Operations.html) inside your VPC. If you use the `AuthorizedUrl` from the [
 CreatePresignedNotebookInstanceUrl](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html) command, your traffic will go over the public internet. You can't only use a VPC endpoint to access the presigned URL, the request must go through the internet gateway.
By default, your users can share the presigned URL to people outside of your corporate network. For additional security, you must add IAM permissions to restrict the URL only be usable within your network. For information about IAM permissions, see [How AWS PrivateLink works with IAM](https://docs.aws.amazon.com/vpc/latest/privatelink/security_iam_service-with-iam.html).
**Note**
When setting up a VPC interface endpoint for the SageMaker AI Runtime service (https://runtime.sagemaker.`Region`.amazonaws.com), you must ensure that the VPC interface endpoint is activated in the Availability Zone of your client in order for private DNS resolution to work. Otherwise, you may see DNS failures when attempting to resolve the URL.
To learn more about AWS PrivateLink, see the [AWS PrivateLink documentation](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html#what-is-privatelink). Refer to [AWS PrivateLink Pricing](https://aws.amazon.com/privatelink/pricing/) for the price of VPC endpoints. To learn more about VPC and endpoints, see [Amazon VPC](https://aws.amazon.com/vpc/). For information about how to use identity-based AWS Identity and Access Management policies to restrict access to the SageMaker API and SageMaker AI Runtime, see [Control access to the SageMaker AI API by using identity-based policies](security_iam_id-based-policy-examples.md#api-access-policy).
## Using SageMaker training and hosting with resources inside your VPC
SageMaker AI uses your execution role to download and upload information from an Amazon S3 bucket and Amazon Elastic Container Registry (Amazon ECR), in isolation from your training or inference container. If you have resources that are located inside your VPC, you can still grant SageMaker AI access to those resources. The following sections explain how to make your resources available to SageMaker AI with or without network isolation.
### Without network isolation enabled
If you haven't set network isolation on your training job or model, SageMaker AI can access resources using either of the following methods.
+ SageMaker training and deployed inference containers can access the internet by default. SageMaker AI containers are able to access external services and resources on the public internet as part of your training and inference workloads. SageMaker AI containers are not able to access resources inside your VPC without a VPC configuration, as shown in the following illustration.
![\[\]](http://docs.aws.amazon.com/sagemaker/latest/dg/images/security-vpc-no-config.png)
+ Use a VPC configuration to communicate with resources inside your VPC through an elastic network interface (ENI). The communication between the container and the resources in your VPC takes place securely within your VPC network, as shown in the following illustration. In this case, you manage networking access to your VPC resources and internet.
![\[\]](http://docs.aws.amazon.com/sagemaker/latest/dg/images/security-vpc-config.png)
### With network isolation
If you employ network isolation, the SageMaker AI container can't communicate with resources inside your VPC or make any network calls, as shown in the following illustration. If you provide a VPC configuration, the download and upload operations will be run through your VPC. For more information about hosting and training with network isolation while using a VPC, see [Network Isolation](mkt-algo-model-internet-free.md#mkt-algo-model-internet-free-isolation).
![\[\]](http://docs.aws.amazon.com/sagemaker/latest/dg/images/security-network-isolation-no-config.png)
## Create a VPC Endpoint Policy for SageMaker AI
You can create a policy for Amazon VPC endpoints for SageMaker AI to specify the following:
+ The principal that can perform actions.
+ The actions that can be performed.
+ The resources on which actions can be performed.
For more information, see [Controlling Access to Services with VPC Endpoints](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) in the *Amazon VPC User Guide*.
**Note**
VPC endpoint policies aren't supported for Federal Information Processing Standard (FIPS) SageMaker AI runtime endpoints for [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html).
The following example VPC endpoint policy specifies that all users who have access to the VPC interface endpoint are allowed to invoke the SageMaker AI hosted endpoint named `myEndpoint`.
```
{
"Statement": [
{
"Action": "sagemaker:InvokeEndpoint",
"Effect": "Allow",
"Resource": "arn:aws:sagemaker:us-west-2:123456789012:endpoint/myEndpoint",
"Principal": "*"
}
]
}
```
In this example, the following are denied:
+ Other SageMaker API actions, such as `sagemaker:CreateEndpoint` and `sagemaker:CreateTrainingJob`.
+ Invoking SageMaker AI hosted endpoints other than `myEndpoint`.
**Note**
In this example, users can still take other SageMaker API actions from outside the VPC. For information about how to restrict API calls to those from within the VPC, see [Control access to the SageMaker AI API by using identity-based policies](security_iam_id-based-policy-examples.md#api-access-policy).
## Create a VPC Endpoint Policy for Amazon SageMaker Feature Store
To create a VPC Endpoint for Amazon SageMaker Feature Store, use the following endpoint template, substituting your *VPC\$1Endpoint\$1ID.api* and *Region*:
`VPC_Endpoint_ID.api.featurestore-runtime.sagemaker.Region.vpce.amazonaws.com`
# Connect to Amazon SageMaker Studio and Studio Classic Through an Interface VPC Endpoint
You can connect to your Amazon SageMaker Studio and Amazon SageMaker Studio Classic from your [Amazon Virtual Private Cloud](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) (Amazon VPC) through an [interface endpoint](https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html) in your VPC instead of connecting over the internet. When you use an interface VPC endpoint (interface endpoint), communication between your VPC and Studio or Studio Classic is conducted entirely and securely within the AWS network.
Studio and Studio Classic supports interface endpoints that are powered by [AWS PrivateLink](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-overview.html). Each interface endpoint is represented by one or more [Elastic network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) with private IP addresses in your VPC subnets.
Studio and Studio Classic supports interface endpoints in all AWS Regions where both [Amazon SageMaker AI](https://aws.amazon.com/sagemaker/pricing/) and [Amazon VPC](https://aws.amazon.com/vpc/pricing/) are available.
**Topics**
+ [Create a VPC Endpoint](#studio-interface-endpoint-create)
+ [Create a VPC Endpoint Policy for Studio or Studio Classic](#studio-private-link-policy)
+ [Allow Access Only from Within Your VPC](#studio-private-link-restrict)
## Create a VPC Endpoint
You can create an interface endpoint to connect to Studio or Studio Classic with either the AWS console or the AWS Command Line Interface (AWS CLI). For instructions, see [Creating an interface endpoint](https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html#create-interface-endpoint). Make sure that you create interface endpoints for all of the subnets in your VPC from which you want to connect to Studio and Studio Classic.
When you create an interface endpoint, ensure that the security groups on your endpoint allow inbound access for HTTPS traffic from the security groups associated with Studio and Studio Classic. For more information, see [Control access to services with VPC endpoints](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-access.html#vpc-endpoints-security-groups).
**Note**
In addition to creating an interface endpoint to connect to Studio and Studio Classic, create an interface endpoint to connect to the Amazon SageMaker API. When users call [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html) to get the URL to connect to Studio and Studio Classic, that call goes through the interface endpoint used to connect to the SageMaker API.
When you create the interface endpoint, specify **aws.sagemaker.*Region*.studio** as the service name for either Studio or Studio Classic. After you create the interface endpoint, enable private DNS for your endpoint. When you connect to Studio or Studio Classic from within the VPC using the SageMaker API, the AWS CLI, or the console, you connect through the interface endpoint instead of the public internet. You also need to set up a custom DNS with private hosted zones for the Amazon VPC endpoint so Studio or Studio Classic can access the SageMaker API using the `api.sagemaker.$region.amazonaws.com` endpoint rather than using the VPC endpoint URL. For instructions on setting up a private hosted zone, see [Working with private hosted zones](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html).
## Create a VPC Endpoint Policy for Studio or Studio Classic
You can attach an Amazon VPC endpoint policy to the interface VPC endpoints that you use to connect to Studio or Studio Classic. The endpoint policy controls access to Studio or Studio Classic. You can specify the following:
+ The principal that can perform actions.
+ The actions that can be performed.
+ The resources on which actions can be performed.
To use a VPC endpoint with Studio or Studio Classic, your endpoint policy must allow the `CreateApp` operation on the KernelGateway app type. This allows traffic that is routed to through the VPC endpoint to call the `CreateApp` API. The following example VPC endpoint policy shows how to allow the `CreateApp` operation.
```
{
"Statement": [
{
"Action": "sagemaker:CreateApp",
"Effect": "Allow",
"Resource": "arn:aws:sagemaker:us-west-2:acct-id:app/domain-id/*",
"Principal": "*"
}
]
}
```
For more information, see [Controlling access to services with VPC endpoints](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html).
The following example of a VPC endpoint policy specifies that all users that have access to the endpoint are allowed to access the user profiles in the SageMaker AI domain with the specified domain ID. Access to other domains is denied.
```
{
"Statement": [
{
"Action": "sagemaker:CreatePresignedDomainUrl",
"Effect": "Allow",
"Resource": "arn:aws:sagemaker:us-west-2:acct-id:user-profile/domain-id/*",
"Principal": "*"
}
]
}
```
## Allow Access Only from Within Your VPC
Users outside your VPC can connect to Studio or Studio Classic over the internet even if you set up an interface endpoint in your VPC.
To allow access to only connections made from within your VPC, create an AWS Identity and Access Management (IAM) policy to that effect. Add that policy to every user, group, or role used to access Studio or Studio Classic. This feature is only supported when using IAM mode for authentication, and is not supported in IAM Identity Center mode. The following examples demonstrate how to create such policies.
**Important**
If you apply an IAM policy similar to one of the following examples, users cannot access Studio or Studio Classic or the specified SageMaker APIs through the SageMaker AI console. To access Studio or Studio Classic, users must use a presigned URL or call the SageMaker APIs directly.
**Example 1: Allow connections only within the subnet of an interface endpoint**
The following policy allows connections only to callers within the subnet where you created the interface endpoint.
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-studio-example-1",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableSageMakerStudioAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedDomainUrl",
"sagemaker:DescribeUserProfile"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:SourceVpc": "vpc-111bbaaa"
}
}
}
]
}
```
------
**Example 2: Allow connections only through interface endpoints using `aws:sourceVpce`**
The following policy allows connections only to those made through the interface endpoints specified by the `aws:sourceVpce` condition key. For example, the first interface endpoint could allow access through the SageMaker AI console. The second interface endpoint could allow access through the SageMaker API.
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-studio-example-2",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableSageMakerStudioAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedDomainUrl",
"sagemaker:DescribeUserProfile"
],
"Resource": "*",
"Condition": {
"ForAnyValue:StringEquals": {
"aws:sourceVpce": [
"vpce-111bbccc",
"vpce-111bbddd"
]
}
}
}
]
}
```
------
This policy includes the [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html) action. Typically you call `DescribeUserProfile` to make sure that the status of the user profile is `InService` before you try to connect to the domain. For example:
```
aws sagemaker describe-user-profile \
--domain-id domain-id \
--user-profile-name profile-name
```
Response:
```
{
"DomainId": "domain-id",
"UserProfileArn": "arn:aws:sagemaker:us-west-2:acct-id:user-profile/domain-id/profile-name",
"UserProfileName": "profile-name",
"HomeEfsFileSystemUid": "200001",
"Status": "InService",
"LastModifiedTime": 1605418785.555,
"CreationTime": 1605418477.297
}
```
```
aws sagemaker create-presigned-domain-url
--domain-id domain-id \
--user-profile-name profile-name
```
Response:
```
{
"AuthorizedUrl": "https://domain-id.studio.us-west-2.sagemaker.aws/auth?token=AuthToken"
}
```
For both of these calls, if you are using a version of the AWS SDK that was released before August 13, 2018, you must specify the endpoint URL in the call. For example, the following example shows a call to `create-presigned-domain-url`:
```
aws sagemaker create-presigned-domain-url
--domain-id domain-id \
--user-profile-name profile-name \
--endpoint-url vpc-endpoint-id.api.sagemaker.Region.vpce.amazonaws.com
```
**Example 3: Allow connections from IP addresses using `aws:SourceIp` **
The following policy allows connections only from the specified range of IP addresses using the `aws:SourceIp` condition key.
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-studio-example-3",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableSageMakerStudioAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedDomainUrl",
"sagemaker:DescribeUserProfile"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"192.0.2.0/24",
"203.0.113.0/24"
]
}
}
}
]
}
```
------
**Example 4: Allow connections from IP addresses through an interface endpoint using `aws:VpcSourceIp`**
If you are accessing Studio or Studio Classic through an interface endpoint, you can use the `aws:VpcSourceIp` condition key to allow connections only from the specified range of IP addresses within the subnet where you created the interface endpoint as shown in the following policy:
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-studio-example-4",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableSageMakerStudioAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedDomainUrl",
"sagemaker:DescribeUserProfile"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:VpcSourceIp": [
"192.0.2.0/24",
"203.0.113.0/24"
]
},
"StringEquals": {
"aws:SourceVpc": "vpc-111bbaaa"
}
}
}
]
}
```
------
# Connecting to an MLflow tracking server through an Interface VPC Endpoint
The MLflow tracking server runs in an Amazon Virtual Private Cloud managed by Amazon SageMaker AI. You can connect to an MLflow tracking server from an endpoint in your own VPC. Your requests to the tracking server are not exposed to the public internet. For more information about connecting your VPC to SageMaker AI, see [Connect to SageMaker AI Within your VPC](interface-vpc-endpoint.md).
**Topics**
+ [Create a VPC Endpoint](mlflow-interface-endpoint-create.md)
+ [Create a VPC Endpoint Policy for SageMaker AI MLflow](mlflow-private-link-policy.md)
+ [Allow Access only from within your VPC](mlflow-private-link-restrict.md)
# Create a VPC Endpoint
You can create an interface endpoint to connect to SageMaker AI MLflow. For instructions, see [Creating an interface endpoint](https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html#create-interface-endpoint). Make sure that you create interface endpoints for all of the subnets in your VPC from which you want to connect to SageMaker AI MLflow.
When you create an interface endpoint, ensure that the security groups on your endpoint allow inbound and outbound access for HTTPS traffic. For more information, see [Control access to services with VPC endpoints](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-access.html#vpc-endpoints-security-groups).
**Note**
In addition to creating an interface endpoint to connect to SageMaker AI MLflow, create an interface endpoint to connect to the Amazon SageMaker API. When users call [https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedMlflowTrackingServerUrl.html](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedMlflowTrackingServerUrl.html) to get the URL to connect to SageMaker AI MLflow, that call goes through the interface endpoint used to connect to the SageMaker API.
When you create the interface endpoint, specify **aws.sagemaker.*AWS Region*.experiments** as the service name. After you create the interface endpoint, enable private DNS for your endpoint. When you connect to SageMaker AI MLflow from within the VPC using the SageMaker Python SDK, you connect through the interface endpoint instead of the public internet.
Within the AWS Management Console, you can use the following procedure to create an endpoint.
**To create an endpoint**
1. Navigate to the [Amazon Virtual Private Cloud console](https://console.aws.amazon.com/vpcconsole).
1. Navigate to **Endpoints**.
1. Choose **Create endpoint**.
1. (Optional) For **Name (tag)**, specify a name for the endpoint.
1. In the search bar under **Services**, specify **experiments**.
1. Select the endponit that you're creating.
1. For **VPC**, specify the name of the VPC.
1. Choose **Create endpoint**.
# Create a VPC Endpoint Policy for SageMaker AI MLflow
You can attach an Amazon VPC endpoint policy to the interface VPC endpoints that you use to connect to SageMaker AI MLflow. The endpoint policy controls access to MLflow. You can specify the following:
+ The principal that can perform actions.
+ The actions that can be performed.
+ The resources on which actions can be performed.
For more information, see [Controlling access to services with VPC endpoints](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html).
The following example of a VPC endpoint policy specifies that all users that have access to the endpoint are allowed to access to the MLflow tracking server that you specify. Access to other tracking servers is denied.
```
{
"Statement": [
{
"Action": "sagemaker-mlflow:*",
"Effect": "Allow",
"Principal": "*",
"Resource": "arn:aws:sagemaker:AWS Region:111122223333:mlflow-tracking-server/*"
}
]
}
```
# Allow Access only from within your VPC
Users outside your VPC can connect to SageMaker AI MLflow or over the internet even if you set up an interface endpoint in your VPC.
To allow access to only connections made from within your VPC, create an AWS Identity and Access Management (IAM) policy to that effect. Add that policy to every user, group, or role used to access SageMaker AI MLflow. This feature is only supported when using IAM mode for authentication, and is not supported in IAM Identity Center mode. The following examples demonstrate how to create such policies.
**Important**
If you apply an IAM policy similar to one of the following examples, users cannot access SageMaker AI MLflow through the specified SageMaker APIs through the SageMaker AI console. To access SageMaker AI MLflow, users must use a presigned URL or call the SageMaker APIs directly.
**Example 1: Allow connections only within the subnet of an interface endpoint**
The following policy allows connections only to callers within the subnet where you created the interface endpoint.
------
#### [ JSON ]
****
```
{
"Id": "mlflow-example-1",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "MlflowAccess",
"Effect": "Allow",
"Action": [
"sagemaker-mlflow:*"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:SourceVpce": "vpce-111bbaaa"
}
}
}
]
}
```
------
**Example 2: Allow connections only through interface endpoints using `aws:sourceVpce`**
The following policy allows connections only to those made through the interface endpoints specified by the `aws:sourceVpce` condition key. For example, the first interface endpoint could allow access through the SageMaker AI console. The second interface endpoint could allow access through the SageMaker API.
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-mlflow-example-2",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "MlflowAccess",
"Effect": "Allow",
"Action": [
"sagemaker-mlflow:*"
],
"Resource": "*",
"Condition": {
"ForAnyValue:StringEquals": {
"aws:sourceVpce": [
"vpce-111bbccc",
"vpce-111bbddd"
]
}
}
}
]
}
```
------
**Example 3: Allow connections from IP addresses using `aws:SourceIp` **
The following policy allows connections only from the specified range of IP addresses using the `aws:SourceIp` condition key.
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-mlflow-example-3",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "MlflowAccess",
"Effect": "Allow",
"Action": [
"sagemaker-mlflow:*"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"192.0.2.0/24",
"203.0.113.0/24"
]
}
}
}
]
}
```
------
**Example 4: Allow connections from IP addresses through an interface endpoint using `aws:VpcSourceIp`**
If you are accessing SageMaker AI MLflow through an interface endpoint, you can use the `aws:VpcSourceIp` condition key to allow connections only from the specified range of IP addresses within the subnet where you created the interface endpoint as shown in the following policy:
------
#### [ JSON ]
****
```
{
"Id": "sagemaker-mlflow-example-4",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "MlflowAccess",
"Effect": "Allow",
"Action": [
"sagemaker-mlflow:*"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:VpcSourceIp": [
"192.0.2.0/24",
"203.0.113.0/24"
]
},
"StringEquals": {
"aws:SourceVpc": "vpc-111bbaaa"
}
}
}
]
}
```
------
# Connect to a Notebook Instance Through a VPC Interface Endpoint
You can connect to your notebook instance from your VPC through an [interface endpoint](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html) in your Virtual Private Cloud (VPC) instead of connecting over the public internet. When you use a VPC interface endpoint, communication between your VPC and the notebook instance is conducted entirely and securely within the AWS network.
SageMaker notebook instances support [Amazon Virtual Private Cloud](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html) (Amazon VPC) interface endpoints that are powered by [AWS PrivateLink](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html#what-is-privatelink). Each VPC endpoint is represented by one or more [Elastic Network Interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) with private IP addresses in your VPC subnets.
**Note**
Before you create an interface VPC endpoint to connect to a notebook instance, create an interface VPC endpoint to connect to the SageMaker API. That way, when users call [
CreatePresignedNotebookInstanceUrl](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html) to get the URL to connect to the notebook instance, that call also goes through the interface VPC endpoint. For information, see [Connect to SageMaker AI Within your VPC](interface-vpc-endpoint.md).
You can create an interface endpoint to connect to your notebook instance with either the AWS Management Console or AWS Command Line Interface (AWS CLI) commands. For instructions, see [Creating an Interface Endpoint](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpce-interface.html#create-interface-endpoint). Make sure that you create an interface endpoint for all of the subnets in your VPC from which you want to connect to the notebook instance.
When you create the interface endpoint, specify **aws.sagemaker.*Region*.notebook** as the service name. After you create a VPC endpoint, enable private DNS for your VPC endpoint. Anyone using the SageMaker API, the AWS CLI, or the console to connect to the notebook instance from within the VPC connects to the notebook instance through the VPC endpoint instead of the public internet.
SageMaker notebook instances support VPC endpoints in all AWS Regions where both [Amazon VPC](https://docs.aws.amazon.com/general/latest/gr/rande.html#vpc_region) and [SageMaker AI](https://docs.aws.amazon.com/general/latest/gr/rande.html#sagemaker_region) are available.
**Topics**
+ [Connect Your Private Network to Your VPC](#notebook-private-link-vpn-nbi)
+ [Create a VPC Endpoint Policy for SageMaker AI Notebook Instances](#nbi-private-link-policy)
+ [Restrict Access to Connections from Within Your VPC](#notebook-private-link-restrict)
## Connect Your Private Network to Your VPC
To connect to your notebook instance through your VPC, you either have to connect from an instance that is inside the VPC, or connect your private network to your VPC by using an AWS Virtual Private Network (Site-to-Site VPN) or Direct Connect. For information about Site-to-Site VPN, see [VPN Connections](https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html) in the *Amazon Virtual Private Cloud User Guide*. For information about AWS Direct Connect, see [Creating a Connection](https://docs.aws.amazon.com/directconnect/latest/UserGuide/create-connection.html) in the *AWS Direct Connect User Guide*.
## Create a VPC Endpoint Policy for SageMaker AI Notebook Instances
You can create a policy for Amazon VPC endpoints for SageMaker notebook instances to specify the following:
+ The principal that can perform actions.
+ The actions that can be performed.
+ The resources on which actions can be performed.
For more information, see [Controlling Access to Services with VPC Endpoints](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) in the *Amazon VPC User Guide*.
The following example of a VPC endpoint policy specifies that all users that have access to the endpoint are allowed to access the notebook instance named `myNotebookInstance`.
```
{
"Statement": [
{
"Action": "sagemaker:CreatePresignedNotebookInstanceUrl",
"Effect": "Allow",
"Resource": "arn:aws:sagemaker:us-west-2:123456789012:notebook-instance/myNotebookInstance",
"Principal": "*"
}
]
}
```
Access to other notebook instances is denied.
## Restrict Access to Connections from Within Your VPC
Even if you set up an interface endpoint in your VPC, individuals outside the VPC can connect to the notebook instance over the internet.
**Important**
If you apply an IAM policy similar to one of the following, users can't access the specified SageMaker APIs or the notebook instance through the console.
To restrict access to only connections made from within your VPC, create an AWS Identity and Access Management policy that restricts access to only calls that come from within your VPC. Then add that policy to every AWS Identity and Access Management user, group, or role used to access the notebook instance.
**Note**
This policy allows connections only to callers within a subnet where you created an interface endpoint.
------
#### [ JSON ]
****
```
{
"Id": "notebook-example-1",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableNotebookAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedNotebookInstanceUrl",
"sagemaker:DescribeNotebookInstance"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:SourceVpc": "vpc-111bbaaa"
}
}
}
]
}
```
------
If you want to restrict access to the notebook instance to only connections made using the interface endpoint, use the `aws:SourceVpce` condition key instead of `aws:SourceVpc:`
------
#### [ JSON ]
****
```
{
"Id": "notebook-example-1",
"Version":"2012-10-17",
"Statement": [
{
"Sid": "EnableNotebookAccess",
"Effect": "Allow",
"Action": [
"sagemaker:CreatePresignedNotebookInstanceUrl",
"sagemaker:DescribeNotebookInstance"
],
"Resource": "*",
"Condition": {
"ForAnyValue:StringEquals": {
"aws:sourceVpce": [
"vpce-111bbccc",
"vpce-111bbddd"
]
}
}
}
]
}
```
------
Both of these policy examples assume that you have also created an interface endpoint for the SageMaker API. For more information, see [Connect to SageMaker AI Within your VPC](interface-vpc-endpoint.md). In the second example, one of the values for `aws:SourceVpce` is the ID of the interface endpoint for the notebook instance. The other is the ID of the interface endpoint for the SageMaker API.
The policy examples here include [
 DescribeNotebookInstance](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstance.html), because typically you would call `DescribeNotebookInstance` to make sure that the `NotebookInstanceStatus` is `InService` before you try to connect to it. For example:
```
aws sagemaker describe-notebook-instance \
--notebook-instance-name myNotebookInstance
{
"NotebookInstanceArn":
"arn:aws:sagemaker:us-west-2:1234567890ab:notebook-instance/mynotebookinstance",
"NotebookInstanceName": "myNotebookInstance",
"NotebookInstanceStatus": "InService",
"Url": "mynotebookinstance.notebook.us-west-2.sagemaker.aws",
"InstanceType": "ml.m4.xlarge",
"RoleArn":
"arn:aws:iam::1234567890ab:role/service-role/AmazonSageMaker-ExecutionRole-12345678T123456",
"LastModifiedTime": 1540334777.501,
"CreationTime": 1523050674.078,
"DirectInternetAccess": "Disabled"
}
aws sagemaker create-presigned-notebook-instance-url --notebook-instance-name myNotebookInstance
{
"AuthorizedUrl": "https://mynotebookinstance.notebook.us-west-2.sagemaker.aws?authToken=AuthToken
}
```
**Note**
The `presigned-notebook-instance-url`, `AuthorizedUrl`, generated can be used from anywhere on the internet.
For both of these calls, if you did not enable private DNS hostnames for your VPC endpoint, or if you are using a version of the AWS SDK that was released before August 13, 2018, you must specify the endpoint URL in the call. For example, the call to `create-presigned-notebook-instance-url` is:
```
aws sagemaker create-presigned-notebook-instance-url
--notebook-instance-name myNotebookInstance --endpoint-url
VPC_Endpoint_ID.api.sagemaker.Region.vpce.amazonaws.com
```
## Connect Your Private Network to Your VPC
To call the SageMaker API and SageMaker AI Runtime through your VPC, you have to connect from an instance that is inside the VPC or connect your private network to your VPC by using an AWS Virtual Private Network (Site-to-Site VPN) or Direct Connect. For information about Site-to-Site VPN, see [VPN Connections](https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html) in the *Amazon Virtual Private Cloud User Guide*. For information about AWS Direct Connect, see [Creating a Connection](https://docs.aws.amazon.com/directconnect/latest/UserGuide/create-connection.html) in the *AWS Direct Connect User Guide*.