Reputation: 5524
Sagemaker endpoint(with VPC) url accessible from internet
I have created a model with VPC, Private subnet, and appropriate security group. The endpoint URL can, however, be reached through the internet though failing due to the lack of security token
Things I need clarification on now are
- Is there a way to avoid the URL being accessible from the internet
- Are we not charged for requests failed on AUTH(like for API Gateway)
- Does that make our deployment vulnerable to any attacks
Upvotes: 3
Views: 2075
Answers (1)
Reputation: 12901
You are not hitting your endpoint, but the endpoint of AWS SageMaker runtime. This endpoint is checking all the permissions to access your hosted model, and only if the credentials and requirements are met, the request is forwarded to your instances and models.
Therefore, you can't prevent this URL from being accessible from the Internet, but at the same time, you don't need to protect it or pay for it. AWS has a high level of security on these endpoints, and I don't think that you have a more secure way to protect these endpoints.
Upvotes: 4
Related Questions
- How to access an IP whitelist secured API from within a Sagemaker notebook?
- how to call sagemaker endpoint from another server
- How to Curl an Amazon Sagemaker Endpoint
- How can i call sagemaker inference endpoint using API gateway
- SageMaker Studio is unable to reach SageMaker endpoint
- Deploying the sagemaker endpoint created as a service
- Why SageMaker endpoints are not public
- How do I call a SageMaker Endpoint using the AWS CLI (
- Impossible to invoke endpoint with sagemaker
- Is it possible to hit endpoints hosted in SageMaker besides /invocations?