--- title: SageMaker notebook not placed in VPC description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: >- Docs > Datadog Security > Code Security > Infrastructure as Code (IaC) Security > IaC Security Rules > SageMaker notebook not placed in VPC --- # SageMaker notebook not placed in VPC {% callout %} # Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com {% alert level="danger" %} This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}). {% /alert %} {% /callout %} ## Metadata{% #metadata %} **Id:** `cloudformation-aws-sagemaker-notebook-not-placed-in-vpc` **Provider:** AWS **Platform:** CloudFormation **Severity:** Medium **Category:** Networking and Firewall #### Learn More{% #learn-more %} - [Provider Reference](https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown) ### Description{% #description %} SageMaker notebook instances must be launched inside a VPC to prevent unintended public network exposure. This also enables network controls such as security groups, VPC endpoints, and flow logging. In CloudFormation, `AWS::SageMaker::NotebookInstance` resources must include the `Properties.SubnetId` property and reference a subnet in the intended VPC. Also specify `Properties.SecurityGroupIds` to restrict inbound access, and configure any required VPC endpoints (for example, for S3 and ECR). Resources missing `SubnetId` will be flagged. Secure configuration example: ```yaml MyNotebook: Type: AWS::SageMaker::NotebookInstance Properties: NotebookInstanceName: my-notebook InstanceType: ml.t2.medium SubnetId: subnet-0123456789abcdef0 SecurityGroupIds: - sg-0123456789abcdef0 ``` ## Compliant Code Examples{% #compliant-code-examples %} ```yaml AWSTemplateFormatVersion: "2010-09-09" Description: "NotebookInstance" Resources: NotebookInstance: Type: "AWS::SageMaker::NotebookInstance" DependsOn: [ MountTarget1, MountTarget2, MountTarget3, VpcS3Endpoint ] Properties: NotebookInstanceName: !Ref NotebookInstanceName InstanceType: !Ref NotebookInstanceType RoleArn: !GetAtt ExecutionRole.Arn RootAccess: Enabled SecurityGroupIds: - !GetAtt VpcSecurityGroup.GroupId SubnetId: !Ref PrivateSubnet1 DirectInternetAccess: Disabled AdditionalCodeRepositories: !If - CreateCodeRepo - [!GetAtt CodeRepo.CodeRepositoryName] - !Ref 'AWS::NoValue' LifecycleConfigName: !GetAtt NotebookStartConfig.NotebookInstanceLifecycleConfigName VolumeSizeInGB: !Ref EbsVolumeSize Tags: - Key: Name Value: !Ref 'AWS::StackName' Vpc: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref VpcCIDR EnableDnsSupport: 'true' EnableDnsHostnames: 'true' Tags: - Key: Name Value: !Ref 'AWS::StackName' ``` ## Non-Compliant Code Examples{% #non-compliant-code-examples %} ```yaml AWSTemplateFormatVersion: "2010-09-09" Description: "NotebookInstance" Resources: NotebookInstance: Type: "AWS::SageMaker::NotebookInstance" DependsOn: [ MountTarget1, MountTarget2, MountTarget3, VpcS3Endpoint ] Properties: NotebookInstanceName: !Ref NotebookInstanceName InstanceType: !Ref NotebookInstanceType RoleArn: !GetAtt ExecutionRole.Arn RootAccess: Enabled SecurityGroupIds: - !GetAtt VpcSecurityGroup.GroupId DirectInternetAccess: Disabled AdditionalCodeRepositories: !If - CreateCodeRepo - [!GetAtt CodeRepo.CodeRepositoryName] - !Ref 'AWS::NoValue' LifecycleConfigName: !GetAtt NotebookStartConfig.NotebookInstanceLifecycleConfigName VolumeSizeInGB: !Ref EbsVolumeSize Tags: - Key: Name Value: !Ref 'AWS::StackName' Vpc: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref VpcCIDR EnableDnsSupport: 'true' EnableDnsHostnames: 'true' Tags: - Key: Name Value: !Ref 'AWS::StackName' ```