Detections
Analytics

Ensure root access is disabled for AWS SageMaker Notebook instances

HIGH

Description

AWS SageMaker Notebook instances have root access enabled which may cause unauthorized access.

Remediation

In AWS Console -

  1. Sign in to the AWS Console and go to the Sagemaker dashboard.
  2. Under Notebook on the navigation bar, select Notebook instances.
  3. Select the Notebook Instance you wish.
  4. Click Stop to stop the instance.
  5. When the stop process has completed, click Edit.
  6. Under Permissions and encryption, select Disable - Don't give users root access to the notebook.
  7. Select Update Notebook Instance.
  8. Start the Instance.

In Terraform -

  1. In the aws_sagemaker_notebook_instance resource, set the 'root_access' attribute to 'Disabled'.

References:
https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-root-access.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_notebook_instance#root_access

Policy Details

Rule Reference ID: AC_AWS_0425
CSP: AWS
Remediation Available: Yes
Domain: Security Best Practices
Resource: aws_sagemaker_notebook_instance
Resource Category: Analytics
Resource Type: Sagemaker

Frameworks