Infrastructure and
network security
Control data traffic across Amazon
SageMaker components over a private
network. Ensure appropriate ingress/
egress with single-tenancy, so your
data and resources are secure.
Authentication and
authorization
Define, enforce, and audit who can
be authenticated and authorized to
use Amazon SageMaker resources.
Monitoring and
auditability
Track, trace, and audit all API calls,
events, data access, and interactions
down to the user and IP levels.
Compliance certifications
Inherit the most comprehensive
compliance controls and easily meet you
your industry's regulatory requirements.
Data protection
Get automatic data encryption at
rest and in transit with flexibility to
bring your own keys.
Executive summary
As a managed AWS service, Amazon SageMaker
automatically inherits the AWS global infrastructure
and its network security features. AWS is purpose-
built for the cloud, with data centers and a network
architected to help protect your information,
identities, applications, and devices. The AWS network
and infrastructures are monitored 24/7 to ensure
confidentiality, integrity, and availability of your data.
In addition, Amazon SageMaker offers a comprehensive
set of capabilities, so you can run your machine learning
workloads with the most flexible and secure machine
learning environment available today.
Customers have told us that the following are the key
security criteria they consider when evaluating machine
learning solutions. Together, AWS Cloud and Amazon
SageMaker security features allow you to meet these
criteria readily—so you can put machine learning to
work securely in production applications.
3