Skip to content

Commit

Permalink
minor changes in README
Browse files Browse the repository at this point in the history
  • Loading branch information
Ilyin committed Jan 20, 2021
1 parent 7a91ab6 commit 5285ea9
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 11 deletions.
12 changes: 8 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,16 +224,19 @@ The solution deploys the following resources:
- SageMaker subnet
- NAT Gateway subnet
- Network Firewall subnet
- Internet Gateway, NAT Gateway, Network Firewall
- Empty Network Firewall Policy
- Internet Gateway, NAT Gateway, Network Firewall, and Firewall endpoint
- Network Firewall Policy
- Stateful rule group with a deny domain list
- Elastic IP allocated to the NAT Gateway
- Security Groups:
- SageMaker security group
- VPC endpoints security group
- Proper security group inbound rules
- 4x route tables for network routing and proper routes
- Configured security group inbound rules
- 4x route tables for network routing and configured routes
- S3 VPC endpoint (type `Gateway`)
- AWS service-access VPC endpoints (type `Interface`) for various AWS services
- SageMaker domain and user profile for the domain (to start an Amazon SageMaker Studio)
- SageMaker IAM execution policy

## S3 resources
The solution deploys two Amazon S3 buckets:
Expand Down Expand Up @@ -322,6 +325,7 @@ Start the Amazon SageMaker Studio from the pre-signed URL or via the AWS SageMak
- S3 VPC interface endpoints for AWS public services
- S3 bucket setup with the bucket policy. Demostrate there is no AWS console access to the solution buckets (`data` and `models`)
- (optional) Network Firewall routing setup
- Firewall policy with a stateful rule group with the deny domain list

## S3 access
- open a notebook in SageMaker Studio.
Expand Down
Loading

0 comments on commit 5285ea9

Please sign in to comment.