AWS Machine Learning Blog

AWS KMS-based Encryption Is Now Available for Training and Hosting in Amazon SageMaker

Amazon SageMaker uses throwaway keys, also called transient keys, to encrypt the ML General Purpose storage volumes attached to training and hosting EC2 instances. Because these keys are used only to encrypt the ML storage volumes and are then immediately discarded, the volumes can safely be used to store confidential data. Volumes can be accessed only through the associated instances, which have controlled access. After the instances are terminated, the ML volumes are deleted and the data in the volumes are inaccessible.

Customers have requested the ability to use keys that are managed through AWS Key Management Service (KMS), similar to how the storage attached to notebook instances is encrypted when you specify a KMS master key ID.

Beginning today, you can choose to use a KMS master key to encrypt your training and hosting data. This allows you to take advantage of AWS KMS features, such as centralized key management, key usage audit logging, master key rotation, and so on, for distributed training and model hosting.

To encrypt training data, specify a KMS master key in the call to the CreateTrainingJob API. For hosting, specify the key in the call to the CreateEndpointConfig API.

For more information on Amazon SageMaker and KMS, see the Amazon SageMaker Developer Guide.

About the Author

Kumar Venkateswar is a Product Manager in the AWS ML Platforms team, which develops Amazon SageMaker, Amazon Machine Learning, and the Deep Learning AMI. When not working, Kumar plays the violin and Magic: The Gathering.