AWS Machine Learning Blog

Securing all Amazon SageMaker API calls with AWS PrivateLink

All Amazon SageMaker API operations are now fully supported via AWS PrivateLink, which increases the security of data shared with cloud-based applications by reducing data exposure to the internet. In this blog, I show you how to set up a VPC endpoint to secure your Amazon SageMaker API calls using AWS PrivateLink.

AWS PrivateLink traffic doesn’t traverse the internet, which reduces the exposure to threats such as brute force and distributed denial of service attacks. Because all communication between your application and Amazon SageMaker API operations is inside your VPC, you don’t need an internet gateway, a NAT device, a VPN connection, or AWS Direct Connect to communicate with Amazon SageMaker. Instead, AWS PrivateLink enables you to privately access all Amazon SageMaker API operations from your VPC in a scalable manner by using interface VPC endpoints. A VPC endpoint is an elastic network interface in your subnet with private IP addresses that serves as an entry point for all Amazon SageMaker API calls.

Creating a VPC endpoint

To use AWS PrivateLink, you need to create an interface VPC endpoint and connect to the Amazon SageMaker API service. This blog uses the AWS Management Console to create a VPC endpoint, but you can do the same operations using AWS Command Line Interface (AWS CLI) commands. To secure connections to Amazon SageMaker notebooks, you can follow this blog post: Direct access to Amazon SageMaker notebooks from Amazon VPC by using an AWS PrivateLink endpoint.

To create a VPC endpoint from the console, open the Amazon VPC console, open the Endpoints page, and create a new endpoint, as shown in the following image.

Three attributes are required:

  • The Amazon SageMaker API service name. For Service category, select AWS services and for Service Name, select
  • The VPC and Availability Zonesthat you want to use.
  • The security group to be associated with the interface VPC endpoint. If you don’t specify a security group, the default security group for your VPC is associated.

You can begin using the VPC endpoint when its status is available. The following image shows two VPC endpoints. The first is for the Amazon SageMaker Runtime service to secure prediction calls to models hosted in Amazon SageMaker. The second is for the Amazon SageMaker API service to secure all API calls.

After you have created a VPC endpoint to the API service, use the following example AWS CLI command to list notebook instances from inside your VPC using the configured VPC endpoint.

aws sagemaker list-notebook-instances –-endpoint-url

Optionally, if you enable private DNS hostnames for your VPC endpoint, as shown in the following image, you don’t need to specify the endpoint URL.

A private hosted zone enables you to access the resources in your VPC using custom DNS domain names, such as, instead of using private IPv4 addresses or private DNS hostnames provided by AWS. The Amazon SageMaker DNS hostname that the AWS CLI and Amazon SageMaker SDKs use by default ( resolves to your VPC endpoint.

If you enabled a private hosted zone or if you’re using an SDK released before August 13, 2018, you have to specify the endpoint when using the SDK or AWS CLI. For example:

aws --endpoint sagemaker list-notebook-instances

For the VPC endpoint in the preceding example, this would be:

aws --endpoint sagemaker list-notebook-instances

If you enabled a private hosted zone and you’re using the SDK released on August 13, 2018, this would be:

aws sagemaker list-notebook-instances


All Amazon SageMaker API calls and prediction calls are now supported via AWS PrivateLink. This feature is available in all Amazon SageMaker Regions. To learn more about using security features in Amazon SageMaker such as encryption, IAM roles, KMS keys, and AWS CloudTrail integration, see the Amazon SageMaker Developer Guide.

About the Author

Urvashi Chowdhary is a Senior Product Manager for Amazon SageMaker. She is passionate about working with customers and making machine learning more accessible. In her spare time, she loves sailing, paddle boarding, and kayaking.