Amazon SageMaker 基于身份的策略示例 - Amazon SageMaker
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

Amazon SageMaker 基于身份的策略示例

预设情况下,IAM 用户和角色没有创建或修改 SageMaker 资源的权限。它们还无法使用 Amazon Web Services Management Console、Amazon CLI 或 Amazon API 执行任务。IAM 管理员必须创建 IAM 策略,以便为用户和角色授予权限以对所需的指定资源执行特定的 API 操作。然后,管理员必须将这些策略附加到需要这些权限的 IAM 用户或组。要了解如何将策略附加到 IAM 用户或组,请参阅添加和删除 IAM 身份权限中的IAM 用户指南.

要了解如何使用这些示例 JSON 策略文档创建 IAM 基于身份的策略,请参阅 IAM 用户指南 中的在 JSON 选项卡上创建策略

策略最佳实践

基于身份的策略非常强大。它们决定某个人是否可以创建、访问或删除 SageMaker 您的账户中的资源。这些操作可能会使 Amazon Web Services 账户 产生成本。创建或编辑基于身份的策略时,请遵循以下准则和建议:

  • 开始使用Amazon托管策略— 开始使用 SageMaker 快速使用Amazon托管策略,以向您的员工授予他们所需的权限。这些策略已在您的账户中提供,并由 Amazon 维护和更新。有关更多信息,请参阅 IAM 用户指南中的开始使用 Amazon 托管式策略中的权限

  • 授予最低权限 – 创建自定义策略时,仅授予执行任务所需的许可。最开始只授予最低权限,然后根据需要授予其它权限。这样做比起一开始就授予过于宽松的权限而后再尝试收紧权限来说更为安全。有关更多信息,请参阅 IAM 用户指南 中的授予最低权限

  • 为敏感操作启用 MFA – 为增强安全性,要求 IAM 用户使用多重身份验证 (MFA) 来访问敏感资源或 API 操作。要了解更多信息,请参阅《IAM 用户指南》中的在 Amazon 中使用多重身份验证 (MFA)

  • 使用策略条件来增强安全性 – 在切实可行的范围内,定义基于身份的策略在哪些情况下允许访问资源。例如,您可编写条件来指定请求必须来自允许的 IP 地址范围。您也可以编写条件,以便仅允许指定日期或时间范围内的请求,或者要求使用 SSL 或 MFA。有关更多信息,请参阅 。IAM JSON 策略元素:Condition中的IAM 用户指南.

使用 SageMaker 控制台

访问亚马逊 SageMaker 控制台,您必须拥有一组最低的权限。这些权限必须允许您列出和查看有关您的 Amazon 账户中的 SageMaker 资源的详细信息。如果您创建的基于身份的策略比所需的最低权限更严格,则无法为具有该策略的实体(IAM 用户或角色)正常运行控制台。

为确保这些实体仍然可以使用 SageMaker 控制台,还要附加以下内容Amazon对实体进行托管策略。有关更多信息,请参阅 IAM 用户指南中的为用户添加权限

对于只需要调用 Amazon CLI 或 Amazon API 的用户,无需为其提供最低控制台权限。相反,只允许访问与您尝试执行的 API 操作相匹配的操作。

使用 Amazon SageMaker 控制台所需的权限

权限参考表列出了亚马逊 SageMaker API 操作并显示每个操作所需的权限。有关 Amazon SageMaker API 操作的更多信息,请参阅。亚马逊 SageMaker API 权限:操作、权限和资源参考.

使用亚马逊 SageMaker 在控制台上,您需要授予对其他操作的权限。具体而言,控制台需要允许 ec2 操作显示子网、VPC 和安全组的权限。或者,控制台需要授予权限才能创建执行角色用于任务,例如CreateNotebookCreateTrainingJob, 和CreateModel. 使用以下权限策略授予这些权限:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "SageMakerApis", "Effect": "Allow", "Action": [ "sagemaker:*" ], "Resource": "*" }, { "Sid": "VpcConfigurationForCreateForms", "Effect": "Allow", "Action": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ], "Resource": "*" }, { "Sid":"KmsKeysForCreateForms", "Effect":"Allow", "Action":[ "kms:DescribeKey", "kms:ListAliases" ], "Resource":"*" }, { "Sid": "AccessAwsMarketplaceSubscriptions", "Effect": "Allow", "Action": [ "aws-marketplace:ViewSubscriptions" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:ListRepositories", "codecommit:ListBranches", "secretsmanager:CreateSecret", "secretsmanager:DescribeSecret", "secretsmanager:ListSecrets" ], "Resource": "*" }, { "Sid":"ListAndCreateExecutionRoles", "Effect":"Allow", "Action":[ "iam:ListRoles", "iam:CreateRole", "iam:CreatePolicy", "iam:AttachRolePolicy" ], "Resource":"*" }, { "Sid": "DescribeECRMetaData", "Effect": "Allow", "Action": [ "ecr:Describe*" ], "Resource": "*" }, { "Sid": "PassRoleForExecutionRoles", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "*", "Condition": { "StringEquals": { "iam:PassedToService": "sagemaker.amazonaws.com" } } } ] }

使用亚马逊所需的权限 SageMaker TGround Truth 控制台

使用亚马逊 SageMaker 您需要授予对其他资源的权限。具体来说,控制台需要对Amazon要查看订阅的 Marketplace,用于管理您的专用员工的 Amazon Cognito 操作,以及 Amazon S3 操作的权限来访问您的输入和输出文件,以及Amazon Lambda用于列出和调用函数的操作。使用以下权限策略授予这些权限:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "GroundTruthConsole", "Effect": "Allow", "Action": [ "aws-marketplace:DescribeListings", "aws-marketplace:ViewSubscriptions", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "groundtruthlabeling:DescribeConsoleJob", "groundtruthlabeling:ListDatasetObjects", "groundtruthlabeling:RunFilterOrSampleManifestJob", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "lambda:InvokeFunction", "lambda:ListFunctions", "s3:GetObject", "s3:PutObject", "s3:SelectObjectContent" ], "Resource": "*" } ] }

使用 Amazon Augmented AI(预览版)控制台所需的权限

要使用 Augmented AI 控制台,您需要授予对其他资源的权限。使用以下权限策略授予这些权限:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sagemaker:*Algorithm", "sagemaker:*Algorithms", "sagemaker:*App", "sagemaker:*Apps", "sagemaker:*AutoMLJob", "sagemaker:*AutoMLJobs", "sagemaker:*CodeRepositories", "sagemaker:*CodeRepository", "sagemaker:*CompilationJob", "sagemaker:*CompilationJobs", "sagemaker:*Endpoint", "sagemaker:*EndpointConfig", "sagemaker:*EndpointConfigs", "sagemaker:*EndpointWeightsAndCapacities", "sagemaker:*Endpoints", "sagemaker:*Environment", "sagemaker:*EnvironmentVersion", "sagemaker:*EnvironmentVersions", "sagemaker:*Environments", "sagemaker:*Experiment", "sagemaker:*Experiments", "sagemaker:*FlowDefinitions", "sagemaker:*HumanLoop", "sagemaker:*HumanLoops", "sagemaker:*HumanTaskUi", "sagemaker:*HumanTaskUis", "sagemaker:*HyperParameterTuningJob", "sagemaker:*HyperParameterTuningJobs", "sagemaker:*LabelingJob", "sagemaker:*LabelingJobs", "sagemaker:*Metrics", "sagemaker:*Model", "sagemaker:*ModelPackage", "sagemaker:*ModelPackages", "sagemaker:*Models", "sagemaker:*MonitoringExecutions", "sagemaker:*MonitoringSchedule", "sagemaker:*MonitoringSchedules", "sagemaker:*NotebookInstance", "sagemaker:*NotebookInstanceLifecycleConfig", "sagemaker:*NotebookInstanceLifecycleConfigs", "sagemaker:*NotebookInstanceUrl", "sagemaker:*NotebookInstances", "sagemaker:*ProcessingJob", "sagemaker:*ProcessingJobs", "sagemaker:*RenderUiTemplate", "sagemaker:*Search", "sagemaker:*SearchSuggestions", "sagemaker:*Tags", "sagemaker:*TrainingJob", "sagemaker:*TrainingJobs", "sagemaker:*TransformJob", "sagemaker:*TransformJobs", "sagemaker:*Trial", "sagemaker:*TrialComponent", "sagemaker:*TrialComponents", "sagemaker:*Trials", "sagemaker:*Workteam", "sagemaker:*Workteams" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "sagemaker:*FlowDefinition" ], "Resource": "*", "Condition": { "StringEqualsIfExists": { "sagemaker:WorkteamType": [ "private-crowd", "vendor-crowd" ] } } }, { "Effect": "Allow", "Action": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "aws-marketplace:ViewSubscriptions", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:ListBranches", "codecommit:ListRepositories", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreateVpcEndpoint", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:CreateRepository", "ecr:Describe*", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "elastic-inference:Connect", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "glue:CreateJob", "glue:DeleteJob", "glue:GetJob", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:ResetJobBookmark", "glue:StartJobRun", "glue:UpdateJob", "groundtruthlabeling:*", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "lambda:ListFunctions", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:PutLogEvents", "sns:ListTopics" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "logs:DescribeResourcePolicies", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ecr:SetRepositoryPolicy", "ecr:CompleteLayerUpload", "ecr:BatchDeleteImage", "ecr:UploadLayerPart", "ecr:DeleteRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:DeleteRepository", "ecr:PutImage" ], "Resource": "arn:aws:ecr:*:*:repository/*sagemaker*" }, { "Effect": "Allow", "Action": [ "codecommit:GitPull", "codecommit:GitPush" ], "Resource": [ "arn:aws:codecommit:*:*:*sagemaker*", "arn:aws:codecommit:*:*:*SageMaker*", "arn:aws:codecommit:*:*:*Sagemaker*" ] }, { "Effect": "Allow", "Action": [ "secretsmanager:ListSecrets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret" ], "Resource": [ "arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*" ] }, { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue" ], "Resource": "*", "Condition": { "StringEquals": { "secretsmanager:ResourceTag/SageMaker": "true" } } }, { "Effect": "Allow", "Action": [ "robomaker:CreateSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:DeleteSimulationApplication" ], "Resource": [ "*" ] }, { "Effect": "Allow", "Action": [ "robomaker:CreateSimulationJob", "robomaker:DescribeSimulationJob", "robomaker:CancelSimulationJob" ], "Resource": [ "*" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:AbortMultipartUpload", "s3:GetBucketCors", "s3:PutBucketCors" ], "Resource": [ "arn:aws:s3:::*SageMaker*", "arn:aws:s3:::*Sagemaker*", "arn:aws:s3:::*sagemaker*", "arn:aws:s3:::*aws-glue*" ] }, { "Effect": "Allow", "Action": [ "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "s3:ExistingObjectTag/SageMaker": "true" } } }, { "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:*:*:function:*SageMaker*", "arn:aws:lambda:*:*:function:*sagemaker*", "arn:aws:lambda:*:*:function:*Sagemaker*", "arn:aws:lambda:*:*:function:*LabelingFunction*" ] }, { "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint", "Condition": { "StringLike": { "iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com" } } }, { "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "*", "Condition": { "StringEquals": { "iam:AWSServiceName": "robomaker.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "sns:Subscribe", "sns:CreateTopic" ], "Resource": [ "arn:aws:sns:*:*:*SageMaker*", "arn:aws:sns:*:*:*Sagemaker*", "arn:aws:sns:*:*:*sagemaker*" ] }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": [ "sagemaker.amazonaws.com", "glue.amazonaws.com", "robomaker.amazonaws.com", "states.amazonaws.com" ] } } } ] }

允许用户查看他们自己的权限

该示例说明了您如何创建策略,以允许 IAM 用户查看附加到其用户身份的内联和托管式策略。此策略包括在控制台上完成此操作或者以编程方式使用 Amazon CLI 或 Amazon API 所需的权限。

{ "Version": "2012-10-17", "Statement": [ { "Sid": "ViewOwnUserInfo", "Effect": "Allow", "Action": [ "iam:GetUserPolicy", "iam:ListGroupsForUser", "iam:ListAttachedUserPolicies", "iam:ListUserPolicies", "iam:GetUser" ], "Resource": ["arn:aws:iam::*:user/${aws:username}"] }, { "Sid": "NavigateInConsole", "Effect": "Allow", "Action": [ "iam:GetGroupPolicy", "iam:GetPolicyVersion", "iam:GetPolicy", "iam:ListAttachedGroupPolicies", "iam:ListGroupPolicies", "iam:ListPolicyVersions", "iam:ListPolicies", "iam:ListUsers" ], "Resource": "*" } ] }

的控制创建 SageMaker 使用条件键的资源

控制细粒度访问,以允许创建 SageMaker 通过使用 SageMaker 特定于的条件键来进行资源。有关在 IAM 策略中使用条件键的信息,请参阅。IAM JSON 策略元素:Condition中的IAM 用户指南.

条件密钥以及相关 API 操作以及相关文档的链接列于SageMaker 的条件键中的IAM 用户指南.

以下示例显示了如何使用 SageMaker 控制访问的条件键。

控制对 的访问 SageMaker 使用文件系统条件键

SageMaker 训练提供了安全的基础设施供训练算法在其中运行,但在某些情况下,您可能希望增加防御深度。例如,您可以最大程度地降低在算法中运行不受信任的代码的风险,或者您在组织中具有特定的安全性要求。对于这些场景,您可以在 IAM 策略的 Condition 元素中使用特定于服务的条件键,以将用户范围缩小到特定文件系统、目录、访问模式(读写,只读)和安全组。

将 IAM 用户限制为特定目录和访问模式

以下策略限制 IAM 用户使用/sagemaker/xgboost-dm/train/sagemaker/xgboost-dm/validation用于 EFS 文件系统的目录ro(只读)AccessMode:

注意

当允许目录时,训练算法也可以访问其所有子目录。POSIX 权限会被忽略。

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AccessToElasticFileSystem", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "EFS", "sagemaker:FileSystemDirectoryPath": "/sagemaker/xgboost-dm/train" } } }, { "Sid": "AccessToElasticFileSystemValidation", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "EFS", "sagemaker:FileSystemDirectoryPath": "/sagemaker/xgboost-dm/validation" } } } ] }

将 IAM 用户限制为特定文件系统

要防止使用用户空间客户端的恶意算法直接访问您账户中的任何文件系统,您可以通过允许来自特定安全组的入口来限制网络流量。在以下示例中,IAM 用户只能使用指定的安全组访问文件系统:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AccessToLustreFileSystem", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:FileSystemId": "fs-12345678", "sagemaker:FileSystemAccessMode": "ro", "sagemaker:FileSystemType": "FSxLustre", "sagemaker:FileSystemDirectoryPath": "/fsx/sagemaker/xgboost/train" }, "ForAllValues:StringEquals": { "sagemaker:VpcSecurityGroupIds": [ "sg-12345678" ] } } } ] }

虽然上述示例可以将算法限制为特定文件系统,但它不会阻止算法使用用户空间客户端访问该文件系统中的任何目录。要缓解这种情况,您可以:

  • 确保文件系统仅包含您信任的 IAM 用户访问的数据。

  • 创建 IAM 角色,限制您的 IAM 用户使用已批准的 ECR 存储库中的算法启动训练作业

有关如何将角色与 SageMaker 配合使用的更多信息,请参阅SageMaker 角色.

限制对特定 VPC 的训练

限制Amazon用户从 Amazon VPC 中创建训练作业。在 VPC 中创建训练作业时,您可以使用 VPC 流日志来监控进出训练集群的所有流量。有关使用 VPC 流日志的信息,请参阅VPC 流日志中的Amazon Virtual Private Cloud 用户指南.

以下策略强制由调用的 IAM 用户创建训练作业:CreateTrainingJob来自 VPC 内部:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowFromVpc", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "ForAllValues:StringEquals": { "sagemaker:VpcSubnets": ["subnet-a1234"], "sagemaker:VpcSecurityGroupIds": ["sg12345", "sg-67890"] }, "Null": { "sagemaker:VpcSubnets": "false", "sagemaker:VpcSecurityGroupIds": "false" } } } ] }

限制对 Ground Truth 标记作业和 Amazon A2I 人工审查工作流的人力类型的访问

亚马逊 SageMaker Ground Truth 和亚马逊 Augmented AI 工作团队分为三个之一劳动力类型:公有(使用 Amazon Mechanical Turk)、专用和供应商。要使用这些类型之一或工作组 ARN 限制 IAM 用户对特定工作组的访问,请使用sagemaker:WorkteamType和/或sagemaker:WorkteamArn条件键。对于 sagemaker:WorkteamType 条件键,请使用字符串条件运算符。对于 sagemaker:WorkteamArn 条件键,请使用 Amazon 资源名称 (ARN) 条件运算符。如果用户尝试通过受限制的工作组来创建标记作业, SageMaker 返回访问被拒绝错误。

以下策略演示了将 sagemaker:WorkteamTypesagemaker:WorkteamArn 条件键与适当的条件运算符和有效条件值结合使用的不同方法。

以下示例使用 sagemaker:WorkteamType 条件键和 StringEquals 条件运算符一起限制对公有工作组的访问。它接受以下格式的条件值:workforcetype-crowd,其中 workforcetype 可以等于 publicprivatevendor

{ "Version": "2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:WorkteamType": "public-crowd" } } } ] }

以下策略演示如何使用 sagemaker:WorkteamArn 条件键限制对公有工作组的访问。第一个策略演示如何将该条件键与工作组 ARN 的有效 IAM 正则表达式变量和ArnLike条件运算符。第二个策略演示如何将该条件键与 ArnEquals 条件运算符和工作组 ARN 一起使用。

{ "Version": "2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "ArnLike": { "sagemaker:WorkteamArn": "arn:aws:sagemaker:*:*:workteam/public-crowd/*" } } } ] }
{ "Version": "2012-10-17", "Statement": [ { "Sid": "RestrictWorkteamType", "Effect": "Deny", "Action": "sagemaker:CreateLabelingJob", "Resource": "*", "Condition": { "ArnEquals": { "sagemaker:WorkteamArn": "arn:aws:sagemaker:us-west-2:394669845002:workteam/public-crowd/default" } } } ] }

强制加密输入数据

以下策略限制 IAM 用户指定Amazon KMS在创建训练、超参数优化和标记作业时,使用sagemaker:VolumeKmsKey条件键:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "EnforceEncryption", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateFlowDefiniton" ], "Resource": "*", "Condition": { "ArnEquals": { "sagemaker:VolumeKmsKey": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } } } ] }

强制加密笔记本实例存储卷

以下策略限制 IAM 用户指定Amazon KMS密钥,用于在创建或更新笔记本实例时使用sagemaker:VolumeKmsKey条件键:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "EnforceEncryption", "Effect": "Allow", "Action": [ "sagemaker:CreateNotebookInstance" ], "Resource": "*", "Condition": { "ArnLike": { "sagemaker:VolumeKmsKey": "*key/volume-kms-key-12345" } } } ] }

为训练作业强制进行网络隔离

以下策略限制 IAM 用户在使用创建训练作业时启用网络隔离:sagemaker:NetworkIsolation条件键:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "EnforceIsolation", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "Bool": { "sagemaker:NetworkIsolation": "true" } } } ] }

强制为训练作业实施特定实例类型

以下策略限制 IAM 用户在使用创建训练作业时使用特定实例类型:sagemaker:InstanceTypes条件键:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "EnforceInstanceType", "Effect": "Allow", "Action": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateHyperParameterTuningJob" ], "Resource": "*", "Condition": { "ForAllValues:StringLike": { "sagemaker:InstanceTypes": ["ml.c5.*"] } } } ] }

强制为训练作业实施特定的 EI 加速器

当创建或更新笔记本实例以及通过使用创建终端节点配置时,以下策略限制 IAM 用户使用特定的弹性推理 (EI) 加速器(如果提供了加速器)。sagemaker:AcceleratorTypes条件键:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "EnforceAcceleratorType", "Effect": "Allow", "Action": [ "sagemaker:CreateNotebookInstance", "sagemaker:UpdateNotebookInstance", "sagemaker:CreateEndpointConfig" ], "Resource": "*", "Condition": { "ForAllValues:StringEquals": { "sagemaker:AcceleratorTypes": ["ml.eia1.medium"] } } } ] }

在创建笔记本实例时强制禁用 Internet 访问和根访问

您可以禁用对笔记本实例的 Internet 访问和根访问,以帮助提高它们的安全性。有关控制对笔记本实例的根访问权限的信息,请参阅控制对 SageMaker 笔记本实例。有关禁用笔记本电脑实例的 Internet 访问的信息,请参阅将 VPC 中的笔记本实例 Connect 到外部资源

以下策略要求 IAM 用户在创建实例时禁用网络访问,并在创建或更新笔记本实例时禁用根访问权限。

{ "Version": "2012-10-17", "Statement": [ { "Sid": "LockDownCreateNotebookInstance", "Effect": "Allow", "Action": [ "sagemaker:CreateNotebookInstance" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:DirectInternetAccess": "Disabled", "sagemaker:RootAccess": "Disabled" }, "Null": { "sagemaker:VpcSubnets": "false", "sagemaker:VpcSecurityGroupIds": "false" } } }, { "Sid": "LockDownUpdateNotebookInstance", "Effect": "Allow", "Action": [ "sagemaker:UpdateNotebookInstance" ], "Resource": "*", "Condition": { "StringEquals": { "sagemaker:RootAccess": "Disabled" } } } ] }

控制对的访问 SageMaker 使用基于身份的策略 API

控制对的访问 SageMaker 对的 API 调用和调用 SageMaker 托管终端节点,请使用基于身份的 IAM 策略。

限制访问 SageMaker API 和运行时间到您的 VPC 内的调用

如果您在 VPC 中设置了接口终端节点,则 VPC 之外的个人仍可以连接到 SageMaker 除非您附加 IAM 策略以将对来自 VPC 的调用的访问限制为仅有权访问您的您的所有用户和组,否则应用于 Internet 的 API 和运行时。 SageMaker 资源的费用。有关创建 VPC 接口终端节点的信息 SageMaker API 和运行时,请参阅连接到 SageMaker 通过 VPC 接口终端节点节点.

重要

如果您应用类似于以下内容之一的 IAM 策略,则用户无法访问指定的 SageMaker 通过控制台执行 API。

要将访问限制为仅限从您 VPC 中进行的连接,请创建 Amazon Identity and Access Management 策略,将访问限制为仅允许来自您 VPC 中调用。然后将该策略添加到每个Amazon Identity and Access Management用于访问 SageMaker API 或运行时环境的。

注意

此策略只允许连接到创建接口终端节点的子网中的调用方。

{ "Id": "api-example-1", "Version": "2012-10-17", "Statement": [ { "Sid": "EnableAPIAccess", "Effect": "Allow", "Action": [ "sagemaker:*" ], "Resource": "*", "Condition": { "StringEquals": { "aws:SourceVpc": "vpc-111bbaaa" } } } ] }

如果要将 API 访问限制为仅使用接口终端节点进行的调用,请使用 aws:SourceVpce 条件键而不是 aws:SourceVpc

{ "Id": "api-example-1", "Version": "2012-10-17", "Statement": [ { "Sid": "EnableAPIAccess", "Effect": "Allow", "Action": [ "sagemaker:CreatePresignedNotebookInstanceUrl" ], "Resource": "*", "Condition": { "StringEquals": { "aws:sourceVpce": [ "vpce-111bbccc", "vpce-111bbddd" ] } } } ] }

限制访问 SageMaker 按 IP 地址划分的 API 和运行时调用

允许访问 SageMaker 仅从您指定列表中的 IP 地址进行 API 调用和运行时调用,请附加 IAM 策略,除非调用来自列表中的 IP 地址,否则该策略拒绝对该 API 的访问,除非调用来自列表中的 IP 地址。Amazon Identity and Access Management用于访问 API 或运行时的用户、组或角色。有关创建 IAM 策略的信息,请参阅创建 IAM 策略中的Amazon Identity and Access Management用户指南. 要指定您希望可以访问 API 调用的 IP 地址的列表,请使用 IpAddress 条件运算符和 aws:SourceIP 条件上下文键。有关 IAM 条件运算符的信息,请参阅IAM JSON 策略元素:条件运算符中的Amazon Identity and Access Management用户指南. 有关 IAM 条件上下文键的更多信息,请参阅Amazon全局条件上下文键.

例如,以下策略仅允许从范围 192.0.2.0-192.0.2.255203.0.113.0-203.0.113.255 内的 IP 地址中访问 CreateTrainingJob

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:CreateTrainingJob", "Resource": "*", "Condition": { "IpAddress": { "aws:SourceIp": [ "192.0.2.0/24", "203.0.113.0/24" ] } } } ] }

按 IP 地址限制对笔记本实例的访问

要仅允许从您指定列表中的 IP 地址访问笔记本实例,请附加一个 IAM 策略,请附加拒绝访问的 IAM 策略。CreatePresignedNotebookInstanceUrl除非呼叫来自列表中的一个 IP 地址到每个Amazon Identity and Access Management用于访问笔记本实例的用户、组或角色。有关创建 IAM 策略的信息,请参阅创建 IAM 策略中的Amazon Identity and Access Management用户指南. 要指定您希望可以访问笔记本实例的 IP 地址列表,请使用 IpAddress 条件运算符和 aws:SourceIP 条件上下文键。有关 IAM 条件运算符的信息,请参阅IAM JSON 策略元素:条件运算符中的Amazon Identity and Access Management用户指南. 有关 IAM 条件上下文键的更多信息,请参阅Amazon全局条件上下文键.

例如,以下策略仅允许从范围 192.0.2.0-192.0.2.255203.0.113.0-203.0.113.255 之间的 IP 地址访问笔记本实例:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:CreatePresignedNotebookInstanceUrl", "Resource": "*", "Condition": { "IpAddress": { "aws:SourceIp": [ "192.0.2.0/24", "203.0.113.0/24" ] } } } ] }

该策略限制对 CreatePresignedNotebookInstanceUrl 的调用以及调用返回的 URL 的访问。该策略还限制在控制台中打开笔记本实例的访问权限,并针对每个 HTTP 请求强制执行。 WebSocket 尝试连接到笔记本实例的帧。

注意

在以下情况下,使用此方法按 IP 地址筛选不兼容:连接到 SageMaker 通过 VPC 接口终端节点。. 有关在通过 VPC 接口终端节点连接时限制对笔记本实例访问的信息,请参阅通过 VPC 接口终端节点连接到笔记本实例

控制对 的访问 SageMaker 使用标签资源

控制对组的访问 SageMaker 通过将标签附加到资源并指定ResourceTagIAM 策略中的条件。

注意

基于标签的策略无法限制以下 API 调用:

  • ListAlgorithms

  • ListCodeRepositories

  • ListCompilationJobs

  • ListEndpointConfigs

  • ListEndpoints

  • ListFlowDefinitions

  • ListHumanTaskUis

  • ListHyperparameterTuningJobs

  • ListLabelingJobs

  • ListLabelingJobsForWorkteam

  • ListModelPackages

  • ListModels

  • ListNotebookInstanceLifecycleConfigs

  • ListNotebookInstances

  • ListSubscribedWorkteams

  • ListTags

  • ListProcessingJobs

  • ListTrainingJobs

  • ListTrainingJobsForHyperParameterTuningJob

  • ListTransformJobs

  • ListWorkteams

  • 搜索

例如,假设您定义了两个不同的 IAM 组,名为DevTeam1DevTeam2中的Amazonaccount. 假设您已创建了 10 个笔记本实例,其中 5 个用于一个项目,还有 5 个用于第二个项目。您希望允许 DevTeam1 的成员在用于第一个项目的笔记本实例上进行 API 调用,DevTeam2 的成员在用于第二个项目的笔记本实例上进行 API 调用。

控制对 API 调用的访问(示例)

  1. 将具有键 Project 和值 A 的标签添加到用于第一个项目的笔记本实例。有关向添加标签的信息 SageMaker 资源,请参阅AddTags.

  2. 将具有键 Project 和值 B 的标签添加到用于第二个项目的笔记本实例。

  3. 使用ResourceTag拒绝对用于第二个项目的笔记本实例的访问,并将该策略附加到DevTeam1. 以下策略示例拒绝具有键为 Project 且值为 B 的标签的任何笔记本实例上的所有 API 调用:

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:*", "Resource": "*" }, { "Effect": "Deny", "Action": "sagemaker:*", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:ResourceTag/Project": "B" } } }, { "Effect": "Deny", "Action": [ "sagemaker:AddTags", "sagemaker:DeleteTags" ], "Resource": "*" } ] }

    有关创建 IAM 策略并将其附加到身份的信息,请参阅使用策略控制访问中的Amazon Identity and Access Management用户指南.

  4. 使用ResourceTag拒绝对用于第一个项目的笔记本实例的访问,并将该策略附加到DevTeam2. 以下策略示例拒绝具有键为 Project 且值为 A 的标签的任何笔记本实例上的所有 API 调用:

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:*", "Resource": "*" }, { "Effect": "Deny", "Action": "sagemaker:*", "Resource": "*", "Condition": { "StringEquals": { "sagemaker:ResourceTag/Project": "A" } } }, { "Effect": "Deny", "Action": [ "sagemaker:AddTags", "sagemaker:DeleteTags" ], "Resource": "*" } ] }

要求 API 调用存在或不存在标签

使用要求存在或不存在特定标签或特定标签值。RequestTagIAM 策略中的条件密钥。例如,如果您希望要求 IAM 组的任何成员创建的每个终端节点都使用带有密钥的标签创建。environment和值dev,创建策略,如下所示:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sagemaker:CreateEndpoint", "Resource": "arn:aws:sagemaker:*:*:endpoint/*", "Condition": { "StringEquals": { "aws:RequestTag/environment": "dev" } } } ] }