Cloud Defense Logo

Products

Solutions

Company

Ensure High Availability for SageMaker Endpoint Production Variants

This rule ensures that SageMaker endpoint production variants have an initial instance count greater than 1 to promote high availability.

RuleSageMaker endpoint production variants should have an initial instance count greater than 1
FrameworkAWS Foundational Security Best Practices
Severity
Medium

Rule Description:

To adhere to AWS Foundational Security Best Practices, SageMaker endpoint production variants should have an initial instance count greater than 1. This ensures that the endpoint has high availability by distributing the workload across multiple instances, thereby minimizing the risk of downtime.

Troubleshooting Steps:

If the initial instance count is set to 1 for a SageMaker endpoint production variant, consider the following troubleshooting steps:

  2. 1.
    Verify the current configuration of the SageMaker endpoint.
  4. 2.
    Check the instance count parameter settings for the production variant.
  6. 3.
    Determine the impact of increasing the instance count on cost and performance.
  8. 4.
    Modify the instance count to a value greater than 1 if deemed appropriate.

Remediation Steps:

  2. 1.
    Access the AWS Management Console.
  4. 2.
    Navigate to the Amazon SageMaker service.
  6. 3.
    Identify the endpoint with the production variant that requires adjustment.
  8. 4.
    Select the production variant configuration.
  10. 5.
    Locate the setting for initial instance count.
  12. 6.
    Update the instance count to a value greater than 1.
  14. 7.
    Save the changes to apply the updated configuration to the endpoint.

Code Example:

import boto3

sagemaker = boto3.client('sagemaker')

response = sagemaker.update_endpoint(EndpointName='your-endpoint-name', 
                                     EndpointConfigName='your-endpoint-config',
                                     ProductionVariants=[
                                         {
                                             'InstanceType': 'ml.m4.xlarge',
                                             'InitialInstanceCount': 2,
                                             'ModelName': 'your-model-name',
                                             'VariantName': 'AllTraffic'
                                         }
                                     ])

Following these remediation steps will ensure that the SageMaker endpoint production variant meets the AWS Foundational Security Best Practices by having an initial instance count greater than 1, thereby enhancing the endpoint's availability and reliability.

Is your System Free of Underlying Vulnerabilities?
Find Out Now