A team of data scientists is utilizing Amazon SageMaker instances and SageMaker APIs within a VPC that is completely isolated from the internet to train their machine learning models. The datasets required for training these models are stored in an Amazon S3 bucket, which is accessible through interface VPC endpoints. Occasionally, the data scientists need to update their Python packages using the Python Package Index (PyPI) repository. A solutions architect is tasked with ensuring access to PyPI while maintaining the isolation of the SageMaker instances from the internet. What solution should the architect implement to fulfill these requirements?

Exam-Like

Create an AWS CodeCommit repository for each required package, synchronize it with the PyPI repository, and establish a VPC endpoint for CodeCommit.

22.2%

Set up a NAT gateway within the VPC, configure VPC routes to permit internet access solely through a network ACL that restricts access to the PyPI repository endpoint.

33.3%

Deploy a NAT instance in the VPC, configure VPC routes for internet access, and set up SageMaker notebook instance firewall rules to allow access exclusively to the PyPI repository endpoint.

11.1%

Establish an AWS CodeArtifact domain and repository, connect it to the public:pypi repository, configure the Python client to utilize the CodeArtifact repository, and create a VPC endpoint for CodeArtifact.

33.3%

AWS Certified Solutions Architect - Professional

Get started today

Comments