Table: aws_sagemaker_endpoint_configuration - Query AWS SageMaker Endpoint Configurations using SQL

The AWS SageMaker Endpoint Configuration is a feature of Amazon SageMaker, a fully managed service that provides developers and data scientists with the ability to build, train, and deploy machine learning (ML) models quickly. It allows you to define the settings for deploying your model in SageMaker, including the ML compute instances to deploy and the initial variant weights. This configuration is used when you create a SageMaker model endpoint, enabling real-time inferences from the model.

Table Usage Guide

The aws_sagemaker_endpoint_configuration table in Steampipe provides you with information about endpoint configurations within AWS SageMaker. This table enables you, as a data scientist, machine learning engineer, or DevOps professional, to query endpoint configuration specific details, including the Amazon Resource Name (ARN), creation time, endpoint configuration name, and production variants. You can utilize this table to gather insights on endpoint configurations, such as the instances count per variant, instance type per variant, variant name, and more. The schema outlines the various attributes of the SageMaker endpoint configuration that are available to you, including the endpoint configuration ARN, creation time, endpoint configuration name, and the production variants.

Examples

Basic info

Explore the various configurations of your AWS SageMaker endpoints to gain insights into their setup, including details like creation time and associated tags. This can help optimize resource usage and improve management of machine learning models.

select
  name,
  arn,
  kms_key_id,
  creation_time,
  production_variants,
  tags
from
  aws_sagemaker_endpoint_configuration;

select
  name,
  arn,
  kms_key_id,
  creation_time,
  production_variants,
  tags
from
  aws_sagemaker_endpoint_configuration;

List unencrypted endpoint configurations

Determine the areas in which SageMaker endpoint configurations are not encrypted, which could potentially expose sensitive data. This query is useful in identifying potential security risks within your AWS environment.

select
  name,
  arn,
  kms_key_id
from
  aws_sagemaker_endpoint_configuration
where
  kms_key_id is null;

select
  name,
  arn,
  kms_key_id
from
  aws_sagemaker_endpoint_configuration
where
  kms_key_id is null;

Control examples

SageMaker endpoint configuration encryption should be enabled

Schema for aws_sagemaker_endpoint_configuration

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text	=, !=, ~~, ~~, !~~, !~~	The AWS Account ID in which the resource is located.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
arn	text		The Amazon Resource Name (ARN) of the endpoint configuration.
async_inference_config	jsonb		Returns the description of an endpoint configuration created using the CreateEndpointConfig API.
clarify_explainer_config	jsonb		A member of ExplainerConfig that contains configuration parameters for the SageMaker Clarify explainer.
creation_time	timestamp with time zone	>, >=, <, <=	A timestamp that shows when the endpoint configuration was created.
data_capture_config	jsonb		Specifies the parameters to capture input/output of Sagemaker models endpoints.
enable_network_isolation	boolean		AWS KMS key ID Amazon SageMaker uses to encrypt data when storing it on the ML storage volume attached to the instance.
execution_role_arn	text		The Amazon Resource Name (ARN) of the IAM role that you assigned to the endpoint configuration.
kms_key_id	text		AWS KMS key ID Amazon SageMaker uses to encrypt data when storing it on the ML storage volume attached to the instance.
name	text	=	The name of the endpoint configuration.
partition	text		The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
production_variants	jsonb		An array of ProductionVariant objects, one for each model that you want to host at this endpoint.
region	text		The AWS Region in which the resource is located.
shadow_production_variants	jsonb		An array of ProductionVariant objects, one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tags	jsonb		A map of tags for the resource.
tags_src	jsonb		The list of tags for the endpoint configuration.
title	text		Title of the resource.
vpc_config	jsonb		Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_sagemaker_endpoint_configuration