steampipe plugin install aws

Table: aws_sagemaker_notebook_instance - Query AWS SageMaker Notebook Instances using SQL

The AWS SageMaker Notebook Instances are a fully managed service that provides Jupyter notebooks for data exploration, cleaning, and preprocessing. They also provide a development environment to create machine learning models and experiments. These instances allow you to seamlessly connect to your data stored in AWS S3, AWS DynamoDB, AWS Redshift, and more, facilitating easier data manipulation and analysis.

Table Usage Guide

The aws_sagemaker_notebook_instance table in Steampipe provides you with information about Notebook Instances within AWS SageMaker. This table allows you, as a DevOps engineer, data scientist, or other AWS user, to query Notebook Instance-specific details, including instance status, instance type, associated roles, and other metadata. You can utilize this table to gather insights on instances, such as instances with certain roles, instance statuses, and more. The schema outlines the various attributes of the SageMaker Notebook Instance for you, including the instance name, instance type, role ARN, creation time, and associated tags.

Examples

Basic info

Determine the areas in which AWS SageMaker notebook instances are being used, by examining their creation times, instance types, and current statuses. This allows for better resource management and operational oversight.

select
name,
arn,
creation_time,
instance_type,
notebook_instance_status
from
aws_sagemaker_notebook_instance;
select
name,
arn,
creation_time,
instance_type,
notebook_instance_status
from
aws_sagemaker_notebook_instance;

List notebook instances that do not have encryption at rest enabled

Identify instances where AWS SageMaker notebook instances lack encryption at rest, a crucial security feature. This can help in enhancing data security by pinpointing areas that need attention.

select
name,
kms_key_id
from
aws_sagemaker_notebook_instance
where
kms_key_id is null;
select
name,
kms_key_id
from
aws_sagemaker_notebook_instance
where
kms_key_id is null;

List publicly available notebook instances

Uncover the details of SageMaker notebook instances that have disabled direct internet access, allowing you to assess security measures and ensure data protection.

select
name,
direct_internet_access
from
aws_sagemaker_notebook_instance
where
direct_internet_access = 'Disabled';
select
name,
direct_internet_access
from
aws_sagemaker_notebook_instance
where
direct_internet_access = 'Disabled';

List notebook instances that allow root access

Identify instances where root access is enabled in your AWS Sagemaker notebook instances, which could potentially pose security risks. This is useful for maintaining and improving security measures within your system.

select
name,
root_access
from
aws_sagemaker_notebook_instance
where
root_access = 'Enabled';
select
name,
root_access
from
aws_sagemaker_notebook_instance
where
root_access = 'Enabled';

Schema for aws_sagemaker_notebook_instance

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
accelerator_typesjsonbThe list of the Elastic Inference (EI) instance types associated with this notebook instance.
account_idtextThe AWS Account ID in which the resource is located.
additional_code_repositoriesjsonbAn array of up to three Git repositories associated with the notebook instance.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe Amazon Resource Name (ARN) of the notebook instance.
creation_timetimestamp with time zoneA timestamp that shows when the notebook instance was created.
default_code_repositorytext=The Git repository associated with the notebook instance as its default code repository.
direct_internet_accesstextDescribes whether Amazon SageMaker provides internet access to the notebook instance.
failure_reasontextIf status is Failed, the reason it failed.
instance_typetextThe type of ML compute instance that the notebook instance is running on.
kms_key_idtextThe AWS KMS key ID Amazon SageMaker uses to encrypt data when storing it on the ML storage volume attached to the instance.
last_modified_timetimestamp with time zoneA timestamp that shows when the notebook instance was last modified.
nametext=The name of the notebook instance.
network_interface_idtextThe network interface IDs that Amazon SageMaker created at the time of creating the instance.
notebook_instance_lifecycle_config_nametext=The name of a notebook instance lifecycle configuration associated with this notebook instance.
notebook_instance_statustext=The status of the notebook instance.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
role_arntextThe Amazon Resource Name (ARN) of the IAM role associated with the instance.
root_accesstextWhether root access is enabled or disabled for users of the notebook instance.Lifecycle configurations need root access to be able to set up a notebook instance
security_groupsjsonbThe IDs of the VPC security groups.
subnet_idtextThe ID of the VPC subnet.
tagsjsonbA map of tags for the resource.
tags_srcjsonbThe list of tags for the notebook instance.
titletextTitle of the resource.
urltextThe URL that you use to connect to the Jupyter notebook that is running in your notebook instance.
volume_size_in_gbbigintThe size, in GB, of the ML storage volume attached to the notebook instance.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_sagemaker_notebook_instance