AWS re:Invent 2025 - Securing Machine Learning Resources on AWS (TNC321)

Securing Machine Learning Resources on AWS

Importance of Security for Machine Learning Workloads

• Machine learning and AI constitute a new class of targets for threat actors, making security a critical concern
• Potential threats include unauthorized access, data breaches, and misuse of AWS resources for cryptocurrency mining

Key AWS Security Tools and Practices

1. Identity and Access Management (IAM):

   • Roles are the core of identity and authentication in AWS
   • Properly configuring IAM roles is essential for securing machine learning workloads

2. Infrastructure and Network Security:

   • Avoid exposing machine learning workloads directly to the public internet
   • Use VPC endpoints and transit gateways to enable secure connectivity

3. Data Protection:

   • Leverage the AWS Key Management Service (KMS) for easy, FIPS 140-2 compliant data encryption
   • Use customer-managed KMS keys to enable granular access control and detailed logging

4. Model Security:

   • Ensure appropriate access controls and monitoring for machine learning models running in your AWS account

5. Logging, Monitoring, and Auditing:

   • Configure AWS CloudTrail to log all API calls and enable detailed auditing
   • Utilize the new "Trusted Identity Propagation" feature to simplify auditing and attribution

Integrating Security with SageMaker Unified Studio

1. AWS Identity Center:

   • Serves as the centralized identity management service, integrating with on-premises directories or external identity providers
   • Enables seamless single sign-on and role-based access control across multiple AWS accounts

2. SageMaker Unified Studio Domains:

   • Provides a self-contained environment for data scientists and machine learning users
   • Leverages Identity Center to manage user access and permissions

3. Trusted Identity Propagation:

   • Allows AWS services to securely pass a user's identity from Identity Center across service boundaries
   • Simplifies auditing and attribution by providing detailed information on who performed actions within the environment

Key Takeaways

1. Utilize AWS Identity Center as the centralized identity management service to simplify user access and permissions across multiple AWS accounts.
2. Implement robust network security practices, such as using VPC endpoints and transit gateways, to isolate machine learning workloads from the public internet.
3. Embrace the AWS Key Management Service (KMS) and customer-managed keys to ensure comprehensive data encryption and access control.
4. Leverage the "Trusted Identity Propagation" feature to streamline auditing and attribution within the SageMaker Unified Studio environment.
5. SageMaker Unified Studio provides a secure, self-contained environment for data scientists and machine learning users, with seamless integration to AWS Identity Center for user management.

Real-World Applications and Benefits

• Securing machine learning workloads is crucial as AI and ML become increasingly prevalent targets for threat actors
• The presented AWS security tools and practices enable organizations to protect sensitive data, models, and computing resources used for machine learning
• By integrating security features like Identity Center and Trusted Identity Propagation, SageMaker Unified Studio simplifies the deployment and management of secure machine learning environments for data scientists and ML engineers