1 Answer
- Newest
- Most votes
- Most comments
1
For the security group for Amazon FSx (Example: FSx-SG), you need to add the following additional rules:
- FSx-SG needs inbound access from the security group for SageMaker (Example: SM-SG). The SageMaker instance needs to initiate a connection to the Amazon FSx file system, which is an inbound TCP packet to FSx.
- FSx-SG needs inbound and outbound access to itself. This is because, Amazon FSx for Lustre is a clustered file system, where each file system is typically powered by multiple file servers, and the file servers need to communicate with one another.
For more information on the minimum set of rules required for FSx-SG, see [File system access control with Amazon VPC][1]. [1]: https://docs.aws.amazon.com/fsx/latest/LustreGuide/limit-access-security-groups.html
answered 4 years ago
Relevant content
- Accepted Answer
- Accepted Answer
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 years ago