SAP AI Research
Published in

SAP AI Research

Ensuring End-user Privacy and Data Security for Machine Learning Using AWS Virtual Private Cloud

Karan -, Enrique Garcia Perez and Tassilo Klein (ML Research Berlin)

The VPC we created consists of two subnets: public and private.

VPC Topology: How the Components Interact

Fig. 1: VPC Infrastructure depiction

Ansible automation

Ansible playbook snippet (vars.yml) for setting up VPC

# Authorization variables for AWSaws_access_key: "Provide your access key"aws_secret_key: "Provide Your secret Key"aws_region:     "eu-west-1"# Information about VPCvpc_name:       "ML_Research_VPC"vpc_cidr_block: ""# For Security Group Rule - optional (flexible and easy to be modified later)my_ip:         "X.X.X.X"# defining public Subnetpublic_subnet_1_cidr:  ""# defining private Subnetprivate_subnet_1_cidr: ""
ansible-playbook “your playbook file.yml“ –i inventory –e @vars.yml
Fig. 3: Successful Execution of Playbook for VPC Creation

Configuration of bastion host

Launching an EC2 instance in the private subnet of VPC

SSH Configuration to access your instance

Host 10.0.1.*    IdentityFile /path-to-your-private-key.pem    User ec2-user    ProxyCommand ssh ec2-user@bastion -W %h:%p    UseKeychain yesHost bastion    HostName [ip address of bastion]    User ec2-user    IdentityFile /path-to-your-private-key.pem    ForwardAgent Yes
                    ssh [private-ip of instance]
                            ssh bastion



We are a part of SAP Artificial Technologies and this is our blog where we write about our current machine learning research projects and share the latest news.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store