MLA-C01 ML Solution Monitoring, Maintenance and Security • Complete Question Bank
Complete MLA-C01 ML Solution Monitoring, Maintenance and Security question bank — all 0 questions with answers and detailed explanations.
A healthcare company deploys a model that predicts patient readmission risk. The model is deployed using a SageMaker real-time endpoint with data capture enabled. The compliance team requires that all inference data be encrypted at rest in S3 using AWS KMS with a customer managed key. The team has configured the endpoint to use an IAM role that includes the necessary KMS permissions. However, after deployment, the captured data is not being written to the S3 bucket. The team checks the CloudWatch logs for the endpoint and finds no errors. The S3 bucket policy is as follows:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::my-bucket/*",
"Condition": {
"Bool": {"aws:SecureTransport": "false"
}
}
}
]
}The bucket also has a default KMS key. What is the MOST likely reason that the captured data is not being written?
Error from SageMaker: ClientError: Cannot use encrypted model artifact. The SageMaker execution role (arn:aws:iam::123456789012:role/SageMakerRole) must have kms:Decrypt permission on the KMS key (arn:aws:kms:us-east-1:123456789012:key/abcd1234-...)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "sagemaker:InvokeEndpoint",
"Resource": "arn:aws:sagemaker:us-east-1:123456789012:endpoint/my-endpoint",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
}
]
}{
"PolicyARN": "arn:aws:autoscaling:us-east-1:123456789012:scalingPolicy:policy-1",
"PolicyName": "SageMakerEndpointScalingPolicy",
"PolicyType": "TargetTrackingScaling",
"TargetTrackingScalingPolicyConfiguration": {
"TargetValue": 70.0,
"PredefinedMetricSpecification": {
"PredefinedMetricType": "SageMakerVariantInvocationsPerInstance"
},
"ScaleInCooldown": 600,
"ScaleOutCooldown": 200
}
}2024-01-01 12:00:00 ERROR - Baseline configuration is missing for data quality monitoring. Unable to evaluate constraints. 2024-01-01 12:00:01 ERROR - Monitoring job failed.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "sagemaker:CreatePresignedDomainUrl",
"Resource": "*"
}
]
}[ERROR] 2024-03-15 10:23:45,123 - sagemaker - 1321 - root - ERROR - InvocationException: Received response status code 404 from container. Error: ResourceNotFoundException: Model 'my-model-v2' is not found. You may be using an outdated endpoint configuration.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::my-bucket/*",
"Condition": {
"StringEquals": {
"s3:x-amz-server-side-encryption": "AES256"
}
}
},
{
"Effect": "Allow",
"Action": [
"kms:Decrypt"
],
"Resource": "arn:aws:kms:us-east-1:123456789012:key/abc123"
}
]
}{
"ProcessingJobName": "my-processing-job",
"ProcessingJobStatus": "Failed",
"FailureReason": "ClientError: Unable to read data from input source: s3://my-bucket/input/data.csv. Please check the path and ensure the file exists."
}[2024-01-15 10:23:45.123] [ERROR] [ContainerHealthCheck] Health check failed: Error: Unable to connect to endpoint. [2024-01-15 10:23:45.456] [INFO] [ModelServer] Starting model server... [2024-01-15 10:23:50.789] [ERROR] [ModelServer] Model server failed to start: OSError: [Errno 24] Too many open files
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::my-bucket/*",
"Condition": {
"StringEquals": {
"s3:prefix": "training-data/"
}
}
}
]
}{
"MonitoringScheduleName": "data-quality-monitor",
"MonitoringType": "DataQuality",
"ScheduleConfig": {
"ScheduleExpression": "cron(0 * * * ? *)"
},
"MonitoringJobDefinition": {
"BaseliningJobDefinition": {
"BaselineJobName": "baseline-job-1",
"BaseliningJobOutputConfig": {
"MonitoringOutputS3Uri": "s3://my-bucket/baseline/"
}
},
"MonitoringOutputConfig": {
"MonitoringOutputS3Uri": "s3://my-bucket/monitoring-results/"
},
"Environment": {
"max_runtime_in_seconds": "3600"
}
}
}Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sagemaker:CreateTrainingJob",
"sagemaker:DescribeTrainingJob",
"sagemaker:StopTrainingJob"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::my-bucket/training/*"
},
{
"Effect": "Deny",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::my-bucket/training/sensitive-data.csv"
}
]
}
```Refer to the exhibit. ``` 2024-01-15 10:23:45,123 [INFO] Starting inference at endpoint ... 2024-01-15 10:23:45,456 [ERROR] Model output contains NaN values. 2024-01-15 10:23:45,457 [WARN] Input feature x has value -9999.0 which is unusual. ```
Refer to the exhibit.
CloudWatch Logs excerpt:
```
2024-09-21T14:22:10Z ERROR - Model endpoint 'fraud-model-v2' returned unexpected response: {"prediction": 0.95}. Expected format: {"predictions": [{"score": 0.95}]}. Check inference code and response structure.
```