# Configure VPC Networking for Amazon SageMaker Unified Studio Domain
<a name="vpc-networking-iam-based-domains"></a>

**Topics**
+ [Network settings in IAM-based domains](configure-vpc-networking-iam-based-domains.md)
+ [Update Individual Projects with VPC Configuration](update-individual-projects-vpc.md)
+ [View VPC Networking Details for Your Domain](view-vpc-networking-details.md)

# Network settings in IAM-based domains
<a name="configure-vpc-networking-iam-based-domains"></a>

Amazon Virtual Private Cloud (Amazon VPC) networking with subnets is required when using certain compute services within Amazon SageMaker Unified Studio. You configure VPC networking at the domain level to provide network isolation and connectivity for compute resources, database connections, and other AWS services.

When you configure VPC networking for your domain, all projects created after the configuration will automatically use the specified VPC. You can choose to update existing projects immediately or update them individually at a later time.

VPC configuration is permanent once applied to a domain and cannot be changed or removed after it is saved.

Prerequisites:
+ Domain administrator permissions for Amazon SageMaker Unified Studio
+ An existing VPC that meets the following requirements:
  + At least 2 private subnets in different Availability Zones
  + DNS hostname and DNS support enabled
  + At least 5 free IP addresses per Amazon SageMaker Unified Studio project
+ Appropriate IAM permissions to access VPC resources

1. From the domain administration page, choose **Settings** in the left navigation pane.

1. In the **Networking** section, choose **Add VPC**.

1. In the **Add VPC** dialog, review the warning message that VPC configuration cannot be changed after it is added.

1. In the **VPC** section, choose **Select** and select the VPC where your compute resources will be housed.
**Note**  
If no VPC has been set up for use with Amazon SageMaker Unified Studio, you can choose **Create VPC** to create a new VPC using AWS CloudFormation.

1. In the **Subnets** section, choose **Select** and select at least two subnets in different Availability Zones.
**Warning**  
Your subnets must be private or some functionality will not be available. Select subnets configured with the required VPC endpoints to establish connectivity to AWS services.

1. In the **Project update option** section, choose one of the following:
   + Update all projects immediately - All existing projects will be updated automatically after saving. This may take a few minutes for domains with more than 20 projects.
   + Update projects separately - Go to each project detail page and manually update projects with the VPC configuration.

1. Choose **Save & Update**.

You can now view the configured VPC details in the **Networking** section of the Settings tab. All new projects created in the domain will use this VPC configuration.

# Update Individual Projects with VPC Configuration
<a name="update-individual-projects-vpc"></a>

When you configure VPC networking for your domain with the "Update projects separately" option, existing projects are not automatically updated with the VPC configuration. You must manually update each project to apply the domain's VPC settings.

This approach allows you to control when projects are updated and ensures that active workloads are not disrupted during the VPC configuration process.

1. From the domain administration page, choose **Projects** in the left navigation pane.

1. From the projects list, choose the project you want to update.

1. On the project detail page, you will see a banner at the top indicating "Configurations have changed. Please update this project to access the latest configuration."

1. In the banner, choose **Update**.

1. Confirm the update when prompted.

# View VPC Networking Details for Your Domain
<a name="view-vpc-networking-details"></a>

After configuring VPC networking for your Amazon SageMaker Unified Studio domain, you can view the VPC and subnet details from the domain settings. This information shows the current networking configuration that will be used by projects and compute resources.

1. From the domain administration page, choose **Settings** in the left navigation pane.

1. In the **Networking** section, review the configured VPC details:
   + VPC - Shows the VPC ID and provides a link to view the VPC in the Amazon VPC console
   + Subnets - Lists all configured subnets with links to view each subnet in the Amazon VPC console

1. To view additional VPC configuration details, choose the VPC ID link to open the Amazon VPC console.

1. To view subnet configuration details, choose any subnet ID link to open the specific subnet in the Amazon VPC console.