You cannot use IAM policies to stop a SageMaker notebook user from seeing or downloading .py files stored inside the notebook’s filesystem because once they have access to the notebook, they can see all files there. To protect your .py files, keep them outside the notebook instance—like in a private S3 bucket or a private code repository—and have the notebook load or call the code from there. This way, users can run the notebook but won’t have direct access to download your .py files.