You are a machine learning engineer deploying a model that processes sensitive financial data using Amazon SageMaker. The team requires a network architecture that ensures complete isolation from public internet access while allowing seamless communication with other AWS services. Which configuration best meets these requirements?