You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/concept-enterprise-security.md
+6-7Lines changed: 6 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,11 +6,12 @@ services: machine-learning
6
6
ms.service: azure-machine-learning
7
7
ms.subservice: enterprise-readiness
8
8
ms.custom: build-2023
9
-
ms.topic: conceptual
9
+
ms.topic: concept-article
10
10
ms.author: larryfr
11
11
author: Blackmist
12
-
ms.reviewer: aashishb
13
-
ms.date: 09/13/2023
12
+
ms.reviewer: meerakurup
13
+
ms.date: 09/12/2024
14
+
# Customer Intent: As an admin, I want to understand how to secure Azure Machine Learning resources and workflows so that I can comply with my organization's security policies.
14
15
---
15
16
16
17
# Enterprise security and governance for Azure Machine Learning
@@ -58,7 +59,7 @@ We don't recommend that admins revoke the access of the managed identity to the
58
59
>
59
60
> If your workspace has an attached AKS cluster, and it was created before May 14, 2021, _do not delete this Microsoft Entra account_. In this scenario, you must delete and re-create the AKS cluster before you can delete the Microsoft Entra account.
60
61
61
-
You can provision the workspace to use a user-assigned managed identity, and then grant the managed identity additional roles. For example, you might grant a role to access your own Azure Container Registry instance for base Docker images.
62
+
You can provision the workspace to use a user-assigned managed identity, and then grant the managed identity other roles. For example, you might grant a role to access your own Azure Container Registry instance for base Docker images.
62
63
63
64
You can also configure managed identities for use with an Azure Machine Learning compute cluster. This managed identity is independent of the workspace managed identity. With a compute cluster, the managed identity is used to access resources such as secured datastores that the user running the training job might not have access to. For more information, see [Use managed identities for access control](how-to-identity-based-service-authentication.md).
64
65
@@ -123,10 +124,8 @@ Azure Machine Learning has several inbound and outbound network dependencies. So
123
124
124
125
For more information on Azure Policy, see the [Azure Policy documentation](/azure/governance/policy/overview). For more information on the policies that are specific to Azure Machine Learning, see [Audit and manage Azure Machine Learning](how-to-integrate-azure-policy.md).
125
126
126
-
## Next steps
127
+
## Related content
127
128
128
129
*[Azure Machine Learning best practices for enterprise security](/azure/cloud-adoption-framework/ready/azure-best-practices/ai-machine-learning-enterprise-security)
129
-
*[Use Azure Machine Learning with Azure Firewall](how-to-access-azureml-behind-firewall.md)
130
130
*[Use Azure Machine Learning with Azure Virtual Network](how-to-network-security-overview.md)
131
-
*[Encrypt data at rest and in transit](concept-data-encryption.md)
132
131
*[Build a real-time recommendation API on Azure](/azure/architecture/reference-architectures/ai/real-time-recommendation)
0 commit comments