You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ai-studio/concepts/encryption-keys-portal.md
+20-15Lines changed: 20 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ ms.service: azure-ai-services
8
8
ms.custom:
9
9
- ignite-2023
10
10
ms.topic: concept-article
11
-
ms.date: 11/21/2024
11
+
ms.date: 01/27/2025
12
12
ms.reviewer: deeikele
13
13
# Customer intent: As an admin, I want to understand how I can use my own encryption keys with Azure AI Foundry.
14
14
---
@@ -27,10 +27,22 @@ Azure AI services data is encrypted and decrypted using [FIPS 140-2](https://en.
27
27
28
28
## Data storage in your subscription when using customer-managed keys
29
29
30
-
Hub resources store metadata in your Azure subscription when using customer-managed keys. Data is stored in a Microsoft-managed resource group that includes an Azure Storage account, Azure Cosmos DB resource and Azure AI Search.
30
+
There are two possible configurations you can use for customer-managed keys in Azure AI Foundry. The newer configuration stores encrypted data service-side on Microsoft-managed resources. The older (classic) configuration stores encrypted data in your Azure subscription in a Microsoft-managed resource group.
31
+
32
+
### Server-side storage of encrypted data
33
+
34
+
In the new architecture for customer-managed key encryption with hubs, encrypted data is stored service-side on Microsoft-managed resources. Metadata is stored in multitenant resources using document-level CMK encryption. An Azure AI Search instance is hosted on the Microsoft-side per customer, and for each hub. Due to its dedicated resource model, its Azure cost is charged in your subscription via the hub resource.
35
+
36
+
> [!NOTE]
37
+
> - Key rotation and user-assigned identity capabilities aren't supported. Service-side encryption is currently not supported in reference to an Azure Key Vault for storing your encryption key that has public network access disabled.
38
+
> - If you're using the server-side storage, Azure charges continue to accrue during the soft delete retention period.
39
+
40
+
### Subscription-side storage of encrypted data (classic configuration)
41
+
42
+
Hub resources store metadata in your Azure subscription when using customer-managed keys. Data is stored in a Microsoft-managed resource group that includes an Azure Storage account, Azure Cosmos DB resource, and Azure AI Search.
31
43
32
44
> [!IMPORTANT]
33
-
> When using a customer-managed key, the costs for your subscription will be higher because encrypted data is stored in your subscription. To estimate the cost, use the [Azure pricing calculator](https://azure.microsoft.com/pricing/calculator/).
45
+
> When using a customer-managed key, the costs for your subscription are higher because encrypted data is stored in your subscription. To estimate the cost, use the [Azure pricing calculator](https://azure.microsoft.com/pricing/calculator/).
34
46
35
47
The encryption key you provide when creating a hub is used to encrypt data that is stored on Microsoft-managed resources. All projects using the same hub store data on the resources in a managed resource group identified by the name `azureml-rg-hubworkspacename_GUID`. Projects use Microsoft Entra ID authentication when interacting with these resources. If your hub has a private link endpoint, network access to the managed resources is restricted. The managed resource group is deleted, when the hub is deleted.
36
48
@@ -45,17 +57,9 @@ The following data is stored on the managed resources.
45
57
>[!IMPORTANT]
46
58
> Azure AI Foundry uses Azure compute that is managed in the Microsoft subscription, for example when you fine-tune models or or build flows. Its disks are encrypted with Microsoft-managed keys. Compute is ephemeral, meaning after a task is completed the virtual machine is deprovisioned, and the OS disk is deleted. Compute instance machines used for 'Code' experiences are persistant. Azure Disk Encryption isn't supported for the OS disk.
47
59
48
-
## (Preview) Service-side storage of encrypted data when using customer-managed keys
49
-
50
-
A new architecture for customer-managed key encryption with hubs is available in preview, which resolves the dependency on the managed resource group. In this new model, encrypted data is stored service-side on Microsoft-managed resources instead of in managed resources in your subscription. Metadata is stored in multitenant resources using document-level CMK encryption. An Azure AI Search instance is hosted on the Microsoft-side per customer, and for each hub. Due to its dedicated resource model, its Azure cost is charged in your subscription via the hub resource.
51
-
52
-
> [!NOTE]
53
-
> - During this preview key rotation and user-assigned identity capabilities are not supported. Service-side encryption is currently not supported in reference to an Azure Key Vault for storing your encryption key that has public network access disabled.
54
-
> - If you are using the preview server-side storage, Azure charges will continue to accrue during the soft delete retention period.
55
-
56
60
## Use customer-managed keys with Azure Key Vault
57
61
58
-
You must use Azure Key Vault to store your customer-managed keys. You can either create your own keys and store them in a key vault, or you can use the Azure Key Vault APIs to generate keys. The Azure AI services resource and the key vault must be in the same region and in the same Microsoft Entra tenant, but they can be in different subscriptions. For more information about Azure Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview).
62
+
You must use Azure Key Vault to store your customer-managed keys regardless of which configuration you decide to use. You can either create your own keys and store them in a key vault, or you can use the Azure Key Vault APIs to generate keys. The Azure AI services resource and the key vault must be in the same region and in the same Microsoft Entra tenant, but they can be in different subscriptions. For more information about Azure Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview).
59
63
60
64
To enable customer-managed keys, the key vault containing your keys must meet these requirements:
61
65
@@ -64,7 +68,7 @@ To enable customer-managed keys, the key vault containing your keys must meet th
64
68
- You must grant your hub's and Azure AI Services resource's system-assigned managed identity the following permissions on your key vault: *get key*, *wrap key*, *unwrap key*.
65
69
66
70
The following limitations hold for Azure AI Services:
67
-
- Only Azure Key Vault with [legacy access policies](/azure/key-vault/general/assign-access-policy) are supported.
71
+
- Only Azure Key Vaults with [legacy access policies](/azure/key-vault/general/assign-access-policy) are supported.
68
72
- Only RSA and RSA-HSM keys of size 2048 are supported with Azure AI services encryption. For more information about keys, see **Key Vault keys** in [About Azure Key Vault keys, secrets, and certificates](/azure/key-vault/general/about-keys-secrets-certificates).
69
73
70
74
### Enable your Azure AI Services resource's managed identity
@@ -87,8 +91,9 @@ Customer-managed key encryption is configured via Azure portal in a similar way
87
91
:::image type="content" source="../../machine-learning/media/concept-customer-managed-keys/cmk-service-side-encryption.png" alt-text="Screenshot of the encryption tab with the option for service side encryption selected." lightbox="../../machine-learning/media/concept-customer-managed-keys/cmk-service-side-encryption.png":::
88
92
89
93
Alternatively, use infrastructure-as-code options for automation. Example Bicep templates for Azure AI Foundry are available on the Azure Quickstart repo:
94
+
95
+
1.[Service-side CMK encryption for hub](https://github.com/azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.machinelearningservices/aistudio-cmk-service-side-encryption).
90
96
1.[CMK encryption for hub](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.machinelearningservices/aistudio-cmk).
91
-
1.[Service-side CMK encryption preview for hub](https://github.com/azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.machinelearningservices/aistudio-cmk-service-side-encryption).
92
97
93
98
## Limitations
94
99
@@ -98,7 +103,7 @@ Alternatively, use infrastructure-as-code options for automation. Example Bicep
98
103
* At the time of creation, you can't provide or modify resources that are created in the Microsoft-managed Azure resource group in your subscription.
99
104
* You can't delete Microsoft-managed resources used for customer-managed keys without also deleting your hub.
100
105
*[Azure AI services Customer-Managed Key Request Form](https://aka.ms/cogsvc-cmk) is still required for Speech and Content Moderator.
101
-
* If you are using the [server-side preview](#preview-service-side-storage-of-encrypted-data-when-using-customer-managed-keys), Azure charges will continue to accrue during the soft delete retention period.
106
+
* If you're using the [server-side](#server-side-storage-of-encrypted-data), Azure charges continue to accrue during the soft delete retention period.
0 commit comments