You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Azure Machine Learning is composed of multiple Azure services. There are multiple ways that authentication can happen between Azure Machine Learning and the services it relies on.
22
21
23
-
24
22
* The Azure Machine Learning workspace uses a __managed identity__ to communicate with other services. By default, this is a system-assigned managed identity. You can also use a user-assigned managed identity instead.
25
23
* Azure Machine Learning uses Azure Container Registry (ACR) to store Docker images used to train and deploy models. If you allow Azure Machine Learning to automatically create ACR, it will enable the __admin account__.
26
24
* The Azure Machine Learning compute cluster uses a __managed identity__ to retrieve connection information for datastores from Azure Key Vault and to pull Docker images from ACR. You can also configure identity-based access to datastores, which will instead use the managed identity of the compute cluster.
@@ -37,7 +35,7 @@ Azure Machine Learning is composed of multiple Azure services. There are multipl
37
35
38
36
## Azure Container Registry and identity types
39
37
40
-
The following table lists the support matrix when authenticating to __Azure Container Registry__, depending on the authentication method and the __Azure Container Registry's__[public network access configuration](/azure/container-registry/container-registry-access-selected-networks).
38
+
This table lists the support matrix when authenticating to __Azure Container Registry__, depending on the authentication method and the __Azure Container Registry's__[public network access configuration](/azure/container-registry/container-registry-access-selected-networks).
For information on configuring managed identity when creating a compute cluster in studio, see [Set up managed identity](how-to-create-attach-compute-cluster.md#set-up-managed-identity).
@@ -597,6 +594,11 @@ You can now use the environment in a [training job](how-to-train-cli.md).
597
594
598
595
### Build Azure Machine Learning managed environment into base image from private ACR for training or inference
599
596
597
+
> [!NOTE]
598
+
> Connecting to a private ACR using user-assigned managed identity is not currently supported. **Admin key** is the only auth type supported for private ACR.
599
+
600
+
<!-- 20240725: this commented block will be restored at a later date TBD . . .
In this scenario, Azure Machine Learning service builds the training or inference environment on top of a base image you supply from a private ACR. Because the image build task happens on the workspace ACR using ACR Tasks, you must perform more steps to allow access.
@@ -642,7 +644,7 @@ In this scenario, Azure Machine Learning service builds the training or inferenc
642
644
image: <acr url>/pytorch/pytorch:latest
643
645
description: Environment created from private ACR.
644
646
```
645
-
647
+
-->
646
648
## Next steps
647
649
648
650
* Learn more about [enterprise security in Azure Machine Learning](concept-enterprise-security.md)
0 commit comments