You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/how-to-identity-based-service-authentication.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -39,10 +39,12 @@ Azure Machine Learning is composed of multiple Azure services. There are multipl
39
39
40
40
The Azure Machine Learning workspace uses a __managed identity__ to communicate with other services. Multiple identity types are supported for Azure Machine Learning.
41
41
42
-
| Managed identity type | Role assignment creation |Description|
42
+
| Managed identity type | Role assignment creation |Purpose|
43
43
| ---- | :----: | :----: |
44
-
| System-assigned | Managed by Microsoft | Lifecycle tied to resource; single resource use; simple to get started |
45
-
| System-assigned+user-assigned | Managed by you | Independent lifecycle for user-assigned identity, multi-resource use, controls least privileged access. |
44
+
| System-assigned (SAI) | Managed by Microsoft | Lifecycle tied to resource; single resource use; simple to get started |
45
+
| System-assigned+user-assigned (SAI+UAI) | Managed by you | Independent lifecycle for user-assigned identity, multi-resource use, controls least privileged access. Access data in training jobs. |
46
+
47
+
Once a workspace is created with SAI identity type, it can be updated to SAI+UAI, but not back from SAI+UAI to SAI. You may assign multiple user-assigned identities to the same workspace.
46
48
47
49
To learn more about managed identity in Azure, see [Manage user-assigned managed identities](../entra/identity/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
48
50
@@ -178,7 +180,6 @@ Not supported currently.
178
180
> [!TIP]
179
181
> To add a new UAI, you can specify the new UAI ID under the section user_assigned_identities in addition to the existing UAIs, it's required to pass all the existing UAI IDs.<br>
180
182
To delete one or more existing UAIs, you can put the UAI IDs which needs to be preserved under the section user_assigned_identities, the rest UAI IDs would be deleted.<br>
181
-
To update identity type from SAI to UAI|SAI, you can change type from "user_assigned" to "system_assigned, user_assigned".
0 commit comments