MicrosoftDocs
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/1-azure-policy-ai-services.yml
Lines changed: 13 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/1-azure-policy-ai-services.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/2-assess-ai-workload-compliance-with-azure-policy.yml
Lines changed: 13 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/2-assess-ai-workload-compliance-with-azure-policy.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/3-azure-ai-foundry-azure-machine-learning-policies.yml
Lines changed: 13 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/3-azure-ai-foundry-azure-machine-learning-policies.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/4-knowledge-check.yml
Lines changed: 47 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/4-knowledge-check.yml
Lines changed: 47 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/5-summary.yml
Lines changed: 13 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/5-summary.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/includes/1-azure-policy-ai-services.md
Lines changed: 44 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/includes/1-azure-policy-ai-services.md
Lines changed: 44 additions & 0 deletions
diff --git a/‎learn-pr/advocates/govern-ai-azure-policy/includes/2-assess-ai-workload-compliance-with-azure-policy.md
Lines changed: 40 additions & 0 deletions b/‎learn-pr/advocates/govern-ai-azure-policy/includes/2-assess-ai-workload-compliance-with-azure-policy.md
Lines changed: 40 additions & 0 deletions
@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.govern-ai-services-azure-policy.azure-policy-ai-services
+title: Azure Policy and AI Services
+metadata:
+  title: Azure Policy and AI services
+  description: Learn about Azure Policies related to AI services.
+  ms.date: 06/26/2025
+  author: Orin-Thomas
+  ms.author: viniap
+  ms.topic: unit
+durationInMinutes: 7
+content: |
+  [!include[](includes/1-azure-policy-ai-services.md)]
@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.govern-ai-services-azure-policy.assess-ai-workload-compliance-with-azure-policy
+title: Assess AI workload compliance with Azure Policy
+metadata:
+  title: Assess AI workload compliance with Azure Policy
+  description: Learn how to use Azure Policy to assess AI workload compliance.
+  ms.date: 06/26/2025
+  author: Orin-Thomas
+  ms.author: viniap
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/2-assess-ai-workload-compliance-with-azure-policy.md)]
@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.govern-ai-services-azure-policy.azure-ai-foundry-azure-machine-learning-policies
+title: Azure AI Foundry and Azure Machine Learning Policies
+metadata:
+  title: Azure AI Foundry and Azure Machine Learning policies
+  description: Learn about policies related to Azure AI Foundry and Azure Machine Learning.
+  ms.date: 06/26/2025
+  author: Orin-Thomas
+  ms.author: viniap
+  ms.topic: unit
+durationInMinutes: 14
+content: |
+  [!include[](includes/3-azure-ai-foundry-azure-machine-learning-policies.md)]
@@ -0,0 +1,47 @@
+### YamlMime:ModuleUnit
+uid: learn.govern-ai-services-azure-policy.knowledge-check
+title: Knowledge Check
+metadata:
+  title: Knowledge check
+  description: Check your knowledge.
+  ms.date: 06/26/2025
+  author: Orin-Thomas
+  ms.author: viniap
+  ms.topic: unit
+durationInMinutes: 4
+content: Choose the best response for each question.
+quiz:
+  questions:
+    - content: "You have been tasked with applying a policy to assess the state of an Azure AI Foundry deployment without interfering with its current implementation. How can you ensure the policy targets the existing Azure AI Foundry Hub?"
+      choices:
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.MachineLearningServices/workspaces\", the policy scope targets the desired Resource Group or subscription, and Policy enforcement is disabled."
+          isCorrect: true
+          explanation: "Microsoft.MachineLearningServices/workspaces is the resource ID type for Azure AI Foundry and Azure Machine Learning, the scope ensures the Azure AI Foundry Hub is targeted, and disabled policy enforcement will provide assessment information only."
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.CognitiveServices\" and the policy scope targets the desired Resource Group or subscription."
+          isCorrect: false
+          explanation: "Microsoft.CognitiveServices is the resource ID type for Azure AI services and won't target Azure AI Foundry Hubs as a result."
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.MachineLearningServices/workspaces\", the policy scope targets the desired Resource Group or subscription, and Policy enforcement is enabled."
+          isCorrect: false
+          explanation: "An enabled policy enforcement interferes with the workload if the state isn't in accordance with the policy."
+    - content: "You're a cloud operations administrator responsible for ensuring compliance of AI services in Azure. You need to restrict network access to Azure AI services to enhance security. Which policy should you apply?"
+      choices:
+        - content: "Azure AI Services resources should use Azure Private Link."
+          isCorrect: false
+          explanation: "This policy focuses on connecting your virtual network to Azure services without a public IP address, not network access."
+        - content: "Azure AI Services resources should restrict network access."
+          isCorrect: true
+          explanation: "This policy ensures that only allowed networks can access the service."
+        - content: "Azure AI Services resources should have key access disabled (disable local authentication)."
+          isCorrect: false
+          explanation: "This policy focuses on disabling local authentication, not network access."
+    - content: "You've been tasked with applying a policy that should affect an Azure OpenAI service, but not an Azure AI Search that is also deployed to the same Resource Group in an Azure subscription. How can you ensure this policy doesn't affect the Azure AI Search service?"
+      choices:
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.Search/searchServices\""
+          isCorrect: false
+          explanation: "By targeting Microsoft.Search/searchServices, you're affecting the Azure AI Search service only."
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.MachineLearningServices/workspaces\""
+          isCorrect: false
+          explanation: "Microsoft.MachineLearningServices/workspaces can be used for Azure Machine Learning and Azure AI Foundry resources."
+        - content: "Ensure the policy definition targets resources of type \"Microsoft.CognitiveServices\""
+          isCorrect: true
+          explanation: "By targeting Microsoft.CognitiveServices only, you can ensure the service targets the Azure OpenAI service and not the Azure AI Search service."
@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.govern-ai-services-azure-policy.summary
+title: Summary
+metadata:
+  title: Summary
+  description: TBD
+  ms.date: 06/26/2025
+  author: Orin-Thomas
+  ms.author: viniap
+  ms.topic: unit
+durationInMinutes: 1
+content: |
+  [!include[](includes/5-summary.md)]
@@ -0,0 +1,44 @@
+Azure Policy helps to determine that your organization's deployed workloads comply with regulatory requirements and organizational standards.
+
+Azure Policy evaluates resources and actions in Azure by comparing the properties of those resources to business rules. These business rules, described in JSON format, are known as policy definitions. To simplify management, several business rules (policy definitions) can be grouped together to form a policy initiative, also referred to as a policySet. After your business rules are formed, the policy definition or initiative is assigned to any scope of resources that Azure supports. For example, management groups, subscriptions, resource groups, or individual resources. You can create new policy definitions and initiatives, or you can use preexisting, built-in policies created by Microsoft.
+
+Some businesses workload deployments need to comply with government regulatory standards such as FedRAMP. To help these organizations, Microsoft has created policy initiative definitions, known as built-ins, that map to the compliance domains and security controls included in important compliance standards. For example, an organization that must comply with FedRAMP can apply the FedRAMP Moderate or FedRAMP High initiatives available in Azure Policy to assess the compliance of a workload's configuration.
+
+As an AI workload operations administrator, Azure it's your responsibility to ensure services are following the business, security, and regulatory guidelines for your company. In that role, you should consider using Azure Policy with the following services:
+
+- Azure AI services: This is a suite of Azure services to help developers create applications with out-of-the-box, prebuilt, and customizable APIs and models. Services in this suite include Azure OpenAI service, Azure AI Search, Azure AI Document Intelligence, and more.
+- Azure AI Foundry: Azure AI Foundry is a cloud service for the full lifecycle of application development. With AI Foundry developers can explore, build, test, and deploy AI tools and ML models.
+- Azure Machine Learning: Azure Machine Learning is a cloud service for accelerating and managing the machine learning (ML) project lifecycle.
+
+Policy definitions or initiatives have a scope to which they're applied. When you apply the scope of a Resource Group (or another scope) to a definition or initiative, the JSON file for the underlying policy definition targets resources based on the resource type.
+
+Here's an example definition for an audit policy to enable the usage of Private Endpoint for Azure AI services on GitHub:
+
+[![A screenshot of the Azure portal, with an Azure AI services policy related to private endpoints displayed.](../media/ai-services-policy.svg)](../media/ai-services-policy-big.svg#lightbox)
+
+This definition runs under its scope against any resource of type Microsoft.CognitiveServices. When you analyze the resource ID structure of a service such as Azure OpenAI, you can see the resource type: /subscriptions/\<subscriptionID>/resourceGroups/\<RG-name>/providers/Microsoft.CognitiveServices/accounts/ContosoAIDemo
+
+The result is this resource (Azure OpenAI) will be affected by the policy definition, unless an explicit exclusion is in place. The same will be true for any Azure AI service as they have the same resource type attribute.
+
+> [!NOTE]
+> Some Azure services branded under "Azure AI services" have different resource ID designations, such as Azure AI Search. The JSON files for policy definitions under "Azure AI services" should have both resource ID types listed as part of their rules. However, the service itself might have extra definitions that are applicable to the service only.
+
+Here's an example definition for an audit policy to deploy a private endpoint to Azure Machine Learning:
+
+[![A screenshot of the Azure portal, with an Azure Machine Learning policy related to private endpoints displayed.](../media/machine-learning-policy.svg)](../media/machine-learning-policy-big.svg#lightbox)
+
+The policy definition targets resources of type "Microsoft.MachineLearningServices". When you analyze the resource ID structure of BOTH Azure Machine Learning and Azure AI Foundry, you can see the same structure:
+
+- Azure Machine Learning: /subscriptions/\<subscriptionID>/resourceGroups/\<RG-name>/providers/Microsoft.MachineLearningServices/workspaces/ContosoML
+- Azure AI Foundry: /subscriptions/\<subscriptionID>/resourceGroups/\<RG-name>/providers/Microsoft.MachineLearningServices/workspaces/ContosoAIFoundryDemo
+
+The result is both resources are affected by these policy definitions, unless an explicit exclusion is in place.
+
+Consider the following best practices when managing Azure Policy:
+
+- Granular scoping: Assign policies at the appropriate scope to balance control and flexibility. For example, apply at the subscription level to control all resources in the subscription, or apply at the resource group level to control resources in a specific group.
+- Policy naming: Use a consistent naming convention for policy assignments to make it easier to identify the purpose of the policy. Include information such as the purpose and scope in the name.
+- Documentation: Keep records of policy assignments and configurations for auditing purposes. Document any changes made to the policy over time.
+- Regular reviews: Periodically review policy assignments to ensure they align with your organization's requirements.
+- Testing: Test policies in a nonproduction environment before applying them to production resources.
+- Communication: Make sure developers are aware of the policies in place and understand the implications for their work.
@@ -0,0 +1,40 @@
+To apply a policy definition to an Azure AI service:
+
+> [!NOTE]
+> For the example below, Azure OpenAI is used as the target resource. This process can be used for any other Azure AI service. This process can also be used for Azure Machine Learning and Azure AI Foundry by changing the target of your policy definition.
+
+1. On the Azure portal, select the Search resources, services, and docs option at the top and type Policy.
+1. Select the Policy icon in the results.
+1. On the left-hand side menu, select Compliance.
+1. On the Compliance page, select Assign policy.
+1. On the scope, select the scope to which you want to assign this policy. You can select, for example, a Resource Group.
+1. Under Basics, select the ellipsis to select the Policy definition.
+1. Type "Azure ai service" in the search and select "Azure AI Services resources should restrict network access". Select Add.
+1. For this implementation, we use the default settings. Select Review + Create and select Create.
+1. You receive a notification Creating policy assignment succeeded, which notes that it takes 5-15 minutes for it to take effect.
+1. Once the policy is in effect, you can check out the status of the policy you deployed on the Compliance page.
+1. Select the policy Azure AI Services resources should restrict network access.
+1. On the policy page, scroll down to check which resource is in noncompliant state:
+
+[![A screenshot of the Azure portal showing the results of a policy assessment](../media/policy-assessment.svg)](../media/policy-assessment-big.svg#lightbox)
+
+Azure Policy evaluates the state of a resource to enforce organizational standards and to assess compliance. You can apply the following list of built-in policies to Azure AI services directly from the Azure portal:
+
+| **Name** | **Description** |
+|---|---|
+| **Azure AI Services resources should encrypt data at rest with a customer-managed key (CMK)** | Using customer-managed keys to encrypt data at rest provides more control over the key lifecycle, including rotation and management. This is relevant for organizations with related compliance requirements. This isn't assessed by default and should only be applied when required by compliance or restrictive policy requirements. If not enabled, the data is encrypted using platform-managed keys. To implement this, update the 'Effect' parameter in the Security Policy for the applicable scope. |
+| **Azure AI Services resources should have key access disabled (disable local authentication)** | Key access (local authentication) is recommended to be disabled for security. Azure OpenAI Studio, typically used in development/testing, requires key access and won't function if key access is disabled. After disabling, Microsoft Entra ID becomes the only access method, which allows maintaining minimum privilege principle and granular control. |
+| **Azure AI Services resources should restrict network access** | By restricting network access, you can ensure that only allowed networks can access the service. This can be achieved by configuring network rules so that only applications from allowed networks can access the Azure AI service. |
+| **Azure AI Services resources should use Azure Private Link** | Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The Private Link platform reduces data leakage risks by handling the connectivity between the consumer and services over the Azure backbone network. |
+| **Cognitive Services accounts should use a managed identity** | Assigning a managed identity to your Cognitive Service account helps ensure secure authentication. This identity is used by this Cognitive service account to communicate with other Azure services, like Azure Key Vault, in a secure way without you having to manage any credentials. |
+| **Cognitive Services accounts should use customer owned storage** | Use customer owned storage to control the data stored at rest in Cognitive Services. |
+| **Configure Azure AI Services resources to disable local key access (disable local authentication)** | Key access (local authentication) is recommended to be disabled for security. Azure OpenAI Studio, typically used in development/testing, requires key access and won't function if key access is disabled. After disabling, Microsoft Entra ID becomes the only access method, which allows maintaining minimum privilege principle and granular control. |
+| **Configure Cognitive Services accounts to disable local authentication methods** | Disable local authentication methods so that your Cognitive Services accounts require Microsoft Entra identities exclusively for authentication. |
+| **Configure Cognitive Services accounts to disable public network access** | Disable public network access for your Cognitive Services resource so that it's not accessible over the public internet. This can reduce data leakage risks. |
+| **Configure Cognitive Services accounts with private endpoints** | Private endpoints connect your virtual networks to Azure services without a public IP address at the source or destination. By mapping private endpoints to Cognitive Services, you reduce the potential for data leakage. |
+| **Diagnostic logs in Azure AI services resources should be enabled** | Enable logs for Azure AI services resources. This enables you to recreate activity trails for investigation purposes, when a security incident occurs or your network is compromised |
+| **Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Event Hub** | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hubs for Cognitive Services (microsoft.cognitiveservices/accounts). |
+| **Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Log Analytics** | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Cognitive Services (microsoft.cognitiveservices/accounts). |
+| **Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Storage** | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Cognitive Services (microsoft.cognitiveservices/accounts). |
+
+Alternatively, you can leverage Regulatory Compliance in Azure Policy, which provides Microsoft-created and managed initiative definitions for the compliance domains and security controls related to different compliance standards, such as FedRAMP, SOC, and others.