Restrict Azure AI service endpoints#
Security · Azure AI · Rule · 2022_09 · Important
Restrict access of Azure AI services to authorized virtual networks.
Description#
By default, public network access is enabled for a Azure AI service accounts (previously known as Cognitive Services). Service Endpoints and Private Link can be leveraged to restrict access to PaaS endpoints. When access is restricted, access by malicious actor is from an unauthorized virtual network is mitigated.
Configure service endpoints and private links where appropriate.
Recommendation#
Consider configuring network access restrictions for Azure AI service accounts. Limit access to accounts so that access is permitted from authorized virtual networks only.
Examples#
Configure with Azure template#
To deploy accounts that pass this rule:
- Set the
properties.networkAcls.defaultActionproperty toDeny, or - Set the
properties.publicNetworkAccessproperty toDisabled.
For example:
{
"type": "Microsoft.CognitiveServices/accounts",
"apiVersion": "2023-05-01",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"sku": {
"name": "S0"
},
"kind": "CognitiveServices",
"properties": {
"publicNetworkAccess": "Disabled",
"networkAcls": {
"defaultAction": "Deny"
},
"disableLocalAuth": true
}
}
Configure with Bicep#
To deploy accounts that pass this rule:
- Set the
properties.networkAcls.defaultActionproperty toDeny, or - Set the
properties.publicNetworkAccessproperty toDisabled.
For example:
resource account 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
name: name
location: location
identity: {
type: 'SystemAssigned'
}
sku: {
name: 'S0'
}
kind: 'CognitiveServices'
properties: {
publicNetworkAccess: 'Disabled'
networkAcls: {
defaultAction: 'Deny'
}
disableLocalAuth: true
}
}
Links#
- SE:06 Network controls
- Configure Azure AI services virtual networks
- Azure Policy built-in policy definitions for Azure AI services
- Azure deployment reference