Skip to content

Use Cognitive Service Private Endpoints#

Security · Cognitive Services · 2022_09

Use Private Endpoints to access Cognitive Services accounts.

Description#

By default, a public endpoint is enabled for Cognitive Services accounts. The public endpoint is used for all access except for requests that use a Private Endpoint. Access through the public endpoint can be disabled or restricted to authorized virtual networks.

Data exfiltration is an attack where an malicious actor does an unauthorized data transfer. Private Endpoints help prevent data exfiltration by an internal or external malicious actor. They do this by providing clear separation between public and private endpoints. As a result, broad access to public endpoints which could be operated by a malicious actor are not required.

Recommendation#

Consider accessing Cognitive Services accounts by Private Endpoints and disabling public endpoints.

Examples#

Configure with Azure template#

To deploy accounts that pass this rule:

  • Set the properties.publicNetworkAccess property to Disabled.

For example:

Azure Template snippet
{
    "type": "Microsoft.CognitiveServices/accounts",
    "apiVersion": "2022-03-01",
    "name": "[parameters('name')]",
    "location": "[parameters('location')]",
    "identity": {
        "type": "SystemAssigned"
    },
    "sku": {
        "name": "S0"
    },
    "kind": "CognitiveServices",
    "properties": {
        "publicNetworkAccess": "Disabled",
        "networkAcls": {
            "defaultAction": "Deny"
        },
        "disableLocalAuth": true
    }
}

Configure with Bicep#

To deploy accounts that pass this rule:

  • Set the properties.publicNetworkAccess property to Disabled.

For example:

Azure Bicep snippet
resource account 'Microsoft.CognitiveServices/accounts@2022-03-01' = {
  name: name
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  sku: {
    name: 'S0'
  }
  kind: 'CognitiveServices'
  properties: {
    publicNetworkAccess: 'Disabled'
    networkAcls: {
      defaultAction: 'Deny'
    }
    disableLocalAuth: true
  }
}
Last update: 2022-12-03

Comments