Host ML Compute in VNet#

Security · Machine Learning · Rule · 2023_12 · Critical

Azure Machine Learning Computes should be hosted in a virtual network (VNet).

Description#

When using Azure Machine Learning (ML), you can configure compute instances to be private or accessible from the public Internet. By default, the ML compute is configured to be accessible from the public Internet.

ML compute can be deployed into an virtual network (VNet) to provide private connectivity, enhanaced security, and isolation. Using a VNet reduces the attack surface for your solution, and the chances of data exfiltration. Additionally, network controls such as Network Security Groups (NSGs) can be used to further restrict access.

Recommendation#

Consider using ML - compute hosted in a VNet to provide private connectivity, enhanaced security, and isolation.

Examples#

Configure with Azure template#

To deploy an ML - compute that passes this rule:

Set the properties.properties.subnet.id property with a resource Id of a specific VNET subnet.

For example:

Azure Template snippet

{
  "type": "Microsoft.MachineLearningServices/workspaces/computes",
  "apiVersion": "2023-06-01-preview",
  "name": "[format('{0}/{1}', parameters('name'), parameters('name'))]",
  "location": "[parameters('location')]",
  "properties": {
    "computeType": "ComputeInstance",
    "disableLocalAuth": true,
    "properties": {
      "vmSize": "[parameters('vmSize')]",
      "idleTimeBeforeShutdown": "PT15M",
      "subnet": {
        "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', split('vnet/subnet', '/')[0], split('vnet/subnet', '/')[1])]"
      }
    }
  },
  "dependsOn": [
    "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('name'))]"
  ]
}

Configure with Bicep#