Host ML Compute in VNet#
Security · Machine Learning · Rule · 2023_12 · Critical
Azure Machine Learning Computes should be hosted in a virtual network (VNet).
Description#
When using Azure Machine Learning (ML), you can configure compute instances to be private or accessible from the public Internet. By default, the ML compute is configured to be accessible from the public Internet.
ML compute can be deployed into an virtual network (VNet) to provide private connectivity, enhanaced security, and isolation. Using a VNet reduces the attack surface for your solution, and the chances of data exfiltration. Additionally, network controls such as Network Security Groups (NSGs) can be used to further restrict access.
Recommendation#
Consider using ML - compute hosted in a VNet to provide private connectivity, enhanaced security, and isolation.
Examples#
Configure with Azure template#
To deploy an ML - compute that passes this rule:
- Set the
properties.properties.subnet.idproperty with a resource Id of a specific VNET subnet.
For example:
{
"type": "Microsoft.MachineLearningServices/workspaces/computes",
"apiVersion": "2023-06-01-preview",
"name": "[format('{0}/{1}', parameters('name'), parameters('name'))]",
"location": "[parameters('location')]",
"properties": {
"computeType": "ComputeInstance",
"disableLocalAuth": true,
"properties": {
"vmSize": "[parameters('vmSize')]",
"idleTimeBeforeShutdown": "PT15M",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', split('vnet/subnet', '/')[0], split('vnet/subnet', '/')[1])]"
}
}
},
"dependsOn": [
"[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('name'))]"
]
}
Configure with Bicep#
To deploy an ML - compute that passes this rule:
- Set the
properties.properties.subnet.idproperty with a resource Id of a specific VNET subnet.
For example:
resource compute_instance 'Microsoft.MachineLearningServices/workspaces/computes@2023-06-01-preview' = {
parent: workspace
name: name
location: location
properties: {
computeType: 'ComputeInstance'
disableLocalAuth: true
properties: {
vmSize: vmSize
idleTimeBeforeShutdown: 'PT15M'
subnet: {
id: subnet.id
}
}
}
}
Links#
- WAF - Azure services for securing network connectivity
- Managed compute in a managed virtual network
- ML - Network security and isolation
- ML Compute
- NS-1: Establish network segmentation boundaries
- Azure deployment reference - Compute objects
- Azure deployment reference - Workspaces