Ensure that your Azure Machine Learning (ML) workspaces are using system-assigned managed identities in order to allow secure access to other Microsoft Azure protected resources such as key vaults and storage accounts. System-assigned managed identities minimizes risks, simplifies management, and maintains compliance with evolving cloud services.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
excellence
Using system-assigned managed identities for Azure Machine Learning (ML) workspaces enhances security by allowing the ML workspaces to authenticate and authorize with Azure resources without the need for explicit credentials, reducing the risk associated with credential management and providing a seamless and more secure integration with other cloud services.
Audit
To determine if your Azure Machine Learning workspaces are configured to use system-assigned managed identities, perform the following actions:
Remediation / Resolution
To ensure that your Azure Machine (ML) Learning workspaces are configured to use system-assigned managed identities, you must re-create your workspaces with the necessary identity configuration, by performing the following operations:
References
- Azure Official Documentation
- Create datastores
- Create datastores
- Manage Azure Machine Learning workspaces using Azure CLI
- Azure Command Line Interface (CLI) Documentation
- az ml workspace list
- az ml workspace show
- az ml workspace create
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Use System-Assigned Managed Identities for Azure Machine Learning Workspaces
Risk Level: Medium