AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

[Deprecated]: Azure Machine Learning workspaces should use private link

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Azure Machine Learning workspaces should use private link
Id 40cec1dd-a100-4920-b15b-3024fe8901ab
Version 1.1.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0 (1.1.0-deprecated)
Built-in Versioning [Preview]
Category Machine Learning
Microsoft Learn
Description This policy is deprecated because private link is created after workspace creation, deny action can never succeed. Instead of continuing to use this policy, we recommend you instead assign this replacement policy with policy ID 45e05259-1eb5-4f70-9574-baf73e9d219b. Learn more about policy definition deprecation at aka.ms/policydefdeprecation.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: 692343df-7e70-b082-7b0e-67f97146cea3
DisplayName: Azure Machine Learning workspaces should use private link
Description: Azure Private Link provides a secure connection between your virtual network and Azure services, eliminating the need for a public IP address.
It ensures that the connectivity between the consumer and services is handled over the Azure backbone network.
By mapping private endpoints to your Azure Machine Learning workspaces, you can protect against data leakage risks.

Remediation description: To enable private link on Azure Machine Learning workspaces, follow the instructions here: https://aka.ms/azureml-workspaces-privatelink.
Categories: Data
Severity: Medium
preview: True
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Reference Reference to 1 related Policy definition (taken from description)
Azure Machine Learning workspaces should use private link (45e05259-1eb5-4f70-9574-baf73e9d219b)
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.MachineLearningServices/workspaces/privateEndpointConnections[*] Microsoft.MachineLearningServices workspaces properties.privateEndpointConnections[*] True False
Microsoft.MachineLearningServices/workspaces/privateEndpointConnections[*].privateLinkServiceConnectionState.status Microsoft.MachineLearningServices workspaces properties.privateEndpointConnections[*].properties.privateLinkServiceConnectionState.status True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-03-17 18:44:06 change Version remains equal, new suffix: deprecated (1.1.0 > 1.1.0-deprecated)
2021-03-24 14:32:48 change Minor (1.0.0 > 1.1.0)
2021-03-16 16:49:20 change Patch (1.0.1 > 1.0.0)
2020-12-11 15:42:52 change Patch (1.0.0 > 1.0.1)
2020-08-27 15:39:26 add 40cec1dd-a100-4920-b15b-3024fe8901ab
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC