last sync: 2024-Oct-15 17:53:51 UTC

Enforce recommended guardrails for Machine Learning

Azure Landing Zones (ALZ) Policy Initiative (PolicySet)

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Enforce-Guardrails-MachineLearning
Display nameEnforce recommended guardrails for Machine Learning
IdEnforce-Guardrails-MachineLearning
Version1.1.0
Details on versioning
CategoryMachine Learning
DescriptionThis policy initiative is a group of policies that ensures Machine Learning is compliant per regulated Landing Zones.
TypeCustom Azure Landing Zones (ALZ)
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 14
Builtin Policies: 14
Static Policies: 0
ALZ Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type
[Preview]: Azure Machine Learning Model Registry Deployments are restricted except for the allowed Registry 19539b54-c61e-4196-9a38-67598701be90 Machine Learning Fixed
[parameters('effect')]
0 Preview BuiltIn
[Preview]: Configure allowed module authors for specified Azure Machine Learning computes 53c70b02-63dd-11ea-bc55-0242ac130003 Machine Learning Default
enforceSetting
Allowed
enforceSetting, disabled
0 Preview BuiltIn
[Preview]: Configure allowed Python packages for specified Azure Machine Learning computes 77eeea86-7e81-4a7d-9067-de844d096752 Machine Learning Default
enforceSetting
Allowed
enforceSetting, disabled
0 Preview BuiltIn
[Preview]: Configure allowed registries for specified Azure Machine Learning computes 5853517a-63de-11ea-bc55-0242ac130003 Machine Learning Default
enforceSetting
Allowed
enforceSetting, disabled
0 Preview BuiltIn
Azure Machine Learning Compute Instance should have idle shutdown. 679ddf89-ab8f-48a5-9029-e76054077449 Machine Learning Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Azure Machine Learning compute instances should be recreated to get the latest software updates f110a506-2dcb-422e-bcea-d533fc8c35e2 Machine Learning Fixed
[parameters('effects')]
0 GA BuiltIn
Azure Machine Learning Computes should be in a virtual network 7804b5c7-01dc-4723-969b-ae300cc07ff1 Machine Learning Default
Audit
Allowed
Audit, Disabled
0 GA BuiltIn
Azure Machine Learning Computes should have local authentication methods disabled e96a9a5f-07ca-471b-9bc5-6a0f33cbd68f Machine Learning Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Azure Machine Learning workspaces should enable V1LegacyMode to support network isolation backward compatibility e413671a-dd10-4cc1-a943-45b598596cb7 Machine Learning Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Azure Machine Learning workspaces should use private link 45e05259-1eb5-4f70-9574-baf73e9d219b Machine Learning Default
Audit
Allowed
Audit, Disabled
0 GA BuiltIn
Azure Machine Learning workspaces should use user-assigned managed identity 5f0c7d88-c7de-45b8-ac49-db49e72eaa78 Machine Learning Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Configure Azure Machine Learning Computes to disable local authentication methods a6f9a2d0-cff7-4855-83ad-4cd750666512 Machine Learning Default
Modify
Allowed
Modify, Disabled
1 Contributor GA BuiltIn
Configure Azure Machine Learning Workspaces to disable public network access a10ee784-7409-4941-b091-663697637c0f Machine Learning Default
Modify
Allowed
Modify, Disabled
1 Contributor GA BuiltIn
Resource logs in Azure Machine Learning Workspaces should be enabled afe0c3be-ba3b-4544-ba52-0c99672a8ad6 Machine Learning Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA BuiltIn
Roles used
History none
JSON compare n/a
JSON
EPAC