last sync: 2024-Nov-25 18:54:24 UTC

Configure Azure AI Services resources to disable local key access (disable local authentication)

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Azure AI Services resources to disable local key access (disable local authentication)
Id 55eff01b-f2bd-4c32-9203-db285f709d30
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Azure Ai Services
Microsoft Learn
Description Key access (local authentication) is recommended to be disabled for security. Azure OpenAI Studio, typically used in development/testing, requires key access and will not function if key access is disabled. After disabling, Microsoft Entra ID becomes the only access method, which allows maintaining minimum privilege principle and granular control. Learn more at: https://aka.ms/AI/auth
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Cognitive Services OpenAI Contributor a001fd3d-188f-4b5d-821b-7da978bf7442
Cognitive Services Contributor 25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.CognitiveServices/accounts/disableLocalAuth Microsoft.CognitiveServices accounts properties.disableLocalAuth True True
Rule resource types IF (1)
Microsoft.CognitiveServices/accounts
THEN-Deployment (1)
Microsoft.CognitiveServices/accounts
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce recommended guardrails for Open AI (Cognitive Service) Enforce-Guardrails-OpenAI Cognitive Services GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-04-12 17:45:57 add 55eff01b-f2bd-4c32-9203-db285f709d30
JSON compare n/a
JSON
api-version=2021-06-01
EPAC