AzInitiativeAdvertizer

last sync: 2024-Sep-18 17:50:42 UTC

Enforce recommended guardrails for Open AI (Cognitive Service)

Source

Display name

Enforce recommended guardrails for Open AI (Cognitive Service)

Enforce-Guardrails-OpenAI

Version

Category

Cognitive Services

Description

This policy initiative is a group of policies that ensures Open AI (Cognitive Service) is compliant per regulated Landing Zones.

Type

Custom Azure Landing Zones (ALZ)

Deprecated

False

Preview

False

Policy count

Total Policies: 6
Builtin Policies: 4
Static Policies: 0
ALZ Policies: 2

Policy used

Policy DisplayName	Policy Id	Category	Effect	Roles#	Roles	State	Type
Azure AI Services resources should have key access disabled (disable local authentication)	71ef260a-8f18-47b7-abcb-62d0673d94dc	Azure Ai Services	Default Audit Allowed Audit, Deny, Disabled	0		GA	BuiltIn
Cognitive Services accounts should use a managed identity	fe3fd216-4f83-4fc1-8984-2bbec80a3418	Cognitive Services	Default Audit Allowed Audit, Deny, Disabled	0		GA	BuiltIn
Cognitive Services accounts should use customer owned storage	46aa9b05-0e60-4eae-a88b-1e9d374fa515	Cognitive Services	Default Audit Allowed Audit, Deny, Disabled	0		GA	BuiltIn
Configure Cognitive Services accounts to disable local authentication methods	14de9e63-1b31-492e-a5a3-c3f7fd57f555	Cognitive Services	Default Modify Allowed Modify, Disabled	1	Contributor	GA	BuiltIn
Network ACLs should be restricted for Cognitive Services	Deny-CognitiveServices-NetworkAcls	Cognitive Services	Default Deny Allowed Audit, Deny, Disabled	0		GA	ALZ
Outbound network access should be restricted for Cognitive Services	Deny-CognitiveServices-RestrictOutboundNetworkAccess	Cognitive Services	Default Deny Allowed Audit, Deny, Disabled	0		GA	ALZ

Roles used

Total Roles usage: 1
Total Roles unique usage: 1

Role	Role Id	Policies count	Policies
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c	1	Configure Cognitive Services accounts to disable local authentication methods

History

none

JSON compare

n/a

JSON

EPAC