Azure 机器学习的企业安全性和治理Enterprise security and governance for Azure Machine Learning

本文介绍可用于 Azure 机器学习的安全和治理功能。In this article, you'll learn about security and governance features available for Azure Machine Learning. 如果管理员、DevOps 和 MLOps 想要创建符合公司策略的安全配置,那么这些功能对其十分有用。These features are useful for administrators, DevOps, and MLOps who want to create a secure configuration that is compliant with your companies policies. 通过 Azure 机器学习和 Azure 平台,你可以:With Azure Machine Learning and the Azure platform, you can:

  • 按用户帐户或组限制对资源和操作的访问Restrict access to resources and operations by user account or groups
  • 限制传入和传出的网络通信Restrict incoming and outgoing network communications
  • 加密传输中的数据和静态数据Encrypt data in transit and at rest
  • 扫描漏洞Scan for vulnerabilities
  • 应用和审核配置策略Apply and audit configuration policies

限制对资源和操作的访问Restrict access to resources and operations

Azure Active Directory (Azure AD) 是 Azure 机器学习的标识服务提供程序。Azure Active Directory (Azure AD) is the identity service provider for Azure Machine Learning. 它允许你创建和管理用于向 Azure 资源进行 身份验证 的安全对象(用户、组、服务主体和托管标识)。It allows you to create and manage the security objects (user, group, service principal, and managed identity) that are used to authenticate to Azure resources. 如果 Azure AD 已配置为使用多重身份验证,则多重身份验证受支持。Multi-factor authentication is supported if Azure AD is configured to use it.

下面是在 Azure AD 中使用多重身份验证的 Azure 机器学习的身份验证过程:Here's the authentication process for Azure Machine Learning using multi-factor authentication in Azure AD:

  1. 客户端登录到 Azure AD 并获取 Azure 资源管理器令牌。The client signs in to Azure AD and gets an Azure Resource Manager token.
  2. 客户端将令牌提供给 Azure 资源管理器和所有 Azure 机器学习服务。The client presents the token to Azure Resource Manager and to all Azure Machine Learning.
  3. Azure 机器学习将机器学习服务令牌提供给用户计算目标(例如 Azure 机器学习计算群集)。Azure Machine Learning provides a Machine Learning service token to the user compute target (for example, Azure Machine Learning compute cluster). 运行完成后,用户计算目标使用此令牌回调机器学习服务。This token is used by the user compute target to call back into the Machine Learning service after the run is complete. 范围限制为工作区。The scope is limited to the workspace.

Azure 机器学习中的身份验证Authentication in Azure Machine Learning

每个工作区都有一个关联的系统分配的托管标识,该标识与工作区同名。Each workspace has an associated system-assigned managed identity that has the same name as the workspace. 此托管标识用于安全地访问工作区使用的资源。This managed identity is used to securely access resources used by the workspace. 它对附加的资源具有以下 Azure RBAC 权限:It has the following Azure RBAC permissions on attached resources:

资源Resource 权限Permissions
工作区Workspace 参与者Contributor
存储帐户Storage account 存储 Blob 数据参与者Storage Blob Data Contributor
密钥保管库Key vault 访问所有密钥、机密和证书Access to all keys, secrets, certificates
Azure 容器注册表Azure Container Registry 参与者Contributor
包含工作区的资源组Resource group that contains the workspace 参与者Contributor
包含 Key Vault 的资源组(如果不同于包含工作区的资源组)Resource group that contains the key vault (if different from the one that contains the workspace) 参与者Contributor

不建议管理员撤销托管标识对上表中所述资源的访问权限。We don't recommend that admins revoke the access of the managed identity to the resources mentioned in the preceding table. 可以使用“重新同步密钥”操作来恢复访问权限。You can restore access by using the resync keys operation.

对于每个工作区区域,Azure 机器学习还会在订阅中另外创建一个拥有参与者级别访问权限的应用程序(名称以 aml-Microsoft-AzureML-Support-App- 开头)。Azure Machine Learning also creates an additional application (the name starts with aml- or Microsoft-AzureML-Support-App-) with contributor-level access in your subscription for every workspace region. Azure 机器学习可以通过这些应用程序来帮助你管理计算资源。These applications enable Azure Machine Learning to help you manage compute resources.

你还可以配置自己的托管标识,以便将其与 Azure 虚拟机和 Azure 机器学习计算群集一起使用。You can also configure your own managed identities for use with Azure Virtual Machines and Azure Machine Learning compute cluster. 使用 VM 时,可以从 SDK 使用托管标识来访问工作区,而不是使用各个用户的 Azure AD 帐户。With a VM, the managed identity can be used to access your workspace from the SDK, instead of the individual user's Azure AD account. 使用计算群集时,可以使用托管标识来访问运行训练作业的用户可能无权访问的资源,例如安全数据存储。With a compute cluster, the managed identity is used to access resources such as secured datastores that the user running the training job may not have access to. 有关详细信息,请参阅 Azure 机器学习工作区的身份验证For more information, see Authentication for Azure Machine Learning workspace.


在 Azure 机器学习中使用 Azure AD 和 Azure RBAC 有一些例外:There are some exceptions to the use of Azure AD and Azure RBAC within Azure Machine Learning:

  • 你可以选择启用对计算资源(例如 Azure 机器学习计算实例和计算群集)的 SSH 访问。You can optionally enable SSH access to compute resources such as Azure Machine Learning compute instance and compute cluster. SSH 访问基于公钥/私钥对,而不是 Azure AD。SSH access is based on public/private key pairs, not Azure AD. SSH 访问不受 Azure RBAC 管控。SSH access is not governed by Azure RBAC.
  • 可以使用基于密钥或令牌的身份验证来向部署为 Web 服务(推理终结点)的模型进行身份验证。You can authenticate to models deployed as web services (inference endpoints) using key or token-based authentication. 密钥为静态字符串,而令牌是通过使用 Azure AD 安全对象来检索的。Keys are static strings, while tokens are retrieved using an Azure AD security object. 有关详细信息,请参阅如何为部署为 Web 服务的模型配置身份验证For more information, see Configure authentication for models deployed as a web service.

有关详细信息,请参阅下列文章:For more information, see the following articles:

网络安全性和隔离Network security and isolation

若要限制对 Azure 机器学习资源进行网络访问,可以使用 Azure 虚拟网络 (VNet)To restrict network access to Azure Machine Learning resources, you can use Azure Virtual Network (VNet). VNet 允许你创建与公共 Internet 部分隔离或完全隔离的网络环境。VNets allow you to create network environments that are partially, or fully, isolated from the public internet. 这会减少解决方案的受攻击面以及数据外泄的几率。This reduces the attack surface for your solution, as well as the chances of data exfiltration.

有关详细信息,请参阅以下文档:For more information, see the following documents:

数据加密Data encryption

Azure 机器学习使用 Azure 平台上的各种计算资源和数据存储。Azure Machine Learning uses a variety of compute resources and data stores on the Azure platform. 若要详细了解其中每项如何支持静态数据加密和传输中数据加密,请参阅 Azure 机器学习的数据加密To learn more about how each of these supports data encryption at rest and in transit, see Data encryption with Azure Machine Learning.

将模型部署为 Web 服务时,可以启用传输层安全性 (TLS) 以加密传输中的数据。When deploying models as web services, you can enable transport-layer security (TLS) to encrypt data in transit. 有关详细信息,请参阅配置安全的 Web 服务For more information, see Configure a secure web service.

漏洞扫描Vulnerability scanning

Azure 安全中心对混合云工作负荷提供统一的安全管理和高级威胁防护。Azure Security Center provides unified security management and advanced threat protection across hybrid cloud workloads. 对于 Azure 机器学习,应启用对 Azure 容器注册表资源和 Azure Kubernetes 服务资源的扫描。For Azure machine learning, you should enable scanning of your Azure Container Registry resource and Azure Kubernetes Service resources. 有关详细信息,请参阅 Azure Kubernetes 服务与安全中心的集成For more information, see Azure Kubernetes Services integration with Security Center.

审核和管理合规性Audit and manage compliance

Azure Policy 是一种管理工具,你可用它来确保 Azure 资源符合你的策略。Azure Policy is a governance tool that allows you to ensure that Azure resources are compliant with your policies. 可以设置策略以允许或强制实施特定配置,例如 Azure 机器学习工作区是否使用专用终结点。You can set policies to allow or enforce specific configurations, such as whether your Azure Machine Learning workspace uses a private endpoint. 有关 Azure Policy 的详细信息,请参阅 Azure Policy 文档For more information on Azure Policy, see the Azure Policy documentation. 若要详细了解特定于 Azure 机器学习的策略,请参阅使用 Azure Policy 审核和管理合规性For more information on the policies specific to Azure Machine Learning, see Audit and manage compliance with Azure Policy.

后续步骤Next steps