Azure Machine Learning end-to-end secure setup
This set of templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up.
This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. It includes the configuration of associated resources including Azure Key Vault, Azure Storage, and Azure Container Registry in a network-isolated setup.
Resources
| Provider and type | Description |
|---|---|
Microsoft.Resources/resourceGroups |
The resource group all resources get deployed into |
Microsoft.Insights/components |
An Azure Application Insights instance associated to the Azure Machine Learning workspace |
Microsoft.KeyVault/vaults |
An Azure Key Vault instance associated to the Azure Machine Learning workspace |
Microsoft.Storage/storageAccounts |
An Azure Storage instance associated to the Azure Machine Learning workspace |
Microsoft.ContainerRegistry/registries |
An Azure Container Registry instance associated to the Azure Machine Learning workspace |
Microsoft.MachineLearningServices/workspaces |
An Azure Machine Learning workspace instance |
Microsoft.MachineLearningServices workspaces/computes |
Azure Machine Learning workspace compute types: cluster and compute instance |
Microsoft.Network/privateDnsZones |
Private DNS zones for Azure Machine Learning and the dependent resources |
Microsoft.Network/networkSecurityGroups |
A Network Security Group pre-configured for use with Azure Machine Learning |
Microsoft.ContainerService/managedClusters |
An Azure Kubernetes Services cluster for inferencing |
Microsoft.Compute/virtualMachines |
A Data Science Virtual Machine jumpbox to access the workspace over the private link endpoint |
Microsoft.Network/virtualNetworks |
A virtual network to deploy all resources in |
Learn more
If you are new to Azure Machine Learning, see:
- Azure Machine Learning service
- Azure Machine Learning documentation
- Enterprise security and governance for Azure Machine Learning.
- Azure Machine Learning template reference
If you are new to template development, see:
- Azure Resource Manager documentation
- Use an Azure Resource Manager template to create a workspace for Azure Machine Learning
- Quickstart templates
Tags: Microsoft.Resources/deployments, Microsoft.Network/networkSecurityGroups, Microsoft.Network/virtualNetworks, Microsoft.KeyVault/vaults, Microsoft.Network/privateEndpoints, Microsoft.Network/privateDnsZones, Microsoft.Network/privateEndpoints/privateDnsZoneGroups, Microsoft.Network/privateDnsZones/virtualNetworkLinks, Microsoft.Storage/storageAccounts, Microsoft.ContainerRegistry/registries, Notary, Microsoft.Insights/components, Microsoft.MachineLearningServices/workspaces, SystemAssigned, Microsoft.MachineLearningServices/workspaces/computes, Microsoft.ContainerService/managedClusters, VirtualMachineScaleSets, Microsoft.Network/networkInterfaces, Microsoft.Compute/virtualMachines, Microsoft.Compute/virtualMachines/extensions, [variables('aadLoginExtensionName')], Microsoft.Network/virtualNetworks/subnets, Microsoft.Network/publicIPAddresses, Microsoft.Network/bastionHosts