Summary
In this chapter, we talked about multiple aspects of leveraging networking to protect our Azure Machine Learning workloads.
The main aim of this chapter was to learn basic networking practices to isolate the workspace and all associated services, specifically storage accounts, key vaults, and Azure Container Registry. Although public access means access from the public internet and not unauthorized access, credentials can be leaked and malicious actors can gain access. By isolating our resources using VNets, we are reducing the attack surface area.
Combining networking and best practices regarding identity, such as configuring managed identities where possible and using proper RBAC with our users and services, we can take one step closer to maintaining a baseline security posture across our cloud services and infrastructure.
In the next chapter, we will see how to automate best practices with continuous integration and continuous delivery (CI/CD) for our ML tasks.
...