Closed pnarsi closed 2 years ago
@jhirono Could you please confirm if this is a supported feature with AKV and update the document? I have referenced the issue raised with AKV team which confirms that AML is not listed as a trusted service. Thanks!!
@RohitMungi-MSFT @jhirono
I did a bit of testing and it does seem that AML does require the "Trusted Microsoft Service Service" feature to be enabled on a firewall enabled AKV otherwise when attempting to set/get secrets via a AML notebook we get an error message similar to the below. The client IP in the error message is part of the AzureMachineLearning service tag.
@Blackmist to follow up with @jhirono
Thank you very much. Let me follow this up with key vault team.
I confirmed with KeyVault team that AzureML will be added soon. We can close this issue.
We will now proceed to close this thread.
This mentions that we can use AML experimentation capabilities with a AKV with a firewall enabled by selecting "Allow trusted Microsoft service to bypass the firewall".
However AML is not listed as a valid trusted Microsoft service on this AKV page https://docs.microsoft.com/en-us/azure/key-vault/general/overview-vnet-service-endpoints#trusted-services. Furthermore when I raised a github ticket on that page, it was closed with a note saying that "It has been verified with the Key vault engineering team that AML is not in the list of Trusted Services."
Is there a reason for this discrepancy? This is support for AML experimentation capability with AKV via trusted Microsoft Services still a preview feature?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.