[Feature Request]: Using Managed Identity (RBAC) instead of basic key autentication for Connections

[jayendranarumugam]

Is your feature request related to a problem? Please describe. Creating connections like AOAI, Cognitive AI Search using keys and unable to use Managed identity (RBAC).

Describe the solution you'd like If we can create the connection like AOAI, Cogntivie AI Search i.e, Azure native resources to use managed identity instead of basic key will improve the security wise and encourage us to do restrict the automation / infra configurations

[brynn-code]

Hi @jayendranarumugam , thanks for reaching us, we are working on support managed identity for AzureOpenAI Connection in recent days, besides connection itself, our promptflow-tools package also need some changes to let tool use token successfully. I'll update here once AOAI support ready to use. And for the cognitive search connection, we don't have clear plan for supporting it for now, if any updates after we finished AOAI work, I'll update here also.

[FreddyAyala]

Hello @brynn-code just wanted to know if this feature is still being worked on, it is very important for many clients and they are asking to use managed identities. Furthermore this is something missing that should be integrated into AIStudio/Azure ML. So please let me know if you have any news because we have to also put this into visibility of PG. Thank you.

[brynn-code]

Hi @FreddyAyala , yes, we are working on it, currently promptflow-tools are under testing of the newly added auth mode, also AzureML workspace UI. Once we shipped new version of promptflow and promptflow-tools, we will start exposing new auth mode field process for both AzureML workspace UI and vscode extension.

[github-actions[bot]]

Hi, we're sending this friendly reminder because we haven't heard back from you in 30 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 7 days of this comment, the issue will be automatically closed. Thank you!

[brynn-code]

Update: This feature will be generally available at May.

[jayendranarumugam]

Thanks @brynn-code for your response.

And for the cognitive search connection, we don't have clear plan for supporting it for now, if any updates after we finished AOAI work, I'll update here also.

Any comment on this ?

[brynn-code]

Hi, @jayendranarumugam , update for this issue: AOAI managed identity has been supported. We are working on the cognitive search connection, after connection supported managed identity, we still need related tools to update their inner logic to support that, so the process could be long so I can't give an accuracy timeline for it. We are doing the first step now. #3117

[github-actions[bot]]

Hi, we're sending this friendly reminder because we haven't heard back from you in 30 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 7 days of this comment, the issue will be automatically closed. Thank you!

[brynn-code]

Hi, the cognitive AI search connection requires related tools to upgrades their code and they still not do it yet.

[github-actions[bot]]

Hi, we're sending this friendly reminder because we haven't heard back from you in 30 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 7 days of this comment, the issue will be automatically closed. Thank you!

[duongthaiha]

Hi Many customer is also using AI Gateway in API Management to front Azure AOAI. By any chance there is plan to support this scenario as well please? Thank you very much

[brynn-code]

Hi @duongthaiha thanks for the reply, could you please elaborate more about this scenario? For Azure AOAI we supported calling with managed identity now, is there any other supports required for this case? It will be better if a dummy code snippet is available.