Isolated Network Configuration for Sensitive AI Applications

Question

Pulumi · Accepted Answer

Creating an isolated network configuration for sensitive AI applications involves setting up a secure, private network infrastructure that ensures data privacy, minimizes exposure to the public internet, and meets compliance requirements. To achieve this, you'd typically set up a virtual network with private subnets, network security groups (firewalls), and if needed, private endpoints or dedicated connections to on-premises networks.

The following program uses Azure as the cloud provider and leverages a combination of Azure Virtual Network and Network Security Group resources to create an isolated network environment suitable for sensitive AI applications. The program sets up:

- A virtual network with address space reserved for private IPs.
- Two subnets within the virtual network: one for the AI workload and another for a management or jump host.
- Network security groups assigned to each subnet to restrict inbound and outbound traffic.
- Network security rules to limit access to the AI workload subnet.

Let's break down the steps:

1. **Azure Virtual Network**: This is the foundation of your isolated network where you define a private IP space and segment it into subnets.
2. **Subnets**: Within the virtual network, we create subnets for different purposes (e.g., one for computation nodes and one for management).
3. **Network Security Groups (NSGs)**: NSGs act as virtual firewalls that control the inbound and outbound traffic to network interfaces, VMs, and subnets.
4. **Network Security Rules**: These are associated with NSGs to allow or deny traffic based on rules. For AI workloads, typically, you'd restrict all unnecessary communication to ensure security.

Here's the complete Pulumi program written in Python to set up such an isolated network configuration on Azure:

```python
import pulumi
import pulumi_azure_native as azure_native

# Initialize resource group
resource_group = azure_native.resources.ResourceGroup("ai_sensitive_rg")

# Define the Virtual Network
vnet = azure_native.network.VirtualNetwork(
    "ai_sensitive_vnet",
    resource_group_name=resource_group.name,
    address_space=azure_native.network.AddressSpaceArgs(
        address_prefixes=["10.0.0.0/16"],
    ),
    subnets=[
        # Subnet for AI workloads
        azure_native.network.SubnetArgs(
            name="aiWorkloadSubnet",
            address_prefix="10.0.1.0/24",
            # Note: Additional options such as Network Security Group (NSG) can be associated here
        ),
        # Subnet for management
        azure_native.network.SubnetArgs(
            name="managementSubnet",
            address_prefix="10.0.2.0/24",
            # Note: Additional options such as Network Security Group (NSG) can be associated here
        )
    ]
)

# Define Network Security Group for the AI workload subnet
ai_nsg = azure_native.network.NetworkSecurityGroup(
    "aiWorkloadNSG",
    resource_group_name=resource_group.name,
    security_rules=[
        # Security rule to allow SSH access from a trusted IP range
        azure_native.network.SecurityRuleArgs(
            name="AllowSSH",
            access=azure_native.network.SecurityRuleAccess.ALLOW,
            direction=azure_native.network.SecurityRuleDirection.INBOUND,
            priority=100,
            protocol=azure_native.network.SecurityRuleProtocol.TCP,
            source_address_prefix="YOUR_TRUSTED_IP_RANGE", # Replace with your trusted IP range
            source_port_range="*",
            destination_address_prefix="*",
            destination_port_range="22",
        ),
        # Additional rules can be added here to allow necessary traffic while blocking all other traffic
    ],
)

# Associate NSG with the AI workload subnet
ai_subnet_nsg_association = azure_native.network.Subnet(
    "aiWorkloadSubnetWithNSG",
    resource_group_name=resource_group.name,
    virtual_network_name=vnet.name,
    address_prefix="10.0.1.0/24",
    network_security_group=ai_nsg.id,
    name="aiWorkloadSubnet" # Notice this name matches the initial AI workload subnet name
)

# Export the IDs of the created resources
pulumi.export("resource_group_id", resource_group.id)
pulumi.export("virtual_network_id", vnet.id)
pulumi.export("ai_workload_nsg_id", ai_nsg.id)
```

In the above program:

- Replace `YOUR_TRUSTED_IP_RANGE` with the IP range from which SSH access should be allowed.
- Subnets are created with a `/24` CIDR, which allows up to 256 IP addresses in each subnet.
- NSG rules are highly restrictive, with an example allowing only SSH access from a specific IP range.

**Note:** It is crucial for sensitive applications to minimize access to only the necessary ports and IP ranges. All other inbound and outbound traffic should be disabled unless explicitly needed.

This setup helps ensure that the sensitive AI applications run in a controlled environment and are protected from unauthorized access and potential threats.