Secure Multi-Tenant Access for AI Web Services on Azure

Question

Pulumi · Accepted Answer

To secure multi-tenant access for AI Web Services on Azure, we need to establish authentication and authorization mechanisms that isolate resources and data between different tenants. We can achieve this using Azure Active Directory (AAD) for authentication, combined with resource-specific access policies and possibly network isolation features like Azure Private Endpoints.

Here is a high-level overview of the steps we'll follow in our Pulumi program to secure multi-tenant access for AI Web Services on Azure:

1. **Create an Azure Active Directory Application**: Here we'll set up an AAD application that will act as a service principal for authentication.

2. **Deploy an Azure Machine Learning Workspace**: We'll create a workspace for housing our AI services. It is equipped with security features and can integrate with AAD.

3. **Provision Azure Machine Learning Web Services**: These will be our AI web services which we want to secure for multi-tenant usage.

4. **Set up Azure Private Endpoints**: For network-level isolation, we can use Azure Private Endpoints to link services to a specific virtual network, preventing external access.

Below is the Pulumi program written in Python that performs the above steps. Please read the inline comments carefully to understand what each segment of code is doing:

```python
import pulumi
from pulumi_azure_native import machinelearningservices as mls
from pulumi_azure_native import resources
from pulumi_azure_native import web
from pulumi_azure_native import machinelearning as ml
from pulumi_azure_native import authorization as authz

# Create an Azure Resource Group
resource_group = resources.ResourceGroup('ai-rg')

# Step 1: Create an AAD application for authentication
aad_application = web.Application(
    'aad-application',
    resource_group_name=resource_group.name,
    available_to_other_tenants=True, # Set this to True to enable multi-tenancy
    reply_urls=["https://mlservice.yourdomain.com/signin-oidc"] # Specify the reply URLs for the application
)

# Step 2: Create an Azure Machine Learning Workspace with AAD integration
ml_workspace = mls.Workspace(
    'ml-workspace',
    resource_group_name=resource_group.name,
    sku='Enterprise', # Choose an appropriate SKU
    identity=mls.IdentityArgs(
        type="SystemAssigned"
    ) # Use a system-assigned managed identity for the workspace
)

# Step 3: Provision Azure Machine Learning Web Services (for each tenant)
ml_web_service_tenant_1 = ml.WebService(
    'ml-webservice-tenant1',
    resource_group_name=resource_group.name,
    properties=ml.ServiceModelPropertiesArgs(
        authentication=ml.ServiceAuthArgs(
            enabled=True,
            authority=ml.AuthKeysArgs(
                primary=aad_application.application_id,
                secondary=aad_application.application_id, # Use AAD app as an authority
            )
        )
    )
)

# Repeat step 3 for additional tenants as required

# Step 4: Set up Azure Private Endpoints for network-level isolation
private_endpoint = authz.PrivateEndpoint(
    'private-endpoint',
    resource_group_name=resource_group.name,
    private_link_service_connection_state=authz.PrivateLinkServiceConnectionStateArgs(
        status='Approved', # Automatically approve the connection
        description='Private Link to AI Web Service'
    ),
    subnet_id=ml_web_service_tenant_1.identity.apply(lambda id: f'/subscriptions/{pulumi.config.require("subscription_id")}/resourceGroups/{resource_group.name}/providers/Microsoft.Network/virtualNetworks/yourVNet/subnets/yourSubnet') # The subnet ID where the private endpoint should be located
)

# After the provisioning is done, we can export the important information
pulumi.export('ApplicationID', aad_application.application_id)
pulumi.export('WorkspaceName', ml_workspace.name)
pulumi.export('WebServiceUrlTenant1', ml_web_service_tenant_1.properties.apply(lambda p: p.endpoint_url))
# Export similar information for other tenants as required

```

Please remember that you will need an Azure subscription and Pulumi set up with the appropriate Azure credentials to run the above program.

In this program:
- We provision a resource group that acts as a container for all the resources.
- An Azure Active Directory application is created for authentication, which can be used by multiple tenants. This application will provide the necessary authentication to access the web services.
- An Azure Machine Learning Workspace is created which is a fundamental resource for machine learning in Azure and provides a centralized place to work with all the artifacts you create when you use Azure Machine Learning.
- An Azure Machine Learning Web Service is provisioned per tenant, which uses the created AAD application for authentication. This web service can be called to perform machine learning tasks and is secured through AAD.
- Azure Private Endpoints are set up to ensure that the web service is only accessible within a virtual network on Azure. It is essential for providing a secure connection to your Azure services from a virtual network (VNet).

Lastly, I export the Application ID, Workspace Name, and WebService URL for each tenant, which can be used to manage these resources and connections in the future.

Adjustments will need to be made to cater to the specifics of your scenario, such as the number of tenants, network configuration, and exact authentication and authorization requirements. Each tenant's resources should be similarly set up, ensuring their isolation and secure access.