Ensure Azure Machine Learning Compute Cluster Local Authentication is disabled

Error: Azure Machine Learning Compute Cluster Local Authentication is enabled

Bridgecrew Policy ID: BC_AZR_IAM_6
Checkov Check ID: CKV_AZURE_142
Bridgecrew Severity: LOW

Azure Machine Learning Compute Cluster Local Authentication is enabled

Description

Disabling local authentication for Azure Machine Learning Compute Clusters can help improve the security of your clusters. Local authentication allows users to access the cluster using a local account and password, rather than an Azure Active Directory (Azure AD) account.

Fix - Runtime

CLI Command

Fix - Buildtime

Terraform

Resource: azurerm_machine_learning_compute_cluster
Argument: local_auth_enabled

resource "azurerm_machine_learning_compute_cluster" "ckv_unittest_pass" {
  name                          = "example"
  location                      = "West Europe"
  vm_priority                   = "LowPriority"
  vm_size                       = "Standard_DS2_v2"
  machine_learning_workspace_id = azurerm_machine_learning_workspace.example.id
  local_auth_enabled            = false

  scale_settings {
    min_node_count                       = 0
    max_node_count                       = 1
    scale_down_nodes_after_idle_duration = "PT30S" # 30 seconds
  }

  identity {
    type = "SystemAssigned"
  }
}

Updated 3 months ago