OpenAI Service Instances with Admin Privileges

Risk Level: High (not acceptable risk)

Ensure that your Microsoft Azure OpenAI service instances are not configured with privileged administrative permissions in order to promote the Principle of Least Privilege (POLP) and provide your instances the minimal amount of access required to perform their tasks.

Security

Reliability

Cost
optimisation

Operational
excellence

Performance
efficiency

In Azure cloud, user-assigned managed identities encompass a broader range of roles including privileged administrator roles. Privileged administrator roles grant extensive access privileges, such as overseeing Azure resources and delegating roles to others. To minimize security risks, the user-assigned identities associated with your Azure OpenAI service instances should not have these admin privileges. Granting admin rights can lead to unintended access, data breaches, and misuse. By limiting permissions to the minimum necessary for the instance's operation, you can adhere to the Principle of Least Privilege (POLP). This approach enhances overall security by reducing the attack surface and potential damage from unauthorized access.

Audit

To determine if your Azure OpenAI service instances are configured with admin privileges, perform the following actions:

Using Azure Console

01 Sign in to the Azure Management Console.

02 Navigate to Azure OpenAI blade at https://portal.azure.com/#view/Microsoft_Azure_ProjectOxford/CognitiveServicesHub/~/OpenAI.

03 Select the Azure subscription that you want to examine from the Subscription equals all filter box, and choose Apply.

04 Click on the name (link) of the Azure OpenAI service instance that you want to examine. An OpenAI service instance has Kind set to OpenAI.

05 In the navigation panel, under Resource Management, select Identity to access the identity-based settings configured for the selected OpenAI instance.

06 Select the User assigned tab and click on the name (link) of the user-assigned managed identity associated with your instance. If there are no user-assigned managed identities listed on this page, the Audit process ends here. To add user-assigned identities to your OpenAI instance, follow the instructions outlined on this page.

07 In the navigation panel, select Azure role assignments to view the role assignments for the selected identity.

08 Check the Role column to determine if the selected identity has privileged administrator roles such as Owner, Contributor, User Access Administrator, and Role Based Access Control Administrator. You can also click on the role name to view the role permissions. If one or more privileged administrator roles are assigned to the user-assigned managed identity associated with your instance, the selected Azure OpenAI service instance is configured with admin privileges.

09 Repeat steps no. 4 – 8 for each Azure OpenAI instance available within the selected subscription.

10 Repeat steps no. 3 – 9 for each subscription created in your Microsoft Azure cloud account.

Using Azure CLI

01 Run cognitiveservices account list command (Windows/macOS/Linux) with custom output filters to list the name and the associated resource group for each Azure OpenAI service instance available in the current subscription:

az cognitiveservices account list
  --output table
  --query '[?(kind==`OpenAI`)].{name:name, resourceGroup:resourceGroup}'

02 The command output should return the requested OpenAI service instance identifiers:

Name                           ResourceGroup
---------------------------    ------------------------------
tm-openai-project5-instance    cloud-shell-storage-westeurope
tm-openai-workspace-server     cloud-shell-storage-westeurope

03 Run cognitiveservices account identity show command (Windows/macOS/Linux) with the name of the Azure OpenAI service instance that you want to examine as the identifier parameter and custom output filters to describe the user-assigned managed identities associated with the selected OpenAI instance:

az cognitiveservices account identity show
  --name tm-openai-project5-instance
  --resource-group cloud-shell-storage-westeurope
  --query 'userAssignedIdentities'

04 The command output should return the information available for the associated identities (including the identity full ID and the ID of the associated principal). If the cognitiveservices account identity show command does not return an output, there are no user-assigned managed identities configured for your instance and the Audit process ends here. To add user-assigned identities to your OpenAI instance, follow the instructions outlined on this page:

{
	"/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/tm-project5-managed-identity": {
		"clientId": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234"
	}
}

05 Run role assignment list command (Windows/macOS/Linux) to describe the role assignments for the principal associated with your user-assigned managed identity. Set --assignee parameter value to the "principalId" attribute value returned at the previous step:

az role assignment list
  --assignee abcd1234-abcd-1234-abcd-1234abcd1234
  --all

06 The command output should return the role assignments for the selected principal:

[
	{
		"roleDefinitionName": "Owner",
		"roleDefinitionId": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/providers/Microsoft.Authorization/roleDefinitions/1234abcd-1234-abcd-1234-abcd1234abcd",
		"condition": null,
		"conditionVersion": null,
		"createdBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"createdOn": "2024-06-20T08:11:52.463577+00:00",
		"delegatedManagedIdentityResourceId": null,
		"description": null,
		"name": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"principalName": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"principalType": "ServicePrincipal",
		"resourceGroup": "cloud-shell-storage-westeurope",
		"scope": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/tm-openai-project5-instance",
		"type": "Microsoft.Authorization/roleAssignments",
		"updatedBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"updatedOn": "2024-06-20T08:11:52.463577+00:00"
	},
	{
		"roleDefinitionName": "User Access Administrator",
		"roleDefinitionId": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/providers/Microsoft.Authorization/roleDefinitions/1234abcd-1234-abcd-1234-abcd1234abcd",
		"condition": null,
		"conditionVersion": null,
		"createdBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"createdOn": "2024-06-15T08:00:52.463577+00:00",
		"delegatedManagedIdentityResourceId": null,
		"description": null,
		"name": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"principalName": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"principalType": "ServicePrincipal",
		"resourceGroup": "cloud-shell-storage-westeurope",
		"scope": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/tm-openai-project5-instance",
		"type": "Microsoft.Authorization/roleAssignments",
		"updatedBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
		"updatedOn": "2024-06-15T08:00:52.463577+00:00"
	}
]

Check the "roleDefinitionName" attribute value for each role assignment returned by the role assignment list command output to determine if the associated identity has privileged administrator roles such as "Owner", "Contributor", "User Access Administrator", and "Role Based Access Control Administrator". If one or more privileged administrator roles are assigned to the user-assigned managed identity associated with your instance, the selected Azure OpenAI service instance is configured with admin privileges.

07 Repeat step no. 3 - 6 for each Azure OpenAI instance available in the selected Azure subscription.

08 Repeat steps no. 1 – 7 for each subscription created in your Microsoft Azure cloud account.

Remediation / Resolution

To ensure that your Microsoft Azure OpenAI service instances are not configured with administrative privileges, perform the following operations:

Using Azure Console

01 Sign in to the Azure Management Console.

02 Navigate to Azure OpenAI blade at https://portal.azure.com/#view/Microsoft_Azure_ProjectOxford/CognitiveServicesHub/~/OpenAI.

03 Select the Azure subscription that you want to access from the Subscription equals all filter box, and choose Apply.

04 Click on the name (link) of the Azure OpenAI service instance that you want to configure.

05 In the navigation panel, under Resource Management, select Identity to access the identity-based settings configured for the selected OpenAI instance.

06 Select the User assigned tab and click on the name (link) of the user-assigned managed identity associated with your instance.

07 In the navigation panel, select Azure role assignments to view the role assignments for the selected identity.

08 Click on the name of the privileged administrator role that you want to remove from your user-assigned managed identity, select the Assignments tab, and choose Remove to delete the role assignment for the selected managed identity. In the Remove role assignments box, choose Yes for confirmation.

09 (Optional) To add a new role assigment that follows the Principle of Least Privilege (POLP), choose Access control (IAM) from the identity navigation panel, choose + Add, select Add role assigment, and perform the following actions:

For Role, select the Job function roles tab, and choose the appropriate, non-privileged role that you want to attach. Choose Next to continue the assignment process.
For Members, select Managed identity next to Assign access to, choose Select members next to Members, and select the user-assigned managed identity associated with your OpenAI instance. Choose Next to continue.
For Review + assign, review the role assignment information, then choose Review + assign to complete the assigment process.

10 Repeat steps no. 4 - 9 for each Azure OpenAI instance that you want to configure, available within the selected Azure subscription.

11 Repeat steps no. 3 – 10 for each subscription available in your Microsoft Azure cloud account.

Using Azure CLI

01 Run role assignment delete command (OSX/Linux/UNIX) to remove the privileged administrator role from your user-assigned managed identity, i.e. delete the admin role assignment (if the request is successful, the command does not produce an output). The following command example removes the "Owner" role assignment:

az role assignment delete
  --assignee abcd1234-abcd-1234-abcd-1234abcd1234
  --role "Owner"

02 (Optional) Run role assignment create command (OSX/Linux/UNIX) to add a new role assigment that follows the Principle of Least Privilege to your user-assigned managed identity. Use the --role parameter to specify the name of the non-privileged role that you want to assign:

az role assignment create
  --assignee abcd1234-abcd-1234-abcd-1234abcd1234
  --role Reader
  --scope "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/tm-project5-managed-identity"

03 Once the assignment process is completed, the command output should return the information available for the new role assignment:

{
	"roleDefinitionName": "Reader",
	"roleDefinitionId": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/providers/Microsoft.Authorization/roleDefinitions/1234abcd-1234-abcd-1234-abcd1234abcd",
	"condition": null,
	"conditionVersion": null,
	"createdBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
	"createdOn": "2024-06-20T08:11:52.463577+00:00",
	"delegatedManagedIdentityResourceId": null,
	"description": null,
	"name": "1234abcd-1234-abcd-1234-abcd1234abcd",
	"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
	"principalName": "1234abcd-1234-abcd-1234-abcd1234abcd",
	"principalType": "ServicePrincipal",
	"resourceGroup": "cloud-shell-storage-westeurope",
	"scope": "/subscriptions/1234abcd-1234-abcd-1234-abcd1234abcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/tm-project5-managed-identity",
	"type": "Microsoft.Authorization/roleAssignments",
	"updatedBy": "1234abcd-1234-abcd-1234-abcd1234abcd",
	"updatedOn": "2024-06-20T08:11:52.463577+00:00"
}

04 Repeat steps no. 1 - 3 for each Azure OpenAI instance that you want to configure, available in the selected Azure subscription.

05 Repeat steps no. 1 – 4 for each subscription available in your Microsoft Azure cloud account.

References

Azure Official Documentation
Best practices for Azure RBAC
Assign Azure roles using the Azure portal

Azure Command Line Interface (CLI) Documentation
az cognitiveservices account list
az cognitiveservices account identity show
az role assignment list
az role assignment delete
az role assignment create

Publication date Jun 21, 2024

Audit

Using Azure Console

Using Azure CLI

Remediation / Resolution

Using Azure Console

Using Azure CLI

References

Related AIServices rules