Merge pull request #53328 from wwlpublish/Mod159721

Created GitHubRepo M159721

Author: v-regandowner

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/1-introduction.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.introduction
+title: "Introduction"
+metadata:
+  title: "Introduction"
+  description: "Learn how to build secure AI infrastructure with Microsoft Foundry Hubs, Azure OpenAI Service, and Azure Container Registry. Get started now!"
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 5
+content: |
+  [!include[](includes/1-introduction.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/2-understand-microsoft-foundry-security-architecture.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.understand-microsoft-foundry-security-architecture
+title: "Understand Microsoft Foundry security architecture"
+metadata:
+  title: "Understand Microsoft Foundry Security Architecture"
+  description: "Learn how Microsoft Foundry Hubs enforce centralized security governance, ensuring consistency across AI projects while maintaining team autonomy."
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 12
+content: |
+  [!include[](includes/2-understand-microsoft-foundry-security-architecture.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/3-secure-azure-openai-cognitive-services.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.secure-azure-openai-cognitive-services
+title: "Secure Azure OpenAI and Cognitive Services"
+metadata:
+  title: "Secure Azure OpenAI Service and Cognitive Services"
+  description: "Learn how to secure Azure OpenAI Service and Cognitive Services with managed identities, private endpoints, and content filtering for compliance."
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 13
+content: |
+  [!include[](includes/3-secure-azure-openai-cognitive-services.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/4-secure-ai-container-images-azure-container.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.secure-ai-container-images-azure-container
+title: "Secure AI container images with Azure Container Registry"
+metadata:
+  title: "Secure AI Container Images with Azure Container Registry"
+  description: "Secure AI container images using Azure Container Registry with automated vulnerability scanning, access control, and content trust features."
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 11
+content: |
+  [!include[](includes/4-secure-ai-container-images-azure-container.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/5-exercise-configure-secure-ai-infrastructure.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.exercise-configure-secure-ai-infrastructure
+title: "Configure secure AI infrastructure in Azure"
+metadata:
+  title: "Configure Secure AI Infrastructure in Azure"
+  description: "Learn how to configure secure AI infrastructure in Azure using private networking, managed connectivity, and customer-managed keys for compliance."
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 12
+content: |
+  [!include[](includes/5-exercise-configure-secure-ai-infrastructure.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/6-knowledge-check.yml

@@ -0,0 +1,48 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.knowledge-check
+title: "Module assessment"
+metadata:
+  title: "Knowledge check"
+  description: "Knowledge check"
+  ms.date: 02/03/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+  module_assessment: false
+durationInMinutes: 5
+content: "Choose the best response for each of the following questions."
+quiz:
+  questions:
+  - content: "Your fraud detection team reports that their Azure OpenAI Service calls are failing with authentication errors after you configured managed identity. The team's application runs in an Azure Kubernetes Service pod and previously used API keys stored in Kubernetes secrets. What is the most likely cause of the authentication failure?"
+    choices:
+    - content: "The AKS pod identity needs the Cognitive Services OpenAI User role assigned at the Azure OpenAI Service scope through Azure RBAC"
+      isCorrect: true
+      explanation: "Managed identities require explicit RBAC role assignments to access Azure services. The pod identity must have the Cognitive Services OpenAI User role assigned on the target OpenAI Service instance. The second option is incorrect because managed identities fully support authentication from AKS pods through Azure AD Pod Identity or workload identity. The third option is incorrect because private endpoints don't interfere with managed identity authentication—tokens are validated through Azure Active Directory, not through network connectivity to the service."
+    - content: "Managed identities can't authenticate to Azure OpenAI Service from AKS pods and require API keys stored in Azure Key Vault instead"
+      isCorrect: false
+      explanation: "Incorrect. Managed identities fully support authentication from AKS pods through Azure AD Pod Identity or workload identity."
+    - content: "The private endpoint configuration is blocking managed identity token validation and needs a service endpoint exception rule"
+      isCorrect: false
+      explanation: "Incorrect. Private endpoints don't interfere with managed identity authentication—tokens are validated through Azure Active Directory, not through network connectivity to the service."
+  - content: "Your compliance team requires that all AI service requests and responses remain within European Azure regions to satisfy regulatory data residency requirements. You've deployed Azure OpenAI Service in West Europe with a private endpoint. Which more configuration ensures complete data residency compliance?"
+    choices:
+    - content: "Configure diagnostic settings to send logs to a Log Analytics workspace located in the same West Europe region where the OpenAI service is deployed"
+      isCorrect: true
+      explanation: "Diagnostic logs contain request metadata and potentially sensitive information that must stay within the same region to maintain complete data residency. Storing logs in a West Europe Log Analytics workspace ensures all data processing and storage occurs within the compliant region."
+    - content: "Enable content filtering with geo-fencing rules that block requests originating from IP addresses outside the European Economic Area"
+      isCorrect: false
+      explanation: "Incorrect. Content filtering doesn't control request geography—private endpoints and virtual network routing control network paths, not IP-based geo-fencing."
+    - content: "Deploy geo-replication for the OpenAI service to North Europe region to provide automatic failover while maintaining European data residency"
+      isCorrect: false
+      explanation: "Incorrect. Azure OpenAI Service doesn't support geo-replication; you would deploy separate OpenAI instances per region rather than replicating a single instance."
+  - content: "Your security team discovered a critical CVE in the TensorFlow library used by your fraud detection model container. Microsoft Defender for Containers identified the vulnerability, but your deployment pipeline still allows the vulnerable image to deploy to production. What configuration change prevents deployment of containers with critical vulnerabilities?"
+    choices:
+    - content: "Implement Azure Policy with a custom policy definition that denies AKS pod deployments when the source container image has unresolved critical or high severity CVEs"
+      isCorrect: true
+      explanation: "Azure Policy provides enforcement at deployment time by evaluating container image security scan results and denying deployments that violate policy rules. Custom policy definitions can query Defender's vulnerability assessments and block AKS deployments when critical CVEs exist."
+    - content: "Enable content trust on Azure Container Registry to require digital signatures, which automatically block images with security vulnerabilities from being pulled"
+      isCorrect: false
+      explanation: "Incorrect. Content trust verifies publisher identity and image integrity, not vulnerability status—a signed image can still contain vulnerable libraries."
+    - content: "Configure Microsoft Defender to automatically quarantine vulnerable images by moving them to a separate repository with restricted pull permissions"
+      isCorrect: false
+      explanation: "Incorrect. Defender identifies vulnerabilities but doesn't automatically quarantine images; you must implement separate processes or policies to enforce deployment restrictions based on scan results."

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/7-summary.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.implement-secure-ai-ready-infrastructure-azure-services.summary
+title: "Summary"
+metadata:
+  title: "Summary"
+  description: "Learn how to build secure AI infrastructure with Azure services, ensuring governance, vulnerability scanning, and compliance for production AI."
+  ms.date: 02/04/2026
+  author: wwlpublish
+  ms.author: bradj
+  ms.topic: unit
+durationInMinutes: 3
+content: |
+  [!include[](includes/7-summary.md)]

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/includes/1-introduction.md

@@ -0,0 +1,26 @@
+Microsoft Foundry Hubs and Projects deliver the governance framework your security team requires. By combining Foundry's centralized policy enforcement with Azure OpenAI Service, Azure Cognitive Services, and Azure Container Registry, you build AI infrastructure that passes enterprise security reviews while maintaining developer agility. This approach eliminates public internet exposure through private endpoints, removes credential sprawl through managed identities, and provides visibility into container vulnerabilities before production deployment.
+
+In this module, you configure a Foundry Hub to enforce security policies across multiple AI projects, integrate Azure OpenAI Service with network isolation and identity controls, and deploy Azure Container Registry with automated vulnerability scanning. By the end, you have production-ready AI infrastructure that satisfies your compliance team and accelerates safe AI adoption across your organization.
+
+## Learning objectives
+
+By the end of this module, you're able to:
+
+- Configure Microsoft Foundry Hubs and Projects for secure AI development environments
+- Implement Azure OpenAI Service and Cognitive Services with enterprise security controls
+- Secure AI container images and deployments using Azure Container Registry
+- Apply network isolation and identity governance to protect AI infrastructure
+
+## Prerequisites
+
+Before starting this module, you should be familiar with:
+
+- Azure fundamentals including resource groups, virtual networks, and identity management
+- Basic AI and machine learning concepts
+- Container fundamentals and Docker basics
+
+## More resources
+
+- [Microsoft Foundry documentation](/azure/ai-foundry/) - Official documentation for Foundry Hubs and Projects
+- [Azure OpenAI Service security best practices](/azure/ai-services/openai/how-to/managed-identity) - Guidance on securing Azure OpenAI deployments
+

learn-pr/wwl-azure/implement-secure-ai-ready-infrastructure-azure-services/includes/2-understand-microsoft-foundry-security-architecture.md

@@ -0,0 +1,45 @@
+
+## The centralized governance challenge
+
+You might be wondering how to enforce consistent security policies across multiple AI development teams without slowing down innovation. Traditional approaches create isolated environments for each team, forcing security administrators to configure network rules, identity permissions, and encryption settings repeatedly. With five AI projects underway, your security team faces configuring private endpoints, managed identities, and audit logging five separate times—multiplying administrative overhead and increasing the risk of configuration drift.
+
+Microsoft Foundry Hubs solve this challenge by providing centralized security governance that applies automatically to all connected projects. A Foundry Hub acts as the policy enforcement layer where you configure network isolation, identity controls, and data protection once. Every Foundry Project that connects to the hub inherits these security controls, ensuring consistency without requiring per-project configuration. This separation allows your security team to maintain governance while data science teams retain autonomy within their project workspaces.
+
+## How Hubs and Projects work together
+
+Consider a scenario where your fraud detection team and customer service automation team both need access to Azure OpenAI Service. With traditional Azure resource groups, each team would create separate OpenAI instances, configure their own virtual networks, and manage independent sets of managed identities. This creates security islands where one team might enable public access while another enforces private endpoints—introducing compliance gaps your auditor's flag.
+
+:::image type="content" source="../media/manage-independent-sets-managed-identities.png" alt-text="Diagram showing traditional Azure resource groups where each team creates separate OpenAI instances.":::
+
+Foundry changes this architecture fundamentally. You create one Foundry Hub that defines your organization's security baseline: private endpoint connectivity required, managed identity authentication mandatory, and diagnostic logging enabled for all resources. When the fraud detection team creates their Foundry Project, it automatically inherits the hub's networking configuration—their Azure OpenAI Service endpoint is private by default. The customer service team's project gets identical security controls without more configurations. Both teams work independently within their project boundaries while the hub ensures security consistency.
+
+This becomes especially important when your security team needs to respond to new compliance requirements. Instead of updating five separate environments, you modify the hub's policy once. All connected projects inherit the change immediately, reducing your compliance window from weeks to hours and eliminating the risk of overlooking an environment during updates.
+
+## Core security components
+
+The hub integrates three foundational security services that protect your AI workloads. Microsoft Entra ID provides identity and access management through role-based access control (RBAC), allowing you to define who can create projects, deploy models, and access training data. Unlike service-specific authentication, Microsoft Entra ID centralizes identity management—your existing user groups and conditional access policies apply automatically to AI resources. At the same time, managed identities eliminate credential storage by allowing applications and services to authenticate directly using Microsoft Entra ID tokens, removing API keys from your codebase entirely.
+
+Azure Virtual Network delivers network isolation by creating private connectivity between your hub and Azure services. When you deploy a private endpoint for Azure OpenAI Service, all API traffic flows through your virtual network rather than the public internet. This network boundary prevents external access attempts and ensures compliance with data residency requirements. For example, your fraud detection models processing customer transactions stay within EU Azure regions, satisfying data localization mandates.
+
+Azure Key Vault completes the protection layer by securing secrets, certificates, and encryption keys. Even when services require API keys for backward compatibility, Key Vault stores them with access logging and automatic rotation. Your applications reference keys using Key Vault URIs rather than embedding credentials in configuration files. With this approach, your security team gains audit trails showing when keys were accessed, by which identity, and from which application—visibility that's critical during security investigations.
+
+## Policy inheritance and workspace isolation
+
+Now that you understand the hub's role, let's examine how projects maintain both security consistency and team autonomy. Each Foundry Project operates as an isolated workspace with dedicated compute resources, storage accounts, and AI service connections. Data scientists in the fraud detection project can't access datasets or models in the customer service project—even though both projects connect to the same hub. This isolation prevents accidental data leakage between business domains while simplifying access control through project-level RBAC assignments.
+
+Building on this concept, policy inheritance works like a security firewall with mandatory baseline rules. The hub enforces non-negotiable requirements—private endpoints, managed identities, encryption at rest—that projects can't disable. Within these boundaries, project administrators customize permissions for their team members and configure project-specific resources like storage containers or compute clusters. For instance, the fraud detection project might grant senior data scientists permission to deploy production models while restricting junior analysts to development experiments. These project-level permissions add flexibility without compromising hub-enforced security controls.
+
+Consider what happens when a new data scientist joins your fraud detection team. The project administrator assigns them the "Data Scientist" role within the Foundry Project. This role inherits hub-level policies automatically—they can only access AI services through private endpoints and must authenticate with their Microsoft Entra ID credentials. The project role then grants specific permissions to training datasets and development compute resources. This layered approach means your security team manages baseline controls once at the hub level, while project administrators handle day-to-day access management within their domains.
+
+:::image type="content" source="../media/architecture-centralized-security-controls.png" alt-text="Diagram showing the Microsoft Foundry Hub architecture with centralized security controls.":::
+
+
+*Microsoft Foundry Hub architecture showing centralized security controls with policy inheritance flowing to isolated project workspaces*
+
+
+## More resources
+
+- [Plan your Microsoft Foundry Hub architecture](/azure/ai-foundry/concepts/hubs-projects) - Architectural guidance for hub and project design patterns
+- [Configure managed identities for Azure AI services](/azure/ai-services/authentication) - Step-by-step guide for passwordless authentication
+
+