You have deployed your real-time inference web service on the Azure Container Instances (ACI) environment.
You need to ensure that only consumer services having the appropriate authentication credentials can have access to it.
Which authentication method can you use?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: B.
Option A is incorrect because Azure ML provides two ways to control access to web services: Kea and Token.
User/Password is not applicable here.
Option B is CORRECT becauseusing a Key is the only way to authenticate consumers of a real-time inference service on ACI.
The Key has to be included in the Authorization header of the request.
Option C is incorrect because the SQL engine.
Option D is incorrect because while using time limited tokens for authentication can be an option for inference models, it is not supported for ACI; it is only available for AKS.
Reference:
When deploying a real-time inference web service on Azure Container Instances (ACI), it is important to ensure that only authorized consumer services can access it. There are several authentication methods available on Azure, but not all of them may be suitable for this scenario.
Option A: User/Password Using a user/password authentication method requires the client to provide a valid username and password combination to access the web service. While this method can be secure, it requires the service to have access to a user database and can be cumbersome to manage.
Option B: Key A key-based authentication method involves generating an access key or API key, which is shared with the consumer services. This key can then be used to authenticate requests made to the web service. This method is relatively simple to implement and manage, but it requires the key to be securely stored and managed.
Option C: SAS SAS (Shared Access Signature) is a token-based authentication method that allows clients to access a specific resource for a defined period of time. This method is commonly used in Azure storage services, and can be used to grant temporary access to the web service for authorized clients. SAS tokens can be generated with specific permissions, such as read or write access, and can be revoked when no longer needed.
Option D: Token Token-based authentication involves generating a token that can be used to access the web service. This method is commonly used with OAuth2, which is an industry-standard protocol for authorization. OAuth2 can be used to grant access to the web service for specific client applications, and can be integrated with identity providers such as Azure Active Directory.
In this scenario, the most appropriate authentication method would be option B (Key) or option C (SAS). Both methods are relatively simple to implement and manage, and provide a secure way to authenticate client requests. The choice between these two options may depend on specific requirements, such as the need for temporary access or specific permissions.