Description
Text-to-speech enables your applications, tools, or devices to convert text into humanlike synthesized speech. The text-to-speech capability is also known as speech synthesis. Use humanlike prebuilt neural voices out of the box, or create a custom neural voice that’s unique to your product or brand.
BASELINE CONFIGURATION
Config Name | Description | Solution | GE Control ID |
---|---|---|---|
Sku | The Pricing tier for your resource | Must use standard pricing tier as it minimal requirement | Standard EA |
Resource Group | Resource Group Requirements | Must use same region for resource, resource group & subscription | Standard EA |
Network Type | Access to service | Public access to the services is not allowed, must opt selected networks, configure network security for your cognitive resource Restrict access to the applicable subnets from where you are going access the particular required subnet | SEC 1.2 |
Data Encryption | Encrypt sensitive information in transit | All of the cognitive services endpoints are exposed over HTTPS enforce TLS 1.2. With an enforce security protocol, consumers attempting to call a cognitive services endpoint should adhere to these guidelines | SEC 7.2 |
Authentication/Authorization | Authenticate to console services and data sources using Azure native security services | Authenticating of services using AAD IAM RBAC Authentication to data sources should be through managed identities system assigned | SEC 2.1 |
Keys | Primary keys, secondary keys and query keys stored in key vault as secrets | A copy of the primary, secondary and query key should be stored as secrets in key vault | SEC 4.1 |
Logging | Enable Diagnostics settings for (Administrative Security, Service Health, & Resource Health) | Logs must be stored in Gas Power Cyber approved logging destination: central analytics workspace in 328-gp-azr-ops | SEC 3.11 |
Network logging | Collect network traffic logs and analyze them | Turn ON NSG flow logs and enable traffic analytics | SEC 3.9 |
Encryption | Encryption at rest | Use Customer Managed Key for encryption at rest | SEC 7.1 |
Azure Text to Speech | Only Azure Speech Service will be deployed via Terraform | Use the Speech SDK or REST API to convert text-to-speech by using prebuilt neural voices or custom neural voices | Standard EA |
Azure Text to Speech Language | Azure Text to Speech Language | For a full list of platform neural voices or custom neural voices see Language and Voice support for the speech service |
Tagging Considerations
Policy Name | Description | Solution |
---|---|---|
UAI tag | All speech services must be tagged with a valid UAI | - Example: Key: uai - Value: uai1234567 - Use lower case name and value |
Env tag | All speech services must be tagged with a tag corresponding to the application environment | - Example: Key : env, Value: prd - For Valid envs see item 5.2 in cloud controls document - Use lower case name and value |
Appname tag | Must tagged with application short name where applicable | - Example: Key: appname - Value: ABC123 |
Resource Standards and Policies
Config Name | Description | Solution |
---|---|---|
Speech Service | Speech Service should not exceed 64 character and consist of only alpha numeric and hyphens. It should begin with “ss” | ss- |
Ready to experience the full power of cloud technology?
Our cloud experts will speed up cloud deployment, and make your business more efficient.
Network Considerations
Config Name | Description | Solution |
---|---|---|
Standard network Configuration | Standard vnet, subnet, NSG configuration applied | See network baseline config for more information Approved network design baseline of Stakeholder Note: NSGs are disabled on private endpoints |
Private endpoints | Deny public internet access | Ensure that key vault is accessible only over Stakeholder private network |
Identity and Access Management
Config Name | Description | Solution | Mandated/Optional | IAM Policy | CF Template |
---|---|---|---|---|---|
IAM RBAC Configuration | Standard RBAC roles defined for speech service and assigned to users | See baseline configuration for more information | Mandated |
Operational Considerations
ISmile Technologies being a proud partner to the top public cloud providers AWS, Microsoft Azure, and Google Cloud, can provide a cloud governance model, and core framework to ensure your operations in the public cloud are scalable and secure. Schedule a free assessment today.
CLOUD Engineer
Gopi Krishna
I’m working as Cloud DevOps Engineer. Expertise in technologies of Kubernetes, cloud services and cloud-native services, and DevOps technologies in various clouds.