Merge pull request #5365 from MicrosoftDocs/main

Taojunshen · web-flow · commit 797911008822 · 2025-06-05T01:00:43.000+08:00
6/4/2025 AM Publish
diff --git a/articles/ai-foundry/concepts/rbac-azure-ai-foundry.md b/articles/ai-foundry/concepts/rbac-azure-ai-foundry.md
@@ -9,7 +9,7 @@ ms.custom:
   - build-2024
   - ignite-2024
 ms.topic: conceptual
-ms.date: 03/04/2025
+ms.date: 06/04/2025
 ms.reviewer: deeikele
 ms.author: larryfr
 author: Blackmist
@@ -222,10 +222,10 @@ For example, if you're trying to consume a new Blob storage, you need to ensure
 
 If you're an owner of a Foundry account resource, you can add and remove roles for Azure AI Foundry. From the **Home** page in [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs), select your Foundry resource. Then select **Users** to add and remove users for the hub. You can also manage permissions from the [Azure portal](https://portal.azure.com) under **Access Control (IAM)** or through the Azure CLI.
 
-For example, use the Azure CLI to assign the Azure AI User role to `joe@contoso.com` for resource group `this-rg` with the following command:
+For example, the following command assigns Azure AI User role to `joe@contoso.com` for resource group `this-rg` in the subscription with an ID of `00000000-0000-0000-0000-000000000000`:
 
 ```azurecli
-az role assignment create --role "Azure AI User" --assignee "joe@contoso.com" --resource-group this-rg 
+az role assignment create --role "Azure AI User" --assignee "joe@contoso.com" --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/this-rg 
 ```
 
 ## Create custom roles
@@ -461,10 +461,10 @@ For example, if you're trying to consume a new Blob storage, you need to ensure
 
 ## Manage access with roles 
 
-If you're an owner of a hub, you can add and remove roles for Azure AI Foundry. Go to the **Home** page in [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs) and select your hub. Then select **Users** to add and remove users for the hub. You can also manage permissions from the Azure portal under **Access Control (IAM)** or through the Azure CLI. For example, use the [Azure CLI](/cli/azure/) to assign the Azure AI Developer role to "joe@contoso.com" for resource group "this-rg" with the following command: 
+If you're an owner of a hub, you can add and remove roles for Azure AI Foundry. Go to the **Home** page in [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs) and select your hub. Then select **Users** to add and remove users for the hub. You can also manage permissions from the Azure portal under **Access Control (IAM)** or through the Azure CLI. For example, to assign the Azure AI Developer role to "joe@contoso.com" for resource group "this-rg" in the subscription with an ID of `00000000-0000-0000-0000-000000000000`, you can use the following Azure CLI command: 
  
 ```azurecli-interactive
-az role assignment create --role "Azure AI Developer" --assignee "joe@contoso.com" --resource-group this-rg 
+az role assignment create --role "Azure AI Developer" --assignee "joe@contoso.com" --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/this-rg 
 ```
 
 ## Create custom roles
diff --git a/articles/ai-foundry/how-to/develop/sdk-overview.md b/articles/ai-foundry/how-to/develop/sdk-overview.md
@@ -40,7 +40,6 @@ The Azure AI Foundry SDK is a set of client libraries and services designed to w
     az login
     ```
 
-[!INCLUDE [feature-preview](../../includes/feature-preview.md)]
 
 ## Unified Projects client library
 
@@ -69,6 +68,7 @@ The Azure AI Foundry Projects client library is a unified library that enables y
 
 ::: zone pivot="programming-language-java"
 
+[!INCLUDE [feature-preview](../../includes/feature-preview.md)]
 
 * Add these packages to your installation (preview):
     * `com.azure.ai.projects`
@@ -95,6 +95,8 @@ The Azure AI Foundry Projects client library is a unified library that enables y
 
 ::: zone pivot="programming-language-javascript"
 
+[!INCLUDE [feature-preview](../../includes/feature-preview.md)]
+
 * Install dependencies (preview):
 
     ```bash
diff --git a/articles/machine-learning/concept-customer-managed-keys.md b/articles/machine-learning/concept-customer-managed-keys.md
@@ -54,13 +54,12 @@ When you use a customer-managed key, there are two possible configurations:
 
 ## Service-side encryption of metadata
 
-A new architecture for the customer-managed key encryption workspace is available in preview, reducing cost compared to the current architecture and mitigating likelihood of Azure policy conflicts. In this configuration, encrypted data is stored service-side on Microsoft-managed resources instead of in your subscription.
+In this configuration, encrypted data is stored service-side on Microsoft-managed resources instead of in your subscription. Using service-side encryption reduces costs compared to the subscription-side encryption, and mitigates the likelihood of Azure policy conflicts.
 
-Data that previously was stored in Azure Cosmos DB in your subscription, is stored in multitenant Microsoft-managed resources with document-level encryption using your encryption key. Search indices that were previously stored in Azure AI Search in your subscription, are stored on Microsoft-managed resources that are provisioned dedicated for you per workspace. The cost of the Azure AI search instance is charged under your Azure Machine Learning workspace in Microsoft Cost Management.
+Data is stored in multitenant Microsoft-managed resources with document-level encryption using your encryption key. Search indices are stored on Microsoft-managed resources that are provisioned dedicated for you per workspace. The cost of the Azure AI search instance is charged under your Azure Machine Learning workspace in Microsoft Cost Management.
 
-Pipelines metadata that previously was stored in a storage account in a managed resource group, is now stored on the storage account in your subscription that is associated to the Azure Machine Learning workspace. Since this Azure Storage resource is managed separately in your subscription, you're responsible to configure encryption settings on it.
+Pipelines metadata is stored on the storage account in your subscription that is associated to the Azure Machine Learning workspace. Since this Azure Storage resource is managed separately in your subscription, you're responsible to configure encryption settings on it.
 
-To opt in for this preview, set the `enableServiceSideCMKEncryption` on a REST API or in your Bicep or Resource Manager template. You can also use Azure portal.
 
 :::image type="content" source="./media/concept-customer-managed-keys/cmk-service-side-encryption.png" alt-text="Screenshot of the encryption tab with the option for server side encryption selected." lightbox="./media/concept-customer-managed-keys/cmk-service-side-encryption.png":::
 
diff --git a/articles/machine-learning/how-to-manage-workspace.md b/articles/machine-learning/how-to-manage-workspace.md
@@ -238,7 +238,7 @@ ml_client.workspaces.begin_create(ws)
 
 # [Portal](#tab/azure-portal)
 
-1. Select **Encrypt data using a ustomer-managed key**, and then select **Click to select key**. This configuration creates Azure resources used to encrypt data in your Azure subscription. Alternatively, select **Use service-side encryption (preview)** to use service-side resources for encryption. For more information, see [Customer-managed keys](concept-customer-managed-keys.md).
+1. Select **Encrypt data using a ustomer-managed key**, and then select **Click to select key**. This configuration creates Azure resources used to encrypt data in your Azure subscription. Alternatively, select **Use service-side encryption** to use service-side resources for encryption. For more information, see [Customer-managed keys](concept-customer-managed-keys.md).
 
     :::image type="content" source="media/how-to-manage-workspace/advanced-workspace.png" alt-text="Screenshot of the customer-managed keys.":::
 
diff --git a/articles/machine-learning/media/concept-customer-managed-keys/cmk-service-side-encryption.png b/articles/machine-learning/media/concept-customer-managed-keys/cmk-service-side-encryption.png
diff --git a/articles/machine-learning/reference-managed-online-endpoints-vm-sku-list.md b/articles/machine-learning/reference-managed-online-endpoints-vm-sku-list.md
@@ -86,10 +86,10 @@ The following table shows the virtual machine (VM) stock keeping units (SKUs) th
 |  standardNCADSA100v4Family  | STANDARD_NC24ADS_A100_V4 | - | NvidiaGpu | 1 | 24 | Yes |
 |  standardNCADSA100v4Family  | STANDARD_NC48ADS_A100_V4 | - | NvidiaGpu | 2 | 48 | Yes |
 |  standardNCADSA100v4Family  | STANDARD_NC96ADS_A100_V4 | - | NvidiaGpu | 4 | 96 | Yes |
-|  Standard NCASv3_T4 Family  | STANDARD_NC4AS_T4_V3 | - | NvidiaGpu | 1 | 4 | - |
-|  Standard NCASv3_T4 Family  | STANDARD_NC8AS_T4_V3 | - | NvidiaGpu | 1 | 8 | - |
-|  Standard NCASv3_T4 Family  | STANDARD_NC16AS_T4_V3 | - | NvidiaGpu | 1 | 16 | - |
-|  Standard NCASv3_T4 Family  | STANDARD_NC64AS_T4_V3 | - | NvidiaGpu | 4 | 64 | - |
+|  standard NCASv3_T4 Family  | STANDARD_NC4AS_T4_V3 | - | NvidiaGpu | 1 | 4 | - |
+|  standard NCASv3_T4 Family  | STANDARD_NC8AS_T4_V3 | - | NvidiaGpu | 1 | 8 | - |
+|  standard NCASv3_T4 Family  | STANDARD_NC16AS_T4_V3 | - | NvidiaGpu | 1 | 16 | - |
+|  standard NCASv3_T4 Family  | STANDARD_NC64AS_T4_V3 | - | NvidiaGpu | 4 | 64 | - |
 |  standardNCSv2Family  | STANDARD_NC6S_V2 | - | NvidiaGpu | 1 | 6 | - |
 |  standardNCSv2Family  | STANDARD_NC12S_V2 | - | NvidiaGpu | 2 | 12 | - |
 |  standardNCSv2Family  | STANDARD_NC24S_V2 | - | NvidiaGpu | 4 | 24 | - |
@@ -99,10 +99,16 @@ The following table shows the virtual machine (VM) stock keeping units (SKUs) th
 |  standardNCADSH100v5Family  | STANDARD_NC40ADS_H100_V5 | - | NvidiaGpu | 1 | 40 | Yes |
 |  standardNCADSH100v5Family  | STANDARD_NC80ADIS_H100_V5 | - | NvidiaGpu | 2 | 80 | Yes |
 |  standard NDAMSv4_A100Family  | STANDARD_ND96AMSR_A100_V4 | Yes | NvidiaGpu | 8 | 96 | Yes |
-|  Standard NDASv4_A100 Family  | STANDARD_ND96ASR_V4 | Yes | NvidiaGpu | 8 | 96 | Yes |
+|  standard NDASv4_A100 Family  | STANDARD_ND96ASR_V4 | Yes | NvidiaGpu | 8 | 96 | Yes |
 |  standardNDSv2Family  | STANDARD_ND40RS_V2 | Yes | NvidiaGpu | 8 | 40 | Yes |
-|  standardNDv5H100Family  | STANDARD_ND96IS_H100_v5 | - | NvidiaGpu | 8 | 96 | Yes |
-|  standardNDv5H100Family  | STANDARD_ND96ISR_H100_v5 | Yes | NvidiaGpu | 8 | 96 | Yes |
+|  standardNDv5H100Family  | STANDARD_ND96IS_H100_V5 | - | NvidiaGpu | 8 | 96 | Yes |
+|  standardNDv5H100Family  | STANDARD_ND96ISR_H100_V5 | Yes | NvidiaGpu | 8 | 96 | Yes |
+|  standardNVADSA10v5Family | STANDARD_NV6ADS_A10_V5	 | - | NvidiaGpu | 1/6 | 6  | - |
+|  standardNVADSA10v5Family | STANDARD_NV12ADS_A10_V5  | - | NvidiaGpu | 1/3 | 12 | - |
+|  standardNVADSA10v5Family | STANDARD_NV18ADS_A10_V5  | - | NvidiaGpu | 1/2 | 18 | - |
+|  standardNVADSA10v5Family | STANDARD_NV36ADS_A10_V5  | - | NvidiaGpu | 1   | 36 | - |
+|  standardNVADSA10v5Family | STANDARD_NV36ADMS_A10_V5 | - | NvidiaGpu | 1   | 36 | - |
+|  standardNVADSA10v5Family | STANDARD_NV72ADS_A10_V5  | - | NvidiaGpu | 2   | 72 | - |
 
 > [!CAUTION]
 > Small VM SKUs such as `Standard_DS1_v2` and `Standard_F2s_v2` may be too small for bigger models and may lead to container termination due to insufficient memory, not enough space on the disk, or probe failure as it takes too long to initiate the container. If you face [OutOfQuota errors](how-to-troubleshoot-online-endpoints.md?tabs=cli#error-outofquota) or [ResourceNotReady errors](how-to-troubleshoot-online-endpoints.md?tabs=cli#error-resourcenotready), try bigger VM SKUs. If you want to reduce the cost of deploying multiple models with managed online endpoint, see [Deployment for several local models](concept-online-deployment-model-specification.md#deployment-for-several-local-models).
