Skip to content

Commit 7d52fac

Browse files
authored
Update encryption-keys-portal.md
1 parent 853d66e commit 7d52fac

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

articles/ai-foundry/concepts/encryption-keys-portal.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ zone_pivot_groups: project-type
1818

1919
# Customer-managed keys for encryption with Azure AI Foundry
2020

21-
Customer-managed key (CMK) encryption in [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs) provides enhanced control over the encryption of your data. By using CMK, you can manage your own encryption keys to add an extra layer of protection and meet compliance requirements more effectively.
21+
Customer-managed key (CMK) encryption in [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs) provides enhanced control over the encryption of your data. By using a CMK, you can manage your own encryption keys to add an extra layer of protection and meet compliance requirements more effectively.
2222

2323
## About encryption in Azure AI Foundry
2424

@@ -72,7 +72,7 @@ Two architecture options are available when you use CMKs with Azure AI Hub:
7272

7373
## Use CMKs with Azure Key Vault
7474

75-
You must use Key Vault to store your CMKs. You can either create your own keys and store them in a key vault or use the Key Vault APIs to generate keys. Your Azure resources and the Key Vault resources must be in the same region and in the same Microsoft Entra tenant. You can use different subscriptions for the resources. For more information about Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview).
75+
You must use Azure Key Vault to store your CMKs. You can either create your own keys and store them in a key vault or use the Key Vault APIs to generate keys. Your Azure resources and the Key Vault resources must be in the same region and in the same Microsoft Entra tenant. You can use different subscriptions for the resources. For more information about Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview).
7676

7777
- Enable both the **Soft-delete** and **Purge protection** properties on the key vault.
7878
- Allow trusted Microsoft services to access the key vault if you use the [key vault firewall](/azure/key-vault/general/access-behind-firewall).
@@ -175,11 +175,11 @@ When you use CMKs, generally your data is stored by using document-level encrypt
175175
Learn more:
176176

177177
* [Customer-managed key encryption](../concepts/encryption-keys-portal.md)
178-
* [Disable local auth](../how-to/disable-local-auth.md)
178+
* [Disable local authorization](../how-to/disable-local-auth.md)
179179
* [What is Azure Key Vault?](/azure/key-vault/general/overview)
180180

181181
Reference infrastructure-as-code templates:
182182

183183
* [Bicep sample for CMK encryption for an Azure AI Foundry resource](https://github.com/azure-ai-foundry/foundry-samples/tree/main/samples/microsoft/infrastructure-setup/30-customer-managed-keys)
184184
* [Bicep sample for CMK encryption for Azure an AI Foundry resource and agent service standard setup](https://github.com/azure-ai-foundry/foundry-samples/tree/main/samples/microsoft/infrastructure-setup/31-customer-managed-keys-standard-agent)
185-
* [Bicep sample for CMK encryption for Azure AI Hub](https://github.com/azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.machinelearningservices/aistudio-cmk-service-side-encryption).
185+
* [Bicep sample for CMK encryption for Azure AI Hub](https://github.com/azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.machinelearningservices/aistudio-cmk-service-side-encryption)

0 commit comments

Comments
 (0)