You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ai-studio/how-to/secure-data-playground.md
+14-1Lines changed: 14 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ description: Learn how to securely use the Azure AI Studio playground chat on yo
5
5
manager: scottpolly
6
6
ms.service: azure-ai-studio
7
7
ms.topic: how-to
8
-
ms.date: 08/28/2024
8
+
ms.date: 09/13/2024
9
9
ms.reviewer: meerakurup
10
10
ms.author: larryfr
11
11
author: Blackmist
@@ -153,10 +153,23 @@ If you're using Azure Storage for the ingestion scenario with the Azure AI Studi
153
153
1. Repeat the previous step to create a private endpoint, however this time set the __Target sub-resource__ to __file__. The previous private endpoint allows secure communication to blob storage, and this private endpoint allows secure communication to file storage.
154
154
1. To disable local (shared key) authentication to storage, select __Configuration__, under __Settings__. Set __Allow storage account key access__ to __Disabled__, and then select __Save__ to apply the changes. For more information, visit the [Prevent authorization with shared key](/azure/storage/common/shared-key-authorization-prevent) article.
155
155
156
+
## Configure Azure Key Vault
157
+
158
+
Azure AI Studio uses Azure Key Vault to securely store and manage secrets. To allow access to the key vault from trusted services, use the following steps.
159
+
160
+
> [!NOTE]
161
+
> These steps assume that the key vault has already been configured for network isolation when you created your Azure AI Studio Hub.
162
+
163
+
1. From the Azure portal, select the Key Vault resource, then select __Settings__, __Networking__, and __Firewalls and virtual networks__.
164
+
1. From the __Exception__ section of the page, make sure that __Allow trusted Microsoft services to bypass firewall__ is __enabled__.
165
+
156
166
## Configure connections to use Microsoft Entra ID
157
167
158
168
Connections from Azure AI Studio to Azure AI services and Azure AI Search should use Microsoft Entra ID for secure access. Connections are created from [Azure AI Studio](https://ai.azure.com) instead of the Azure portal.
159
169
170
+
> [!IMPORTANT]
171
+
> Using Microsoft Entra ID with Azure AI Search is currently a preview feature. For more information on connections, visit the [Add connections](connections-add.md#create-a-new-connection) article.
172
+
160
173
1. from Azure AI Studio, select __Connections__. If you have existing connections to the resources, you can select the connection and then select the __pencil icon__ in the __Access details__ section to update the connection. Set the __Authentication__ field to __Microsoft Entra ID__, then select __Update__.
161
174
1. To create a new connection, select __+ New connection__, then select the resource type. Browse for the resource or enter the required information, then set __Authentication__ to __Microsoft Entra ID__. Select __Add connection__ to create the connection.
0 commit comments