You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/prompt-flow/how-to-secure-prompt-flow.md
+19-9Lines changed: 19 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,15 +20,25 @@ You can secure prompt flow using private networks. This article explains the req
20
20
21
21
## Involved services
22
22
23
-
When you're developing your AI application using prompt flow, you want a secured environment. You can make the following services private via network settings.
24
-
25
-
- Workspace: you can make the Azure Machine Learning workspace private and limit its inbound and outbound traffic.
26
-
- Compute resource: you can also limit inbound and outbound rules of the compute resource in the workspace.
27
-
- Storage account: you can limit the accessibility of the storage account to a specific virtual network.
28
-
- Container registry: you can secure your container registry with a virtual network.
29
-
- Endpoint: you want to limit which Azure services or IP addresses can access your endpoint.
30
-
- Related Azure AI Services such as Azure OpenAI, Azure content safety, and Azure AI Search: you can use network configuration to make them private and then use private endpoints to let Azure Machine Learning services communicate with them.
31
-
- Other non-Azure resources such as SerpAPI: If you have strict outbound rules, you need to add FQDN rules to access them.
23
+
When you develop AI applications using prompt flow, you need a secured environment. You can configure network isolation for the following services:
24
+
25
+
### Core Azure Machine Learning services
26
+
27
+
-**Workspace**: Configure the Azure Machine Learning workspace as private and restrict its inbound and outbound traffic.
28
+
-**Compute resource**: Apply inbound and outbound rules to limit compute resource access within the workspace.
29
+
-**Storage account**: Restrict storage account accessibility to a specific virtual network.
30
+
-**Container registry**: Secure your container registry using virtual network configuration.
31
+
-**Endpoint**: Control which Azure services or IP addresses can access your deployed endpoints.
32
+
33
+
### Azure AI Services
34
+
35
+
-**Azure OpenAI**: Use network configuration to make Azure OpenAI private, then use private endpoints for Azure Machine Learning communication.
36
+
-**Azure Content Safety**: Configure private network access and establish private endpoints for secure communication.
37
+
-**Azure AI Search**: Enable private network settings and use private endpoints for secure integration.
38
+
39
+
### External resources
40
+
41
+
-**Non-Azure resources**: For external APIs like SerpAPI, add FQDN rules to your outbound traffic restrictions to maintain access.
0 commit comments