You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/how-to-administrate-data-authentication.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -59,7 +59,7 @@ In general, identity-based data authentication involves these checks:
59
59
- Storage: Does the storage allow public access, or does it restrict access through a service endpoint or a private endpoint?
60
60
* What operation will be performed?
61
61
- Azure Machine Learning handles create, read, update, and delete (CRUD) operations on a data store/dataset.
62
-
- Archive operations on data assets in the Studio require this RBAC operation: `Microsoft.MachineLearningServices/workspaces/datasets/registered/delete`
62
+
- Archive operations on data assets in the studio require this RBAC operation: `Microsoft.MachineLearningServices/workspaces/datasets/registered/delete`
63
63
- Data Access calls (for example, preview or schema) go to the underlying storage, and need extra permissions.
64
64
* Will this operation run in your Azure subscription compute resources, or resources hosted in a Microsoft subscription?
65
65
- All calls to dataset and datastore services (except the "Generate Profile" option) use resources hosted in a __Microsoft subscription__ to run the operations.
@@ -91,9 +91,9 @@ For SDK V1, data authentication in a job is always using compute MSI. And for SD
91
91
92
92
The following will help you set up data authentication to access data behind VNET from an Azure Machine Learning workspace.
93
93
94
-
### Add permissions of Azure Storage Account to AzureML workspace managed identity
94
+
### Add permissions of Azure Storage Account to Azure Machine Learning workspace managed identity
95
95
96
-
When you use an Azure Storage Account from Azure Machine Learning studio, if you want to see Dataset Preview, you must enable "Use workspace managed identity for data preview and profiling in Azure Machine Learning Studio" in datastore setting, and add these Azure RBAC roles of the storage account to the workspace managed identity:
96
+
When you use an Azure Storage Account from Azure Machine Learning studio, if you want to see Dataset Preview, you must enable "Use workspace managed identity for data preview and profiling in Azure Machine Learning studio" in datastore setting, and add these Azure RBAC roles of the storage account to the workspace managed identity:
97
97
98
98
*[Blob Data Reader](../role-based-access-control/built-in-roles.md#storage-blob-data-reader)
99
99
* If the storage account uses a private endpoint to connect to the VNet, you must grant the [Reader](../role-based-access-control/built-in-roles.md#reader) role for the storage account private endpoint to the managed identity.
0 commit comments