Merge pull request #277341 from Blackmist/255251-dns

Jill Grant · web-flow · commit 121a74684337 · 2024-06-06T09:32:13.000-06:00
testing interaction with ai studio toc
diff --git a/articles/ai-studio/toc.yml b/articles/ai-studio/toc.yml
@@ -270,6 +270,8 @@ items:
         href: how-to/configure-managed-network.md
       - name: Configure private link
         href: how-to/configure-private-link.md
+      - name: Configure custom DNS
+        href: ../machine-learning/how-to-custom-dns.md?context=/azure/ai-studio/context/context
       - name: Troubleshoot secure project connectivity
         href: how-to/troubleshoot-secure-connection-project.md
     - name: Data protection & encryption
diff --git a/articles/machine-learning/how-to-custom-dns.md b/articles/machine-learning/how-to-custom-dns.md
@@ -8,42 +8,26 @@ ms.subservice: enterprise-readiness
 ms.reviewer: larryfr
 ms.author: jhirono
 author: jhirono
-ms.date: 01/08/2024
+ms.date: 06/05/2024
 ms.topic: how-to
 monikerRange: 'azureml-api-2 || azureml-api-1'
 ---
 
 # How to use your workspace with a custom DNS server
 
-When using an Azure Machine Learning workspace with a private endpoint, there are [several ways to handle DNS name resolution](../private-link/private-endpoint-dns.md). By default, Azure automatically handles name resolution for your workspace and private endpoint. If you instead __use your own custom DNS server__, you must manually create DNS entries or use conditional forwarders for the workspace.
+When using an Azure Machine Learning workspace (including Azure AI hubs) with a private endpoint, there are [several ways to handle DNS name resolution](../private-link/private-endpoint-dns.md). By default, Azure automatically handles name resolution for your workspace and private endpoint. If you instead __use your own custom DNS server__, you must manually create DNS entries or use conditional forwarders for the workspace.
 
 > [!IMPORTANT]
 > This article covers how to find the fully qualified domain names (FQDN) and IP addresses for these entries if you would like to manually register DNS records in your DNS solution. Additionally this article provides architecture recommendations for how to configure your custom DNS solution to automatically resolve FQDNs to the correct IP addresses. This article does NOT provide information on configuring the DNS records for these items. Consult the documentation for your DNS software for information on how to add records.
 
-> [!TIP]
-> This article is part of a series on securing an Azure Machine Learning workflow. See the other articles in this series:
->
-> * [Virtual network overview](how-to-network-security-overview.md)
-:::moniker range="azureml-api-2"
-> * [Secure the workspace resources](how-to-secure-workspace-vnet.md)
-> * [Secure the training environment](how-to-secure-training-vnet.md)
-> * [Secure the inference environment](how-to-secure-inferencing-vnet.md)
-:::moniker-end
-:::moniker range="azureml-api-1"
-> * [Secure the workspace resources](./v1/how-to-secure-workspace-vnet.md)
-> * [Secure the training environment](./v1/how-to-secure-training-vnet.md)
-> * [Secure the inference environment](./v1/how-to-secure-inferencing-vnet.md)
-:::moniker-end
-> * [Enable studio functionality](how-to-enable-studio-virtual-network.md)
-> * [Use a firewall](how-to-access-azureml-behind-firewall.md)
 ## Prerequisites
 
 - An Azure Virtual Network that uses [your own DNS server](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server).
 
 :::moniker range="azureml-api-2"
 - An Azure Machine Learning workspace with a private endpoint, including hub workspaces such as those used by Azure AI Studio. For more information, see [Create an Azure Machine Learning workspace](how-to-manage-workspace.md).
 
-- If your workspace resources are secured with an __Azure Virtual network__, familiarity with the [Network isolation during training & inference](./how-to-network-security-overview.md) article.
+- If your workspace dependency resources are secured with an __Azure Virtual network__, familiarity with the [Network isolation during training & inference](./how-to-network-security-overview.md) article.
 :::moniker-end
 :::moniker range="azureml-api-1"
 - An Azure Machine Learning workspace with a private endpoint. For more information, see [Create an Azure Machine Learning workspace](./v1/how-to-manage-workspace.md).
@@ -476,8 +460,8 @@ The following steps describe how this topology works:
     The first step in ensuring a Custom DNS solution works with your Azure Machine Learning workspace is to create two Private DNS Zones rooted at the following domains:
 
     **Azure Public regions**:
-    - ``` privatelink.api.azureml.ms```
-    - ``` privatelink.notebooks.azure.net```
+    - ```privatelink.api.azureml.ms```
+    - ```privatelink.notebooks.azure.net```
 
     **Microsoft Azure operated by 21Vianet regions**:
     - ```privatelink.api.ml.azure.cn```
@@ -637,7 +621,7 @@ The following table lists the location of the `hosts` file:
 
 The following is an example of `hosts` file entries for Azure Machine Learning:
 
-```
+```bash
 # For core Azure Machine Learning hosts
 10.1.0.5    fb7e20a0-8891-458b-b969-55ddb3382f51.workspace.eastus.api.azureml.ms
 10.1.0.5    fb7e20a0-8891-458b-b969-55ddb3382f51.workspace.eastus.cert.api.azureml.ms
@@ -692,22 +676,6 @@ If after running through the above steps you are unable to access the workspace
     - Conditional forwarders from DNS Server to Azure DNS Virtual Server IP were not configured correctly
     - Conditional forwarders from On-premises DNS Server to DNS Server were not configured correctly
 
-## Next steps
-
-This article is part of a series on securing an Azure Machine Learning workflow. See the other articles in this series:
-
-* [Virtual network overview](how-to-network-security-overview.md)
-:::moniker range="azureml-api-2"
-* [Secure the workspace resources](how-to-secure-workspace-vnet.md)
-* [Secure the training environment](how-to-secure-training-vnet.md)
-* [Secure the inference environment](how-to-secure-inferencing-vnet.md)
-:::moniker-end
-:::moniker range="azureml-api-1"
-* [Secure the workspace resources](./v1/how-to-secure-workspace-vnet.md)
-* [Secure the training environment](./v1/how-to-secure-training-vnet.md)
-* [Secure the inference environment](./v1/how-to-secure-inferencing-vnet.md)
-:::moniker-end
-* [Enable studio functionality](how-to-enable-studio-virtual-network.md)
-* [Use a firewall](how-to-access-azureml-behind-firewall.md)
+## Related content
 
 For information on integrating Private Endpoints into your DNS configuration, see [Azure Private Endpoint DNS configuration](../private-link/private-endpoint-dns.md).
