You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/how-to-secure-online-endpoint.md
+8-9Lines changed: 8 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -23,13 +23,12 @@ For examples that use the legacy method for network isolation, see the deploymen
23
23
24
24
## Prerequisites
25
25
26
-
To begin, you need an Azure subscription, CLI or SDK to interact with Azure Machine Learning workspace and related entities, and the right permission.
27
-
28
26
* To use Azure Machine Learning, you must have an Azure subscription. If you don't have an Azure subscription, create a free account before you begin. Try the [free or paid version of Azure Machine Learning](https://azure.microsoft.com/free/) today.
29
27
30
-
* install and configure the [Azure CLI](/cli/azure/) and the `ml` extension to the Azure CLI. For more information, see [Install, set up, and use the CLI (v2)](how-to-configure-cli.md).
28
+
* Install and configure the [Azure CLI](/cli/azure/) and the `ml` extension to the Azure CLI. For more information, see [Install, set up, and use the CLI (v2)](how-to-configure-cli.md).
29
+
31
30
>[!TIP]
32
-
> Azure Machine Learning managed virtual network was introduced on May 23rd, 2023. If you have an older version of the ml extension, you may need to update it for the examples in this article work. To update the extension, use the following Azure CLI command:
31
+
> Azure Machine Learning managed virtual network was introduced on May 23rd, 2023. If you have an older version of the ml extension, you might need to update it for the examples in this article to work. To update the extension, use the following Azure CLI command:
33
32
>
34
33
> ```azurecli
35
34
> az extension update -n ml
@@ -41,14 +40,14 @@ To begin, you need an Azure subscription, CLI or SDK to interact with Azure Mach
41
40
42
41
* If you want to use a [user-assigned managed identity](../active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md?pivots=identity-mi-methods-azp) to create and manage online endpoints and online deployments, the identity should have the proper permissions. For details about the required permissions, see [Set up service authentication](./how-to-identity-based-service-authentication.md#workspace). For example, you need to assign the proper RBAC permission for Azure Key Vault on the identity.
43
42
44
-
### Migration from legacy method to managed virtual network ###
43
+
#### Migration from legacy method to managed virtual network ###
45
44
46
-
For successful migration from legacy methodfor network isolation to managed virtual networks in AzureML, ensure you have completed the following steps:
45
+
If you've used the [legacy method](concept-secure-online-endpoint.md#secure-outbound-access-with-legacy-network-isolation-method) previously for network isolation of managed online endpoints, and you want to migrate to using a workspace managed virtual network to secure your endpoints, follow these steps:
47
46
48
47
1. Delete all computes in your workspace.
49
-
2. Enable Managed Virtual Network for your workspace. See [Use managed virtual network](/articles/machine-learning/how-to-managed-network.md).
50
-
3. Configure outbound private endpoints to private resources that need to be acessed by managed online endpoints. (ex. Storage Account, Key Vault (KV), Azure Container Registry (ACR), etc.)
51
-
4. Optional: If you are integrating with user registry, configure outbound private endpoints to your registry, your registry's Storage Account, and your registry's ACR.
48
+
1. Enable managed virtual network for your workspace. For more information on how to configure a managed network for your workspace, see [Workspace Managed Virtual Network Isolation](how-to-managed-network.md).
49
+
1. Configure private endpoints for outbound communication to private resources that your managed online endpoints need to access. These private resources include a storage account, Azure Key Vault, and Azure Container Registry (ACR).
50
+
1. (Optional) If you're integrating with a user registry, configure private endpoints for outbound communication to your registry, its storage account, and its ACR.
0 commit comments