MicrosoftDocs
diff --git a/‎articles/deployment-environments/how-to-configure-catalog.md
Lines changed: 12 additions & 0 deletions b/‎articles/deployment-environments/how-to-configure-catalog.md
Lines changed: 12 additions & 0 deletions
diff --git a/‎articles/deployment-environments/media/how-to-configure-catalog/key-vault-configure-firewall.png
52.9 KB b/‎articles/deployment-environments/media/how-to-configure-catalog/key-vault-configure-firewall.png
52.9 KB
@@ -213,6 +213,12 @@ Get the path to the secret you created in the key vault.
 
 1. In **Catalogs** for the dev center, verify that your catalog appears. If the connection is successful, the **Status** is **Connected**.
 
+If your organization's policies require you to keep your Key Vault private from the internet, you can set your Key Vault to allow trusted Microsoft services to bypass your firewall rule. 
+
+:::image type="content" source="media/how-to-configure-catalog/key-vault-configure-firewall.png" alt-text="Screenshot showing Azure firewall configuration with Allow trusted Microsoft services to bypass this firewall selected." lightbox="media/how-to-configure-catalog/key-vault-configure-firewall.png":::
+
+To learn how to allow trusted Microsoft services to bypass the firewall, see [Configure Azure Key Vault networking settings](/azure/firewall/tutorial-firewall-portal).
+
 ## [GitHub repo DevCenter App](#tab/GitHubRepoApp/)
 
 To add a catalog, complete the following tasks:
@@ -410,6 +416,12 @@ Get the path to the secret you created in the key vault.
     :::image type="content" source="media/how-to-configure-catalog/add-github-catalog-pane.png" alt-text="Screenshot that shows how to add a catalog to a dev center." lightbox="media/how-to-configure-catalog/add-github-catalog-pane.png":::
 
 1. In **Catalogs** for the dev center, verify that your catalog appears. When the connection is successful, the **Status** reads **Sync successful**.
+ 
+If your organization's policies require you to keep your Key Vault private from the internet, you can set your Key Vault to allow trusted Microsoft services to bypass your firewall rule. 
+
+:::image type="content" source="media/how-to-configure-catalog/key-vault-configure-firewall.png" alt-text="Screenshot showing Azure firewall configuration with Allow trusted Microsoft services to bypass this firewall selected." lightbox="media/how-to-configure-catalog/key-vault-configure-firewall.png":::
+
+To learn how to allow trusted Microsoft services to bypass the firewall, see [Configure Azure Key Vault networking settings](/azure/firewall/tutorial-firewall-portal).
 
 ---