You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/tutorial-create-secure-workspace.md
+17-9Lines changed: 17 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ ms.subservice: core
8
8
ms.reviewer: jhirono
9
9
ms.author: larryfr
10
10
author: blackmist
11
-
ms.date: 08/17/2021
11
+
ms.date: 09/15/2021
12
12
ms.topic: how-to
13
13
ms.custom: subject-rbac-steps
14
14
---
@@ -73,23 +73,31 @@ To create a virtual network, use the following steps:
73
73
1. To create a subnet to contain the workspace, dependency services, and resources used for training, select __+ Add subnet__ and use the following values for the subnet:
74
74
*__Subnet name__: Training
75
75
*__Subnet address range__: 172.17.0.0/24
76
-
*__Services__: Select the following services:
77
-
*__Microsoft.Storage__
78
-
*__Microsoft.KeyVault__
79
-
*__Microsoft.ContainerRegistry__
80
76
81
77
:::image type="content" source="./media/tutorial-create-secure-workspace/vnet-add-training-subnet.png" alt-text="Screenshot of Training subnet":::
82
78
79
+
> [!TIP]
80
+
> If you plan on using a _service endpoint_ to add your Azure Storage Account, Azure Key Vault, and Azure Container Registry to the VNet, select the following under __Services__:
81
+
> *__Microsoft.Storage__
82
+
> *__Microsoft.KeyVault__
83
+
> *__Microsoft.ContainerRegistry__
84
+
>
85
+
> If you plan on using a _private endpoint_ to add these services to the VNet, you do not need to select these entries. The steps in this article use a private endpoint for these services, so you do not need to select them when following these steps.
86
+
83
87
1. To create a subnet for compute resources used to score your models, select __+ Add subnet__ again, and use the follow values:
84
88
*__Subnet name__: Scoring
85
89
*__Subnet address range__: 172.17.1.0/24
86
-
*__Services__: Select the following services:
87
-
*__Microsoft.Storage__
88
-
*__Microsoft.KeyVault__
89
-
*__Microsoft.ContainerRegistry__
90
90
91
91
:::image type="content" source="./media/tutorial-create-secure-workspace/vnet-add-scoring-subnet.png" alt-text="Screenshot of Scoring subnet":::
92
92
93
+
> [!TIP]
94
+
> If you plan on using a _service endpoint_ to add your Azure Storage Account, Azure Key Vault, and Azure Container Registry to the VNet, select the following under __Services__:
95
+
> *__Microsoft.Storage__
96
+
> *__Microsoft.KeyVault__
97
+
> *__Microsoft.ContainerRegistry__
98
+
>
99
+
> If you plan on using a _private endpoint_ to add these services to the VNet, you do not need to select these entries. The steps in this article use a private endpoint for these services, so you do not need to select them when following these steps.
100
+
93
101
1. Select __Security__. For __BastionHost__, select __Enable__. [Azure Bastion](../bastion/bastion-overview.md) provides a secure way to access the VM jump box you will create inside the VNet in a later step. Use the following values for the remaining fields:
94
102
95
103
*__Bastion name__: A unique name for this Bastion instance
0 commit comments