You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/machine-learning/how-to-administrate-data-authentication.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,9 +58,9 @@ In general, identity-based data authentication involves these checks:
58
58
## Other general checks for authentication
59
59
60
60
* Where does the access come from?
61
-
- User: Is the client IP address in the virtual network/subnet range?
62
-
- Workspace: Is the workspace public, or does it have a private endpoint in a virtual network/subnet?
63
-
- Storage: Does the storage allow public access, or does it restrict access through a service endpoint or a private endpoint?
61
+
-**User**: Is the client IP address in the virtual network/subnet range?
62
+
-**Workspace**: Is the workspace public, or does it have a private endpoint in a virtual network/subnet?
63
+
-**Storage**: Does the storage allow public access, or does it restrict access through a service endpoint or a private endpoint?
64
64
* What operation will be performed?
65
65
- Azure Machine Learning handles create, read, update, and delete (CRUD) operations on a data store/dataset.
66
66
- Archive operations on data assets in Azure Machine Learning studio require this RBAC operation: `Microsoft.MachineLearningServices/workspaces/datasets/registered/delete`
@@ -127,8 +127,8 @@ When you use Azure Data Lake Storage Gen1 as a datastore, you can only use POSIX
127
127
128
128
When you use Azure Data Lake Storage Gen2 as a datastore, you can use both Azure RBAC and POSIX-style access control lists (ACLs) to control data access inside a virtual network.
129
129
130
-
**To use Azure RBAC**: Follow the steps described in this [Datastore: Azure Storage account](how-to-enable-studio-virtual-network.md#datastore-azure-storage-account) article section. Data Lake Storage Gen2 is based on Azure Storage, so the same steps apply when you use Azure RBAC.
131
-
**To use ACLs**: The managed identity of the workspace can be assigned access like any other security principal. For more information, see [Access control lists on files and directories](../storage/blobs/data-lake-storage-access-control.md#access-control-lists-on-files-and-directories).
130
+
-**To use Azure RBAC**: Follow the steps described in this [Datastore: Azure Storage account](how-to-enable-studio-virtual-network.md#datastore-azure-storage-account) article section. Data Lake Storage Gen2 is based on Azure Storage, so the same steps apply when you use Azure RBAC.
131
+
-**To use ACLs**: The managed identity of the workspace can be assigned access like any other security principal. For more information, see [Access control lists on files and directories](../storage/blobs/data-lake-storage-access-control.md#access-control-lists-on-files-and-directories).
0 commit comments