You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/purview/concept-best-practices-network.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ ms.author: zeinam
6
6
ms.service: purview
7
7
ms.subservice: purview-data-catalog
8
8
ms.topic: conceptual
9
-
ms.date: 09/29/2021
9
+
ms.date: 01/12/2022
10
10
---
11
11
12
12
# Azure Purview network architecture and best practices
@@ -135,7 +135,7 @@ You must use private endpoints for your Azure Purview account if you have any of
135
135
136
136
### Integration runtime options
137
137
138
-
- If your data sources are in Azure, you need to set up and use a self-hosted integration runtime on a Windows virtual machine that's deployed inside the same virtual network where Azure Purview ingestion private endpoints are deployed. The Azure integration runtime won't work with ingestion private endpoints.
138
+
- If your data sources are in Azure, you need to set up and use a self-hosted integration runtime on a Windows virtual machine that's deployed inside the same or a peered virtual network where Azure Purview ingestion private endpoints are deployed. The Azure integration runtime won't work with ingestion private endpoints.
139
139
140
140
- To scan on-premises data sources, you can also install a self-hosted integration runtime either on an on-premises Windows machine or on a VM inside an Azure virtual network.
141
141
@@ -184,17 +184,17 @@ In hub-and-spoke network architectures, your organization's data governance team
184
184
185
185
In a hub-and-spoke architecture, you can deploy Azure Purview and one or more self-hosted integration runtime VMs in the hub subscription and virtual network. You can register and scan data sources from other virtual networks from multiple subscriptions in the same region.
186
186
187
-
The self-hosted integration runtime VMs must be in the same virtual network as the ingestion private endpoint, but they can be in a separate subnet.
187
+
The self-hosted integration runtime VMs can be deployed inside the same Azure virtual network or a peered virtual network where the account and ingestion private endpoints are deployed.
188
188
189
189
:::image type="content" source="media/concept-best-practices/network-pe-multi-vnet.png" alt-text="Screenshot that shows Azure Purview with private endpoints in a scenario of multiple virtual networks."lightbox="media/concept-best-practices/network-pe-multi-vnet.png":::
190
190
191
-
You can optionally deploy an additional self-hosted integration runtime in the spoke virtual networks. In that case, you must deploy an additional account and ingestion private endpoint in the spoke virtual networks.
191
+
You can optionally deploy an additional self-hosted integration runtime in the spoke virtual networks.
192
192
193
193
#### Multiple regions, multiple virtual networks
194
194
195
195
If your data sources are distributed across multiple Azure regions in one or more Azure subscriptions, you can use this scenario.
196
196
197
-
For performance and cost optimization, we highly recommended deploying one or more self-hosted integration runtime VMs in each region where data sources are located. In that case, you need to deploy an additional account and ingestion private endpoint for the Azure Purview account in the region and virtual network where self-hosted integration runtime VMs are located.
197
+
For performance and cost optimization, we highly recommended deploying one or more self-hosted integration runtime VMs in each region where data sources are located.
198
198
199
199
If you need to register and scan any Azure Data Lake Storage (Gen2) resources from other regions, you need to have a local self-hosted integration runtime VM in the region where the data source is located.
200
200
@@ -214,7 +214,7 @@ If you need to scan some data sources by using an ingestion private endpoint and
214
214
215
215
### Integration runtime options
216
216
217
-
- To scan an Azure data source that's configured with a private endpoint, you need to set up and use a self-hosted integration runtime on a Windows virtual machine that's deployed inside the same virtual network where Azure Purview ingestion private endpoints are deployed.
217
+
- To scan an Azure data source that's configured with a private endpoint, you need to set up and use a self-hosted integration runtime on a Windows virtual machine that's deployed inside the same or a peered virtual network where Azure Purview account and ingestion private endpoints are deployed.
218
218
219
219
When you're using a private endpoint with Azure Purview, you need to allow network connectivity from data sources to a self-hosted integration VM on the Azure virtual network where Azure Purview private endpoints are deployed.
0 commit comments