Skip to content

Commit b01ec5e

Browse files
tchristianitchristiani
committed
updated with IpRule
1 parent 695b5d9 commit b01ec5e

File tree

1 file changed

+7
-1
lines changed

1 file changed

+7
-1
lines changed

articles/search/search-security-overview.md

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,8 @@ All Azure services support role-based access controls (RBAC) for setting levels
5454

5555
## Service access and authentication
5656

57+
### Public access
58+
5759
Azure Cognitive Search inherits the security safeguards of the Azure platform and provides its own key-based authentication. An api-key is a string composed of randomly generated numbers and letters. The type of key (admin or query) determines the level of access. Submission of a valid key is considered proof the request originates from a trusted entity.
5860

5961
There are two levels of access to your search service, enabled by two types of keys:
@@ -67,7 +69,11 @@ There are two levels of access to your search service, enabled by two types of k
6769

6870
Authentication is required on each request, where each request is composed of a mandatory key, an operation, and an object. When chained together, the two permission levels (full or read-only) plus the context (for example, a query operation on an index) are sufficient for providing full-spectrum security on service operations. For more information about keys, see [Create and manage api-keys](search-security-api-keys.md).
6971

70-
### Virtual networks and private endpoints
72+
### Restricted access
73+
74+
When you have a publicly published service and you want to restrict the use of the service you can use the IP restriction rule in the REST API version: 2019-10-01-Preview, [IpRule](https://docs.microsoft.com/rest/api/searchmanagement/2019-10-01-preview/createorupdate-service#iprule-). IpRule allows you to restrict access to your service by identifying IP addresses, individually or in a range, that you want to grant access to your search service.
75+
76+
### Private access
7177

7278
> [!Important]
7379
> Private Endpoint and virtual network support for Azure Cognitive Search is available [upon request](https://aka.ms/SearchPrivateLinkRequestAccess) as a limited-access preview. Preview features are provided without a service level agreement, and are not recommended for production workloads. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).

0 commit comments

Comments
 (0)