Merge pull request #210389 from Blackmist/note-update

prmerger-automator[bot] · web-flow · commit b93aba3d86d4 · 2022-09-07T19:14:38.000Z
updating note per feedback
diff --git a/articles/machine-learning/how-to-configure-network-isolation-with-v2.md b/articles/machine-learning/how-to-configure-network-isolation-with-v2.md
@@ -9,7 +9,7 @@ ms.topic: how-to
 ms.author: jhirono
 author: jhirono
 ms.reviewer: larryfr
-ms.date: 05/13/2022
+ms.date: 09/07/2022
 ---
 
 # Network Isolation Change with Our New API Platform on Azure Resource Manager
@@ -46,13 +46,15 @@ As mentioned in the previous section, there are two types of operations; with AR
 
 With the __new v2 API__, most operations use ARM. So enabling a private endpoint on your workspace doesn't provide the same level of network isolation. Operations that use ARM communicate  over public networks, and include any metadata (such as your resource IDs) or parameters used by the operation. For example, the [create or update job](/rest/api/azureml/2022-05-01/jobs/create-or-update) api sends metadata, and [parameters](./reference-yaml-job-command.md).
 
-> [!TIP]
-> * Public ARM operations do not surface data in your storage account on public networks. 
-> * Your communication with public ARM is encrypted using TLS 1.2.
+> [!IMPORTANT]
+> For most people, using the public ARM communications is OK:
+> * Public ARM communications is the standard for management operations with Azure services. For example, creating an Azure Storage Account or Azure Virtual Network uses ARM.
+> * The Azure Machine Learning operations do not expose data in your storage account (or other storage in the VNet) on public networks. For example, a training job that runs on a compute cluster in the VNet, and uses data from a storage account in the VNet, would securely access the data directly using the VNet.
+> * All communication with public ARM is encrypted using TLS 1.2.
 
 If you need time to evaluate the new v2 API before adopting it in your enterprise solutions, or have a company policy that prohibits sending communication over public networks, you can enable the *v1_legacy_mode* parameter. When enabled, this parameter disables the v2 API for your workspace.
 
-> [!IMPORTANT]
+> [!WARNING]
 > Enabling v1_legacy_mode may prevent you from using features provided by the v2 API. For example, some features of Azure Machine Learning studio may be unavailable.
 
 ## Scenarios and Required Actions
