Merge pull request #284196 from sdgilley/patch-25

prmerger-automator[bot] · web-flow · commit d5b2c05b6452 · 2024-08-09T17:57:27.000Z
Update how-to-use-secrets-in-runs.md
diff --git a/articles/machine-learning/how-to-use-secrets-in-runs.md b/articles/machine-learning/how-to-use-secrets-in-runs.md
@@ -40,9 +40,9 @@ Before following the steps in this article, make sure you have the following pre
     > [!TIP]
     > You do not have to use same key vault as the workspace.
 
-* An Azure Machine Learning compute cluster configured to use a [managed identity](how-to-create-attach-compute-cluster.md?tabs=azure-studio#set-up-managed-identity). The cluster can be configured for either a system-assigned or user-assigned managed identity.
+* (Optional) An Azure Machine Learning compute cluster configured to use a [managed identity](how-to-create-attach-compute-cluster.md?tabs=azure-studio#set-up-managed-identity). The cluster can be configured for either a system-assigned or user-assigned managed identity.
 
-* Grant the managed identity for the compute cluster access to the secrets stored in key vault. The method used to grant access depends on how your key vault is configured:
+* If your job will run on a compute cluster, grant the managed identity for the compute cluster access to the secrets stored in key vault. Or, if the job will run on serverless compute, grant the managed identity specified for the job access to the secrets. The method used to grant access depends on how your key vault is configured:
 
     * [Azure role-based access control (Azure RBAC)](/azure/key-vault/general/rbac-guide): When configured for Azure RBAC, add the managed identity to the __Key Vault Secrets User__ role on your key vault.
     * [Azure Key Vault access policy](/azure/key-vault/general/assign-access-policy): When configured to use access policies, add a new policy that grants the __get__ operation for secrets and assign it to the managed identity.
diff --git a/articles/machine-learning/how-to-use-serverless-compute.md b/articles/machine-learning/how-to-use-serverless-compute.md
@@ -81,7 +81,7 @@ When you [view your usage and quota in the Azure portal](how-to-manage-quotas.md
 
 ## Identity support and credential pass through
 
-* **User credential pass through** : Serverless compute fully supports user credential pass through. The user token of the user who is submitting the job is used for storage access. These credentials are from your Microsoft Entra ID. 
+* **User credential pass through** : Serverless compute fully supports user credential pass through. The user token of the user who is submitting the job is used for storage access. These credentials are from your Microsoft Entra ID.
 
     # [Python SDK](#tab/python)
 
@@ -122,7 +122,7 @@ When you [view your usage and quota in the Azure portal](how-to-manage-quotas.md
 
     ---
 
-* **User-assigned managed identity** : When you have a workspace configured with [user-assigned managed identity](how-to-identity-based-service-authentication.md#workspace), you can use that identity with the serverless job for storage access.
+* **User-assigned managed identity** : When you have a workspace configured with [user-assigned managed identity](how-to-identity-based-service-authentication.md#workspace), you can use that identity with the serverless job for storage access. To access secrets, see [Use authentication credential secrets in Azure Machine Learning jobs](how-to-use-secrets-in-runs.md).  
 
     # [Python SDK](#tab/python)
 
