You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/search/service-configure-firewall.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -54,16 +54,16 @@ This article assumes the Azure portal for network access configuration. You can
54
54
55
55
1. Add other client IP addresses for other devices and services that send requests to a search service.
56
56
57
-
The Azure portal supports IP addresses and IP address ranges in the CIDR format. An example of CIDR notation is 8.8.8.0/24, which represents the IPs that range from 8.8.8.0 to 8.8.8.255.
57
+
IP addresses and ranges are in the CIDR format. An example of CIDR notation is 8.8.8.0/24, which represents the IPs that range from 8.8.8.0 to 8.8.8.255.
58
58
59
59
If your search client is a static web app on Azure, see [Inbound and outbound IP addresses in Azure App Service](/azure/app-service/overview-inbound-outbound-ips#find-outbound-ips). For Azure functions, see [IP addresses in Azure Functions](/azure/azure-functions/ip-addresses).
60
60
61
-
1. Under **Exceptions**, select **Allow Azure services on the trusted services list to access this search service**. These services must be configured to run under a managed identity (system or user-assigned, but usually system):
61
+
1. Under **Exceptions**, select **Allow Azure services on the trusted services list to access this search service**. The trusted service list includes:
62
62
63
63
+`Microsoft.CognitiveServices` for Azure OpenAI and Azure AI services
64
64
+`Microsoft.MachineLearningServices` for Azure Machine Learning
65
65
66
-
You take a dependency on Microsoft Entra ID authentication and role assignments if you choose the trusted service exception. See [Grant access to trusted services](#grant-access-to-trusted-azure-services) for details.
66
+
You take a dependency on Microsoft Entra ID authentication, managed identities, and role assignments if you choose the trusted service exception. See [Grant access to trusted services](#grant-access-to-trusted-azure-services) for details.
67
67
68
68
1.**Save** your changes.
69
69
@@ -102,7 +102,7 @@ For ping, the request times out, but the IP address is visible in the response.
102
102
103
103
## Grant access to trusted Azure services
104
104
105
-
Did you select the trusted services exception? If yes, your Azure resource must have a managed identity (either system or user-assigned), and you must use role-based access controls.
105
+
Did you select the trusted services exception? If yes, your Azure resource must have a managed identity (either system or user-assigned, but usually system), and you must use role-based access controls.
106
106
107
107
Azure resources on the trusted service list include:
0 commit comments