Merge pull request #2526 from MicrosoftDocs/main638735977994410579sync_temp

learn-build-service-prod[bot] · web-flow · commit d5d7a41f6056 · 2025-01-27T18:03:42.000Z
For protected branch, push strategy should use PR and merge to target branch method to work around git push error
diff --git a/data-explorer/security-network-managed-private-endpoint-create.md b/data-explorer/security-network-managed-private-endpoint-create.md
@@ -10,6 +10,9 @@ ms.date: 11/18/2024
 
 Managed private endpoints are required to connect to Azure resources that are highly protected. They're one-way private connections that allow Azure Data Explorer to connect to other protected services. In this article, you'll learn how to create a managed private endpoint and connect it to your data source.
 
+> [!NOTE]
+> We recommend using Managed Identity connect to [Azure Storage](/azure/storage/common/storage-network-security?tabs=azure-portal#grant-access-to-trusted-azure-services) and [Azure Event Hubs](/azure/event-hubs/event-hubs-ip-filtering#trusted-microsoft-services) instead of managed private endpoints. To connect using managed identities, configure the Azure Storage or Event Hubs resources to recognize Azure Data Explorer as a trusted service. Then, use [Managed Identity](/azure/data-explorer/managed-identities-overview) to grant access by creating a network rule exception for trusted Azure services.
+
 ## Prerequisites
 
 * An Azure subscription. Create a [free Azure account](https://azure.microsoft.com/free/).
diff --git a/data-explorer/security-network-private-endpoint.md b/data-explorer/security-network-private-endpoint.md
@@ -78,6 +78,9 @@ You can use a managed private endpoint to either enable the cluster to securely
 
 :::image type="content" source="media/security-network-private-endpoint/pe-mpe.png" alt-text="Diagram showing the schema of the managed private endpoint architecture.":::
 
+> [!NOTE]
+> We recommend using Managed Identity connect to [Azure Storage](/azure/storage/common/storage-network-security?tabs=azure-portal#grant-access-to-trusted-azure-services) and [Azure Event Hubs](/azure/event-hubs/event-hubs-ip-filtering#trusted-microsoft-services) instead of managed private endpoints. To connect using managed identities, configure the Azure Storage or Event Hubs resources to recognize Azure Data Explorer as a trusted service. Then, use [Managed Identity](/azure/data-explorer/managed-identities-overview) to grant access by creating a network rule exception for trusted Azure services.```
+
 ### Supported services
 
 Azure Data Explorer supports creating managed private endpoints to the following services:
