shanhix1 · Apr 26, 2022
diff --git a/‎articles/machine-learning/concept-endpoints.md
Lines changed: 1 addition & 1 deletion b/‎articles/machine-learning/concept-endpoints.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/machine-learning/concept-secure-network-traffic-flow.md
Lines changed: 6 additions & 6 deletions b/‎articles/machine-learning/concept-secure-network-traffic-flow.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎articles/machine-learning/how-to-secure-online-endpoint.md
Lines changed: 16 additions & 15 deletions b/‎articles/machine-learning/how-to-secure-online-endpoint.md
Lines changed: 16 additions & 15 deletions
diff --git a/‎articles/machine-learning/media/concept-endpoints/endpoint-concept-mirror.png
185 Bytes b/‎articles/machine-learning/media/concept-endpoints/endpoint-concept-mirror.png
185 Bytes
diff --git a/‎articles/machine-learning/media/how-to-safely-rollout-managed-endpoints/endpoint-concept-mirror.png
185 Bytes b/‎articles/machine-learning/media/how-to-safely-rollout-managed-endpoints/endpoint-concept-mirror.png
185 Bytes
@@ -88,7 +88,7 @@ Traffic allocation can be used to do safe rollout blue/green deployments by bala
 
 :::image type="content" source="media/concept-endpoints/endpoint-concept.png" alt-text="Diagram showing an endpoint splitting traffic to two deployments":::
 
-Traffic to one deployment can also be mirrored (copied) to another deployment. Mirroring is useful when you want to test for things like response latency or error conditions without impacting live clients. For example, a blue/green deployment where 100% of the traffic is routed to blue and a 5% is mirrored to green. With mirroring, the results of the traffic to the green deployment aren't returned to the clients but metrics and logs are collected. Mirror traffic functionality is a __preview__ feature.
+Traffic to one deployment can also be mirrored (copied) to another deployment. Mirroring is useful when you want to test for things like response latency or error conditions without impacting live clients. For example, a blue/green deployment where 100% of the traffic is routed to blue and a 10% is mirrored to green. With mirroring, the results of the traffic to the green deployment aren't returned to the clients but metrics and logs are collected. Mirror traffic functionality is a __preview__ feature.
 
 :::image type="content" source="media/concept-endpoints/endpoint-concept-mirror.png" alt-text="Diagram showing an endpoint mirroring traffic to a deployment":::
 
 
@@ -137,21 +137,21 @@ Securing an online endpoint with a private endpoint is a preview feature.
 
 __Inbound__ communication with the scoring URL of the online endpoint can be secured using the `public_network_access` flag on the endpoint. Setting the flag to `disabled` restricts the online endpoint to receiving traffic only from the virtual network. For secure inbound communications, the Azure Machine Learning workspace's private endpoint is used.
 
-__Outbound__ communication from a deployment can be secured on a per-deployment basis by using the `private_network_connection` flag. Outbound communication in this case is from the deployment to Azure Container Registry, storage blob, and workspace. Setting the flag to `true` will restrict communication with these resources to the virtual network.
+__Outbound__ communication from a deployment can be secured on a per-deployment basis by using the `egress_public_network_access` flag. Outbound communication in this case is from the deployment to Azure Container Registry, storage blob, and workspace. Setting the flag to `true` will restrict communication with these resources to the virtual network.
 
 > [!NOTE]
-> For secure outbound communication, a private endpoint is created for each deployment where `private_network_connection` is set to `true`.
+> For secure outbound communication, a private endpoint is created for each deployment where `egress_public_network_access` is set to `disabled`.
 
 Visibility of the endpoint is also governed by the `public_network_access` flag of the Azure Machine Learning workspace. If this flag is `disabled`, then the scoring endpoints can only be accessed from virtual networks that contain a private endpoint for the workspace. If it is `enabled`, then the scoring endpoint can be accessed from the virtual network and public networks.
 
 ### Supported configurations
 
 | Configuration | Inbound </br> (Endpoint property) | Outbound </br> (Deployment property) | Supported? |
 | -------- | -------------------------------- | --------------------------------- | --------- |
-| secure inbound with secure outbound | `public_network_access` is disabled | `private_network_connection` is true   | Yes |
-| secure inbound with public outbound | `public_network_access` is disabled | `private_network_connection` is false  | Yes |
-| public inbound with secure outbound | `public_network_access` is enabled | `private_network_connection` is true    | Yes |
-| public inbound with public outbound | `public_network_access` is enabled | `private_network_connection` is false  | Yes |
+| secure inbound with secure outbound | `public_network_access` is disabled | `egress_public_network_access` is disabled   | Yes |
+| secure inbound with public outbound | `public_network_access` is disabled | `egress_public_network_access` is enabled  | Yes |
+| public inbound with secure outbound | `public_network_access` is enabled | `egress_public_network_access` is disabled    | Yes |
+| public inbound with public outbound | `public_network_access` is enabled | `egress_public_network_access` is enabled  | Yes |
 
 ## Scenario: Use Azure Kubernetes Service
 
 
@@ -1,7 +1,7 @@
 ---
-title: Secure managed online endpoints with private endpoints
+title: Network isolation of managed online endpoints
 titleSuffix: Azure Machine Learning
-description: Use private endpoints to secure your Azure Machine Learning online endpoints.
+description: Use private endpoints to provide network isolation for Azure Machine Learning managed online endpoints.
 services: machine-learning
 ms.service: machine-learning
 ms.subservice: enterprise-readiness
@@ -20,7 +20,7 @@ When deploying a machine learning model to a managed online endpoint, you can se
 
 [!INCLUDE [preview disclaimer](../../includes/machine-learning-preview-generic-disclaimer.md)]
 
-You can secure the inbound scoring requests from clients to an _online endpoint_. You can also configure the outbound communications between a _deployment_ and the Azure resources used by the deployment. Security for inbound and outbound communication is configured separately. For more information on endpoints and deployments, see [What are endpoints and deployments](concept-endpoints.md#what-are-endpoints-and-deployments).
+You can secure the inbound scoring requests from clients to an _online endpoint_. You can also secure the outbound communications between a _deployment_ and the Azure resources used by the deployment. Security for inbound and outbound communication is configured separately. For more information on endpoints and deployments, see [What are endpoints and deployments](concept-endpoints.md#what-are-endpoints-and-deployments).
 
 ## Prerequisites
 
@@ -44,9 +44,10 @@ You can secure the inbound scoring requests from clients to an _online endpoint_
 
 * If your Azure Machine Learning workspace has a private endpoint that was created before May 24, 2022, you must recreate the workspace's private endpoint before configuring your online endpoints to use a private endpoint. For more information on creating a private endpoint for your workspace, see [How to configure a private endpoint for Azure Machine Learning workspace](how-to-configure-private-link.md).
 
-* Secure inbound communication only secures scoring requests. Requests to get the authentication key or token for the online endpoint are resolved over the public network (secured with TLS) to Azure Resource Manager. For more information, see [TBD]
-
 * Secure outbound communication creates three private endpoints per deployment. One to Azure Blob storage, one to Azure Container Registry, and one to your workspace.
+
+> [!NOTE]
+> Requests to create, update, or retrieve the authentication keys are sent to the Azure Resource Manager over the public network. For information on configuring network isolation for this communication, see [TBD]
  
 ## Inbound (scoring)
 
@@ -56,22 +57,22 @@ To secure scoring requests to the online endpoint to your virtual network, set t
 az ml online-endpoint create -f endpoint.yml --set public_network_access=disabled
 ```
 
-When `public_network_access` is `disabled`, inbound scoring requests are received using the [private endpoint of the Azure Machine Learning workspace](how-to-configure-private-link.md).
+When `public_network_access` is `disabled`, inbound scoring requests are received using the [private endpoint of the Azure Machine Learning workspace](how-to-configure-private-link.md) and the endpoint can't be reached from public networks.
 
 ## Outbound (resource access)
 
-To restrict communication between a deployment and the Azure resources used to by the deployment, set the `private_network_connection` flag to `true`. Enable this flag to ensure that the download of the model, code, and images needed by your deployment are secured with a private endpoint.
+To restrict communication between a deployment and the Azure resources used to by the deployment, set the `egress_public_network_access` flag to `disabled`. Enable this flag to ensure that the download of the model, code, and images needed by your deployment are secured with a private endpoint.
 
 The following are the resources that the deployment communicates with over the private endpoint:
 
 * The Azure Machine Learning workspace.
 * The Azure Storage blob that is the default storage for the workspace.
 * The Azure Container Registry for the workspace.
 
-When you configure the `private_network_connection` to `true`, a new private endpoint is created per deployment, per service. For example, if you set the flag to `true` for three deployments to an online endpoint, nine private endpoints are created. Each deployment would have three private endpoints that are used to communicate with the workspace, blob, and container registry.
+When you configure the `egress_public_network_access` to `disabled`, a new private endpoint is created per deployment, per service. For example, if you set the flag to `true` for three deployments to an online endpoint, nine private endpoints are created. Each deployment would have three private endpoints that are used to communicate with the workspace, blob, and container registry.
 
 ```azurecli
-az ml online-deployment create -f deployment.yml --set private_network_connection true
+az ml online-deployment create -f deployment.yml --set egress_public_network_access disabled
 ```
 
 ## Scenarios
@@ -80,10 +81,10 @@ The following table lists the supported configurations when configuring inbound
 
 | Configuration | Inbound </br> (Endpoint property) | Outbound </br> (Deployment property) | Supported? |
 | -------- | -------------------------------- | --------------------------------- | --------- |
-| secure inbound with secure outbound | `public_network_access` is disabled | `private_network_connection` is true   | Yes |
-| secure inbound with public outbound | `public_network_access` is disabled | `private_network_connection` is false  | Yes |
-| public inbound with secure outbound | `public_network_access` is enabled | `private_network_connection` is true    | Yes |
-| public inbound with public outbound | `public_network_access` is enabled | `private_network_connection` is false  | Yes |
+| secure inbound with secure outbound | `public_network_access` is disabled | `egress_public_network_access` is disabled   | Yes |
+| secure inbound with public outbound | `public_network_access` is disabled | `egress_public_network_access` is enabled  | Yes |
+| public inbound with secure outbound | `public_network_access` is enabled | `egress_public_network_access` is disabled    | Yes |
+| public inbound with public outbound | `public_network_access` is enabled | `egress_public_network_access` is enabled  | Yes |
 
 ## End-to-end example
 
@@ -102,7 +103,7 @@ The steps in this section use an Azure Resource Manager template to create the f
 * Azure Key Vault
 * Azure Storage account (blob & file storage)
 
-Public access is disabled for all the services. A scoring subnet is created, along with outbound rules that allow communication with the following Azure services:
+Public access is disabled for all the services. While the Azure Machine Learning workspace is secured behind a vnet, it is configured to allow public network access. For more information, see [CLI 2.0 secure communications](how-to-configure-cli.md#secure-communications). A scoring subnet is created, along with outbound rules that allow communication with the following Azure services:
 
 * Azure Active Directory
 * Azure Resource Manager
@@ -194,7 +195,7 @@ When prompted, enter the password you used when creating the VM.
     :::code language="azurecli" source="~/azureml-examples-online-endpoint-vnet/cli/endpoints/online/managed/vnet/setup_vm/scripts/build_image.sh" id="build_image":::
 
     > [!TIP]
-    > In a production environment, when Azure Container Registry is behind the virtual network, you would use an Azure Machine Learning compute cluster and Azure Machine Learning environments. For more information, see [Secure Azure Machine Learning workspace](how-to-secure-workspace-vnet.md#enable-azure-container-registry-acr).
+    > In this example, we build the Docker image before pushing it to Azure Container Registry. Alternatively, you can build the image in your vnet by using an Azure Machine Learning compute cluster and environments. For more information, see [Secure Azure Machine Learning workspace](how-to-secure-workspace-vnet.md#enable-azure-container-registry-acr).
 
 ### Create a secured managed online endpoint