Service administration for Azure Cognitive Search in the Azure portal
Azure Cognitive Search is a fully managed, cloud-based search service used for building a rich search experience into custom apps. This article covers the administration tasks that you can perform in the Azure portal for a search service that you've already created.
Depending on your permission level, the portal covers virtually all aspects of search service operations, including:
- Service administration
- Content management
- Content exploration
Each search service is managed as a standalone resource. The following image shows the portal pages for a single free search service called "demo-search-svc".
Overview (home) page
The overview page is the "home" page of each service. Below, the areas on the screen enclosed in red boxes indicate tasks, tools, and tiles that you might use often, especially if you are new to the service.
|1||The Essentials section lists service properties, such as the service endpoint, service tier, and replica and partition counts.|
|2||A command bar at the top of the page includes Import data and Search explorer, used for prototyping and exploration.|
|3||Tabbed pages in the center provide quick access to usage statistics, service health metrics, and access to all of the existing indexes, indexers, data sources, and skillsets.|
|4||Navigation links are to the left.|
Read-only service properties
Several aspects of a search service are determined when the service is provisioned and can't be easily changed:
- Service name
- Service location 1
- Service tier 2
1 Although there are ARM and bicep templates for service deployment, moving content is a manual job.
2 Switching tiers requires creating a new service or filing a support ticket to request a tier upgrade.
Service administration includes the following tasks:
- Adjust capacity by adding or removing replicas and partitions
- Rotate API keys used for admin and query operations
- Control access to admin operations through role-based security
- Configure IP firewall rules to restrict access by IP address
- Configure a private endpoint using Azure Private Link and a private virtual network
- Monitor service health and operations: storage, query volumes, and latency
There is feature parity across all modalities and languages except for preview management features. In general, preview management features are released through the Management REST API first. Programmatic support for service administration can be found in the following APIs and modules:
Data collection and retention
Cognitive Search uses other Azure services for deeper monitoring and management. By itself, the only persistent data stored within the search service are the structures that support indexing, enrichment, and queries. These structures include indexes, indexers, data sources, skillsets, and synonym maps. All other saved data, including debug session state and caching, is placed in Azure Storage.
Metrics reported out to portal pages are pulled from internal logs on a rolling 30-day cycle. For user-controlled log retention and more events, you will need Azure Monitor and a supported approach for retaining log data. For more information about setting up diagnostic logging for a search service, see Collect and analyze log data.
When you open the search service overview page, the Azure role assigned to your account determines what portal content is available to you. The overview page at the beginning of the article shows the portal content available to an Owner or Contributor.
Control plane roles include the following:
- Contributor (same as Owner, minus the ability to assign roles)
- Reader (access to service information and the Monitoring tab)
If you want a combination of control plane and data plane permissions, consider Search Service Contributor. For more information, see Built-in roles.
By default, any Owner or Co-owner can create or delete services. To prevent accidental deletions, you can lock resources.
Submit and view feedback for