Fixed typos and links

Author: HeidiSteen

Quickstart-Document-Permissions-Pull-API/document-permissions-pull-api.ipynb

@@ -9,7 +9,7 @@
     "\n",
     "In Azure AI Search, you can use an indexer to pull content into a search index for indexing. This notebook shows you how index blobs that have access control lists (ACLs) in Azure Storage Data Lake Storage (ADLS) Gen2, and then query the index to return only those results that the user is authorized to view.\n",
     "\n",
-    "The security principal behind the query access token determines the \"user\". The ACLs on folders and files determine whether the user has authorization to the content, and that metadata is pulled into the index along with document content. Internally, the search engine filters out any documents that aren't associated with the security principal.\n",
+    "The security principal behind the query access token determines the \"user\". The ACLs on folders and files determine whether the user is authorized to view the content, and that metadata is pulled into the index along with other document content. Internally at query time, the search engine filters out any documents that aren't associated with the object ID.\n",
     "\n",
     "This feature is currently in preview.\n",
     "\n",
@@ -24,17 +24,15 @@
     "\n",
     "+ Folders and files, where each file has an [access control list specified](https://learn.microsoft.com/azure/storage/blobs/data-lake-storage-access-control). We recommend group IDs.\n",
     "\n",
-    "We recommend creating a virtual environment to run this sample code. In Visual Studio Code, open the control palette (ctrl-shift-p) to create an environment. This notebook was tested on Python 3.10.\n",
-    "\n",
     "## Permissions\n",
     "\n",
-    "+ On Azure Storage, **Storage Blob Data Reader** permissions are required for both the search service identity and for your user account since you are testing locally. You also need **Storage Blob Data Contributor**. This sample includes code for creating and configuring a container and blobs used in this demonstration.\n",
+    "+ On Azure Storage, **Storage Blob Data Reader** permissions are required for both the search service identity and for your user account since you are testing locally. You also need **Storage Blob Data Contributor** because the sample includes code for creating and configuring a container and its contents.\n",
     "\n",
     "+ On Azure AI Search, assign yourself **Search Service Contributor**, **Search Index Data Contributor**, and **Search Index Data Reader** permissions to create objects and run queries. For more information, see [Connect to Azure AI Search using roles](https://learn.microsoft.com/azure/search/search-security-rbac) and [Quickstart: Connect without keys for local testing](https://learn.microsoft.com/azure/search/search-get-started-rbac).\n",
     "\n",
     "## Limitations\n",
     "\n",
-    "+ Parsing indexer options aren't currently supported."
+    "+ Parsing indexer options aren't currently supported. There's no support for CSV, JSON, or Markdown parsing."
    ]
   },
   {
@@ -55,7 +53,9 @@
     "\n",
     "## Load Connections\n",
     "\n",
-    "Load the environment variables to set up connections and object names."
+    "We recommend creating a virtual environment to run this sample code. In Visual Studio Code, open the control palette (ctrl-shift-p) to create an environment. This notebook was tested on Python 3.10.\n",
+    "\n",
+    "Once the environment is created, load the environment variables to set up connections and object names."
    ]
   },
   {
@@ -91,9 +91,9 @@
    "source": [
     "## Create an index\n",
     "\n",
-    "The search index must includes fields for your content and for permission metadata. Assign the new permission filter option to a string filter and make sure the field is filterable. \n",
+    "The search index must include fields for your content and for permission metadata. Assign the new permission filter option to a string field and make sure the field is filterable. The search engine builds the filter internally at query time.\n",
     "\n",
-    "For local testing, `retrievable` can be **true**, but be sure to change it back to **false** if you make the solution available to others."
+    "For local testing, `retrievable` should be **true** so that you can view the permission metadata, but be sure to change it back to **false** if you make the solution available to others."
    ]
   },
   {
@@ -188,7 +188,7 @@
    "source": [
     "## Upload sample directory and file\n",
     "\n",
-    "This step creates the container, folders, and uploads the files into Azure Storage. It assigns your group IDs to to the access control list for each folder."
+    "This step creates the container, folders, and uploads the files into Azure Storage. It assigns your group IDs to to the access control list for each file."
    ]
   },
   {
@@ -266,7 +266,7 @@
    "source": [
     "## Search sample data using x-ms-query-source-authorization\n",
     "\n",
-    "This query uses an empty search string (`*`) to provide an unqualified search. It returns the file name and permission metadata associated with each file. Notice that each file is associated with a different group ID."
+    "Wait for the indexer to finish processing before running queries. This query uses an empty search string (`*`) for an unqualified search. It returns the file name and permission metadata associated with each file. Notice that each file is associated with a different group ID."
    ]
   },
   {

Quickstart-Document-Permissions-Pull-API/sample.env

@@ -1,7 +1,7 @@
 AZURE_SEARCH_ENDPOINT=https://your-search-service.search.windows.net
 AZURE_SEARCH_INDEX=document-permissions-indexer-idx
 AZURE_SEARCH_INDEXER=document-permissions-indexer-idxr
-AZURE_SEARCH_DATASOURCEdocument-permissions-indexer-ds
+AZURE_SEARCH_DATASOURCE=document-permissions-indexer-ds
 AZURE_STORAGE_ACCOUNT_NAME=
 AZURE_STORAGE_CONTAINER_NAME=
 AZURE_STORAGE_CONNECTION_STRING=

Quickstart-Document-Permissions-Push-API/document-permissions-push-api.ipynb

@@ -25,7 +25,7 @@
     "\n",
     "1. Rename `sample.env` to `.env`.\n",
     "1. In the `.env` file, provide a full endpoint to your search service (https://your-search-service.search.windows.net).\n",
-    "1. Rename the default index name if you \n",
+    "1. Replace the default index name if you want a different name.\n",
     "\n",
     "## Load Connections\n",
     "\n",
@@ -61,9 +61,9 @@
    "source": [
     "## Create Sample Index\n",
     "\n",
-    "The search index must includes fields for your content and for permission metadata. Assign the new permission filter option to a string filter and make sure the field is filterable. \n",
+    "The search index must includes fields for your content and for permission metadata. Assign the new permission filter option to a string field and make sure the field is filterable. The search engine builds the filter internally at query time.\n",
     "\n",
-    "For local testing, `retrievable` can be **true**, but be sure to change it back to **false** if you make the solution available to others."
+    "For local testing, `retrievable` should be **true** so that you can view the permission metadata, but be sure to change it back to **false** if you make the solution available to others."
    ]
   },
   {
@@ -97,7 +97,7 @@
    "id": "f5cf4169",
    "metadata": {},
    "source": [
-    "## Connect to Graph to find your oid and groups\n",
+    "## Connect to Graph to find your object ID (OID) and groups\n",
     "\n",
     "This step calls the Graph APIs to get a few group IDs for your Microsoft Entra identity. Your group IDs will be added to the access control list of the objects created in the next step."
    ]
@@ -124,7 +124,7 @@
    "source": [
     "## Upload Sample Data\n",
     "\n",
-    "This step creates the container, folders, and uploads documents into Azure Storage. It assigns your group IDs to to the access control list for each folder."
+    "This step creates the container, folders, and uploads documents into Azure Storage. It assigns your group IDs to to the access control list for each file."
    ]
   },
   {

README.md

@@ -1,18 +1,18 @@
 # Python samples for Azure AI Search
 
-This repository contains Python code samples used in Azure AI Search documentation. Unless noted otherwise, all samples run on the shared (free) pricing tier of an [Azure AI Search service](https://learn.microsoft.com/azure/search/search-create-service-portal).
+This repository contains Python code samples used in Azure AI Search documentation. Unless noted otherwise, all samples run on the shared (free) pricing tier of an [Azure AI Search service](https://learn.microsoft.com/azure/search/search-create-service-portal). If your configuration uses a search service managed identity for indexer connections, or if the samples uses semantic ranker, your search service must be basic tier or higher.
 
 ## Day-one quickstarts and tutorials
 
 | Sample | Description |
 |--------|-------------|
-| [Quickstart](quickstart/README.md) | "Day One" introduction to the fundamental tasks of working with a classic search index: create, load, and query. This sample is a notebook .ipynb file. The index is modeled on a subset of the Hotels dataset, widely used in Azure AI Search samples, but reduced here for readability and comprehension. |
-| [Quickstart-Semantic-Search](quickstart-semantic-search/semantic-search-quickstart.ipynb) | Extends the quickstart through modifications that invoke semantic search. This notebook adds a semantic configuration to the index and semantic query options that formulate the query and response. |
-| [Quickstart-RAG](quickstart-rag/quickstart-rag.ipynb) | "Day One" introduction to LLM integration with a chat model such as GPT-3.5-turbo or equivalent. |
-| [Quickstart-Document-Permissions-Pull-API](quickstart-document-permissions-pull-api/document-permissions-pull-api.ipynb) | Using an indexer "pull API" approach, flow access control lists from a data source to search results and apply permission filters that restrict access to authorized content. Indexer support is limited to Azure Data Lake Storage (ADLS) Gen2 permission metadata.|
-| [Quickstart-Document-Permissions-Push-API](quickstart-document-permissions-push-api/document-permissions-push-api.ipynb) | Using the push APIs for indexing a JSON payload, flow embedded permission metadata to indexed documents, and to search results that are filtered based on user access to authorized content. |
-| [Quickstart-Agentic-Retrieval](quickstart-agentic-retrieval/quickstart-agentic-retrieval.ipynb) | Set up a search agent in Azure AI Search to integrate LLM reasoning into query planning. |
-|[Tutorial-rag](Tutorial-rag/tutorial-rag.ipynb) | A deeper dive into LLM integration with a chat model such as GPT-3.5-turbo or equivalent. |
+| [Quickstart](Quickstart/README.md) | "Day One" introduction to the fundamental tasks of working with a classic search index: create, load, and query. This sample is a Jupyter notebook (.ipynb) file. The index is modeled on a subset of the Hotels dataset, widely used in Azure AI Search samples, but reduced here for readability and comprehension. |
+| [Quickstart-Semantic-Search](Quickstart-Semantic-Search/semantic-search-quickstart.ipynb) | Extends the quickstart through modifications that invoke semantic ranking. This notebook adds a semantic configuration to the index and semantic query options that formulate the query and response. You must have basic tier or higher for this quickstart.|
+| [Quickstart-RAG](Quickstart-RAG/quickstart-rag.ipynb) | "Day One" introduction to LLM integration with a chat model such as GPT-3.5-turbo or equivalent. We recommend the basic tier or higher for this quickstart.|
+| [Quickstart-Document-Permissions-Pull-API](Quickstart-Document-Permissions-Pull-API/document-permissions-pull-api.ipynb) | Using an indexer "pull API" approach, flow access control lists from a data source to search results and apply permission filters that restrict access to authorized content. Indexer support is limited to Azure Data Lake Storage (ADLS) Gen2 permission metadata. You must have  basic tier or higher for this quickstart.|
+| [Quickstart-Document-Permissions-Push-API](Quickstart-Document-Permissions-Push-API/document-permissions-push-api.ipynb) | Using the push APIs for indexing a JSON payload, flow embedded permission metadata to indexed documents, and to search results that are filtered based on user access to authorized content. We recommend the basic tier or higher for this quickstart.|
+| [Quickstart-Agentic-Retrieval](Quickstart-Agentic-Retrieval/quickstart-agentic-retrieval.ipynb) | Set up a search agent in Azure AI Search to integrate LLM reasoning into query planning. We recommend the basic tier or higher for this quickstart. |
+|[Tutorial-RAG](Tutorial-RAG/tutorial-rag.ipynb) | A deeper dive into LLM integration with a chat model such as GPT-3.5-turbo or equivalent. We recommend the basic tier or higher for this quickstart. |
 
 ## Deeper dive tutorials
 

agentic-retrieval-pipeline-example/agent-example.ipynb

@@ -36,7 +36,9 @@
     "\n",
     "+ An [Azure AI agent and Foundry project](https://learn.microsoft.com/azure/ai-services/agents/quickstart?pivots=ai-foundry-portal), created in the Azure AI Foundry portal, with the basic setup, used for creating the Foundry agent.\n",
     "\n",
-    "+ A deployment of a [supported model](https://learn.microsoft.com/azure/search/search-agentic-retrieval-how-to-create#supported-models) in your Foundry project. This notebook uses gpt-4o-mini. We recommend 100,000 token capacity. You can find capacity and the rate limit in the model deployments list in the Azure AI Foundry portal."
+    "+ A deployment of a [supported model](https://learn.microsoft.com/azure/search/search-agentic-retrieval-how-to-create#supported-models) in your Foundry project. This notebook uses gpt-4o-mini. We recommend 100,000 token capacity. You can find capacity and the rate limit in the model deployments list in the Azure AI Foundry portal.\n",
+    "\n",
+    "We recommend creating a virtual environment to run this sample code. In Visual Studio Code, open the control palette (ctrl-shift-p) to create an environment. This notebook was tested on Python 3.10."
    ]
   },
   {
@@ -74,9 +76,7 @@
    "source": [
     "## Load Connections\n",
     "\n",
-    "We recommend creating a virtual environment to run this sample code. In Visual Studio Code, open the control palette (ctrl-shift-p) to create an environment. This notebook was tested on Python 3.10.\n",
-    "\n",
-    "Once your environment is created, set the endpoints used to run the retrieval pipeline."
+    "Load the environment variables to set up connections and object names."
    ]
   },
   {