testing

Blackmist · Blackmist · commit c7d3b5f243fb · 2025-04-17T15:51:59.000-04:00
diff --git a/articles/ai-foundry/how-to/configure-private-link.md b/articles/ai-foundry/how-to/configure-private-link.md
@@ -25,7 +25,6 @@ You get several hub default resources in your resource group. You need to config
 - Establish private endpoint connection to hub default resources. You need to have both a blob and file private endpoint for the default storage account.
 - If your storage account is private, [assign roles](#private-storage-configuration) to allow access.
 
-
 ## Prerequisites
 
 * You must have an existing Azure Virtual Network to create the private endpoint in. 
@@ -37,9 +36,9 @@ You get several hub default resources in your resource group. You need to config
 
 ## Create a hub that uses a private endpoint
 
-If you are creating a new hub, use the following tabs to select how you are creating the hub (Azure portal or Azure CLI.) Each of these methods __requires an existing virtual network__:
+If you are creating a new hub, use the following methods to create the hub (Azure portal or Azure CLI). Each of these methods __requires an existing virtual network__:
 
-# [Azure portal](#tab/azure-portal)
+:::zone pivot="azure-portal"
 
 > [!NOTE]
 > The information in this document is only about configuring a private link. For a walkthrough of creating a secure hub in the portal, see [Create a secure hub in the Azure portal](create-secure-ai-hub.md).
@@ -55,7 +54,9 @@ If you are creating a new hub, use the following tabs to select how you are crea
 
 1. Input required fields. When selecting the __Region__, select the same region as your virtual network.
 
-# [Azure CLI](#tab/cli)
+:::zone-end
+
+:::zone pivot="cli"
 
 > [!NOTE]
 > The information in this section doesn't cover basic hub configuration. For more information, see [Create a hub using the Azure CLI](./develop/create-hub-project-sdk.md?tabs=azurecli).
@@ -95,34 +96,17 @@ az network private-endpoint dns-zone-group create \
     --name myzonegroup \
     --private-dns-zone privatelink.api.azureml.ms \
     --zone-name privatelink.api.azureml.ms
-
-# Add privatelink.notebooks.azure.net
-az network private-dns zone create \
-    -g <resource-group-name> \
-    --name privatelink.notebooks.azure.net
-
-az network private-dns link vnet create \
-    -g <resource-group-name> \
-    --zone-name privatelink.notebooks.azure.net \
-    --name <link-name> \
-    --virtual-network <vnet-name> \
-    --registration-enabled false
-
-az network private-endpoint dns-zone-group add \
-    -g <resource-group-name> \
-    --endpoint-name <private-endpoint-name> \
-    --name myzonegroup \
-    --private-dns-zone privatelink.notebooks.azure.net \
-    --zone-name privatelink.notebooks.azure.net
 ```
 
+:::zone-end
+
 ---
 
 ## Add a private endpoint to a hub
 
 Use one of the following methods to add a private endpoint to an existing hub:
 
-# [Azure portal](#tab/azure-portal)
+:::zone pivot="azure-portal"
 
 1. From the [Azure portal](https://portal.azure.com), select your hub.
 1. From the left side of the page, select __Settings__, __Networking__, and then select the __Private endpoint connections__ tab. Select __+ Private endpoint__.
@@ -131,13 +115,15 @@ Use one of the following methods to add a private endpoint to an existing hub:
 
 1. When going through the forms to create a private endpoint, be sure to:
 
-    - From __Basics__, select the same the __Region__ as your virtual network.
+    - From __Basics__, select the same __Region__ as your virtual network.
     - From __Resource__, select `amlworkspace` as the __target sub-resource__.
     - From the __Virtual Network__ form, select the virtual network and subnet that you want to connect to.
  
 1. After populating the forms with any additional network configurations you require, use the __Review + create__ tab to review your settings and select __Create__ to create the private endpoint.
 
-# [Azure CLI](#tab/cli)
+:::zone-end
+
+:::zone pivot="cli"
 
 Use the [Azure networking CLI commands](/cli/azure/network/private-endpoint#az-network-private-endpoint-create) to create a private link endpoint for the hub.
 
@@ -159,11 +145,11 @@ To create the private DNS zone entries for the workspace, use the following comm
 # Add privatelink.api.azureml.ms
 az network private-dns zone create \
     -g <resource-group-name> \
-    --name 'privatelink.api.azureml.ms'
+    --name privatelink.api.azureml.ms
 
 az network private-dns link vnet create \
     -g <resource-group-name> \
-    --zone-name 'privatelink.api.azureml.ms' \
+    --zone-name privatelink.api.azureml.ms \
     --name <link-name> \
     --virtual-network <vnet-name> \
     --registration-enabled false
@@ -172,17 +158,17 @@ az network private-endpoint dns-zone-group create \
     -g <resource-group-name> \
     --endpoint-name <private-endpoint-name> \
     --name myzonegroup \
-    --private-dns-zone 'privatelink.api.azureml.ms' \
-    --zone-name 'privatelink.api.azureml.ms'
+    --private-dns-zone privatelink.api.azureml.ms \
+    --zone-name privatelink.api.azureml.ms
 
 # Add privatelink.notebooks.azure.net
 az network private-dns zone create \
     -g <resource-group-name> \
-    --name 'privatelink.notebooks.azure.net'
+    --name privatelink.notebooks.azure.net
 
 az network private-dns link vnet create \
     -g <resource-group-name> \
-    --zone-name 'privatelink.notebooks.azure.net' \
+    --zone-name privatelink.notebooks.azure.net \
     --name <link-name> \
     --virtual-network <vnet-name> \
     --registration-enabled false
@@ -191,10 +177,12 @@ az network private-endpoint dns-zone-group add \
     -g <resource-group-name> \
     --endpoint-name <private-endpoint-name> \
     --name myzonegroup \
-    --private-dns-zone 'privatelink.notebooks.azure.net' \
-    --zone-name 'privatelink.notebooks.azure.net'
+    --private-dns-zone privatelink.notebooks.azure.net \
+    --zone-name privatelink.notebooks.azure.net
 ```
 
+:::zone-end
+
 ---
 
 ## Remove a private endpoint
@@ -206,24 +194,28 @@ You can remove one or all private endpoints for a hub. Removing a private endpoi
 
 To remove a private endpoint, use the following information:
 
-# [Azure portal](#tab/azure-portal)
+:::zone pivot="azure-portal"
 
 1. From the [Azure portal](https://portal.azure.com), select your hub.
 1. From the left side of the page, select __Settings__, __Networking__, and then select the __Private endpoint connections__ tab.
 1. Select the endpoint to remove and then select __Remove__.
 
     :::image type="content" source="../media/how-to/network/remove-private-endpoint.png" alt-text="Screenshot of a selected private endpoint with the remove option highlighted.":::
 
-# [Azure CLI](#tab/cli)
+:::zone-end
+
+:::zone pivot="cli"
 
 When using the Azure CLI, use the following command to remove the private endpoint:
 
 ```azurecli
 az network private-endpoint delete \
     --name <private-endpoint-name> \
-    --resource-group <resource-group-name> \
+    --resource-group <resource-group-name>
 ```
 
+:::zone-end
+
 ---
 
 ## Enable public access
@@ -235,13 +227,15 @@ In some situations, you might want to allow someone to connect to your secured h
 
 To enable public access, use the following steps:
 
-# [Azure portal](#tab/azure-portal)
+:::zone pivot="azure-portal"
 
 1. From the [Azure portal](https://portal.azure.com), select your hub.
 1. From the left side of the page, select __Networking__ and then select the __Public access__ tab.
 1. Select __Enabled from all networks__, and then select __Save__.
 
-# [Azure CLI](#tab/cli)
+:::zone-end
+
+:::zone pivot="cli"
 
 Use the following Azure CLI command to enable public access:
 
@@ -255,8 +249,9 @@ If you receive an error that the `ml` command isn't found, use the following com
 az extension add --name ml
 ```
 
----
+:::zone-end
 
+---
 
 ## Private storage configuration
 
