Merge pull request #290060 from EthanChangAED/release-aio-ga

Updating AIO endpoints info

Author: Stacyrch140

articles/iot-operations/deploy-iot-ops/overview-deploy.md

@@ -94,56 +94,33 @@ Azure IoT Operations supports Azure Arc sites for organizing instances. A _site_
 
 For more information, see [What is Azure Arc site manager (preview)?](/azure/azure-arc/site-manager/overview)
 
-## Domain allowlist for Azure IoT Operations
-
-If you use enterprise firewalls or proxies to manage outbound traffic, add the following endpoints to your domain allowlist before deploying Azure IoT Operations.
-
-Additionally, review the [Azure Arc-enabled Kubernetes endpoints](/azure/azure-arc/network-requirements-consolidated#azure-arc-enabled-kubernetes-endpoints).
-
-```text
-nw-umwatson.events.data.microsoft.com 
-dc.services.visualstudio.com 
-github.com 
-self.events.data.microsoft.com 
-mirror.enzu.com 
-ppa.launchpadcontent.net 
-msit-onelake.pbidedicated.windows.net 
-gcr.io 
-adhs.events.data.microsoft.com 
-gbl.his.arc.azure.cn 
-onegetcdn.azureedge.net 
-graph.windows.net 
-pas.windows.net 
-agentserviceapi.guestconfiguration.azure.com 
-aka.ms 
-api.segment.io 
-download.microsoft.com 
-raw.githubusercontent.com 
-go.microsoft.com 
-global.metrics.azure.eaglex.ic.gov 
-gbl.his.arc.azure.us 
-packages.microsoft.com 
-global.metrics.azure.microsoft.scloud 
-www.powershellgallery.com
-k8s.io 
-guestconfiguration.azure.com 
-ods.opinsights.azure.com 
-vault.azure.net 
-googleapis.com 
-quay.io 
-handler.control.monitor.azure.com 
-pkg.dev 
-docker.io 
-prod.hot.ingestion.msftcloudes.com 
-docker.com 
-prod.microsoftmetrics.com 
-oms.opinsights.azure.com 
-azureedge.net 
-monitoring.azure.com
-blob.core.windows.net 
-azurecr.io
-```
+## Azure IoT Operations endpoints
+
+If you use enterprise firewalls or proxies to manage outbound traffic, configure the following endpoints before deploying Azure IoT Operations.
+
+* Endpoints in the [Azure Arc-enabled Kubernetes endpoints](/azure/azure-arc/network-requirements-consolidated#azure-arc-enabled-kubernetes-endpoints).
+
+  >[!NOTE]
+  >If you use *Azure Arc Gateway* to connect your cluster to Arc, you can configure a smaller set of endpoints based on the [Arc Gateway guidance](/azure/azure-arc/servers/arc-gateway#step-3-ensure-the-required-urls-are-allowed-in-your-environment).
+
+* Endpoints in [Azure CLI endpoints](/cli/azure/azure-cli-endpoints?tabs=azure-cloud#endpoints).
+
+  You need `graph.windows.net`, `*.azurecr.io`, `*.blob.core.windows.net`, `*.vault.azure.net` from this endpoint list.
+
+* The following endpoints are required specifically for Azure IoT Operations:
+
+  |Endpoints (DNS) | Description |
+  |-|-|
+  | `<customer-specific>.blob.storage.azure.net` | Storage for schema registry. Refer to [storage account endpoints](/azure/storage/common/storage-account-overview#storage-account-endpoints) for identifying the customer specific subdomain of your endpoint. |
+
+* To push data to the cloud, enable the following endpoints based on your choice of data platform.
+
+  * Microsoft Fabric OneLake: [Add Fabric URLs to your allowlist](/fabric/security/fabric-allow-list-urls#onelake).
+  * Event Hubs: [Troubleshoot connectivity issues - Azure Event Hubs](/azure/event-hubs/troubleshooting-guide).
+  * Event Grid: [Troubleshoot connectivity issues - Azure Event Grid](/azure/event-grid/troubleshoot-network-connectivity).
+  * Azure Data Lake Storage Gen 2: [Storage account standard endpoints](/azure/storage/common/storage-account-overview#standard-endpoints).
+
 
 ## Next steps
 
-[Prepare your Azure Arc-enabled Kubernetes cluster](./howto-prepare-cluster.md) to configure and Arc-enable a cluster for Azure IoT Operations.
+[Prepare your Azure Arc-enabled Kubernetes cluster](./howto-prepare-cluster.md) to configure and Arc-enable a cluster for Azure IoT Operations.