Merge pull request #300934 from PatAltimore/patricka-freshness2

JillGrant615 · web-flow · commit 13090b75e346 · 2025-06-05T17:58:48.000-06:00
Freshness review
diff --git a/articles/iot-edge/how-to-access-dtpm.md b/articles/iot-edge/how-to-access-dtpm.md
@@ -3,7 +3,7 @@ title: dTPM access for Azure IoT Edge for Linux on Windows
 description: Learn about how to configure access the dTPM on your  Azure IoT Edge for Linux on Windows virtual machine.
 author: PatAltimore
 ms.author: patricka
-ms.date: 05/29/2024
+ms.date: 06/05/2025
 ms.topic: concept-article
 ms.service: azure-iot-edge
 ms.custom: linux-related-content
@@ -14,74 +14,74 @@ services: iot-edge
 
 [!INCLUDE [iot-edge-version-all-supported](includes/iot-edge-version-all-supported.md)]
 
-A Trusted platform module (TPM) chip is a secure crypto-processor that is designed to carry out cryptographic operations. This technology is designed to provide hardware-based, security-related functions. The Azure IoT Edge for Linux on Windows (EFLOW) virtual machine doesn't have a virtual TPMs attached to the VM. However, the user can enable or disable the TPM passthrough feature, that allows the EFLOW virtual machine to use the Windows host OS TPM. The TPM passthrough feature enables two main scenarios:
+A trusted platform module (TPM) chip is a secure crypto-processor that carries out cryptographic operations. This technology provides hardware-based security functions. The Azure IoT Edge for Linux on Windows (EFLOW) virtual machine doesn't have a virtual TPM attached. However, you can enable or disable the TPM passthrough feature, which lets the EFLOW virtual machine use the Windows host OS TPM. The TPM passthrough feature lets you:
 
-- Use TPM technology for IoT Edge device provisioning using Device Provisioning Service (DPS)
-- Read-only access to cryptographic keys stored inside the TPM. 
+- Use TPM technology for IoT Edge device provisioning with Device Provisioning Service (DPS)
+- Get read-only access to cryptographic keys stored in the TPM
 
-This article describes how to develop a sample code in C# to read cryptographic keys stored inside the device TPM. 
+This article shows you how to write sample C# code to read cryptographic keys stored in the device TPM.  
 
 > [!IMPORTANT]
-> The access to the TPM keys is limited to read-only. If you want to write keys to the TPM, you need to do it from the Windows host OS. 
+> Access to TPM keys is limited to read-only. To write keys to the TPM, do it from the Windows host OS. 
 
 ## Prerequisites
 
-- A Windows host OS with a TPM or vTPM (if using Windows host OS virtual machine).
-- EFLOW virtual machine with TPM passthrough enabled. Using an elevated PowerShell session, use `Set-EflowVmFeature -feature "DpsTpm" -enable` to enable TPM passthrough. For more information, see [Set-EflowVmFeature to enable TPM passthrough](./reference-iot-edge-for-linux-on-windows-functions.md#set-eflowvmfeature).
-- Ensure that the NV index (default index=3001) is initialized with 8 bytes of data. The default AuthValue used by the sample is {1,2,3,4,5,6,7,8} which corresponds to the NV (Windows) Sample in the TSS.MSR libraries when writing to the TPM. All index initialization must take place on the Windows Host before reading from the EFLOW VM. For more information about TPM samples, see [TSS.MSR](https://github.com/microsoft/TSS.MSR).
+- A Windows host OS with a TPM or vTPM (if you use a Windows host OS virtual machine).
+- An EFLOW virtual machine with TPM passthrough enabled. In an elevated PowerShell session, run `Set-EflowVmFeature -feature "DpsTpm" -enable` to enable TPM passthrough. For more information, see [Set-EflowVmFeature to enable TPM passthrough](./reference-iot-edge-for-linux-on-windows-functions.md#set-eflowvmfeature).
+- Make sure the NV index (default index=3001) is initialized with 8 bytes of data. The default AuthValue used by the sample is {1,2,3,4,5,6,7,8}, which matches the NV (Windows) sample in the TSS.MSR libraries when writing to the TPM. Initialize all indexes on the Windows host before reading from the EFLOW VM. For more information about TPM samples, see [TSS.MSR](https://github.com/microsoft/TSS.MSR).
 
     > [!WARNING]
-    > Enabling TPM passthrough to the virtual machine may increase security risks.
+    > Enabling TPM passthrough to the virtual machine can increase security risks.
     
 ## Create the dTPM executable
 
-The following steps show you how to create a sample executable to access a TPM index from the EFLOW VM. For more information about EFLOW TPM passthrough, see [Azure IoT Edge for Linux on Windows Security](./iot-edge-for-linux-on-windows-security.md).
+Follow these steps to create a sample executable to access a TPM index from the EFLOW VM. For more information about EFLOW TPM passthrough, see [Azure IoT Edge for Linux on Windows Security](./iot-edge-for-linux-on-windows-security.md).
 
 1. Open Visual Studio 2019 or 2022.
 
 1. Select **Create a new project**.
 
-1. Choose **Console App** in the list of templates then select **Next**. 
+1. Choose **Console App** in the list of templates, and then select **Next**.
 
     ![Visual Studio create new solution](./media/how-to-access-dtpm/vs-new-solution.png)
 
-1. Fill in the **Project Name**, **Location** and **Solution Name** fields then select **Next**.
+1. Fill in the **Project Name**, **Location**, and **Solution Name** fields, and then select **Next**.
 
-1. Choose a target framework. The latest .NET 6.0 LTS version is preferred. After choosing a target framework, select **Create**. Visual Studio creates a new console app solution.
+1. Choose a target framework. The latest .NET 6.0 LTS version is preferred. After you choose a target framework, select **Create**. Visual Studio creates a new console app solution.
 
 1. In **Solution Explorer**, right-click the project name and select **Manage NuGet Packages**.
 
-1. Select **Browse** and then search for `Microsoft.TSS`. For more information about this package, see [Microsoft.TSS](https://www.nuget.org/packages/Microsoft.TSS).
+1. Select **Browse**, and then search for `Microsoft.TSS`. For more information about this package, see [Microsoft.TSS](https://www.nuget.org/packages/Microsoft.TSS).
 
-1. Choose the **Microsoft.TSS** package from the list then select **Install**.
+1. Choose the **Microsoft.TSS** package from the list, and then select **Install**.
 
-   :::image type="content" source="./media/how-to-access-dtpm/vs-nuget-microsoft-tss.png" alt-text="Screenshot that shows Visual Studio add NuGet packages .":::
+   :::image type="content" source="./media/how-to-access-dtpm/vs-nuget-microsoft-tss.png" alt-text="Screenshot of Visual Studio showing how to add NuGet packages.":::
 
-1. Edit the *Program.cs* file and replace the contents with the [EFLOW TPM sample code - Program.cs](https://raw.githubusercontent.com/Azure/iotedge-eflow/main/samples/tpm-read-nv/Program.cs).
+1. Edit the *Program.cs* file, and replace the contents with the [EFLOW TPM sample code - Program.cs](https://raw.githubusercontent.com/Azure/iotedge-eflow/main/samples/tpm-read-nv/Program.cs).
 
-1. Select **Build** > **Build solution** to build the project.  Verify the build is successful.
+1. Select **Build** > **Build solution** to build the project. Verify that the build is successful.
 
-1. In **Solution Explorer**, right-click the project then select **Publish**.
+1. In **Solution Explorer**, right-click the project, and then select **Publish**.
 
-1. In the **Publish** wizard, choose **Folder** > **Folder**. Select **Browse** and choose an output location for the executable file to be generated.  Select **Finish**. After the publish profile is created, select **Close**.
+1. In the **Publish** wizard, choose **Folder** > **Folder**. Select **Browse**, and choose an output location for the executable file to be generated. Select **Finish**. After the publish profile is created, select **Close**.
 
 1. On the **Publish** tab, select **Show all settings** link. Change the following configurations then select **Save**. 
     - Target Runtime:  **linux-x64**.
     - Deployment mode: **Self-contained**.
     
-   :::image type="content" source="./media/how-to-access-dtpm/sample-publish-options.png" alt-text="Screenshot that shows publish options .":::
+   :::image type="content" source="./media/how-to-access-dtpm/sample-publish-options.png" alt-text="Screenshot of publish options.":::
  
-1. Select **Publish** then wait for the executable to be created. 
+1. Select **Publish**, and then wait for the executable to be created.
 
-If publish succeeds, you should see the new files created in your output folder.
+If publishing succeeds, you see the new files in your output folder.
 
 ## Copy and run the executable
 Once the executable file and dependency files are created, you need to copy the folder to the EFLOW virtual machine. The following steps show you how to copy all the necessary files and how to run the executable inside the EFLOW virtual machine.
 
 1. Start an elevated *PowerShell* session using **Run as Administrator**.
 
 1. Change directory to the parent folder that contains the published files. 
-    For example, if your published files are under the folder *TPM* in the directory `C:\Users\User`.  You can use the following command to change to the parent folder.
+    For example, if your published files are under the folder *TPM* in the directory `C:\Users\User`. You can use the following command to change to the parent folder.
     ```powershell
     cd "C:\Users\User"
     ```
@@ -103,7 +103,7 @@ Once the executable file and dependency files are created, you need to copy the
     Connect-EflowVm
     ```
 
-1. Change directory to the folder where you copied the *tar* file and check the file is available. If you used the example above, when connected to the EFLOW VM, you'll already be at the *iotedge-user* root folder. Run the `ls` command to list the files and folders.
+1. Change directory to the folder where you copied the *tar* file and check that the file is available. If you used the previous example, when you connect to the EFLOW VM, you're already at the *iotedge-user* root folder. Run the `ls` command to list the files and folders.
 
 1. Run the following command to extract all the content from the *tar* file.
     ```bash
@@ -136,4 +136,4 @@ Once the executable file and dependency files are created, you need to copy the
 
 ## Next steps
 
-* Learn [How to develop IoT Edge modules with Linux containers using IoT Edge for Linux on Windows](./tutorial-develop-for-linux-on-windows.md). 
+Learn [how to develop IoT Edge modules with Linux containers using IoT Edge for Linux on Windows](./tutorial-develop-for-linux-on-windows.md).
diff --git a/articles/iot-edge/how-to-configure-module-build-options.md b/articles/iot-edge/how-to-configure-module-build-options.md
@@ -4,7 +4,7 @@ description: Learn how to use the module.json file to configure build and deploy
 author: PatAltimore
 
 ms.author: patricka
-ms.date: 05/31/2024
+ms.date: 06/05/2025
 ms.topic: how-to
 ms.service: azure-iot-edge
 services: iot-edge
@@ -14,25 +14,22 @@ services: iot-edge
 
 [!INCLUDE [iot-edge-version-all-supported](includes/iot-edge-version-all-supported.md)]
 
-The *module.json* file controls how modules are built and deployed. IoT Edge module Visual Studio
-and Visual Studio Code projects include the *module.json* file. The file contains IoT Edge module
-configuration details including the version and platform that is used when building an IoT Edge
-module.
+The *module.json* file controls how modules are built and deployed. IoT Edge module projects in Visual Studio and Visual Studio Code include the *module.json* file. This file has configuration details for the IoT Edge module, like the version and platform used when building the module.
 
 ## *module.json* settings
 
-The *module.json* file includes the following settings:
+The *module.json* file has these settings:
 
 | Setting | Description |
 |---|---|
-| image.repository | The repository of the module. |
-| image.tag.version | The version of the module. |
+| image.repository | The module repository. |
+| image.tag.version | The module version. |
 | image.tag.platforms | A list of supported platforms and their corresponding dockerfile. Each entry is a platform key and dockerfile pair `<platform key>:<dockerfile>`. |
-| image.buildOptions | The build arguments used when running `docker build`. |
-| image.contextPath | The context path used when running `docker build`. By default, it's the current folder of the *module.json* file. If your Docker build needs files not included in the current folder such as a reference to an external package or project, set the **contextPath** to the root path of all necessary files. Verify the files are copied in the dockerfile. |
-| language | The programming language of the module. |
+| image.buildOptions | Build arguments used when running `docker build`. |
+| image.contextPath | The context path used when running `docker build`. By default, it's the current folder of the *module.json* file. If your Docker build needs files not included in the current folder, like a reference to an external package or project, set **contextPath** to the root path of all necessary files. Verify the files are copied in the dockerfile. |
+| language | The module programming language. |
 
-For example, the following *module.json* file is for a C# IoT Edge module:
+For example, this *module.json* file is for a C# IoT Edge module:
 
 ```json
 {
@@ -59,10 +56,8 @@ For example, the following *module.json* file is for a C# IoT Edge module:
 }
 ```
 
-Once the module is built, the final tag of the image is combined with both version and platform as
-`<repository>:<version>-<platform key>`. For this example, the image tag for `amd64.debug` is
-`localhost:5000/csharpmod:0.0.1-amd64.debug`.
+After you build the module, the final image tag combines the version and platform as `<repository>:<version>-<platform key>`. For this example, the image tag for `amd64.debug` is `localhost:5000/csharpmod:0.0.1-amd64.debug`.
 
-## Next step
+## Next steps
 
 [Understand the requirements and tools for developing IoT Edge modules](module-development.md)
