MicrosoftDocs
diff --git a/‎articles/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md
Lines changed: 14 additions & 14 deletions b/‎articles/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md
Lines changed: 14 additions & 14 deletions
diff --git a/‎articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-ua-arm.md
Lines changed: 10 additions & 10 deletions b/‎articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-ua-arm.md
Lines changed: 10 additions & 10 deletions
@@ -4,13 +4,13 @@ description: Create user-assigned managed identities.
 services: active-directory
 author: barclayn
 manager: amycolannino
-editor: 
+editor:
 ms.service: active-directory
 ms.subservice: msi
 ms.topic: how-to
 ms.workload: identity
 ms.date: 03/08/2022
-ms.author: barclayn 
+ms.author: barclayn
 ms.custom: devx-track-azurecli
 zone_pivot_groups: identity-mi-methods
 ---
@@ -42,9 +42,9 @@ To create a user-assigned managed identity, your account needs the [Managed Iden
     - **Resource group**: Choose a resource group to create the user-assigned managed identity in, or select **Create new** to create a new resource group.
     - **Region**: Choose a region to deploy the user-assigned managed identity, for example, **West US**.
     - **Name**: Enter the name for your user-assigned managed identity, for example, UAI1.
-  
+
    [!INCLUDE [ua-character-limit](~/includes/managed-identity-ua-character-limits.md)]
-  
+
    :::image type="content" source="media/how-manage-user-assigned-managed-identities/create-user-assigned-managed-identity-portal.png" alt-text="Screenshot that shows the Create User Assigned Managed Identity pane.":::
 
 1. Select **Review + create** to review the changes.
@@ -83,7 +83,7 @@ In some environments, administrators choose to limit who can manage user-assigne
 1. A list of the user-assigned managed identities for your subscription is returned. Select the user-assigned managed identity that you want to manage.
 1. Select **Access control (IAM)**.
 1. Choose **Add role assignment**.
-  
+
    ![Screenshot that shows the user-assigned managed identity access control screen](media/how-manage-user-assigned-managed-identities/role-assign.png)
 
 1. In the **Add role assignment** pane, choose the role to assign and choose **Next**.
@@ -106,10 +106,10 @@ In this article, you learn how to create, list, delete, or assign a role to a us
 
 [!INCLUDE [azure-cli-prepare-your-environment-no-header.md](~/articles/reusable-content/azure-cli/azure-cli-prepare-your-environment-no-header.md)]
 
-> [!IMPORTANT]  
-> To modify user permissions when you use an app service principal by using the CLI, you must provide the service principal more permissions in the Azure Active Directory Graph API because portions of the CLI perform GET requests against the Graph API. Otherwise, you might end up receiving an "Insufficient privileges to complete the operation" message. To do this step, go into the **App registration** in Azure AD, select your app, select **API permissions**, and scroll down and select **Azure Active Directory Graph**. From there, select **Application permissions**, and then add the appropriate permissions. 
+> [!IMPORTANT]
+> To modify user permissions when you use an app service principal by using the CLI, you must provide the service principal more permissions in the Azure Active Directory Graph API because portions of the CLI perform GET requests against the Graph API. Otherwise, you might end up receiving an "Insufficient privileges to complete the operation" message. To do this step, go into the **App registration** in Azure AD, select your app, select **API permissions**, and scroll down and select **Azure Active Directory Graph**. From there, select **Application permissions**, and then add the appropriate permissions.
 
-## Create a user-assigned managed identity 
+## Create a user-assigned managed identity
 
 To create a user-assigned managed identity, your account needs the [Managed Identity Contributor](../../role-based-access-control/built-in-roles.md#managed-identity-contributor) role assignment.
 
@@ -182,7 +182,7 @@ To use Azure PowerShell locally for this article instead of using Cloud Shell:
     Connect-AzAccount
     ```
 
-1. Install the [latest version of PowerShellGet](/powershell/scripting/gallery/installing-psget#for-systems-with-powershell-50-or-newer-you-can-install-the-latest-powershellget).
+1. Install the [latest version of PowerShellGet](/powershell/gallery/powershellget/install-powershellget).
 
     ```azurepowershell
     Install-Module -Name PowerShellGet -AllowPrerelease
@@ -264,9 +264,9 @@ Resource Manager templates help you deploy new or modified resources defined by
 - Use a [custom template from Azure Marketplace](../../azure-resource-manager/templates/deploy-portal.md#deploy-resources-from-custom-template) to create a template from scratch or base it on an existing common or [quickstart template](https://azure.microsoft.com/resources/templates/).
 - Derive from an existing resource group by exporting a template. You can export them from either [the original deployment](../../azure-resource-manager/management/manage-resource-groups-portal.md#export-resource-groups-to-templates) or from the [current state of the deployment](../../azure-resource-manager/management/manage-resource-groups-portal.md#export-resource-groups-to-templates).
 - Use a local [JSON editor (such as VS Code)](../../azure-resource-manager/templates/quickstart-create-templates-use-the-portal.md), and then upload and deploy by using PowerShell or the Azure CLI.
-- Use the Visual Studio [Azure Resource Group project](../../azure-resource-manager/templates/create-visual-studio-deployment-project.md) to create and deploy a template. 
+- Use the Visual Studio [Azure Resource Group project](../../azure-resource-manager/templates/create-visual-studio-deployment-project.md) to create and deploy a template.
 
-## Create a user-assigned managed identity 
+## Create a user-assigned managed identity
 
 To create a user-assigned managed identity, your account needs the [Managed Identity Contributor](../../role-based-access-control/built-in-roles.md#managed-identity-contributor) role assignment.
 
@@ -340,7 +340,7 @@ In this article, you learn how to create, list, and delete a user-assigned manag
     az account get-access-token
     ```
 
-## Create a user-assigned managed identity 
+## Create a user-assigned managed identity
 
 To create a user-assigned managed identity, your account needs the [Managed Identity Contributor](../../role-based-access-control/built-in-roles.md#managed-identity-contributor) role assignment.
 
@@ -410,8 +410,8 @@ DELETE https://management.azure.com/subscriptions/80c696ff-5efa-4909-a64d-f1b616
 ## Next steps
 
 For information on how to assign a user-assigned managed identity to an Azure VM or virtual machine scale set by using CURL, see:
-- [Configure managed identities for Azure resources on an Azure VM using REST API calls](qs-configure-rest-vm.md#user-assigned-managed-identity) 
+- [Configure managed identities for Azure resources on an Azure VM using REST API calls](qs-configure-rest-vm.md#user-assigned-managed-identity)
 - [Configure managed identities for Azure resources on a virtual machine scale set using REST API calls](qs-configure-rest-vmss.md#user-assigned-managed-identity)
 
 Learn how to use [workload identity federation for managed identities](../develop/workload-identity-federation.md) to access Azure Active Directory (Azure AD) protected resources without managing secrets.
-::: zone-end
+::: zone-end
@@ -5,29 +5,29 @@ services: active-directory
 documentationcenter: ''
 author: barclayn
 manager: amycolannino
-editor: 
+editor:
 ms.service: active-directory
 ms.subservice: msi
 ms.topic: tutorial
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.date: 01/11/2022
 ms.author: barclayn
-ms.collection: M365-identity-device-management 
+ms.collection: M365-identity-device-management
 ms.custom: devx-track-azurepowershell, devx-track-arm-template
 ---
 
 # Tutorial: Use a user-assigned managed identity on a Windows VM to access Azure Resource Manager
 
-This tutorial explains how to create a user-assigned identity, assign it to a Windows Virtual Machine (VM), and then use that identity to access the Azure Resource Manager API. Managed Service Identities are automatically managed by Azure. They enable authentication to services that support Azure AD authentication, without needing to embed credentials into your code. 
+This tutorial explains how to create a user-assigned identity, assign it to a Windows Virtual Machine (VM), and then use that identity to access the Azure Resource Manager API. Managed Service Identities are automatically managed by Azure. They enable authentication to services that support Azure AD authentication, without needing to embed credentials into your code.
 
 You learn how to:
 
 > [!div class="checklist"]
 > * Create a user-assigned managed identity
 > * Assign your user-assigned identity to your Windows VM
-> * Grant the user-assigned identity access to a Resource Group in Azure Resource Manager 
-> * Get an access token using the user-assigned identity and use it to call Azure Resource Manager 
+> * Grant the user-assigned identity access to a Resource Group in Azure Resource Manager
+> * Get an access token using the user-assigned identity and use it to call Azure Resource Manager
 > * Read the properties of a Resource Group
 
 [!INCLUDE [az-powershell-update](../../../includes/updated-for-az.md)]
@@ -58,7 +58,7 @@ To use Azure PowerShell locally for this article (rather than using Cloud Shell)
     Connect-AzAccount
     ```
 
-1. Install the [latest version of PowerShellGet](/powershell/scripting/gallery/installing-psget#for-systems-with-powershell-50-or-newer-you-can-install-the-latest-powershellget).
+1. Install the [latest version of PowerShellGet](/powershell/gallery/powershellget/install-powershellget).
 
     ```azurepowershell
     Install-Module -Name PowerShellGet -AllowPrerelease
@@ -114,9 +114,9 @@ $vm = Get-AzVM -ResourceGroupName myResourceGroup -Name myVM
 Update-AzVM -ResourceGroupName TestRG -VM $vm -IdentityType "UserAssigned" -IdentityID "/subscriptions/<SUBSCRIPTIONID>/resourcegroups/myResourceGroupVM/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ID1"
 ```
 
-## Grant access 
+## Grant access
 
-This section shows how to grant your user-assigned identity access to a Resource Group in Azure Resource Manager. Managed identities for Azure resources provide identities that your code can use to request access tokens to authenticate to resource APIs that support Azure AD authentication. In this tutorial, your code will access the Azure Resource Manager API. 
+This section shows how to grant your user-assigned identity access to a Resource Group in Azure Resource Manager. Managed identities for Azure resources provide identities that your code can use to request access tokens to authenticate to resource APIs that support Azure AD authentication. In this tutorial, your code will access the Azure Resource Manager API.
 
 Before your code can access the API, you need to grant the identity access to a resource in Azure Resource Manager. In this case, the Resource Group in which the VM is contained. Update the value for `<SUBSCRIPTION ID>` as appropriate for your environment.
 
@@ -141,7 +141,7 @@ CanDelegate: False
 
 ## Access data
 
-### Get an access token 
+### Get an access token
 
 For the remainder of the tutorial, you will work from the VM we created earlier.
 
@@ -153,7 +153,7 @@ For the remainder of the tutorial, you will work from the VM we created earlier.
 
 4. Now that you have created a **Remote Desktop Connection** with the virtual machine, open **PowerShell** in the remote session.
 
-5. Using PowerShell’s `Invoke-WebRequest`, make a request to the local managed identities for Azure resources endpoint to get an access token for Azure Resource Manager.  The `client_id` value is the value returned when you created the user-assigned managed identity.
+5. Using PowerShell's `Invoke-WebRequest`, make a request to the local managed identities for Azure resources endpoint to get an access token for Azure Resource Manager.  The `client_id` value is the value returned when you created the user-assigned managed identity.
 
     ```azurepowershell
     $response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&client_id=af825a31-b0e0-471f-baea-96de555632f9&resource=https://management.azure.com/' -Method GET -Headers @{Metadata="true"}