updated documentation based on Acrolinx recommendations

sidney-shiba · sidney-shiba · commit 177795047ae7 · 2024-10-25T15:11:36.000-05:00
diff --git a/articles/operator-nexus/howto-use-vm-console-service.md b/articles/operator-nexus/howto-use-vm-console-service.md
@@ -1,6 +1,6 @@
 ---
 title: "Azure Operator Nexus: VM Console Service"
-description: Learn how to use the VM Console service.
+description: Learn how to use the VM Console service to remotely access Nexus Virtual Machine through ssh from your environment.
 author: sshiba
 ms.author: sidneyshiba
 ms.service: azure-operator-nexus
@@ -11,7 +11,7 @@ ms.custom: template-how-to, devx-track-azurecli
 
 # Introduction to the Virtual Machine console service
 
-The Virtual Machine (VM) console service provides managed access to a VM hosted in an Operator Nexus Instance. It relies on the Azure Private Link Service (PLS) to establish a private network connection between the user's network and the Azure Operator Nexus Cluster Manager's private network.
+The Virtual Machine (VM) console service provides managed access to a VM hosted in an Operator Nexus Instance. It uses Azure Private Link Service (PLS) to provide network connectivity on Azure private network. The VM Console service is a secure and private way to access a VM without exposing it to the public internet.
 
 :::image type="content" source="media/vm-console-service.png" alt-text="Diagram of VM Console service." lightbox="media/vm-console-service.png":::
 
@@ -23,7 +23,7 @@ This guide helps you to:
 
 1. Establish a secure private network connectivity between your network and the Cluster Manager's private network.
 1. Create a Console resource in your workload/tenant resource group using the `az networkcloud virtualmachine console` CLI command.
-1. Initiate an SSH session to connect to the Virtual Machine's Console.
+1. Start an SSH session to connect to the Virtual Machine's Console.
 
 > [!NOTE]
 > In order to avoid passing the `--subscription` parameter to each Azure CLI command, execute the following command:
@@ -76,13 +76,13 @@ To help set up the environment for access to Virtual Machines, define these envi
 
 ## Creating Console Resource
 
-The Console resource provides the information about the VM such as VM name, public SSH key, expiration date for the SSH session, etc.
+The Console custom resource provides the information about the Nexus VM. It provides the VM name, public SSH key, expiration date for the SSH session, and so on.
 
 This section provides step-by-step guide to help you to create a Console resource using Azure CLI commands.
 
 :::image type="content" source="media/vm-console-resource.png" alt-text="Diagram of VM Console Resource." lightbox="media/vm-console-resource.png":::
 
-1. In order to create a ***Console*** resource in the Cluster Manager, you will need to collect some information, e.g., resource group (CM_HOSTED_RESOURCES_RESOURCE_GROUP) and custom location (CM_EXTENDED_LOCATION). You have to provide the resource group but you can retrieve the custom location if you have access rights to excute the commands listed below.
+1. To create a ***Console*** resource in the Cluster Manager, you'll need to collect some information, for example, resource group (CM_HOSTED_RESOURCES_RESOURCE_GROUP) and custom location (CM_EXTENDED_LOCATION). You have to provide the resource group but you can retrieve the custom location if you have access rights to excute the following commands:
 
     ```bash
     export cluster_manager_resource_id=$(az resource list -g ${CM_HOSTED_RESOURCES_RESOURCE_GROUP} --query "[?type=='Microsoft.NetworkCloud/clusterManagers'].id" --output tsv)
@@ -101,7 +101,7 @@ This section provides step-by-step guide to help you to create a Console resourc
         [--expiration "${CONSOLE_EXPIRATION_TIME}"]
     ```
 
-    If you omit the `--expiration` parameter, the expiration will be defaulted to one day after the creation of the Console resource. Also note that the `expiration` date & time format **must** comply with RFC3339 otherwise the creation of the Console resource fails.
+    If you omit the `--expiration` parameter, the expiration will be defaulted to one day after the creation of the Console resource. Also note that the `expiration` date & time format **must** follow RFC3339 otherwise the creation of the Console resource fails.
 
     > [!NOTE]
     > For a complete synopsis for this command, invoke `az networkcloud console create --help`.
@@ -129,7 +129,7 @@ This section provides step-by-step guide to help you to create a Console resourc
 
 ## Establishing Private Network Connectivity
 
-In order to establish a secure session with a Virtual Machine, you need to establish private network connectivity between your network and the Cluster Manager's private network.
+To establish a secure session with a Virtual Machine, you need to establish private network connectivity between your network and the Cluster Manager's private network.
 
 This private network relies on the Azure Private Link Endpoint (PLE) and the Azure Private Link Service (PLS).
 
@@ -169,7 +169,7 @@ This section provides a step-by-step guide to help you to establish a private ne
 
 At this point, you have the `virtual_machine_access_id` and the `sshmux_ple_ip`. This input is the info needed for establishing a session with the VM.
 
-The VM Console service is a `ssh` server that "relays" the session to the designated VM. The `sshmux_ple_ip` indirectly references the VM Console service and the `virtual_machine_access_id` the identifier for the VM.
+The VM Console service is a `ssh` server that "relays" the session to a Nexus VM. The `sshmux_ple_ip` indirectly references the VM Console service and the `virtual_machine_access_id` the identifier for the VM.
 
 > [!IMPORTANT]
 > The VM Console service listens to port `2222`, therefore you **must** specify this port number in the `ssh` command.
@@ -187,7 +187,7 @@ The VM Console service was designed to allow **only** one session per Virtual Ma
 
 ## Updating Console Resource
 
-You can disable the session to a given VM by updating the expiration date/time and/or updating the public SSH key used when creating the session with a VM.
+You can disable the session to a VM by updating the expiration date/time and the public SSH key used when creating the session with a VM.
 
 ```bash
 az networkcloud virtualmachine console update \
@@ -198,14 +198,14 @@ az networkcloud virtualmachine console update \
     [--expiration "${CONSOLE_EXPIRATION_TIME}"]
 ```
 
-If you want to disable access to a VM, you need to update the Console resource with the parameter `enabled False`. This update closes any existing session and restricts any subsequent sessions.
+If you want to disable access to a VM, you need to update the Console resource with the parameter `enabled False`. This update closes any existing session and restricts any later sessions.
 
 > [!NOTE]
 > Before creating a session to a VM, the corresponding Console resource **must** be set to `--enabled True`.
 
 When a Console `--expiration` time expires, it closes any session corresponding the Console resource. You'll need to update the expiration time with a future value so that you can establish a new session.
 
-When you update the Console's public SSH key, the VM Console service closes any active session referenced by the Console resource. You have to provide a matching private SSH key matching the new public key when you establish a new session.
+When you update the Console's public SSH key, the VM Console service closes all active sessions. You present a new private SSH key to create a new session.
 
 ## Cleaning Up (Optional)
 
