inbound connectivity URL updates

Author: JnHs

articles/azure-arc/network-requirements-consolidated.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Arc network requirements
 description: A consolidated list of network requirements for Azure Arc features and Azure Arc-enabled services. Lists endpoints, ports, and protocols.
-ms.date: 04/17/2024
+ms.date: 05/22/2024
 ms.topic: reference
 ---
 

articles/azure-arc/resource-bridge/includes/network-requirements.md

@@ -1,9 +1,9 @@
 ---
 ms.topic: include
-ms.date: 03/19/2024
+ms.date: 05/22/2024
 ---
 
-### Outbound connectivity
+### Outbound connectivity requirements
 
 The firewall and proxy URLs below must be allowlisted in order to enable communication from the management machine, Appliance VM, and Control Plane IP to the required Arc resource bridge URLs.
 
@@ -42,6 +42,16 @@ The firewall and proxy URLs below must be allowlisted in order to enable communi
 |Azure Arc Agent| 443 | `*.dp.kubernetesconfiguration.azure.com`| Management machine needs outbound connection. | Dataplane used for Arc agent.|
 |Python package| 443 | `pypi.org`, `*.pypi.org`| Management machine needs outbound connection. | Validate Kubernetes and Python versions.|
 |Azure CLI| 443 | `pythonhosted.org`, `*.pythonhosted.org`| Management machine needs outbound connection. | Python packages for Azure CLI installation.|
-|SSH| 22 | `Arc resource bridge appliance VM IPs` | Management machine needs outbound connection. | Used for troubleshooting the appliance VM.|
-|Kubernetes API server| 6443 | `Arc resource bridge appliance VM IPs` | Management machine needs outbound connection. | Management of appliance VM.|
 
+## Inbound connectivity requirements
+
+The following ports must be allowlisted in your firewall/proxy to enable communication between the management machine, Appliance VM IPs, and Control Plane IPs. Ensure these ports are open to facilitate the deployment and maintenance of the Azure Arc Resource Bridge.
+
+|**Service**|**Port**|**URL**|**Direction**|**Notes**|
+|--|--|--|--|--|
+|SSH| 22 | `appliance VM IPs` and `Management machine` | Bidirectional | Used for deploying & maintaining the appliance VM.|
+|Kubernetes API server| 6443 | `appliance VM IPs` and `Management machine` | Bidirectional | Management of appliance VM.|
+|HTTPS | 443 | `private cloud management console` | Management machine needs outbound connection. | Communication with management console. (ex: VMware vCenter server)|
+|SSH| 22 | `control plane IP` and `Management machine` | Bidirectional | Used for deploying & maintaining the appliance VM.|
+|Kubernetes API server| 6443 | `control plane IP` and `Management machine`| Bidirectional | Management of appliance VM.|
+|HTTPS | 443 | `private cloud management console` | Appliance VM IPs needs outbound connection. | Communication with management console. (ex: VMware vCenter server)|

articles/azure-arc/resource-bridge/network-requirements.md

@@ -2,7 +2,7 @@
 title: Azure Arc resource bridge network requirements
 description: Learn about network requirements for Azure Arc resource bridge including URLs that must be allowlisted.
 ms.topic: conceptual
-ms.date: 03/19/2024
+ms.date: 05/22/2024
 ---
 
 # Azure Arc resource bridge network requirements

articles/azure-arc/resource-bridge/system-requirements.md

@@ -2,7 +2,7 @@
 title: Azure Arc resource bridge system requirements
 description: Learn about system requirements for Azure Arc resource bridge.
 ms.topic: conceptual
-ms.date: 02/09/2024
+ms.date: 05/22/2024
 ---
 
 # Azure Arc resource bridge system requirements
@@ -68,7 +68,7 @@ Management machine requirements:
 
 - communication over port 443 to the private cloud management console (ex: VMware vCenter machine)
 
-- Internal and external DNS resolution. The DNS server must resolve internal names, such as the vCenter endpoint for vSphere or cloud agent service endpoint for Azure Stack HCI. The DNS server must also be able to resolve external addresses that are [required URLs](network-requirements.md#outbound-connectivity) for deployment.
+- Internal and external DNS resolution. The DNS server must resolve internal names, such as the vCenter endpoint for vSphere or cloud agent service endpoint for Azure Stack HCI. The DNS server must also be able to resolve external addresses that are [required URLs](network-requirements.md#outbound-connectivity-requirements) for deployment.
 - Internet access
 
 ## Appliance VM IP address requirements
@@ -81,7 +81,7 @@ Appliance VM IP address requirements:
 
 - Communcation with the private cloud management endpoint via Port 443 (such as VMware vCenter).
 
-- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity) enabled in proxy/firewall.
+- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity-requirements) enabled in proxy/firewall.
 - Static IP assigned and within the IP address prefix.
 
 - Internal and external DNS resolution.
@@ -97,7 +97,7 @@ Reserved appliance VM IP requirements:
 
 - Communcation with the private cloud management endpoint via Port 443 (such as VMware vCenter).
 
-- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity) enabled in proxy/firewall.
+- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity-requirements) enabled in proxy/firewall.
 
 - Static IP assigned and within the IP address prefix.
 
@@ -107,7 +107,7 @@ Reserved appliance VM IP requirements:
 
 ## Control plane IP requirements
 
-The appliance VM hosts a management Kubernetes cluster with a control plane that requires a single, static IP address. This IP is assigned from the `controlplaneendpoint` parameter in the `createconfig` command or equivalent configuration files creation command. 
+The appliance VM hosts a management Kubernetes cluster with a control plane that requires a single, static IP address. This IP is assigned from the `controlplaneendpoint` parameter in the `createconfig` command or equivalent configuration files creation command.
 
 Control plane IP requirements: