Merge branch 'master' of github.com:MicrosoftDocs/azure-docs-pr

Larry Franks · Larry Franks · commit 21f559cdb47a · 2019-11-04T09:31:45.000-05:00
into event-grid
diff --git a/articles/index.md b/articles/index.md
@@ -5637,19 +5637,21 @@ featureFlags:
                                     <div class="cardSize">
                                         <div class="cardPadding">
                                             <div class="card">
+                                                <div class="cardImageOuter">
                                                     <div class="cardImage">
                                                         <img src="media/index/peering-service.svg" alt="" />
                                                     </div>
-                                            </div>
-                                            <div class="cardText">
+                                                </div>
+                                                <div class="cardText">
                                                     <h3>Peering Service</h3>
                                                     <p>Get optimal internet connectivity to access the Microsoft network</p>
+                                                </div>
                                             </div>
                                         </div>
                                     </div>
                                 </a>
                             </li>
-                        </ul>
+                         </ul>
                     </li>
                     <li>
                         <a href="#security">Security</a>
diff --git a/articles/internet-analyzer/TOC.yml b/articles/internet-analyzer/TOC.yml
@@ -9,7 +9,7 @@
   - name: Create an Internet Analyzer test using Portal
     href: internet-analyzer-create-test-portal.md
   - name: Create an Internet Analyzer test using CLI
-    herf: internet-analyzer-cli.md
+    href: internet-analyzer-cli.md  
 - name: How-to guides
   items:
   - name: Embed client
diff --git a/articles/openshift/howto-setup-environment.md b/articles/openshift/howto-setup-environment.md
@@ -5,7 +5,7 @@ services: openshift
 keywords:  red hat openshift setup set up
 author: jimzim
 ms.author: jzim
-ms.date: 05/10/2019
+ms.date: 11/04/2019
 ms.topic: conceptual
 ms.service: container-service
 manager: jeconnoc
@@ -16,7 +16,6 @@ manager: jeconnoc
 
 To build and run Microsoft Azure Red Hat OpenShift applications, you'll need to:
 
-* Purchase Azure virtual machine reserved instances.
 * Install version 2.0.65 (or higher) of the Azure CLI (or use the Azure Cloud Shell).
 * Register for the `AROGA` feature and associated resource providers.
 * Create an Azure Active Directory (Azure AD) tenant.
@@ -25,16 +24,6 @@ To build and run Microsoft Azure Red Hat OpenShift applications, you'll need to:
 
 The following instructions will walk you through all of these prerequisites.
 
-## Purchase Azure Red Hat OpenShift application nodes reserved instances
-
-Before you can use Azure Red Hat OpenShift, you'll need to purchase a minimum of 4 Azure Red Hat OpenShift reserved application nodes, after which you'll be able to provision clusters.
-
-If you are an Azure customer, [purchase Azure Red Hat OpenShift reserved instances](https://aka.ms/openshift/buy) through the Azure portal. After purchasing, your subscription will be activated within 24 hours.
-
-If you are not an Azure customer, [contact sales](https://aka.ms/openshift/contact-sales) and fill out the sales form at the bottom of the page to start the process.
-
-Refer to the [Azure Red Hat OpenShift pricing page](https://aka.ms/openshift/pricing) for more information.
-
 ## Install the Azure CLI
 
 Azure Red Hat OpenShift requires version 2.0.65 or higher of the Azure CLI. If you've already installed the Azure CLI, you can check which version you have by running:
diff --git a/articles/openshift/openshift-faq.md b/articles/openshift/openshift-faq.md
@@ -7,23 +7,13 @@ ms.author: jzim
 manager: jeconnoc
 ms.service: container-service
 ms.topic: article
-ms.date: 05/08/2019
+ms.date: 11/04/2019
 ---
 
 # Azure Red Hat OpenShift FAQ
 
 This article addresses frequently asked questions (FAQs) about Microsoft Azure Red Hat OpenShift.
 
-## How do I get started?
-
-Before you can use Azure Red Hat OpenShift, you'll need to purchase a minimum of 4 Azure Red Hat OpenShift reserved application nodes.
-
-If you are an Azure customer,[purchase Azure Red Hat OpenShift reserved instances](https://aka.ms/openshift/buy) through the Azure portal. After purchasing, your subscription will be activated within 24 hours, after which you'll be able to provision clusters.
-
-If you are not an Azure customer, [contact sales](https://aka.ms/openshift/contact-sales) and fill out the sales form at the bottom of the page to start the process.
-
-Refer to the [Azure Red Hat OpenShift pricing page](https://aka.ms/openshift/pricing) for more information.
-
 ## Which Azure regions are supported?
 
 See [Supported resources](supported-resources.md#azure-regions) for a list of global regions where Azure Red Hat OpenShift is supported.
diff --git a/articles/openshift/tutorial-create-cluster.md b/articles/openshift/tutorial-create-cluster.md
@@ -7,7 +7,7 @@ ms.author: jzim
 manager: jeconnoc
 ms.topic: tutorial
 ms.service: container-service
-ms.date: 05/14/2019
+ms.date: 11/04/2019
 #Customer intent: As a developer, I want learn how to create an Azure Red Hat OpenShift cluster, scale it, and then clean up resources so that I am not charged for what I'm not using.
 ---
 
@@ -30,8 +30,6 @@ In this tutorial series you learn how to:
 
 > [!IMPORTANT]
 > This tutorial requires version 2.0.65 of the Azure CLI.
->    
-> Before you can use Azure Red Hat OpenShift, you'll need to purchase a minimum of 4 Azure Red Hat OpenShift reserved application nodes as described in [Set up your Azure Red Hat OpenShift development environment](howto-setup-environment.md#purchase-azure-red-hat-openshift-application-nodes-reserved-instances).
 
 Before you begin this tutorial:
 
diff --git a/articles/sql-database/transparent-data-encryption-azure-sql.md b/articles/sql-database/transparent-data-encryption-azure-sql.md
@@ -10,7 +10,7 @@ ms.topic: conceptual
 author: aliceku
 ms.author: aliceku
 ms.reviewer: vanto
-ms.date: 08/27/2019
+ms.date: 11/01/2019
 ---
 # Transparent data encryption for SQL Database and Data Warehouse
 
@@ -36,10 +36,10 @@ Microsoft also seamlessly moves and manages the keys as needed for geo-replicati
 
 ## Customer-managed transparent data encryption - Bring Your Own Key
 
-[TDE with customer-managed keys in Azure Key Vault](transparent-data-encryption-byok-azure-sql.md) allows to encrypt the Database Encryption Key (DEK) with a customer-managed asymmetric key called TDE Protector.  This is also generally referred to as Bring Your Own Key (BYOK) support for Transparent Data Encryption. In the BYOK scenario, the TDE Protector is stored in a customer-owned and managed [Azure Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault), Azure’s cloud-based external key management system. The TDE Protector can be [generated by the key vault or transferred to the key vault](https://docs.microsoft.com/azure/key-vault/about-keys-secrets-and-certificates#key-vault-keys) from an on premises HSM device. The TDE DEK, which is stored on the boot page of a database, is encrypted and decrypted by the TDE Protector, which is stored in Azure Key Vault and never leaves the key vault.  SQL Database needs to be granted permissions to the customer-owned key vault to decrypt and encrypt the DEK. If permissions of the logical SQL server to the key vault are revoked, a database will be inaccessible and all data is encrypted. For Azure SQL Database, the TDE protector is set at the logical SQL server level and is inherited by all databases associated with that server. For [Azure SQL Managed Instance](https://docs.microsoft.com/azure/sql-database/sql-database-howto-managed-instance) (BYOK feature in preview), the TDE protector is set at the instance level and it is inherited by all *encrypted* databases on that instance. The term *server* refers both to server and instance throughout this document, unless stated differently.
+[TDE with customer-managed keys in Azure Key Vault](transparent-data-encryption-byok-azure-sql.md) allows to encrypt the Database Encryption Key (DEK) with a customer-managed asymmetric key called TDE Protector.  This is also generally referred to as Bring Your Own Key (BYOK) support for Transparent Data Encryption. In the BYOK scenario, the TDE Protector is stored in a customer-owned and managed [Azure Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault), Azure’s cloud-based external key management system. The TDE Protector can be [generated by the key vault or transferred to the key vault](https://docs.microsoft.com/azure/key-vault/about-keys-secrets-and-certificates#key-vault-keys) from an on premises HSM device. The TDE DEK, which is stored on the boot page of a database, is encrypted and decrypted by the TDE Protector, which is stored in Azure Key Vault and never leaves the key vault.  SQL Database needs to be granted permissions to the customer-owned key vault to decrypt and encrypt the DEK. If permissions of the logical SQL server to the key vault are revoked, a database will be inaccessible and all data is encrypted. For Azure SQL Database, the TDE protector is set at the logical SQL server level and is inherited by all databases associated with that server. For [Azure SQL Managed Instance](https://docs.microsoft.com/azure/sql-database/sql-database-howto-managed-instance), the TDE protector is set at the instance level and it is inherited by all *encrypted* databases on that instance. The term *server* refers both to server and instance throughout this document, unless stated differently.
 
 With TDE with Azure Key Vault integration, users can control key management tasks including key rotations, key vault permissions, key backups, and enable auditing/reporting on all TDE protectors using Azure Key Vault functionality. Key Vault provides central key management, leverages tightly monitored hardware security modules (HSMs), and enables separation of duties between management of keys and data to help meet compliance with security policies.
-To learn more about transparent data encryption with Azure Key Vault integration (Bring Your Own Key support) for Azure SQL Database, SQL Managed Instance (BYOK feature in preview), and Data Warehouse, see [Transparent data encryption with Azure Key Vault integration](transparent-data-encryption-byok-azure-sql.md).
+To learn more about transparent data encryption with Azure Key Vault integration (Bring Your Own Key support) for Azure SQL Database, SQL Managed Instance, and Data Warehouse, see [Transparent data encryption with Azure Key Vault integration](transparent-data-encryption-byok-azure-sql.md).
 
 To start using transparent data encryption with Azure Key Vault integration (Bring Your Own Key support), see the how-to guide [Turn on transparent data encryption by using your own key from Key Vault by using PowerShell](transparent-data-encryption-byok-azure-sql-configure.md).
 
