Merge pull request #214924 from cmcclister/cm-linkfix-20221018-1

LinkFix: azure-docs-pr (2022-10) - 1

Author: v-stsavell

articles/automation/overview.md

@@ -143,4 +143,4 @@ You can review the prices associated with Azure Automation on the [pricing](http
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Create an Automation account](/azure/automation/quickstarts/create-azure-automation-account-portal)
+> [Create an Automation account](./quickstarts/create-azure-automation-account-portal.md)

articles/automation/quickstarts/enable-managed-identity.md

@@ -17,7 +17,7 @@ This Quickstart shows you how to enable managed identities for an Azure Automati
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 
-- An Azure Automation account. For instructions, see [Create an Automation account](/azure/automation/quickstarts/create-azure-automation-account-portal).
+- An Azure Automation account. For instructions, see [Create an Automation account](./create-azure-automation-account-portal.md).
 
 - A user-assigned managed identity. For instructions, see [Create a user-assigned managed identity](../../active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal.md#create-a-user-assigned-managed-identity). The user-assigned managed identity and the target Azure resources that your runbook manages using that identity must be in the same Azure subscription.
 
@@ -70,4 +70,4 @@ If you no longer need the system-assigned managed identity enabled for your Auto
 In this Quickstart, you enabled managed identities for an Azure Automation account. To use your Automation account with managed identities to execute a runbook, see.
 
 > [!div class="nextstepaction"]
-> [Tutorial: Create Automation PowerShell runbook using managed identity](../learn/powershell-runbook-managed-identity.md)
+> [Tutorial: Create Automation PowerShell runbook using managed identity](../learn/powershell-runbook-managed-identity.md)

articles/azure-app-configuration/concept-geo-replication.md

@@ -35,7 +35,7 @@ This team would benefit from geo-replication. They can create a replica of their
 - Geo-replication isn't available in the free tier.  
 - Each replica has limits, as outlined in the [App Configuration pricing page](https://azure.microsoft.com/pricing/details/app-configuration/). These limits are isolated per replica. 
 - Azure App Configuration also supports Azure availability zones to create a resilient and highly available store within an Azure Region. Availability zone support is automatically included for a replica if the replica's region has availability zone support. The combination of availability zones for redundancy within a region, and geo-replication across multiple regions, enhances both the availability and performance of a configuration store.
-- Currently, you can only authenticate with replica endpoints with [Azure Active Directory (Azure AD)](/azure/app-service/overview-managed-identity).
+- Currently, you can only authenticate with replica endpoints with [Azure Active Directory (Azure AD)](../app-service/overview-managed-identity.md).
 <!--
 To add once these links become available: 
  - Request handling for replicas will vary by configuration provider, for further information reference [.NET Geo-replication Reference](https://azure.microsoft.com/pricing/details/app-configuration/) and [Java Geo-replication Reference](https://azure.microsoft.com/pricing/details/app-configuration/). 
@@ -50,4 +50,4 @@ Each replica created will add extra charges. Reference the [App Configuration pr
 > [!div class="nextstepaction"]
 > [How to enable Geo replication](./howto-geo-replication.md)  
 
-> [Resiliency and Disaster Recovery](./concept-disaster-recovery.md)
+> [Resiliency and Disaster Recovery](./concept-disaster-recovery.md)

articles/azure-app-configuration/quickstart-aspnet-core-app.md

@@ -73,7 +73,7 @@ dotnet new webapp --output TestAppConfig --framework netcoreapp3.1
     > [!TIP]
     > Some shells will truncate the connection string unless it's enclosed in quotes. Ensure that the output of the `dotnet user-secrets list` command shows the entire connection string. If it doesn't, rerun the command, enclosing the connection string in quotes.
 
-    Secret Manager stores the secret outside of your project tree, which helps prevent the accidental sharing of secrets within source code. It's used only to test the web app locally. When the app is deployed to Azure like [App Service](/azure/app-service/overview), use the *Connection strings*, *Application settings* or environment variables to store the connection string. Alternatively, to avoid connection strings all together, you can [connect to App Configuration using managed identities](./howto-integrate-azure-managed-service-identity.md) or your other [Azure AD identities](./concept-enable-rbac.md).
+    Secret Manager stores the secret outside of your project tree, which helps prevent the accidental sharing of secrets within source code. It's used only to test the web app locally. When the app is deployed to Azure like [App Service](../app-service/overview.md), use the *Connection strings*, *Application settings* or environment variables to store the connection string. Alternatively, to avoid connection strings all together, you can [connect to App Configuration using managed identities](./howto-integrate-azure-managed-service-identity.md) or your other [Azure AD identities](./concept-enable-rbac.md).
 
 1. Open *Program.cs*, and add Azure App Configuration as an extra configuration source by calling the `AddAzureAppConfiguration` method.
 
@@ -248,4 +248,4 @@ In this quickstart, you:
 To learn how to configure your ASP.NET Core web app to dynamically refresh configuration settings, continue to the next tutorial.
 
 > [!div class="nextstepaction"]
-> [Enable dynamic configuration](./enable-dynamic-configuration-aspnet-core.md)
+> [Enable dynamic configuration](./enable-dynamic-configuration-aspnet-core.md)

articles/azure-arc/kubernetes/private-link.md

@@ -8,7 +8,7 @@ ms.custom: references_regions
 
 # Private connectivity for Arc-enabled Kubernetes clusters using private link (preview)
 
-[Azure Private Link](/azure/private-link/private-link-overview) allows you to securely link Azure services to your virtual network using private endpoints. This means you can connect your on-premises Kubernetes clusters with Azure Arc and send all traffic over an Azure ExpressRoute or site-to-site VPN connection instead of using public networks. In Azure Arc, you can use a Private Link Scope model to allow multiple Kubernetes clusters to communicate with their Azure Arc resources using a single private endpoint.
+[Azure Private Link](../../private-link/private-link-overview.md) allows you to securely link Azure services to your virtual network using private endpoints. This means you can connect your on-premises Kubernetes clusters with Azure Arc and send all traffic over an Azure ExpressRoute or site-to-site VPN connection instead of using public networks. In Azure Arc, you can use a Private Link Scope model to allow multiple Kubernetes clusters to communicate with their Azure Arc resources using a single private endpoint.
 
 This document covers when to use and how to set up Azure Arc Private Link (preview).
 
@@ -26,21 +26,21 @@ With Private Link you can:
 * Securely connect your private on-premises network to Azure Arc using ExpressRoute and Private Link.
 * Keep all traffic inside the Microsoft Azure backbone network.
 
-For more information, see [Key benefits of Azure Private Link](/azure/private-link/private-link-overview#key-benefits).
+For more information, see [Key benefits of Azure Private Link](../../private-link/private-link-overview.md#key-benefits).
 
 ## How it works
 
 Azure Arc Private Link Scope connects private endpoints (and the virtual networks they're contained in) to an Azure resource, in this case Azure Arc-enabled Kubernetes clusters. When you enable any one of the Arc-enabled Kubernetes cluster supported extensions, such as Azure Monitor, then connection to other Azure resources may be required for these scenarios. For example, in the case of Azure Monitor, the logs collected from the cluster are sent to Log Analytics workspace.
 
-Connectivity to the other Azure resources from an Arc-enabled Kubernetes cluster listed earlier requires configuring Private Link for each service. For an example, see [Private Link for Azure Monitor](/azure/azure-monitor/logs/private-link-security).
+Connectivity to the other Azure resources from an Arc-enabled Kubernetes cluster listed earlier requires configuring Private Link for each service. For an example, see [Private Link for Azure Monitor](../../azure-monitor/logs/private-link-security.md).
 
 ## Current limitations
 
 Consider these current limitations when planning your Private Link setup.
 
 * You can associate at most one Azure Arc Private Link Scope with a virtual network.
 * An Azure Arc-enabled Kubernetes cluster can only connect to one Azure Arc Private Link Scope.
-* All on-premises Kubernetes clusters need to use the same private endpoint by resolving the correct private endpoint information (FQDN record name and private IP address) using the same DNS forwarder. For more information, see [Azure Private Endpoint DNS configuration](/azure/private-link/private-endpoint-dns). The Azure Arc-enabled Kubernetes cluster, Azure Arc Private Link Scope, and virtual network must be in the same Azure region. The Private Endpoint and the virtual network must also be in the same Azure region, but this region can be different from that of your Azure Arc Private Link Scope and Arc-enabled Kubernetes cluster.
+* All on-premises Kubernetes clusters need to use the same private endpoint by resolving the correct private endpoint information (FQDN record name and private IP address) using the same DNS forwarder. For more information, see [Azure Private Endpoint DNS configuration](../../private-link/private-endpoint-dns.md). The Azure Arc-enabled Kubernetes cluster, Azure Arc Private Link Scope, and virtual network must be in the same Azure region. The Private Endpoint and the virtual network must also be in the same Azure region, but this region can be different from that of your Azure Arc Private Link Scope and Arc-enabled Kubernetes cluster.
 * Traffic to Azure Active Directory, Azure Resource Manager and Microsoft Container Registry service tags must be allowed through your on-premises network firewall during the preview.
 * Other Azure services that you will use, for example Azure Monitor, requires their own private endpoints in your virtual network.
 
@@ -52,13 +52,13 @@ Consider these current limitations when planning your Private Link setup.
 On Azure Arc-enabled Kubernetes clusters configured with private links, the following extensions support end-to-end connectivity through private links. Refer to the guidance linked to each cluster extension for additional configuration steps and details on support for private links.
 
 * [Azure GitOps](conceptual-gitops-flux2.md)
-* [Azure Monitor](/azure/azure-monitor/logs/private-link-security)
+* [Azure Monitor](../../azure-monitor/logs/private-link-security.md)
 
 ## Planning your Private Link setup
 
 To connect your Kubernetes cluster to Azure Arc over a private link, you need to configure your network to accomplish the following:
 
-1. Establish a connection between your on-premises network and an Azure virtual network using a [site-to-site VPN](/azure/vpn-gateway/tutorial-site-to-site-portal) or [ExpressRoute](/azure/expressroute/expressroute-howto-linkvnet-arm) circuit.
+1. Establish a connection between your on-premises network and an Azure virtual network using a [site-to-site VPN](../../vpn-gateway/tutorial-site-to-site-portal.md) or [ExpressRoute](../../expressroute/expressroute-howto-linkvnet-arm.md) circuit.
 1. Deploy an Azure Arc Private Link Scope, which controls which Kubernetes clusters can communicate with Azure Arc over private endpoints and associate it with your Azure virtual network using a private endpoint.
 1. Update the DNS configuration on your local network to resolve the private endpoint addresses.
 1. Configure your local firewall to allow access to Azure Active Directory, Azure Resource Manager and Microsoft Container Registry.
@@ -72,7 +72,7 @@ Azure Arc-enabled Kubernetes integrates with several Azure services to bring clo
 
 There are two ways you can achieve this:
 
-* If your network is configured to route all internet-bound traffic through the Azure VPN or ExpressRoute circuit, you can configure the network security group (NSG) associated with your subnet in Azure to allow outbound TCP 443 (HTTPS) access to Azure AD, Azure Resource Manager, Azure Front Door and Microsoft Container Registry  using [service tags](/azure/virtual-network/service-tags-overview). The NSG rules should look like the following:
+* If your network is configured to route all internet-bound traffic through the Azure VPN or ExpressRoute circuit, you can configure the network security group (NSG) associated with your subnet in Azure to allow outbound TCP 443 (HTTPS) access to Azure AD, Azure Resource Manager, Azure Front Door and Microsoft Container Registry  using [service tags](../../virtual-network/service-tags-overview.md). The NSG rules should look like the following:
 
     | Setting                 | Azure AD rule                                                 | Azure Resource Manager rule                                   | AzureFrontDoorFirstParty rule                                 | Microsoft Container Registry rule                            |
     |-------------------------|---------------------------------------------------------------|---------------------------------------------------------------|---------------------------------------------------------------|---------------------------------------------------------------
@@ -127,7 +127,7 @@ The Private Endpoint on your virtual network allows it to reach Azure Arc-enable
         :::image type="content" source="media/private-link/create-private-endpoint-2.png" alt-text="Screenshot of the Configuration step to create a private endpoint in the Azure portal.":::
 
         > [!NOTE]
-        > If you choose **No** and prefer to manage DNS records manually, first complete setting up your Private Link, including this private endpoint and the Private Scope configuration. Next, configure your DNS according to the instructions in [Azure Private Endpoint DNS configuration](/azure/private-link/private-endpoint-dns). Make sure not to create empty records as preparation for your Private Link setup. The DNS records you create can override existing settings and impact your connectivity with Arc-enabled Kubernetes clusters.
+        > If you choose **No** and prefer to manage DNS records manually, first complete setting up your Private Link, including this private endpoint and the Private Scope configuration. Next, configure your DNS according to the instructions in [Azure Private Endpoint DNS configuration](../../private-link/private-endpoint-dns.md). Make sure not to create empty records as preparation for your Private Link setup. The DNS records you create can override existing settings and impact your connectivity with Arc-enabled Kubernetes clusters.
     1. Select **Review + create**.
     1. Let validation pass.
     1. Select **Create**.
@@ -140,7 +140,7 @@ Your on-premises Kubernetes clusters need to be able to resolve the private link
 
 If you set up private DNS zones for Azure Arc-enabled Kubernetes clusters when creating the private endpoint, your on-premises Kubernetes clusters must be able to forward DNS queries to the built-in Azure DNS servers to resolve the private endpoint addresses correctly. You need a DNS forwarder in Azure (either a purpose-built VM or an Azure Firewall instance with DNS proxy enabled), after which you can configure your on-premises DNS server to forward queries to Azure to resolve private endpoint IP addresses.
 
-The private endpoint documentation provides guidance for configuring [on-premises workloads using a DNS forwarder](/azure/private-link/private-endpoint-dns#on-premises-workloads-using-a-dns-forwarder).
+The private endpoint documentation provides guidance for configuring [on-premises workloads using a DNS forwarder](../../private-link/private-endpoint-dns.md#on-premises-workloads-using-a-dns-forwarder).
 
 ### Manual DNS server configuration
 
@@ -197,6 +197,6 @@ If you run into problems, the following suggestions may help:
 
 ## Next steps
 
-* Learn more about [Azure Private Endpoint](/azure/private-link/private-link-overview).
-* Learn how to [troubleshoot Azure Private Endpoint connectivity problems](/azure/private-link/troubleshoot-private-endpoint-connectivity).
-* Learn how to [configure Private Link for Azure Monitor](/azure/azure-monitor/logs/private-link-security).
+* Learn more about [Azure Private Endpoint](../../private-link/private-link-overview.md).
+* Learn how to [troubleshoot Azure Private Endpoint connectivity problems](../../private-link/troubleshoot-private-endpoint-connectivity.md).
+* Learn how to [configure Private Link for Azure Monitor](../../azure-monitor/logs/private-link-security.md).

articles/azure-arc/servers/migrate-azure-monitor-agent-ansible.md

@@ -93,7 +93,7 @@ This workflow performs the following tasks:
 
 ### Create template to install Azure Connected Machine agent
 
-This template is responsible for installing the Azure Arc [Connected Machine agent](/azure/azure-arc/servers/agent-overview) on hosts within the provided inventory. A successful run will have installed the agent on all machines. 
+This template is responsible for installing the Azure Arc [Connected Machine agent](./agent-overview.md) on hosts within the provided inventory. A successful run will have installed the agent on all machines. 
 
 Follow the steps below to create the template:
 
@@ -286,5 +286,4 @@ After following the steps in this article, you have created an automation workfl
 
 ## Next steps
 
-Learn more about [connecting machines using Ansible playbooks](onboard-ansible-playbooks.md).
-
+Learn more about [connecting machines using Ansible playbooks](onboard-ansible-playbooks.md).