MicrosoftDocs
diff --git a/‎articles/event-grid/configure-firewall.md
Lines changed: 10 additions & 8 deletions b/‎articles/event-grid/configure-firewall.md
Lines changed: 10 additions & 8 deletions
diff --git a/‎articles/event-grid/configure-private-endpoints.md
Lines changed: 17 additions & 24 deletions b/‎articles/event-grid/configure-private-endpoints.md
Lines changed: 17 additions & 24 deletions
diff --git a/‎articles/event-grid/media/configure-firewall/networking-link.png
5.5 KB b/‎articles/event-grid/media/configure-firewall/networking-link.png
5.5 KB
diff --git a/‎articles/event-grid/media/configure-firewall/networking-page-private-access.png
-36 Bytes b/‎articles/event-grid/media/configure-firewall/networking-page-private-access.png
-36 Bytes
diff --git a/‎articles/event-grid/media/configure-firewall/networking-page-public-access.png
-51 Bytes b/‎articles/event-grid/media/configure-firewall/networking-page-public-access.png
-51 Bytes
diff --git a/‎articles/event-grid/media/configure-firewall/public-networks-page.png
-19.6 KB b/‎articles/event-grid/media/configure-firewall/public-networks-page.png
-19.6 KB
diff --git a/‎articles/event-grid/media/configure-firewall/select-private-endpoints.png
-19.5 KB b/‎articles/event-grid/media/configure-firewall/select-private-endpoints.png
-19.5 KB
diff --git a/‎articles/event-grid/media/configure-private-endpoints/basics-page.png
2.6 KB b/‎articles/event-grid/media/configure-private-endpoints/basics-page.png
2.6 KB
diff --git a/‎articles/event-grid/media/configure-private-endpoints/configuration-page.png
1.54 KB b/‎articles/event-grid/media/configure-private-endpoints/configuration-page.png
1.54 KB
diff --git a/‎articles/event-grid/media/configure-private-endpoints/dns-zone-page.png
37.9 KB b/‎articles/event-grid/media/configure-private-endpoints/dns-zone-page.png
37.9 KB
@@ -3,7 +3,7 @@ title: Configure IP firewall for Azure Event Grid topics or domains
 description: This article describes how to configure firewall settings for Event Grid topics or domains. 
 ms.topic: conceptual
 ms.custom: devx-track-azurecli, devx-track-azurepowershell
-ms.date: 03/07/2022
+ms.date: 03/24/2023
 ---
 
 # Configure IP firewall for Azure Event Grid topics or domains 
@@ -22,17 +22,19 @@ This section shows you how to enable public or private network access for an Eve
     :::image type="content" source="./media/configure-firewall/networking-link.png" alt-text="Screenshot showing the selection of Networking link at the bottom of the page. ":::
 1. If you want to allow clients to connect to the topic endpoint via a public IP address, keep the **Public access** option selected. 
 
+    You can restrict access to the topic from specific IP addresses by specifying values for the **Address range** field. Specify a single IPv4 address or a range of IP addresses in Classless inter-domain routing (CIDR) notation. 
+
     :::image type="content" source="./media/configure-firewall/networking-page-public-access.png" alt-text="Screenshot showing the selection of Public access option on the Networking page of the Create topic wizard. ":::
 1. To allow access to the Event Grid topic via a private endpoint, select the **Private access** option. 
 
     :::image type="content" source="./media/configure-firewall/networking-page-private-access.png" alt-text="Screenshot showing the selection of Private access option on the Networking page of the Create topic wizard. ":::    
 1. Follow instructions in the [Add a private endpoint using Azure portal](configure-private-endpoints.md#use-azure-portal) section to create a private endpoint. 
 
 ### For an existing topic
-1. In the [Azure portal](https://portal.azure.com), Navigate to your event grid topic or domain, and switch to the **Networking** tab.
+1. In the [Azure portal](https://portal.azure.com), Navigate to your Event Grid topic or domain, and switch to the **Networking** tab.
 2. Select **Public networks** to allow all networks, including the internet, to access the resource. 
 
-    You can restrict the traffic using IP firewall rules. Specify a single IPv4 address or a range of IP addresses in Classless inter-domain routing (CIDR) notation. 
+    You can restrict access to the topic from specific IP addresses by specifying values for the **Address range** field. Specify a single IPv4 address or a range of IP addresses in Classless inter-domain routing (CIDR) notation. 
 
     :::image type="content" source="./media/configure-firewall/public-networks-page.png" alt-text="Screenshot that shows the Public network access page with Public networks selected.":::
 3. Select **Private endpoints only** to allow only private endpoint connections to access this resource. Use the **Private endpoint connections** tab on this page to manage connections. 
@@ -93,7 +95,7 @@ az eventgrid topic update \
 ```
 
 ### Create a topic with single inbound ip rule
-The following sample CLI command creates an event grid topic with inbound IP rules. 
+The following sample CLI command creates an Event Grid topic with inbound IP rules. 
 
 ```azurecli-interactive
 az eventgrid topic create \
@@ -106,7 +108,7 @@ az eventgrid topic create \
 
 ### Create a topic with multiple inbound ip rules
 
-The following sample CLI command creates an event grid topic two inbound IP rules in one step: 
+The following sample CLI command creates an Event Grid topic two inbound IP rules in one step: 
 
 ```azurecli-interactive
 az eventgrid topic create \
@@ -119,7 +121,7 @@ az eventgrid topic create \
 ```
 
 ### Update an existing topic to add inbound IP rules
-This example creates an event grid topic first and then adds inbound IP rules for the topic in a separate command. It also updates the inbound IP rules that were set in the second command. 
+This example creates an Event Grid topic first and then adds inbound IP rules for the topic in a separate command. It also updates the inbound IP rules that were set in the second command. 
 
 ```azurecli-interactive
 
@@ -178,13 +180,13 @@ New-AzEventGridTopic -ResourceGroupName MyResourceGroupName -Name Topic1 -Locati
 > When public network access is disabled for a topic or domain, traffic over public internet isn't allowed. Only private endpoint connections will be allowed to access these resources.
 
 ### Create a topic with public network access and inbound ip rules
-The following sample CLI command creates an event grid topic with public network access and inbound IP rules. 
+The following sample CLI command creates an Event Grid topic with public network access and inbound IP rules. 
 
 ```azurepowershell-interactive
 New-AzEventGridTopic -ResourceGroupName MyResourceGroupName -Name Topic1 -Location eastus -PublicNetworkAccess enabled -InboundIpRule @{ "10.0.0.0/8" = "Allow"; "10.2.0.0/8" = "Allow" }
 ```
 ### Update an existing a topic with public network access and inbound ip rules
-The following sample CLI command updates an existing event grid topic with inbound IP rules. 
+The following sample CLI command updates an existing Event Grid topic with inbound IP rules. 
 
 ```azurepowershell-interactive
 Set-AzEventGridTopic -ResourceGroupName MyResourceGroupName -Name Topic1 -PublicNetworkAccess enabled -InboundIpRule @{ "10.0.0.0/8" = "Allow"; "10.2.0.0/8" = "Allow" } -Tag @{}
 
@@ -2,7 +2,7 @@
 title: Configure private endpoints for Azure Event Grid topics or domains
 description: This article describes how to configure private endpoints for Azure Event Grid custom topics or domain. 
 ms.topic: how-to
-ms.date: 12/06/2022 
+ms.date: 03/24/2023 
 ms.custom: devx-track-azurecli, devx-track-azurepowershell
 ---
 
@@ -43,35 +43,28 @@ This section shows you how to enable private network access for an Event Grid to
 2. On the **Basics** page, follow these steps: 
     1. Select an **Azure subscription** in which you want to create the private endpoint. 
     2. Select an **Azure resource group** for the private endpoint. 
-    3. Enter a **name** for the endpoint. 
-    4. Select the **region** for the endpoint. Your private endpoint must be in the same region as your virtual network, but can in a different region from the private link resource (in this example, an  Event Grid topic). 
-    5. Then, select **Next: Resource >** button at the bottom of the page. 
+    3. Enter a **name** for the **endpoint**. 
+    1. Update the **name** for the **network interface** if needed. 
+    1. Select the **region** for the endpoint. Your private endpoint must be in the same region as your virtual network, but can in a different region from the private link resource (in this example, an  Event Grid topic). 
+    1. Then, select **Next: Resource >** button at the bottom of the page. 
 
         :::image type="content" source="./media/configure-private-endpoints/basics-page.png" alt-text="Screenshot showing the Basics page of the Create a private endpoint wizard.":::
-3. On the **Resource** page, follow these steps: 
-    1. For connection method, if you select **Connect to an Azure resource in my directory**, follow these steps. This example shows how to connect to an Azure resource in your directory. 
-        1. Select the **Azure subscription** in which your **topic/domain** exists. 
-        1. For **Resource type**, Select **Microsoft.EventGrid/topics** or **Microsoft.EventGrid/domains** for the **Resource type**.
-        2. For **Resource**, select an topic/domain from the drop-down list. 
-        3. Confirm that the **Target subresource** is set to **topic** or **domain** (based on the resource type you selected).    
-        4. Select **Next: Virtual Network >** button at the bottom of the page. 
-
-            :::image type="content" source="./media/configure-private-endpoints/resource-page.png" alt-text="Screenshot showing the Resource page of the Create a private endpoint wizard.":::
-    2. If you select **Connect to a resource using a resource ID or an alias**, follow these steps:
-        1. Enter the ID of the resource. For example: `/subscriptions/<AZURE SUBSCRIPTION ID>/resourceGroups/<RESOURCE GROUP NAME>/providers/Microsoft.EventGrid/topics/<EVENT GRID TOPIC NAME>`.  
-        2. For **Resource**, enter **topic** or **domain**. 
-        3. (optional) Add a request message. 
-        4. Select **Next: Virtual Network >** button at the bottom of the page. 
-
-            :::image type="content" source="./media/configure-private-endpoints/connect-azure-resource-id.png" alt-text="Screenshot showing the Resource page with resource ID specified.":::
+3. On the **Resource** page, follow these steps, confirm that **topic** is selected for **Target sub-resource**, and then select **Next: Virtual Network >** button at the bottom of the page. 
+
+    :::image type="content" source="./media/configure-private-endpoints/resource-page.png" alt-text="Screenshot showing the Resource page of the Create a private endpoint wizard.":::
 4. On the **Virtual Network** page, you select the subnet in a virtual network to where you want to deploy the private endpoint. 
     1. Select a **virtual network**. Only virtual networks in the currently selected subscription and location are listed in the drop-down list. 
     2. Select a **subnet** in the virtual network you selected. 
-    3. Select **Next: Tags >** button at the bottom of the page. 
+    1. Specify whether you want the **IP address** to be allocated statically or dynamically. 
+    1. Select an existing **application security group** or create one and then associate with the private endpoint.
+    1. Select **Next: DNS >** button at the bottom of the page. 
+
+        :::image type="content" source="./media/configure-private-endpoints/configuration-page.png" alt-text="Screenshot showing the Networking page of the Creating a private endpoint wizard.":::
+5. On the **DNS** page, select whether you want the private endpoint to be integrated with a **private DNS zone**, and then select **Next: Tags** at the bottom of the page. 
 
-        :::image type="content" source="./media/configure-private-endpoints/configuration-page.png" alt-text="Screenshot showing the Networking page of the Creating a private endpoint wizard":::
-5. On the **Tags** page, create any tags (names and values) that you want to associate with the private endpoint resource. Then, select **Review + create** button at the bottom of the page. 
-6. On the **Review + create**, review all the settings, and select **Create** to create the private endpoint. 
+    :::image type="content" source="./media/configure-private-endpoints/dns-zone-page.png" alt-text="Screenshot showing the DNS page of the Creating a private endpoint wizard."::: 
+1. On the **Tags** page, create any tags (names and values) that you want to associate with the private endpoint resource. Then, select **Review + create** button at the bottom of the page. 
+1. On the **Review + create**, review all the settings, and select **Create** to create the private endpoint. 
 
 ### Manage private link connection