Merge pull request #259653 from veyaddan/vy-main1

minor updates

Author: v-dirichards

articles/event-grid/configure-firewall-mqtt.md

@@ -10,7 +10,7 @@ ms.author: veyaddan
 ---
 
 # Configure IP firewall for Azure Event Grid namespaces
-By default, Event Grid namespaces and entities in them such as Message Queuing Telemetry Transport (MQTT) topic spaces are accessible from internet as long as the request comes with valid authentication (access key) and authorization. With IP firewall, you can restrict it further to only a set of IPv4 addresses or IPv4 address ranges in [CIDR (Classless Inter-Domain Routing)](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation. Publishers originating from any other IP address are rejected and receive a 403 (Forbidden) response. For more information about network security features supported by Event Grid, see [Network security for Event Grid](network-security.md).
+By default, Event Grid namespaces and entities in them such as Message Queuing Telemetry Transport (MQTT) topic spaces are accessible from internet as long as the request comes with valid authentication (access key) and authorization. With IP firewall, you can restrict it further to only a set of IPv4 addresses or IPv4 address ranges in [CIDR (Classless Inter-Domain Routing)](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation. Only the MQTT clients that fall into the allowed IP range can connect to publish and subscribe.  Clients originating from any other IP address are rejected and receive a 403 (Forbidden) response. For more information about network security features supported by Event Grid, see [Network security for Event Grid](network-security.md).
 
 This article describes how to configure IP firewall settings for an Event Grid namespace. For complete steps for creating a namespace, see [Create and manage namespaces](create-view-manage-namespaces.md).
 

articles/event-grid/configure-private-endpoints-mqtt.md

@@ -10,7 +10,7 @@ ms.author: veyaddan
 ---
 
 # Configure private endpoints for Azure Event Grid namespaces with MQTT enabled
-You can use [private endpoints](../private-link/private-endpoint-overview.md) to allow ingress of events directly from your virtual network to entities in your Event Grid namespaces securely over a [private link](../private-link/private-link-overview.md) without going through the public internet. The private endpoint uses an IP address from the virtual network address space for your namespace. For more conceptual information, see [Network security](network-security.md).
+You can use [private endpoints](../private-link/private-endpoint-overview.md) to allow ingress of events directly from your virtual network to entities in your Event Grid namespaces securely over a [private link](../private-link/private-link-overview.md) without going through the public internet. The private endpoint uses an IP address from the virtual network address space for your namespace.  When an MQTT client on a private network connects to the MQTT broker on a private link, the client can publish and subscribe to MQTT messages.  For more conceptual information, see [Network security](network-security.md).
 
 This article shows you how to enable private network access for an Event Grid namespace. For complete steps for creating a namespace, see [Create and manage namespaces](create-view-manage-namespaces.md).
 

articles/event-grid/media/mqtt-certificate-chain-client-authentication/event-grid-namespace-parent-certificate-added.png

@@ -41,11 +41,10 @@ Using the CA files generated to create certificate for the client.
 
 ## Upload the CA certificate to the namespace
 1. In Azure portal, navigate to your Event Grid namespace.
-1. Under the MQTT section in left rail, navigate to CA certificates menu.
+1. Under the MQTT broker section in left rail, navigate to CA certificates menu.
 1. Select **+ Certificate** to launch the Upload certificate page.  
 1. Add certificate name and browse to find the intermediate certificate (.step/certs/intermediate_ca.crt) and select **Upload**. You can upload a file of .pem, .cer, or .crt type. 
-1. On the Upload certificate page, give a Certificate name and browse for the certificate file.
-1. Select **Upload** button to add the parent certificate.
+
 
   :::image type="content" source="./media/mqtt-certificate-chain-client-authentication/event-grid-namespace-parent-certificate-added.png" alt-text="Screenshot showing the added CA certificate listed in the CA certificates page." lightbox="./media/mqtt-certificate-chain-client-authentication/event-grid-namespace-parent-certificate-added.png":::