Merge pull request #210934 from w-azure/winona-hub-manage

Final pass for the manage section

Author: JamesJBarnett

articles/iot-hub/iot-hub-create-through-portal.md

@@ -14,7 +14,7 @@ ms.custom: ['Role: Cloud Development']
 
 [!INCLUDE [iot-hub-resource-manager-selector](../../includes/iot-hub-resource-manager-selector.md)]
 
-This article describes how to create and manage IoT hubs using the [Azure portal](https://portal.azure.com).
+This article describes how to create and manage an IoT hub, using the [Azure portal](https://portal.azure.com).
 
 ## Create an IoT hub
 
@@ -36,17 +36,17 @@ For a complete list of options to update an IoT hub, see the [**az iot hub updat
 
 You can also view or modify the list of shared access policies by choosing **Shared access policies** in the **Security settings** section. These policies define the permissions for devices and services to connect to IoT Hub.
 
-Select **Add shared access policy** to open the **Add shared access policy** blade.  You can enter the new policy name and the permissions that you want to associate with this policy, as shown in the following figure:
+Select **Add shared access policy** to open the **Add shared access policy** blade.  You can enter the new policy name and the permissions that you want to associate with this policy, as shown in the following screenshot:
 
-:::image type="content" source="./media/iot-hub-create-through-portal/iot-hub-add-shared-access-policy.png" alt-text="Screenshot showing adding a shared access policy." lightbox="./media/iot-hub-create-through-portal/iot-hub-add-shared-access-policy.png":::
+:::image type="content" source="./media/iot-hub-create-through-portal/iot-hub-add-shared-access-policy.png" alt-text="Screenshot showing how to add a shared access policy." lightbox="./media/iot-hub-create-through-portal/iot-hub-add-shared-access-policy.png":::
 
-* The **Registry Read** and **Registry Write** policies grant read and write access rights to the identity registry. These permissions are used by back-end cloud services to manage device identities. Choosing the write option automatically chooses the read option.
+* The **Registry Read** and **Registry Write** policies grant read and write access rights to the identity registry. These permissions are used by back-end cloud services to manage device identities. Choosing the write option automatically includes the read option.
 
 * The **Service Connect** policy grants permission to access service endpoints. This permission is used by back-end cloud services to send and receive messages from devices. It's also used to update and read device twin and module twin data.
 
 * The **Device Connect** policy grants permissions for sending and receiving messages using the IoT Hub device-side endpoints. This permission is used by devices to send and receive messages from an IoT hub or update and read device twin and module twin data. It's also used for file uploads.
 
-Select **Add** to add this newly created policy to the existing list.
+Select **Add** to add your newly created policy to the existing list.
 
 For more detailed information about the access granted by specific permissions, see [IoT Hub permissions](./iot-hub-dev-guide-sas.md#access-control-and-permissions).
 
@@ -82,16 +82,16 @@ You return to the **Add a route** page. For **Data source**, select Device Telem
 
 Next, add a routing query. In this example, the messages that have an application property called `level` with a value equal to `critical` are routed to the storage account.
 
-![Screenshot showing saving a new routing rule](./media/iot-hub-create-through-portal/iot-hub-add-route.png)
+![Screenshot showing how to save a new routing rule.](./media/iot-hub-create-through-portal/iot-hub-add-route.png)
 
 Select **Save** to save the routing rule. You return to the **Message routing** pane, and your new routing rule is displayed.
 
 ### Custom endpoints
 
-Select the **Custom endpoints** tab. You see any custom endpoints already created. From here, you can add new endpoints or delete existing endpoints.
+If you have a custom endpoint to add, select the **Custom endpoints** tab. You see custom endpoints if they were previously created. From here, you can add new endpoints or delete existing endpoints.
 
 > [!NOTE]
-> If you delete a route, it does not delete the endpoints assigned to that route. To delete an endpoint, select the Custom endpoints tab, select the endpoint you want to delete, and choose **Delete**.
+> If you delete a route, it does not delete the endpoints assigned to that route. To delete an endpoint, select the **Custom endpoints** tab, select the endpoint you want to delete, then choose **Delete**.
 
 You can read more about custom endpoints in [Reference - IoT hub endpoints](iot-hub-devguide-endpoints.md).
 
@@ -101,9 +101,13 @@ To see a full example of how to use custom endpoints with routing, see [Message
 
 ## Find a specific IoT hub
 
-Here are two ways to find a specific IoT hub in your subscription:
+Here a few ways to find a specific IoT hub in your subscription:
 
-1. If you know the resource group to which the IoT hub belongs, choose **Resource groups**, then select the resource group from the list. The resource group screen shows all of the resources in that group, including the IoT hubs. Select your hub.
+1. From the Azure homepage, select the IoT Hub icon. Find and select your IoT hub from the list.
+
+:::image type="content" source="./media/iot-hub-create-through-portal/select-iot-hub.png" alt-text="Screenshot showing how to find your IoT hub.":::
+
+1. If you know the resource group to which the IoT hub belongs, choose **Resource groups**, then select the resource group from the list. The resource group screen shows all of the resources in that group, including IoT hubs. Select your hub.
 
 2. Choose **All resources**. On the **All resources** pane, there's a dropdown list that defaults to `All types`. Select the dropdown list, uncheck `Select all`. Find `IoT Hub` and check it. Select the dropdown list box to close it, and the entries will be filtered, showing only your IoT hubs.
 

articles/iot-hub/media/iot-hub-create-through-portal/select-iot-hub.png

@@ -6,13 +6,15 @@ ms.author: dbradish
 manager: barbkess
 ms.custom: devx-track-azurecli
 ---
+You can use either the Azure Cloud Shell or a local Azure CLI.
 
-- Use the Bash environment in [Azure Cloud Shell](../articles/cloud-shell/quickstart.md). For more information, see [Azure Cloud Shell Quickstart - Bash](../articles/cloud-shell/quickstart.md).
+- [Azure Cloud Shell](../articles/cloud-shell/quickstart.md) with the Bash environment. Or launch the Cloud Shell here.
 
    [![Launch Cloud Shell in a new window](media/cloud-shell-try-it/hdi-launch-cloud-shell.png)](https://shell.azure.com)
-- If you prefer to run CLI reference commands locally, [install](/cli/azure/install-azure-cli) the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see [How to run the Azure CLI in a Docker container](/cli/azure/run-azure-cli-docker).
+- Local Azure CLI, see how to [install the Azure CLI](/cli/azure/install-azure-cli). If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see [How to run the Azure CLI in a Docker container](/cli/azure/run-azure-cli-docker).
 
-  - If you're using a local installation, sign in to the Azure CLI by using the [az login](/cli/azure/reference-index#az-login) command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see [Sign in with the Azure CLI](/cli/azure/authenticate-azure-cli).
+  - Sign in to the Azure CLI by using the [az login](/cli/azure/reference-index#az-login) command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see [Sign in with the Azure CLI](/cli/azure/authenticate-azure-cli).
 
-  - When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see [Use extensions with the Azure CLI](/cli/azure/azure-cli-extensions-overview).
+  - When you first use Azure CLI, install the Azure CLI extension. For more information about extensions, see [Use extensions with the Azure CLI](/cli/azure/azure-cli-extensions-overview).
+  
   - Run [az version](/cli/azure/reference-index?#az-version) to find the version and dependent libraries that are installed. To upgrade to the latest version, run [az upgrade](/cli/azure/reference-index?#az-upgrade).

includes/azure-cli-prepare-your-environment-no-header.md

@@ -26,34 +26,33 @@ This section describes how to create an IoT hub using the [Azure portal](https:/
 
    - **IoT hub name**: Enter a name for your hub. This name must be globally unique, with a length between 3 and 50 alphanumeric characters. The name can also include the dash (`'-'`) character.
 
-   - **Region**: Select the region in which you want your hub to be located. Select the location closest to you. Some features, such as [IoT Hub device streams](../articles/iot-hub/iot-hub-device-streams-overview.md), are only available in specific regions. For these limited features, you must select one of the supported regions.
+   - **Region**: Select the region, closest to you, where you want your hub to be located. Some features, such as [IoT Hub device streams](../articles/iot-hub/iot-hub-device-streams-overview.md), are only available in specific regions. For these limited features, you must select one of the supported regions.
 
    [!INCLUDE [iot-hub-pii-note-naming-hub](iot-hub-pii-note-naming-hub.md)]
 
    :::image type="content" source="./media/iot-hub-include-create-hub/iot-hub-create-screen-basics.png" alt-text="Screenshot that shows how to create an IoT hub in the Azure portal.":::
 
 1. Select **Next: Networking** to continue creating your hub.
 
-   Choose the endpoints that devices can use to connect to your IoT hub. You can select the default setting, **Public access**, or choose **Private access**. Accept the default setting for this example.
+   Choose the endpoints that devices can use to connect to your IoT hub. Accept the default setting, **Public access**, for this example.
 
    :::image type="content" source="./media/iot-hub-include-create-hub/iot-hub-create-network-screen.png" alt-text="Choose the endpoints that can connect.":::
 
 1. Select **Next: Management** to continue creating your hub.
 
    :::image type="content" source="./media/iot-hub-include-create-hub/iot-hub-management.png" alt-text="Set the size and scale for a new hub using the Azure portal.":::
 
-    You can accept the default settings here. If desired, you can modify any of the following fields:
+    Accept the default settings here. If desired, you can modify any of the following fields:
 
-    - **Pricing and scale tier**: Your selected tier. You can choose from several tiers, depending on how many features you want and how many messages you send through your solution per day. The free tier is intended for testing and evaluation. It allows 500 devices to be connected to the hub and up to 8,000 messages per day. Each Azure subscription can create one IoT hub in the free tier.
+    - **Pricing and scale tier**: Tier selection depends on how many features you want and how many messages you send through your solution per day. The free tier is intended for testing and evaluation. The free tier allows 500 devices to be connected to the hub and up to 8,000 messages per day. Each Azure subscription can create one IoT hub in the free tier. For details about other tier options, see [Choosing the right IoT Hub tier](../articles/iot-hub/iot-hub-scaling.md).
 
       If you're working through a quickstart, select the free tier.
 
-    - **IoT Hub units**: The number of messages allowed per unit per day depends on your hub's pricing tier. For example, if you want the hub to support ingress of 700,000 messages, you choose two S1 tier units.
-    For details about the other tier options, see [Choosing the right IoT Hub tier](../articles/iot-hub/iot-hub-scaling.md).
+    - **IoT Hub units**: The number of messages allowed per *unit* per day depends on your hub's pricing tier. For example, if you want the hub to support ingress of 700,000 messages, choose two S1 tier units.
 
-    - **Microsoft Defender for IoT**: Turn Defender on to add an extra layer of threat protection to IoT and your devices. This option isn't available for hubs in the free tier. Learn more about [security recommendations for IoT Hub in Defender for IoT](../articles/defender-for-iot/device-builders/concept-recommendations.md).
+    - **Microsoft Defender for IoT**: Turn Defender on to add an extra layer of protection to IoT and your devices. This option isn't available for hubs in the free tier. Learn more about [security recommendations for IoT Hub in Defender for IoT](../articles/defender-for-iot/device-builders/concept-recommendations.md).
 
-    - **Role-based access control**: Choose how to manage access to the IoT hub. Allow shared access policies or choose only role-based access control. For more information, see [Control access to IoT Hub by using Azure Active Directory](../articles/iot-hub/iot-hub-dev-guide-azure-ad-rbac.md).
+    - **Role-based access control**: This property decides how you *manage access* to your IoT hub. Allow shared access policies or choose only role-based access control. For more information, see [Control access to IoT Hub by using Azure Active Directory](../articles/iot-hub/iot-hub-dev-guide-azure-ad-rbac.md).
 
     - **Device-to-cloud partitions**: This property relates the device-to-cloud messages to the number of simultaneous readers of the messages. Most hubs need only four partitions.