MicrosoftDocs
diff --git a/‎articles/private-link/create-network-security-perimeter-cli.md
Lines changed: 28 additions & 16 deletions b/‎articles/private-link/create-network-security-perimeter-cli.md
Lines changed: 28 additions & 16 deletions
diff --git a/‎articles/private-link/create-network-security-perimeter-portal.md
Lines changed: 29 additions & 27 deletions b/‎articles/private-link/create-network-security-perimeter-portal.md
Lines changed: 29 additions & 27 deletions
@@ -5,7 +5,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 09/16/2024
+ms.date: 10/30/2024
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource using Azure CLI, so that I can control the network traffic to and from the resource.
 ---
 
@@ -15,12 +15,20 @@ Get started with network security perimeter by creating a network security perim
 
 [!INCLUDE [network-security-perimeter-preview-message](../../includes/network-security-perimeter-preview-message.md)]
 
-[!INCLUDE [azure-cli-prepare-your-environment.md](~/reusable-content/azure-cli/azure-cli-prepare-your-environment.md)]
+## Prerequisites
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 - The [latest Azure CLI](/cli/azure/install-azure-cli), or you can use Azure Cloud Shell in the portal.
-  - This article requires version 2.38.0 or later of the Azure CLI. If using Azure Cloud Shell, the latest version is already installed.
-- After upgrading to the latest version, you can import the network security perimeter commands using `az extension add --name nsp`.
+  - This article **requires version 2.38.0 or later** of the Azure CLI. If using Azure Cloud Shell, the latest version is already installed.
+- After upgrading to the latest version of Azure CLI, import the network security perimeter commands using `az extension add --name nsp`.
+- Re-register the `Microsoft.Network` resource provider with the following command:
+    
+    ```azure
+    az provider register --namespace Microsoft.Network 
+    ```
+
+[!INCLUDE [azure-cli-prepare-your-environment.md](~/reusable-content/azure-cli/azure-cli-prepare-your-environment-no-header.md)]
+
 
 [!INCLUDE [network-security-perimeter-add-preview](../../includes/network-security-perimeter-add-preview.md)]
 
@@ -29,20 +37,23 @@ Get started with network security perimeter by creating a network security perim
 
 To get started, connect to [Azure Cloud Shell](https://shell.azure.com) or use your local CLI environment.
 
-1. For Azure Cloud Shell, sign in and select your subscription.
+1. If using Azure Cloud Shell, sign in and select your subscription.
 1. If you installed CLI locally, sign in with the following command: 
 
     ```azurecli-interactive
+    # Sign in to your Azure account
     az login 
     ```
 
-1. Select your active subscription locally with the following command: 
+1. Once in your shell, select your active subscription locally with the following command: 
 
     ```azurecli-interactive
+    # List all subscriptions
     az account set --subscription "Azure Subscription"
-    ```
 
-1. Now you can create your resources in the next steps.
+    # Re-register the Microsoft.Network resource provider
+    az provider register --namespace Microsoft.Network    
+    ```
    
 ## Create a resource group and key vault
 
@@ -94,8 +105,7 @@ In this step, you create a new profile and associate the PaaS resource, the Azur
     az network perimeter profile create \
         --name network-perimeter-profile \
         --resource-group test-rg \
-        --perimeter-name network-security-perimeter \
-        --location westcentralus
+        --perimeter-name network-security-perimeter
 
     ```
 2. Associate the Azure Key Vault (PaaS resource) with the network security perimeter profile with the following commands. 
@@ -140,9 +150,9 @@ In this step, you create a new profile and associate the PaaS resource, the Azur
 
 ## Create and update network security perimeter access rules
 
-In this step, you create and update network security perimeter access rules with the `az network perimeter profile access-rule create` command.
+In this step, you create and update network security perimeter access rules with public IP address prefixes using the `az network perimeter profile access-rule create` command.
 
-1. Create an inbound access rule for the profile created with the following command:
+1. Create an inbound access rule with a public IP address prefix for the profile created with the following command:
 
     ```azurecli-interactive
 
@@ -152,11 +162,11 @@ In this step, you create and update network security perimeter access rules with
         --profile-name network-perimeter-profile \
         --perimeter-name network-security-perimeter \
         --resource-group test-rg \
-        --address-prefixes "[10.10.0.0/16]"
+        --address-prefixes "[192.0.2.0/24]"
 
     ```
 
-1. Update your inbound access rule with another IP address range with the following command:
+1. Update your inbound access rule with another public IP address prefix with the following command:
 
     ```azurecli-interactive
     
@@ -166,10 +176,12 @@ In this step, you create and update network security perimeter access rules with
         --profile-name network-perimeter-profile \
         --perimeter-name network-security-perimeter \
         --resource-group test-rg \
-        --address-prefixes "['10.11.0.0/16', '10.10.0.0/16']"
+        --address-prefixes "['198.51.100.0/24', '192.0.2.0/24']"
 
     ```
 
+    [!INCLUDE [network-security-perimeter-note-managed-id](../../includes/network-security-perimeter-note-managed-id.md)]
+
 ## Delete all resources
 
 To delete a network security perimeter and other resources in this quickstart, use the following commands:
@@ -203,4 +215,4 @@ To delete a network security perimeter and other resources in this quickstart, u
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Diagnostic logging for Azure Network Security Perimeter](./network-security-perimeter-collect-resource-logs.md)
+> [Diagnostic logging for Azure Network Security Perimeter](./network-security-perimeter-diagnostic-logs.md)
@@ -5,7 +5,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 09/16/2024
+ms.date: 10/30/2024
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource in the Azure portal, so that I can control the network traffic to and from the resource.
 ---
 
@@ -29,78 +29,80 @@ Sign in to the [Azure portal](https://portal.azure.com) with your Azure account.
 
 ## Create a resource group and key vault
 
-Before creating a network security perimeter, you create a resource group to hold all resources and a key vault that will be protected by the network security perimeter.
+Before creating a network security perimeter, you create a resource group to hold all resources and a key vault that's protected by a network security perimeter.
 
 > [!NOTE]
 > Azure Key Vault requires a unique name. If you receive an error that the name is already in use, try a different name. In our example, we use a unique name by appending Year (YYYY), Month (MM), and Day (DD) to the name - **key-vault-YYYYDDMM**.
 
 1. In the search box at the top of the portal, enter **Key vaults**. Select **Key vaults** in the search results.
-1. In the Key vaults accounts window that appears, select **Create +**.
+1. In the Key vaults accounts window that appears, select **+ Create**.
 1. In the **Create a key vault** window, enter the following information:
 
     |**Setting**| **Value** |
     | --- | --- |
     | Subscription | Select the subscription you want to use for this key vault. |
-    | Resource group | Select **Create new**, then enter **test-rg** as the name. |
+    | Resource group | Select **Create new**, then enter **resource-group** as the name. |
     | Key vault name |  Enter **key-vault-`<RandomNameInformation>`**. |
     | Region | Select the region in which you want your key vault to be created. For this quickstart, **(US) West Central US** is used. |
 
-1. Leave the remaining default settings, and select **Review > Create**.
+2. Leave the remaining default settings, and select **Review + Create** > **Create**.
 
 ## Create a network security perimeter
 
 Once you create a key vault, you can proceed to create a network security perimeter.
 
 > [!NOTE]
-> Please do not put any personal identifiable or sensitive data in the network security perimeter rules or other network security perimeter configuration.
+> For organizational and informational safety, it's advised **not to include any personally identifiable or sensitive data** in the network security perimeter rules or other network security perimeter configuration.
 
-1. From **Home**, select **Create a resource**.
-1. In the search box, enter **network security perimeters**. Select **network security perimeters** from the search results.
-1. In the **network security perimeters** window, select **+ Create**.
-1. In the **Create a network security perimeter** window, enter the following information:
+1. In the search box of the Azure portal, enter **network security perimeters**. Select **network security perimeters** from the search results.
+2. In the **network security perimeters** window, select **+ Create**.
+3. In the **Create a network security perimeter** window, enter the following information:
 
     | **Setting** | **Value** |
     | --- | --- |
     | Subscription | Select the subscription you want to use for this network security perimeter. |
-    | Resource group | Select **test-rg**. |
+    | Resource group | Select **resource-group**. |
     | Name | Enter **network-security-perimeter**. |
     | Region | Select the region in which you want your network security perimeter to be created. For this quickstart, **(US) West Central US** is used. |
     | Profile name | Enter **profile-1**. |
 
-1. Select the **Resources** tab or **Next** to proceed to the next step.
-1. In the **Resources** tab, select **Associate resource**.
-1. In the **Select resources** window, check **key-vault-YYYYDDMM** and choose **Select**.
-1. Select **Inbound access rules** and select **Add inbound access rule**.
-1. In the **Add inbound access rule** window, enter the following information, and select **Add**:
+4. Select the **Resources** tab or **Next** to proceed to the next step.
+5. In the **Resources** tab, select **+ Add**.
+6. In the **Select resources** window, check **key-vault-YYYYDDMM** and choose **Select**.
+7. Select **Inbound access rules** and select **+ Add**.
+8. In the **Add inbound access rule** window, enter the following information, and select **Add**:
 
     | **Settings** | **Value** |
     | --- | --- |
     | Rule name | Enter **inbound-rule**. |
     | Source type | Select **IP address ranges**. |
-    | Allowed Sources | Enter **10.1.0.0/16** or another internal IP address range. |
+    | Allowed Sources | Enter a public IP address range you wish to allow inbound traffic from. |
 
-1. Select **Outbound access rules** and select **Add outbound access rule**.
-1. In the **Add outbound access rule** window, enter the following information, and select **Add**:
+9. Select **Outbound access rules** and select **+ Add**.
+10. In the **Add outbound access rule** window, enter the following information, and select **Add**:
 
     | **Settings** | **Value** |
     | --- | --- |
     | Rule name | Enter **outbound-rule**. |
     | Destination type | Select **FQDN**. |
-    | Allowed Destinations | Enter the FQDN of the service you want to allow. For example, **www.contoso.com**. |
+    | Allowed Destinations | Enter the FQDN of the destinations you want to allow. For example, **www.contoso.com**. |
 
-1. Select **Review + create** and then **Create**.
-1. Select **Go to resource** to view the newly created network security perimeter.
+11. Select **Review + create** and then **Create**.
+12. Select **Go to resource** to view the newly created network security perimeter.
+
+[!INCLUDE [network-security-perimeter-note-managed-id](../../includes/network-security-perimeter-note-managed-id.md)]
 
 ## Delete a network security perimeter
 
 When you no longer need a network security perimeter, you remove any resources associated with the network security perimeter and then remove the perimeter following these steps:
 
-1. From your network security perimeter, select **Resources** under **Settings**.
-2. Select **key-vault-YYYYDDMM** and select **Settings>Remove** from the action bar.
-3. Navigate back to the **Overview** page of your network security perimeter.
-4. Select **Delete** and confirm the deletion by entering **network-security-perimeter** in the text box for the name of the resource.
+1. From your network security perimeter, select **Associated resources** under **Settings**.
+2. Select **key-vault-YYYYDDMM** from the list of associated resources.
+3. From the action bar,select **Settings ** and then select **Remove** in the .
+4. Navigate back to the **Overview** page of your network security perimeter.
+5. Select **Delete** and confirm the deletion by entering **network-security-perimeter** in the text box for the name of the resource.
 
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Diagnostic logging for Azure Network Security Perimeter](./network-security-perimeter-collect-resource-logs.md)
+> [Diagnostic logging for Azure Network Security Perimeter](./network-security-perimeter-diagnostic-logs.md)