Merge pull request #289096 from sdwheeler/sdw-w330432-cs-next-steps

Add next steps and reorder redeploy options

Author: Jill Grant

articles/cloud-shell/vnet/overview.md

@@ -1,7 +1,6 @@
 ---
 description: This article describes a scenario for using Azure Cloud Shell in a private virtual network.
-ms.contributor: jahelmic
-ms.date: 04/22/2024
+ms.date: 10/23/2024
 ms.topic: conceptual
 title: Use Cloud Shell in an Azure virtual network
 ---
@@ -12,7 +11,7 @@ By default, Azure Cloud Shell sessions run in a container in a Microsoft network
 from your resources. Commands that run inside the container can't access resources in a private
 virtual network. For example, you can't use Secure Shell (SSH) to connect from Cloud Shell to a
 virtual machine that has only a private IP address, or use `kubectl` to connect to a Kubernetes
-cluster that has locked down access.
+cluster with locked-down access.
 
 To provide access to your private resources, you can deploy Cloud Shell into an Azure virtual
 network that you control. This technique is called _virtual network isolation_.
@@ -29,15 +28,15 @@ Deploying Cloud Shell in a private virtual network offers these benefits:
 ## Things to consider before deploying Azure Cloud Shell in a virtual network
 
 - Starting Cloud Shell in a virtual network is typically slower than a standard Cloud Shell session.
-- Virtual network isolation requires you to use [Azure Relay][01], which is a paid service. In the
+- Virtual network isolation requires you to use [Azure Relay][02], which is a paid service. In the
   Cloud Shell scenario, one hybrid connection is used for each administrator while they're using
   Cloud Shell. The connection is automatically closed when the Cloud Shell session ends.
 
 ## Architecture
 
 The following diagram shows the resource architecture that you must build to enable this scenario.
 
-![Illustration of a Cloud Shell isolated virtual network architecture.][03]
+![Illustration of a Cloud Shell isolated virtual network architecture.][04]
 
 - **Customer client network**: Client users can be located anywhere on the internet to securely
   access and authenticate to the Azure portal and use Cloud Shell to manage resources contained in
@@ -48,20 +47,26 @@ The following diagram shows the resource architecture that you must build to ena
 - **Customer virtual network**: This is the network that contains the subnets to support virtual
   network isolation. Resources such as virtual machines and services are directly accessible from
   Cloud Shell without the need to assign a public IP address.
-- **Azure Relay**: [Azure Relay][01] allows two endpoints that aren't directly reachable to
+- **Azure Relay**: [Azure Relay][02] allows two endpoints that aren't directly reachable to
   communicate. In this case, it's used to allow the administrator's browser to communicate with the
   container in the private network.
 - **File share**: Cloud Shell requires a storage account that's accessible from the virtual network.
   The storage account provides the file share used by Cloud Shell users.
 
-## Related links
+## Pricing
 
 Cloud Shell requires a new or existing Azure Files share to be mounted to persist files across
-sessions. Storage incurs regular costs. If you have deployed Azure Cloud Shell in a private virtual
+sessions. Storage incurs regular costs. When you deploy Azure Cloud Shell in a private virtual
 network, you pay for network resources. For pricing information, see
-[Pricing of Azure Cloud Shell][02].
+[Pricing of Azure Cloud Shell][01].
+
+## Next steps
+
+When you're ready to deploy your own instance of Cloud Shell, see
+[Deploy Azure Cloud Shell in a virtual network with quickstart templates][03].
 
 <!-- link references -->
-[01]: /azure/azure-relay/relay-what-is-it
-[02]: ../pricing.md
-[03]: media/overview/data-diagram.png
+[01]: ../pricing.md
+[02]: /azure/azure-relay/relay-what-is-it
+[03]: deployment.md
+[04]: media/overview/data-diagram.png

articles/cloud-shell/vnet/troubleshooting.md

@@ -3,7 +3,7 @@ description: >
   This article provides instructions for troubleshooting a private virtual network deployment of
   Azure Cloud Shell.
 ms.contributor: jahelmic
-ms.date: 10/26/2023
+ms.date: 10/23/2024
 ms.topic: troubleshooting
 title: Troubleshoot Azure Cloud Shell in a private virtual network
 ---
@@ -13,7 +13,7 @@ This article provides instructions for troubleshooting a private virtual network
 Cloud Shell. For best results, and to be supportable, following the deployment instructions in the
 [Deploy Azure Cloud Shell in a virtual network using quickstart templates][03] article.
 
-## Verify you have set the correct permissions
+## Verify you have the correct permissions
 
 To configure Azure Cloud Shell in a virtual network, you must have the **Owner** role assignment on
 the subscription. To view and assign roles, see [List owners of a subscription][01].
@@ -79,28 +79,13 @@ permissions for your subscription:
 
    [![Screenshot showing the network relay role assignments.][ss04a]][ss04x]
 
-## Redeploy Cloud Shell for a private virtual network
+## When all else fails
 
 Verify the configurations described in this article. If you continue receive an error message when
 you try to use your deployment of Cloud Shell, you have two options:
 
-1. Open a support ticket
 1. Redeploy Cloud Shell for a private virtual network
-
-### Open a support ticket
-
-If you want to open a support ticket, you can do so from the Azure portal. Be sure to capture any
-error messages, including the **Correlation Id** and **Activity Id** values. Don't change any
-settings or delete any resources until instructed to by a support technician.
-
-Follow these steps to open a support ticket:
-
-1. Select the **Support & Troubleshooting** icon on the top navigation bar in the Azure portal.
-1. From the **Support & Troubleshooting** pane, select **Help + support**.
-1. Select **Create a support request** at the top of the center pane.
-1. Follow the instructions to create a support ticket.
-
-   [![Screenshot of creating a support ticket in the Azure portal.][ss05a]][ss05x]
+1. Open a support ticket
 
 ### Redeploy Cloud Shell for a private virtual network
 
@@ -124,13 +109,28 @@ The following list provides a description of the resources created by the deploy
 - A **Relay** resource with the name of the relay namespace you provided in the deployment template.
 - A **Storage account** resource with the name you provided in the deployment template.
 
-Once you have removed the resources, you can redeploy Cloud Shell by following the steps in the
+After you remove the resources, you can redeploy Cloud Shell by following the steps in the
 [Deploy Azure Cloud Shell in a virtual network using quickstart templates][03] article.
 
 You can find these resources by viewing the resource group in the Azure portal.
 
 [![Screenshot of resources created by the deployment.][ss02a]][ss02x]
 
+### Open a support ticket
+
+If you want to open a support ticket, you can do so from the Azure portal. Be sure to capture any
+error messages, including the **Correlation Id** and **Activity Id** values. Don't change any
+settings or delete any resources until instructed to by a support technician.
+
+Follow these steps to open a support ticket:
+
+1. Select the **Support & Troubleshooting** icon on the top navigation bar in the Azure portal.
+1. From the **Support & Troubleshooting** pane, select **Help + support**.
+1. Select **Create a support request** at the top of the center pane.
+1. Follow the instructions to create a support ticket.
+
+   [![Screenshot of creating a support ticket in the Azure portal.][ss05a]][ss05x]
+
 <!-- link references -->
 [01]: /azure/role-based-access-control/role-assignments-list-portal#list-owners-of-a-subscription
 [02]: https://portal.azure.com/