Formatting changes

Author: David Curwin

articles/backup/azure-policy-configure-diagnostics.md

@@ -8,7 +8,7 @@ ms.date: 02/14/2020
 
 The reporting solution provided by Azure Backup leverages Log Analytics (LA). For the data of any given vault to be sent to LA, a [diagnostics setting](https://docs.microsoft.com/azure/backup/backup-azure-diagnostic-events) needs to be created for that vault.
 
-Often, adding a diagnostics setting manually per vault can be a cumbersome task. In addition, any new vault created also needs to have diagnostics settings enabled in order to be able to view reports for this vault. 
+Often, adding a diagnostics setting manually per vault can be a cumbersome task. In addition, any new vault created also needs to have diagnostics settings enabled in order to be able to view reports for this vault.
 
 To simplify the creation of diagnostics settings at scale (with LA as the destination), Azure Backup provides a built-in [Azure Policy](https://docs.microsoft.com/azure/governance/policy/). This policy adds an LA diagnostics setting to all vaults in a given subscription or resource group. The following sections provide instructions on how to use this policy.
 
@@ -30,30 +30,30 @@ To assign the policy for vaults in the required scope, follow the steps below:
 2. Select **Definitions** in the left menu to get a list of all built-in policies across Azure Resources.
 3. Filter the list for **Category=Monitoring**. Locate the policy named **[Preview]: Deploy Diagnostic Settings for Recovery Services Vault to Log Analytics workspace for resource specific categories**.
 
-![Policy Definition Blade](./media/backup-azure-policy-configure-diagnostics/policy-definition-blade.png)
+    ![Policy Definition Blade](./media/backup-azure-policy-configure-diagnostics/policy-definition-blade.png)
 
 4. Click on the name of the policy. You will be redirected to the detailed definition for this policy.
 
-![Detailed Policy Definition](./media/backup-azure-policy-configure-diagnostics/detailed-policy-definition.png)
+    ![Detailed Policy Definition](./media/backup-azure-policy-configure-diagnostics/detailed-policy-definition.png)
 
 5. Click on the **Assign** button at the top of the blade. This redirects you to the **Assign Policy** blade.
 
 6. Under **Basics**, click on the three dots next to the **Scope** field. This opens up a right context blade where you can select the subscription for the policy to be applied on. You can also optionally select a resource group, so that the policy is applied only for vaults in a particular resource group.
 
-![Policy Assignment Basics](./media/backup-azure-policy-configure-diagnostics/policy-assignment-basics.png)
+    ![Policy Assignment Basics](./media/backup-azure-policy-configure-diagnostics/policy-assignment-basics.png)
 
 7. Under **Parameters**, enter the following information:
 
-* **Profile Name** - The name that will be assigned to the diagnostics settings created by the policy.
-* **Log Analytics Workspace** - The Log Analytics Workspace to which the diagnostics setting should be associated. Diagnostics data of all vaults in the scope of the Policy assignment will be pushed to the specified LA Workspace.
+    * **Profile Name** - The name that will be assigned to the diagnostics settings created by the policy.
+    * **Log Analytics Workspace** - The Log Analytics Workspace to which the diagnostics setting should be associated. Diagnostics data of all vaults in the scope of the Policy assignment will be pushed to the specified LA Workspace.
 
-* **Exclusion Tag Name (optional) and Exclusion Tag Value (optional)** - You can choose to exclude vaults containing a certain tag name and value from the policy assignment. For example, if you do **not** want a diagnostics setting to be added to those vaults which have a tag 'isTest' set to the value 'yes', you must enter 'isTest' in the **Exclusion Tag Name** field and 'yes' in the **Exclusion Tag Value** field. If any (or both) of these two fields are left empty, the policy will be applied to all relevant vaults irrespective of the tags they contain.
+    * **Exclusion Tag Name (optional) and Exclusion Tag Value (optional)** - You can choose to exclude vaults containing a certain tag name and value from the policy assignment. For example, if you do **not** want a diagnostics setting to be added to those vaults which have a tag 'isTest' set to the value 'yes', you must enter 'isTest' in the **Exclusion Tag Name** field and 'yes' in the **Exclusion Tag Value** field. If any (or both) of these two fields are left empty, the policy will be applied to all relevant vaults irrespective of the tags they contain.
 
-![Policy Assignment Parameters](./media/backup-azure-policy-configure-diagnostics/policy-assignment-parameters.png)
+    ![Policy Assignment Parameters](./media/backup-azure-policy-configure-diagnostics/policy-assignment-parameters.png)
 
-8. **Create a remediation task** - Once the policy is assigned to a scope, any new vaults created in that scope automatically get LA diagnostics settings configured (within 30 minutes from the time of creation of the vault). To add a diagnostics setting to existing vaults in the scope, you can trigger a remediation task at policy assignment time. To trigger a remediation task, select the checkbox **Create a Remediation task**. 
+8. **Create a remediation task** - Once the policy is assigned to a scope, any new vaults created in that scope automatically get LA diagnostics settings configured (within 30 minutes from the time of creation of the vault). To add a diagnostics setting to existing vaults in the scope, you can trigger a remediation task at policy assignment time. To trigger a remediation task, select the checkbox **Create a Remediation task**.
 
-![Policy Assignment Remediation](./media/backup-azure-policy-configure-diagnostics/policy-assignment-remediation.png)
+    ![Policy Assignment Remediation](./media/backup-azure-policy-configure-diagnostics/policy-assignment-remediation.png)
 
 9. Navigate to the **Review+Create** tab and click **Create**.
 
@@ -62,15 +62,15 @@ To assign the policy for vaults in the required scope, follow the steps below:
 The remediation task is applied to vaults that are non-compliant according to the definition of the policy. A vault is non-compliant if it satisfies either of the following conditions:
 
 * No diagnostics setting is present for the vault.
-* Diagnostic settings are present for the vault but neither of the settings has **all of** the Resource specific events enabled with LA as destination, and **Resource specific** selected in the toggle. 
+* Diagnostic settings are present for the vault but neither of the settings has **all of** the Resource specific events enabled with LA as destination, and **Resource specific** selected in the toggle.
 
 So even if a user has a vault with the AzureBackupReport event enabled in AzureDiagnostics mode (which is supported by Backup Reports), the remediation task will still apply to this vault, since the Resource specific mode is the recommended way of creating diagnostics settings, [going forward](https://docs.microsoft.com/azure/backup/backup-azure-diagnostic-events#legacy-event).
 
 Further, if a user has a vault with only a subset of the six Resource specific events enabled, the remediation task will apply for this vault, since Backup Reports will work as expected only if all of the six Resource specific events are enabled.
 
 > [!NOTE]
 >
-> If a vault has an existing diagnostics setting with a **subset of Resource specific** categories enabled, configured to send data to a particular LA Workspace, say 'Workspace X', then the remediation task will fail (for that vault alone) if the destination LA Workspace provided in the Policy assignment is the **same** 'Workspace X'. 
+> If a vault has an existing diagnostics setting with a **subset of Resource specific** categories enabled, configured to send data to a particular LA Workspace, say 'Workspace X', then the remediation task will fail (for that vault alone) if the destination LA Workspace provided in the Policy assignment is the **same** 'Workspace X'.
 >
 >This is because, if the events enabled by two different diagnostics settings on the same resource **overlap** in some form, then the settings cannot have the same LA Workspace as the destination. You will have to manually resolve this failure, by navigating to the relevant vault and configuring a diagnostics setting with a different LA Workspace as the destination.
 >

articles/backup/backup-azure-arm-restore-vms.md

@@ -18,7 +18,7 @@ Azure Backup provides a number of ways to restore a VM.
 **Create a new VM** | Quickly creates and gets a basic VM up and running from a restore point.<br/><br/> You can specify a name for the VM, select the resource group and virtual network (VNet) in which it will be placed, and specify a storage account for the restored VM. The new VM must be created in the same region as the source VM.
 **Restore disk** | Restores a VM disk, which can then be used to create a new VM.<br/><br/> Azure Backup provides a template to help you customize and create a VM. <br/><br> The restore job generates a template that you can download and use to specify custom VM settings, and create a VM.<br/><br/> The disks are copied to the Resource Group you specify.<br/><br/> Alternatively, you can attach the disk to an existing VM, or create a new VM using PowerShell.<br/><br/> This option is useful if you want to customize the VM, add configuration settings that weren't there at the time of backup, or add settings that must be configured using the template or PowerShell.
 **Replace existing** | You can restore a disk, and use it to replace a disk on the existing VM.<br/><br/> The current VM must exist. If it's been deleted, this option can't be used.<br/><br/> Azure Backup takes a snapshot of the existing VM before replacing the disk, and stores it in the staging location you specify. Existing disks connected to the VM are replaced with the selected restore point.<br/><br/> The snapshot is copied to the vault, and retained in accordance with the retention policy. <br/><br/> After the replace disk operation, the original disk is retained in the resource group. You can choose to manually delete the original disks if they are not needed. <br/><br/>Replace existing is supported for unencrypted managed VMs, including VMs [created using custom images](https://azure.microsoft.com/resources/videos/create-a-custom-virtual-machine-image-in-azure-resource-manager-with-powershell/). It is unsupported for classic VMs.<br/><br/> If the restore point has more or less disks than the current VM, then the number of disks in the restore point will only reflect the VM configuration.<br><br> Replace existing isn't supported for VMs with linked resources (like [user-assigned managed-identity](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview) or [Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-overview)) because the backup client-app doesn't have permissions on these resources while performing the restore.
-**Cross Region (secondary region)** | Cross Region restore can be used to restore Azure VMs in the secondary region, which is an [Azure paired region](https://docs.microsoft.com/azure/best-practices-availability-paired-regions#what-are-paired-regions).<br><br> You can restore all the Azure VMs for the selected recovery point if the backup is done in the secondary region.<br><br> This feature is available for the options below:<br> * [Create a VM](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#create-a-vm) <br> * [Restore Disks](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#restore-disks) <br><br> We don't currently support the [Replace existing disks](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#replace-existing-disks) option.<br><br> Permissions<br> The restore operation on secondary region can be performed by Backup Admins and App admins.
+**Cross Region (secondary region)** | Cross Region restore can be used to restore Azure VMs in the secondary region, which is an [Azure paired region](https://docs.microsoft.com/azure/best-practices-availability-paired-regions#what-are-paired-regions).<br><br> You can restore all the Azure VMs for the selected recovery point if the backup is done in the secondary region.<br><br> This feature is available for the options below:<br> <li> [Create a VM](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#create-a-vm) <br> <li> [Restore Disks](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#restore-disks) <br><br> We don't currently support the [Replace existing disks](https://docs.microsoft.com/azure/backup/backup-azure-arm-restore-vms#replace-existing-disks) option.<br><br> Permissions<br> The restore operation on secondary region can be performed by Backup Admins and App admins.
 
 > [!NOTE]
 > You can also recover specific files and folders on an Azure VM. [Learn more](backup-azure-restore-files-from-vm.md).

articles/backup/backup-azure-backup-import-export.md

@@ -30,7 +30,7 @@ The following Azure Backup features or workloads support the use of offline back
 > * Backup of files and folders with the Microsoft Azure Recovery Services (MARS) Agent, also referred to as the Azure Backup Agent.
 > * Backup of all workloads and files with System Center Data Protection Manager (DPM).
 > * Backup of all workloads and files with Microsoft Azure Backup Server.
- 
+
    > [!NOTE]
    > Offline backup isn't supported for system state backups done by using the Azure Backup Agent.
 

articles/backup/backup-azure-backup-server-import-export-.md

@@ -131,7 +131,7 @@ The information in this section helps you finish the offline backup workflow so
     ![Import page](./media/backup-azure-backup-import-export/offlineBackupscreenInputs.png)
 
     Here's the corresponding page in DPM. <br/>
-    
+
     ![DPM and Azure Backup Server import page](./media/backup-azure-backup-import-export/dpmoffline.png)
 
     The boxes that you fill in are:
@@ -236,7 +236,7 @@ The *AzureOfflineBackupDiskPrep* utility is used to prepare the SATA drives that
     ![Store shipping information](./media/backup-azure-backup-import-export/storingshippinginformation.png)<br/>
 
    > [!IMPORTANT]
-   > Ensure that the drives reach the Azure datacenter within two weeks of providing the shipping information by using the *AzureOfflineBackupDiskPrep* utility. Failure to do so can result in the drives not being processed. 
+   > Ensure that the drives reach the Azure datacenter within two weeks of providing the shipping information by using the *AzureOfflineBackupDiskPrep* utility. Failure to do so can result in the drives not being processed.
 
 After you finish the previous steps, the Azure datacenter is ready to receive the drives and further process them to transfer the backup data from the drives to the classic-type Azure storage account you created.
 

articles/backup/backup-azure-backup-sql.md

@@ -18,13 +18,14 @@ To back up a SQL Server database to Azure and to recover it from Azure:
 
 ## Before you start
 
-Before you begin, ensure you've met the [prerequisites](backup-azure-dpm-introduction.md#prerequisites-and-limitations) for using Azure Backup to protect workloads. Here are some of the prerequisite tasks: 
+Before you begin, ensure you've met the [prerequisites](backup-azure-dpm-introduction.md#prerequisites-and-limitations) for using Azure Backup to protect workloads. Here are some of the prerequisite tasks:
+
 * Create a backup vault.
-* Download vault credentials. 
+* Download vault credentials.
 * Install the Azure Backup agent.
 * Register the server with the vault.
 
-## Create a backup policy 
+## Create a backup policy
 
 To protect SQL Server databases in Azure, first create a backup policy:
 
@@ -68,7 +69,7 @@ To protect SQL Server databases in Azure, first create a backup policy:
     The initial backup copy requires the transfer of the entire data source (SQL Server database). The backup data moves from the production server (SQL Server machine) to the DPM server. If this backup is large, then transferring the data over the network could cause bandwidth congestion. For this reason, administrators can choose to use removable media to transfer the initial backup **Manually**. Or they can transfer the data **Automatically over the network** at a specified time.
 
     After the initial backup finishes, backups continue incrementally on the initial backup copy. Incremental backups tend to be small and are easily transferred across the network.
-    
+
 1. Choose when to run a consistency check. Then select **Next**.
 
     ![Choose when to run a consistency check](./media/backup-azure-backup-sql/pg-consistent.png)
@@ -100,7 +101,7 @@ To protect SQL Server databases in Azure, first create a backup policy:
     * The backup on Saturday at 12:00 PM is kept for 104 weeks.
     * The backup from the last Saturday of the month at 12:00 PM is kept for 60 months.
     * The backup from the last Saturday of March at 12:00 PM is kept for 10 years.
-    
+
     After you choose a retention policy, select **Next**.
 
 1. Choose how to transfer the initial backup copy to Azure.

articles/backup/backup-azure-delete-vault.md

@@ -84,6 +84,7 @@ First, read the **[Before you start](#before-you-start)** section to understand
 
      Review the warning message and the instructions in the consent check box.
     > [!NOTE]
+    >
     >- If the protected server is synced with Azure services and backup items exist, the consent check box will display the number of dependent backup items and the link to view the backup items.
     >- If the protected server is not synced with Azure services and backup items exist, the consent check box will display only the number of backup items.
     >- If there are no backup items, the consent check box will ask for deletion.