acrolinx

greg-lindsay · greg-lindsay · commit 562cd9133f3d · 2024-02-26T11:30:14.000-08:00
diff --git a/articles/application-gateway/migrate-v1-v2.md b/articles/application-gateway/migrate-v1-v2.md
@@ -1,6 +1,6 @@
 ---
 title: Migrate from V1 to V2 - Azure Application Gateway
-description: This article shows you how to migrate Azure Application Gateway and Web Application Firewall from V1 to V2
+description: This article shows you how to migrate Azure Application Gateway and Web Application Firewall from V1 to V2.
 services: application-gateway
 author: greg-lindsay
 ms.service: application-gateway
@@ -31,7 +31,7 @@ This article primarily helps with the configuration migration. Client traffic mi
 * An existing Application Gateway V1 Standard.
 * Make sure you have the latest PowerShell modules, or you can use Azure Cloud Shell in the portal.
 * If you're running PowerShell locally, you also need to run `Connect-AzAccount` to create a connection with Azure.
-* Ensure that there is no existing Application gateway with the provided AppGW V2 Name and Resource group name in V1 subscription. This will rewrite the existing resources.
+* Ensure that there's no existing Application gateway with the provided AppGW V2 Name and Resource group name in V1 subscription. This will rewrite the existing resources.
 * If a public IP address is provided, ensure that it's in a succeeded state. If not provided and AppGWResourceGroupName is provided ensure that public IP resource with name AppGWV2Name-IP  doesn’t  exist in a resource group with the name AppGWResourceGroupName in the V1 subscription.
 * Ensure that no other operation is planned on the V1 gateway or any associated resources during migration.
 
@@ -54,7 +54,7 @@ An Azure PowerShell script is provided in this document. It performs the followi
 
 ## Downloading the script
 
-You can download the migration script from the  [PowerShell Gallery](https://www.powershellgallery.com/packages/AzureAppGWMigration).A new stable release (Version 1.0.11) of the migration script is available, which includes major updates and  bug fixes. It is recommended to use this stable version.
+You can download the migration script from the  [PowerShell Gallery](https://www.powershellgallery.com/packages/AzureAppGWMigration).A new stable release (Version 1.0.11) of the migration script is available, which includes major updates and  bug fixes. It's recommended to use this stable version.
 
 
 ## Using the script
@@ -82,7 +82,7 @@ This command also installs the required Az modules.
 #### Install using the script directly
 If you have some Azure Az modules installed and can't uninstall them (or don't want to uninstall them), you can manually download the script using the **Manual Download** tab in the script download link. The script is downloaded as a raw nupkg file. To install the script from this nupkg file, see [Manual Package Download](/powershell/gallery/how-to/working-with-packages/manual-download).
 
-Version 1.0.11 is the new version of the migration script which includes major bug fixes. It is recommended to use this stable version.
+Version 1.0.11 is the new version of the migration script which includes major bug fixes. It's recommended to use this stable version.
 
 #### How to check the version of the downloaded script
 To check the version of the downloaded script the steps are as follows:
@@ -141,7 +141,7 @@ To run the script:
    * **appgwName: [String]: Optional**. This is a string you specify to use as the name for the new Standard_V2 or WAF_V2 gateway. If this parameter isn't supplied, the name of your existing V1 gateway is used with the suffix *_V2* appended. 
    * **AppGWResourceGroupName: [String]: Optional**. Name of resource group where you want V2 Application Gateway resources to be created (default value is `<V1-app-gw-rgname>`)
  > [!NOTE]
-> Ensure that there is no existing Application gateway with the provided AppGW V2 Name and Resource group name in V1 subscription. This will rewrite the existing resources.
+> Ensure that there's no existing Application gateway with the provided AppGW V2 Name and Resource group name in V1 subscription. This will rewrite the existing resources.
    * **sslCertificates: [PSApplicationGatewaySslCertificate]: Optional**.  A comma-separated list of PSApplicationGatewaySslCertificate objects that you create to represent the TLS/SSL certs from your V1 gateway must be uploaded to the new V2 gateway. For each of your TLS/SSL certs configured for your Standard V1 or WAF V1 gateway, you can create a new PSApplicationGatewaySslCertificate object via the `New-AzApplicationGatewaySslCertificate` command shown here. You need the path to your TLS/SSL Cert file and the password.
 
      This parameter is only optional if you don't have HTTPS listeners configured for your V1 gateway or WAF. If you have at least one HTTPS listener setup, you must specify this parameter.
@@ -194,8 +194,8 @@ To run the script:
    * **publicIpResourceId: [String]: Optional**. The resourceId of existing public IP address (standard SKU) resource in your subscription that you want to allocate to the new V2 gateway. If public Ip resource name is provided, ensure that it exists in succeeded state.
       If this isn't specified, the script allocates a new public IP address in the same resource group. The name is the V2 gateway's name with *-IP* appended. If AppGWResourceGroupName is provided and a public IP address is not provided, ensure that public IP resource with name AppGWV2Name-IP doesn’t exist in a resource group with the name AppGWResourceGroupName in the V1 subscription.
 
-   * **validateMigration: [switch]: Optional**. Use this parameter if you want the script to do some basic configuration comparison validations after the V2 gateway creation and the configuration copy. By default, no validation is done.
-   * **enableAutoScale: [switch]: Optional**. Use this parameter if you want the script to enable autoscaling on the new V2 gateway after it's created. By default, autoscaling is disabled. You can always manually enable it later on the newly created V2 gateway.
+   * **validateMigration: [switch]: Optional**. Use this parameter to enable the script to do some basic configuration comparison validations after the V2 gateway creation and the configuration copy. By default, no validation is done.
+   * **enableAutoScale: [switch]: Optional**. Use this parameter to enable the script to enable autoscaling on the new V2 gateway after it's created. By default, autoscaling is disabled. You can always manually enable it later on the newly created V2 gateway.
 
 5. Run the script using the appropriate parameters. It may take five to seven minutes to finish.
 
diff --git a/articles/dns/private-dns-arg.md b/articles/dns/private-dns-arg.md
@@ -0,0 +1,86 @@
+---
+title: Use Azure Resource Graph Explorer to query Azure Private DNS
+titleSuffix: Azure DNS
+description: Learn how to query Azure Private DNS zones using Azure Resource Graph Explorer
+services: dns
+author: greg-lindsay
+ms.service: dns
+ms.date: 02/26/2024
+ms.author: greglin
+ms.topic: how-to
+---
+
+# Private DNS information in Azure Resource Graph
+
+[Azure Resource Graph](../governance/resource-graph/overview.md) is an Azure service that allows you to use the same KQL query language used in log queries to query your Azure resources at scale with complex filtering, grouping, and sorting by resource properties. You can use Azure Resource Graph (ARG) to provide detailed information about your private zones including the following:
+
+- Query the type and number of DNS resource records in one or all zones. 
+- Query virtual network links.
+- List record properties, such as TTL
+
+To get started with Resource Graph, open **Resource Graph Explorer** in the Azure portal. Select the **Table** tab and have a look at the [microsoft.resourcehealth/availabilitystatuses](#microsoftresourcehealthavailabilitystatuses) and [microsoft.resourcehealth/resourceannotations](#microsoftresourcehealthresourceannotations) tables which are described below. Click on **healthresources** to create a simple query and then click **Run** to return the records.
+
+:::image type="content" source="media/monitor-vm/resource-graph-explorer-healthresources.png" alt-text="Screenshot of Azure Resource Graph with simple healthresources query." lightbox="media/monitor-vm/resource-graph-explorer-healthresources.png" :::
+
+To view the details for a record, scroll to the right and select **See details**.
+
+:::image type="content" source="media/monitor-vm/resource-graph-explorer-healthresources-detail.png" alt-text="Screenshot of Azure Resource Graph healthresources detailed record." lightbox="media/monitor-vm/resource-graph-explorer-healthresources-detail.png" :::
+
+There will be two  types of events populated in the HealthResources table:
+
+## microsoft.resourcehealth/availabilitystatuses
+This event denotes the latest availability status of a VM, based on the [health checks](../service-health/resource-health-checks-resource-types.md#microsoftcomputevirtualmachines) performed by the underlying Azure platform. The [availability states](../service-health/resource-health-overview.md#health-status) currently emitted for VMs are as follows:
+
+- **Available**: The VM is up and running as expected.
+- **Unavailable**: A disruption to the normal functioning of the VM has been detected.
+- **Unknown**: The platform is unable to accurately detect the health of the VM. Check back in a few minutes.
+
+The availability state is in the `properties` field of the record which includes the following properties:
+
+| Field | Description |
+|:---|:---|
+| targetResourceType | Type of resource for which health data is flowing |
+| targetResourceId | Resource ID |
+| occurredTime | Timestamp when the latest availability state is emitted by the platform |
+| previousAvailabilityState | Previous availability state of the VM |
+| availabilityState | Current availability state of the VM |
+
+A sample `properties` value looks similar to the following:
+
+```json
+{
+    "targetResourceType": "Microsoft.Compute/virtualMachines",
+    "targetResourceId": "/subscriptions/<subscriptionId>/resourceGroups/<ResourceGroupName>/providers/Microsoft.Compute/virtualMachines/<VMName>",
+    "occurredTime": "2022-10-11T11:13:59.9570000Z",
+    "previousAvailabilityState": "Available",
+    "availabilityState": "Unavailable"
+}
+```
+
+## microsoft.resourcehealth/resourceannotations
+This event contextualizes any changes to VM availability, by detailing necessary failure attributes to help you investigate and mitigate the disruption as needed. The full list of VM health annotations are listed at [Resource Health virtual machine Health Annotations] (../service-health/resource-health-vm-annotation.md).
+
+These annotations can be broadly classified into the following:
+
+- **Downtime Annotations**: Emitted when the platform detects VM availability transitioning to Unavailable. Examples include host crashes or reboot operations.
+- **Informational Annotations**: Emitted during control plane activities with no impact to VM availability. Examples include VM allocation, stop, delete, start. Usually, no additional customer action is required in response.
+- **Degraded Annotations**: Emitted when VM availability is detected to be at risk. Examples include when failure prediction models predict a degraded hardware component that can cause the VM to reboot at any given time. You should redeploy by the deadline specified in the annotation message to avoid any unanticipated loss of data or downtime.
+
+| Field | Description |
+|:---|:---|
+| targetResourceType | Type of resource for which health data is flowing |
+| targetResourceId | Resource ID |
+| occurredTime | Timestamp when the latest availability state is emitted by the platform |
+| annotationName | Name of the Annotation emitted |
+| reason | Brief overview of the availability impact observed by the customer |
+| category | Denotes whether the platform activity triggering the annotation was either planned maintenance or unplanned repair. This field is not applicable to customer/VM-initiated events.<br><br>Possible values: Planned \| Unplanned \| Not Applicable \| Null |
+| context | Denotes whether the activity triggering the annotation was due to an authorized user or process (customer initiated), due to the Azure platform (platform initiated), or due to activity in the guest OS that has resulted in availability impact (VM initiated).<br><br>Possible values: Platform-Initiated \| User-initiated \| VM-initiated \| Not Applicable \| Null |
+| summary | Statement detailing the cause for annotation emission, along with remediation steps that can be taken by users |
+
+See [Azure Resource Graph sample queries by table](../governance/resource-graph/samples/samples-by-table.md?tabs=azure-cli#healthresources) for sample queries using this data.
+
+## Next steps
+
+## Next steps
+
+* Learn how to [manage record sets and records](./private-dns-getstarted-cli.md) in your DNS zone.
