UX updates

Author: RoseHJM

articles/dev-box/how-to-configure-project-policy.md

@@ -28,39 +28,43 @@ This enforcement mechanism ensures projects access only the resources they're ap
 ## Prerequisites
 - Microsoft Dev Box configured with a dev center and projects.
 
-## Enforce project policy for a dev center
+## Create a default policy
+The first policy you create is the default policy, which applies to all projects in the dev center. This is a good way to set up a baseline for your projects, ensuring that all projects have a minimum level of governance and control over the resources they can access. In a default policy, you select resources to restrict, such as networks, images, and SKUs.
 
-By enforcing project policies for a resource type, you control which resources are available to all projects in the dev center. When you enforce project policies for a resource type, all resources of that type are disallowed unless explicitly allowed in the default or project policy.
+Projects apply the default policy unless they have a custom project policy. This means that projects with a custom policy can access resources that aren't available to projects without a custom policy. In other words, projects with a custom policy can access resources that aren't available to all projects in the dev center.
 
-To enforce project policies:
+To create a default policy:
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 1. Navigate to your dev center.
-1. In the left pane, expand **Settings**, and then select **Project policy (preview)**.
-1. Under **Enforce project policy**, select the resources you want to restrict for all projects in the dev center.
-   For example, to restrict the SKUs available to projects in the dev center, select **SKUs**.
-1. To confirm your selection and enforce it, select **Apply**.
+1. In the left pane, expand **Manage**, and then select **Project policy**.
+1. On the **Project policy** page, select **Create a policy**.
 
-## Create a default policy
-You should first create a default policy, which applies to all projects in the dev center. This is a good way to set up a baseline for your projects, ensuring that all projects have a minimum level of governance and control over the resources they can access. In a default policy, you select resources to restrict, such as networks, images, and SKUs.
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-page.png" alt-text="Screenshot of the Project policy page in the Azure portal, showing options to create a new project policy.":::
 
-When project policies are enforced, projects apply the default policy unless they have a custom project policy. This means that projects with a custom policy can access resources that aren't available to projects without a custom policy. In other words, projects with a custom policy can access resources that aren't available to all projects in the dev center.
+1. The name of the policy is **default**.
 
-To create a default policy:
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-default-name.png" alt-text="Screenshot showing the default project policy name field in the Azure portal.":::
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
-1. Navigate to your dev center.
-1. In the left pane, expand **Settings**, and then select **Project policy (preview)**.
-1. Under **Project policies**, select **Create project policy**.
-1. On the **Create project policy** page, for **Targeted projects**, select **All current and future projects**.
-1. The name of the policy is **default**.
-1. Under **Allow access to the following**, select the resources you want to restrict for the project.
-   For example, to restrict SKU usage, select **SKUs**.
-1. In the **Select SKUs** pane, select **A specific SKU or group of SKUs**. 
-   For example, to restrict the project to only use 16 vCPU SKUs, select **SKUs**, and then select all 16 vCPU SKUs. 
-1. To confirm your selection, select **Select**.
-1. You can select one or more resources: images, networks, and SKUs. When you finish selecting the resources, select **Create**.
-1. To confirm that the default policy is applied to all projects, under **Project policies** > **default**, select **Show selected**.
+1. Under **Allow resources**, select the resources you want to allow for the project. You must select at least one resource for each category: images, networks, and SKUs. To restrict SKU usage, select **Select SKUs**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-select-skus.png" alt-text="Screenshot showing the Select SKUs pane in the Azure portal, with options to restrict SKU usage for a project.":::
+
+1. In the **Select SKUs** pane, select **A specific SKU or group of SKUs**, and then select the SKUs you want to allow. In this example, you can select all the **16 vCPU** SKUs. To confirm your selection, select **Select**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-select-multiple-skus.png" alt-text="Screenshot showing the Select SKUs pane in the Azure portal, with multiple SKUs selected for a project policy.":::
+
+1. Select **Select images**.
+1. In the **Select images** pane, to allow all current and future images for projects, select **All current and future images**, and then select **Select**.
+1. Select **Select networks**.
+1. In the **Select networks** pane, to allow all current and future networks for projects, select **All current and future networks**, and then select **Select**. 
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-create.png" alt-text="Screenshot showing the Create button in the Azure portal to finalize a project policy.":::
+
+1. When you finish selecting the resources, select **Create**.
+1. To confirm that the default policy applies the resources, expand **default**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-summary.png" alt-text="Screenshot showing the summary of a default project policy in the Azure portal.":::
 
 ## Create a Project policy
 Custom project policies enable you to control resources for specific projects. These policies allow you to control and restrict resources available to projects, ensuring better governance and resource management. Each project can have only one custom policy, but the same policy can be applied to multiple projects. These policies allow you to control and restrict resources available to projects, ensuring better governance and resource management.
@@ -69,46 +73,57 @@ To create and apply a custom project policy:
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 1. Navigate to your dev center.
-1. In the left pane, expand **Settings**, and then select **Project policy (preview)**.
-1. Under **Project policies**, select **Create project policy**.
-1. On the **Create project policy** page, for **Targeted projects**, select **Select projects**.
+1. In the left pane, expand **Manage**, and then select **Project policy**.
+1. On the **Project policy** page, select **Create**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-create-custom.png" alt-text="Screenshot showing the Create button for a custom project policy in the Azure portal.":::
+
+1. On the **Create project policy** page, enter a name for the project policy. 
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-custom-name.png" alt-text="Screenshot showing the name field for a custom project policy in the Azure portal.":::
+
+1. Under **Target projects**, select **Select projects**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-custom-select-projects.png" alt-text="Screenshot showing the Select projects option for a custom project policy in the Azure portal.":::
+
 1. In the **Select projects** pane, select the projects you want to apply the policy to, and then select **Select**.
-   For example, select **AI-dev**, and then select **Select**.
-1. In the **Name** field, enter a name for the project policy.
-   For example, enter **AI-dev policy**.
-1. Under **Allow access to the following**, select the resources you want to restrict for the project.
-   For example, to restrict the AI-dev project to only use 32 vCPU SKUs, select **SKUs**, and then select all 32 vCPU SKUs.
-1. To confirm your selection, select **Select**. 
-1. You can select one or more resources. When you finish selecting the resources, select **Create**.
 
-## View policies for a project
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-target-projects.png" alt-text="Screenshot showing the selected target projects for a custom project policy in the Azure portal.":::
 
-1. To confirm that the project policy is applied to the project, under **Project policies**, select the name of the project policy you created.
-1. Under **Project policy**, select **Show selected**.
-1. The project policy shows the projects wo ahich it is appliedm and the resources that are restricted for the project.
- 
-1. To view the project policy for a specific project, select **Group by** > **Group by project**.
-1. Select the project you want to view the policy for, and then select **Show selected**.
-1. The project policy shows the resources that are restricted for the project. Note that the default policy and the project policy restrictions are combined. For example, if the default policy restricts the project to only use 16 vCPU SKUs, and the project policy restricts the project to only use 32 vCPU SKUs, the project can use both 16 vCPU SKUs and 32 vCPU SKUs.
+1. Under **Allow resources**, select the resources you want to restrict for the project.
+   For example, to restrict a project to only use Visual Studio 2022 images, select **Select images**, and then select all Visual Studio 2022 images. To confirm your selection, select **Select**. 
 
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-custom-select-images.png" alt-text="Screenshot showing the Select images pane for a custom project policy in the Azure portal.":::
 
-## Edit a project policy
+1. You can select more resources. When you finish selecting resources, select **Create**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-custom-summary-create.png" alt-text="Screenshot showing the summary of a custom project policy before creation in the Azure portal.":::
+
+
+## View policies for a project
+
+To confirm that the project policy is applied to the project:
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 1. Navigate to your dev center.
-1. In the left pane, expand **Settings**, and then select **Project policy (preview)**.
-1. To view a specific project policy, select **Group by** > **Group by policy**.
-1.  Under **Project policies**, on the project policy you want to edit, scroll to the right and select **...** > **Edit**.
-1. When you finish making changes, select **Apply**.
+1. In the left pane, expand **Manage**, and then select **Project policy**.
+1. On the **Project policy** page, expand the project policy you created.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-custom-summary.png" alt-text="Screenshot showing the summary of an applied custom project policy in the Azure portal.":::
+
+The default policy and the project policy restrictions are combined. For example, if the default policy restricts the project to only use 16 vCPU SKUs, and the project policy restricts the project to only use Visual Studio 2022, the project can use both 16 vCPU SKUs and Visual Studio 2022 images.
 
-## Disable project policies
 
-You can disable project policies to allow all projects in the dev center to access all resources. This is useful when you want to temporarily lift restrictions on resource usage for all projects in the dev center.
+## Edit a project policy
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 1. Navigate to your dev center.
-1. In the left pane, expand **Settings**, and then select **Project policy (preview)**.
-1. Under **Enforce project policy**, clear the check boxes for the resources you want to allow all projects in the dev center to access.
+1. In the left pane, expand **Manage**, and then select **Project policy**.
+1. For the project policy you want to edit, scroll to the right and select **Edit**.
+
+   :::image type="content" source="media/how-to-configure-project-policy/project-policy-edit.png" alt-text="Screenshot showing the Edit button for a project policy in the Azure portal.":::
+
+1. When you finish making changes, select **Apply**.
 
 ## Related content