Merge pull request #293414 from paulth1/mqtt-broker-batch4

[AQ] edit pass: Mqtt broker batch4

Author: ShawnJackson

articles/iot-operations/manage-mqtt-broker/howto-broker-mqtt-client-options.md

@@ -8,21 +8,21 @@ ms.service: azure-iot-operations
 ms.subservice: azure-mqtt-broker
 ms.date: 11/11/2024
 
-#CustomerIntent: As an operator, I want to configure MQTT broker so that I can control MQTT client interactions.
+#CustomerIntent: As an operator, I want to configure an MQTT broker so that I can control MQTT client interactions.
 ---
 
 # Configure broker MQTT client options
 
 > [!IMPORTANT]
-> This setting requires modifying the Broker resource and can only be configured at initial deployment time using the Azure CLI or Azure Portal. A new deployment is required if Broker configuration changes are needed. To learn more, see [Customize default Broker](./overview-broker.md#customize-default-broker).
+> This setting requires that you modify the Broker resource. It's configured only at initial deployment by using the Azure CLI or the Azure portal. A new deployment is required if Broker configuration changes are needed. To learn more, see [Customize default Broker](./overview-broker.md#customize-default-broker).
 
-The broker advanced client options control how the broker interacts with MQTT clients. These settings, negotiated between the broker and the client during connection, include session expiry, message expiry, receive maximum, and keep alive. The only setting specific to Azure IoT Operations is the [subscriber queue limit](#subscriber-queue-limit).
+The MQTT broker advanced client options control how the broker interacts with MQTT clients. These settings, negotiated between the broker and the client during connection, include session expiry, message expiry, receive maximum, and keep alive. The only setting specific to Azure IoT Operations is the [subscriber queue limit](#subscriber-queue-limit).
 
-The complete list of available settings is found at [ClientConfig](/rest/api/iotoperations/broker/create-or-update#clientconfig) API reference.
+For the complete list of available settings, see the [ClientConfig](/rest/api/iotoperations/broker/create-or-update#clientconfig) API reference.
 
-In many scenarios, the default client settings are sufficient. To override the default client settings for the broker, edit the `advanced.clients` section in the Broker resource. Currently, this override is only supported using the `--broker-config-file` flag when you deploy the Azure IoT Operations using the `az iot ops create` command.
+In many scenarios, the default client settings are sufficient. To override the default client settings for the MQTT broker, edit the `advanced.clients` section in the Broker resource. Currently, this override is supported only by using the `--broker-config-file` flag when you deploy IoT Operations by using the `az iot ops create` command.
 
-To get started, prepare a Broker config file in JSON format, like the following example:
+To get started, prepare a Broker configuration file in JSON format, like the following example:
 
 
 ```json
@@ -42,7 +42,7 @@ To get started, prepare a Broker config file in JSON format, like the following
 }
 ```
 
-Then, deploy Azure IoT Operations using the `az iot ops create` command with the `--broker-config-file` flag, like the following command (other parameters omitted for brevity):
+Then, deploy IoT Operations by using the `az iot ops create` command with the `--broker-config-file` flag, like the following command. (Other parameters are omitted for brevity.)
 
 ```azurecli
 az iot ops create ... --broker-config-file <FILE>.json
@@ -52,39 +52,37 @@ To learn more, see [Azure CLI support for advanced MQTT broker configuration](ht
 
 ## Subscriber queue limit
 
-The MQTT broker keeps a queue for each subscriber with QoS 1 messages waiting to be delivered. Messages are added to this queue when received from the publisher and removed once delivered and acknowledged by the subscriber with a `PUBACK`. If messages arrive faster than the subscriber can acknowledge them, or if the subscriber is offline with a persistent session, the queue can grow large.
+The MQTT broker keeps a queue for each subscriber with QoS 1 messages waiting to be delivered. Messages are added to this queue when they're received from the publisher. They're removed after they're delivered and acknowledged by the subscriber with a PUBACK message. If messages arrive faster than the subscriber can acknowledge them, or if the subscriber is offline with a persistent session, the queue can grow large.
 
-The broker can [buffer these messages to disk](./howto-disk-backed-message-buffer.md) to save memory, but this might not always be enough. The disk buffer might not be set up, or it could be full due to other subscribers. Therefore, the subscriber queue limit helps prevent the broker from using too much memory for a single subscriber.
+The MQTT broker can [buffer these messages to disk](./howto-disk-backed-message-buffer.md) to save memory, but this tactic might not always be enough. The disk buffer might not be set up, or it could be full because of other subscribers. Therefore, the subscriber queue limit helps prevent the broker from using too much memory for a single subscriber.
 
 The subscriber queue limit has two settings:
 
 - **Length**: The maximum number of messages that can be queued for a single subscriber. If the queue is full and a new message arrives, the broker drops the message based on the configured strategy.
-
 - **Strategy**: The strategy to use when the queue is full. The two strategies are:
 
-  - **None**: Messages aren't dropped [unless the session expires](#session-expiry), and the queue can grow indefinitely. This is the default behavior.
-
+  - **None**: Messages aren't dropped [unless the session expires](#session-expiry), and the queue can grow indefinitely. This behavior is the default.
   - **DropOldest**: The oldest message in the queue is dropped.
 
-The limit only applies to the subscriber's outgoing queue, which holds messages that haven't been assigned packet IDs because the in-flight queue is full. This limit doesn't apply to the in-flight queue.
+The limit applies only to the subscriber's outgoing queue, which holds messages that haven't been assigned packet IDs because the in-flight queue is full. This limit doesn't apply to the in-flight queue.
 
-Since the limit is applied per [backend partition](./howto-configure-availability-scale.md#backend-chain), the broker can't guarantee the total number of outgoing messages for a subscriber across the entire cluster. For example, setting the length to 10,000 doesn't mean the subscriber will receive at most 10,000 messages. Instead, it could receive up to `10,000 * number of partitions * number of backend workers` messages.
+Because the limit is applied per [backend partition](./howto-configure-availability-scale.md#backend-chain), the MQTT broker can't guarantee the total number of outgoing messages for a subscriber across the entire cluster. For example, setting the length to 10,000 doesn't mean the subscriber receives at most 10,000 messages. Instead, it could receive up to `10,000 * number of partitions * number of backend workers` messages.
 
 ### Slow subscribers
 
-A slow subscriber is one that can't keep up with the incoming message rate. This can occur if the subscriber processes messages slowly, is disconnected, or is offline. The subscriber queue limit helps prevent a slow subscriber from consuming too much memory.
+A slow subscriber is one that can't keep up with the incoming message rate. This problem can occur if the subscriber processes messages slowly, is disconnected, or is offline. The subscriber queue limit helps prevent a slow subscriber from consuming too much memory.
 
 ### Message expiry
 
-The `maxMessageExpirySeconds` setting controls how long a message can stay in the queue before it expires. If a message stays in the queue longer than the maximum expiry time, it is marked as expired. However, expired messages are only discarded when they reach the beginning of the queue. This passive expiry mechanism helps manage memory usage by ensuring that old messages are eventually removed.
+The `maxMessageExpirySeconds` setting controls how long a message can stay in the queue before it expires. If a message stays in the queue longer than the maximum expiry time, it's marked as expired. However, expired messages are discarded only when they reach the beginning of the queue. This passive expiry mechanism helps manage memory usage by ensuring that old messages are eventually removed.
 
 ### Session expiry
 
-The `maxSessionExpirySeconds` setting works with the subscriber queue limit to ensure that messages aren't kept in the queue indefinitely. If a session expires, all messages in the queue for that session are dropped. This helps prevent offline subscribers from using too much memory by eventually clearing the entire queue.
+The `maxSessionExpirySeconds` setting works with the subscriber queue limit to ensure that messages aren't kept in the queue indefinitely. If a session expires, all messages in the queue for that session are dropped. This practice helps prevent offline subscribers from using too much memory by eventually clearing the entire queue.
 
 Both message expiry and session expiry are important for managing slow and offline subscribers and ensuring efficient memory usage.
 
-## Next steps
+## Related content
 
 - [Configure listeners for the MQTT broker](./howto-configure-brokerlistener.md)
-- [Test connectivity to the broker](./howto-test-connection.md)
+- [Test connectivity to the MQTT broker](./howto-test-connection.md)

articles/iot-operations/manage-mqtt-broker/howto-encrypt-internal-traffic.md

@@ -8,24 +8,24 @@ ms.service: azure-iot-operations
 ms.subservice: azure-mqtt-broker
 ms.date: 11/12/2024
 
-#CustomerIntent: As an operator, I want to configure MQTT broker so that I can encrypt internal communication and data.
+#CustomerIntent: As an operator, I want to configure an MQTT broker so that I can encrypt internal communication and data.
 ---
 
 # Configure encryption of broker internal traffic and internal certificates
 
-Ensuring the security of internal communications within your infrastructure is important for maintaining data integrity and confidentiality. You can configure the MQTT broker to encrypt internal traffic and data. Encryption certificates are automatically managed using credential manager.
+Ensuring the security of internal communications within your infrastructure is important to maintain data integrity and confidentiality. You can configure the MQTT broker to encrypt internal traffic and data. Encryption certificates are automatically managed by using the credential manager.
 
 ## Encrypt internal traffic
 
 > [!IMPORTANT]
-> This setting requires modifying the Broker resource and can only be configured at initial deployment time using the Azure CLI or Azure Portal. A new deployment is required if Broker configuration changes are needed. To learn more, see [Customize default Broker](./overview-broker.md#customize-default-broker).
+> This setting requires that you modify the Broker resource. It's configured only at initial deployment by using the Azure CLI or the Azure portal. A new deployment is required if Broker configuration changes are needed. To learn more, see [Customize default Broker](./overview-broker.md#customize-default-broker).
 
 The **encrypt internal traffic** feature is used to encrypt the internal traffic in transit between the MQTT broker frontend and backend pods. It's enabled by default when you deploy Azure IoT Operations.
 
-To disable encryption, modify the `advanced.encryptInternalTraffic` setting in the Broker resource. This can only be done using the `--broker-config-file` flag during the deployment of Azure IoT Operations with the `az iot ops create` command.
+To disable encryption, modify the `advanced.encryptInternalTraffic` setting in the Broker resource. You can do this step only by using the `--broker-config-file` flag during the deployment of IoT Operations with the `az iot ops create` command.
 
 > [!CAUTION]
-> Disabling encryption can improve MQTT broker performance. However, to protect against security threats like man-in-the-middle attacks, we strongly recommend keeping this setting enabled. Only disable encryption in controlled non-production environments for testing.
+> Disabling encryption can improve MQTT broker performance. To protect against security threats like man-in-the-middle attacks, we strongly recommend that you keep this setting enabled. Disable encryption only in controlled nonproduction environments for testing.
 
 ```json
 {
@@ -35,17 +35,17 @@ To disable encryption, modify the `advanced.encryptInternalTraffic` setting in t
 }
 ```
 
-Then, deploy Azure IoT Operations using the `az iot ops create` command with the `--broker-config-file` flag, like the following command (other parameters omitted for brevity):
+Then, deploy IoT Operations by using the `az iot ops create` command with the `--broker-config-file` flag, like the following command. (Other parameters are omitted for brevity.)
 
 ```azurecli
 az iot ops create ... --broker-config-file <FILE>.json
 ```
 
 ## Internal certificates
 
-When encryption is enabled, the broker uses cert-manager to generate and manage the certificates used for encrypting the internal traffic. Cert-manager automatically renews certificates when they expire. You can configure the certificate settings, like duration, when to renew, and private key algorithm in the Broker resource. Currently, changing the certificate settings are only supported using the `--broker-config-file` flag when you deploy the Azure IoT Operations using the `az iot ops create` command.
+When encryption is enabled, the MQTT broker uses cert-manager to generate and manage the certificates used for encrypting the internal traffic. Cert-manager automatically renews certificates when they expire. You can configure certificate settings like duration, when to renew, and the private key algorithm in the Broker resource. Currently, changing the certificate settings is supported only by using the `--broker-config-file` flag when you deploy IoT Operations by using the `az iot ops create` command.
 
-For example, to set the certificate duration to 240 hours, renew before 45 minutes, and private key algorithm to RSA 2048, prepare a Broker config file in JSON format:
+For example, to set the certificate `duration` to 240 hours, the `renewBefore` time to 45 minutes, and the `privateKey` `algorithm` to RSA 2048, prepare a Broker configuration file in JSON format:
 
 ```json
 {
@@ -63,10 +63,10 @@ For example, to set the certificate duration to 240 hours, renew before 45 minut
 }
 ```
 
-Then, deploy Azure IoT Operations using the `az iot ops create` command with the `--broker-config-file <FILE>.json`.
+Then, deploy IoT Operations by using the `az iot ops create` command with `--broker-config-file <FILE>.json`.
 
 To learn more, see [Azure CLI support for advanced MQTT broker configuration](https://aka.ms/aziotops-broker-config) and [Broker examples](/rest/api/iotoperations/broker/create-or-update#examples).
 
-## Next steps
+## Related content
 
 - [Configure broker listeners](./howto-configure-brokerlistener.md)