MicrosoftDocs
diff --git a/‎articles/service-bus-messaging/media/service-bus-dotnet-get-started-with-queues/azure-sign-button-visual-studio.png
26.4 KB b/‎articles/service-bus-messaging/media/service-bus-dotnet-get-started-with-queues/azure-sign-button-visual-studio.png
26.4 KB
diff --git a/‎articles/service-bus-messaging/service-bus-dotnet-get-started-with-queues.md
Lines changed: 129 additions & 89 deletions b/‎articles/service-bus-messaging/service-bus-dotnet-get-started-with-queues.md
Lines changed: 129 additions & 89 deletions
diff --git a/‎articles/service-bus-messaging/service-bus-dotnet-how-to-use-topics-subscriptions.md
Lines changed: 98 additions & 68 deletions b/‎articles/service-bus-messaging/service-bus-dotnet-how-to-use-topics-subscriptions.md
Lines changed: 98 additions & 68 deletions
diff --git a/‎includes/passwordless/service-bus/media/service-bus-assign-roles/add-role.png
4.48 KB b/‎includes/passwordless/service-bus/media/service-bus-assign-roles/add-role.png
4.48 KB
diff --git a/‎includes/passwordless/service-bus/service-bus-assign-roles.md
Lines changed: 10 additions & 46 deletions b/‎includes/passwordless/service-bus/service-bus-assign-roles.md
Lines changed: 10 additions & 46 deletions
diff --git a/‎includes/passwordless/service-bus/service-bus-create-namespace-portal-passwordless.md
Lines changed: 3 additions & 3 deletions b/‎includes/passwordless/service-bus/service-bus-create-namespace-portal-passwordless.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎includes/passwordless/service-bus/service-bus-passwordless-template-tabbed.md
Lines changed: 12 additions & 20 deletions b/‎includes/passwordless/service-bus/service-bus-passwordless-template-tabbed.md
Lines changed: 12 additions & 20 deletions
@@ -17,65 +17,29 @@ The following example assigns the `Azure Service Bus Data Owner` role to your us
 ### Azure built-in roles for Azure Service Bus
 For Azure Service Bus, the management of namespaces and all related resources through the Azure portal and the Azure resource management API is already protected using the Azure RBAC model. Azure provides the below Azure built-in roles for authorizing access to a Service Bus namespace:
 
-- [Azure Service Bus Data Owner](../../../articles/role-based-access-control/built-in-roles.md#azure-service-bus-data-owner): Enables data access to Service Bus namespace and its entities (queues, topics, subscriptions, and filters)
+- [Azure Service Bus Data Owner](../../../articles/role-based-access-control/built-in-roles.md#azure-service-bus-data-owner): Enables data access to Service Bus namespace and its entities (queues, topics, subscriptions, and filters). A member of this role can send and receive messages from queues or topics/subscriptions. 
 - [Azure Service Bus Data Sender](../../../articles/role-based-access-control/built-in-roles.md#azure-service-bus-data-sender): Use this role to give the send access to Service Bus namespace and its entities.
 - [Azure Service Bus Data Receiver](../../../articles/role-based-access-control/built-in-roles.md#azure-service-bus-data-receiver): Use this role to give the receive access to Service Bus namespace and its entities.
 
 If you want to create a custom role, see [Rights required for Service Bus operations](../../../articles/service-bus-messaging/service-bus-sas.md#rights-required-for-service-bus-operations).
 
-> [!IMPORTANT]
-> In most cases, it will take a minute or two for the role assignment to propagate in Azure. In rare cases, it may take up to eight minutes. If you receive authentication errors when you first run your code, wait a few moments and try again.
+### Add Azure AD user to Azure Service Bus Owner role
 
-### [Azure portal](#tab/roles-azure-portal)
+Add your Azure AD user name to the **Azure Service Bus Data Owner** role at the Service Bus namespace level. It will allow an app running in the context of your user account to send messages to a queue or a topic, and receive messages from a queue or a topic's subscription. 
 
-1. In the Azure portal, locate your service bus namespace using the main search bar or left navigation.
+> [!IMPORTANT]
+> In most cases, it will take a minute or two for the role assignment to propagate in Azure. In rare cases, it may take up to **eight minutes**. If you receive authentication errors when you first run your code, wait a few moments and try again.
 
+1. If you don't have the Service Bus Namespace page open in the Azure portal, locate your Service Bus namespace using the main search bar or left navigation.
 2. On the overview page, select **Access control (IAM)** from the left-hand menu.	
-
 3. On the **Access control (IAM)** page, select the **Role assignments** tab.
-
 4. Select **+ Add** from the top menu and then **Add role assignment** from the resulting drop-down menu.
 
     :::image type="content" source="media/service-bus-assign-roles/add-role.png" alt-text="A screenshot showing how to assign a role.":::    
-
 5. Use the search box to filter the results to the desired role. For this example, search for `Azure Service Bus Data Owner` and select the matching result. Then choose **Next**.
+1. Under **Assign access to**, select **User, group, or service principal**, and then choose **+ Select members**.
 
-6. Under **Assign access to**, select **User, group, or service principal**, and then choose **+ Select members**.
-
-7. In the dialog, search for your Azure AD username (usually your *user@domain* email address) and then choose **Select** at the bottom of the dialog. 
-
-8. Select **Review + assign** to go to the final page, and then **Review + assign** again to complete the process.
-
-### [Azure CLI](#tab/roles-azure-cli)
-
-To assign a role at the resource level using the Azure CLI, you first must retrieve the resource ID using the `az servicebus namespace show` command. You can filter the output properties using the `--query` parameter. 
-
-```azurecli
-az servicebus namespace show -g '<your-service-bus-resource-group>' -n '<your-service-bus-name> --query id
-```
-
-Copy the output `Id` from the preceding command. You can then assign roles using the [az role](/cli/azure/role) command of the Azure CLI.
-
-```azurecli
-az role assignment create --assignee "<user@domain>" \
---role "Azure Service Bus Data Owner" \
---scope "<your-resource-id>"
-```
-
-### [PowerShell](#tab/roles-powershell)
-
-To assign a role at the resource level using Azure PowerShell, you first must retrieve the resource ID using the `Get-AzResource` command.
-
-```azurepowershell
-Get-AzResource -ResourceGroupName "<your-service-bus-resource-group>" -Name "<your-service-bus-name>"
-```
-
-Copy the `Id` value from the preceding command output. You can then assign roles using the [New-AzRoleAssignment](/powershell/module/az.resources/new-azroleassignment) command in PowerShell.
-
-```azurepowershell
-New-AzRoleAssignment -SignInName <user@domain> `
--RoleDefinitionName "Azure Service Bus Data Owner" `
--Scope <yourStorageAccountId>
-```
+    
+1. In the dialog, search for your Azure AD username (usually your *user@domain* email address) and then choose **Select** at the bottom of the dialog. 
+1. Select **Review + assign** to go to the final page, and then **Review + assign** again to complete the process.
 
---- 
@@ -16,7 +16,7 @@ To begin using Service Bus messaging entities in Azure, you must first create a
 To create a namespace:
 
 1. Sign in to the [Azure portal](https://portal.azure.com)
-2. In the left navigation pane of the portal, select **+ Create a resource**, select **Integration**, and then select **Service Bus**.
+2. In the left navigation pane of the portal, select **All services**, select **Integration** from the list of categories, hover the mouse over **Service Bus**, and then select **Create** on the Service Bus tile.
 
     :::image type="content" source="./media/service-bus-create-namespace-portal/create-resource-service-bus-menu.png" alt-text="Image showing selection of Create a resource, Integration, and then Service Bus in the menu.":::
 3. In the **Basics** tag of the **Create namespace** page, follow these steps: 
@@ -32,7 +32,7 @@ To create a namespace:
     1. For **Pricing tier**, select the pricing tier (Basic, Standard, or Premium) for the namespace. For this quickstart, select **Standard**. 
 
         > [!IMPORTANT]
-        > If you want to use [Topics and subscriptions](../../../articles/service-bus-messaging/service-bus-queues-topics-subscriptions.md#topics-and-subscriptions), choose either Standard or Premium. Topics/subscriptions aren't supported in the Basic pricing tier. 
+        > If you want to use [Topics and subscriptions](../../../articles/service-bus-messaging/service-bus-queues-topics-subscriptions.md#topics-and-subscriptions), choose either Standard or [Premium](../../../articles/service-bus-messaging/service-bus-premium-messaging.md). Topics/subscriptions aren't supported in the Basic pricing tier. 
 
         If you selected the **Premium** pricing tier, specify the number of **messaging units**. The premium tier provides resource isolation at the CPU and memory level so that each workload runs in isolation. This resource container is called a messaging unit. A premium namespace has at least one messaging unit. You can select 1, 2, 4, 8 or 16 messaging units for each Service Bus Premium namespace. For more information, see [Service Bus Premium Messaging](../../../articles/service-bus-messaging/service-bus-premium-messaging.md).
 
@@ -45,4 +45,4 @@ To create a namespace:
     :::image type="content" source="./media/service-bus-create-namespace-portal/deployment-alert.png" alt-text="Image showing the deployment succeeded page with the Go to resource link.":::
 5. You see the home page for your service bus namespace. 
 
-    :::image type="content" source="./media/service-bus-create-namespace-portal/service-bus-namespace-home-page.png" alt-text="Image showing the home page of the Service Bus namespace created." :::
+    :::image type="content" source="./media/service-bus-create-namespace-portal/service-bus-namespace-home-page.png" lightbox="./media/service-bus-create-namespace-portal/service-bus-namespace-home-page.png" alt-text="Image showing the home page of the Service Bus namespace created." :::
@@ -12,22 +12,6 @@ ms.custom: include file
 
 
 
-## [Connection String](#tab/connection-string)
-
-## Get the connection string 
-Creating a new namespace automatically generates an initial Shared Access Signature (SAS) policy with primary and secondary keys, and primary and secondary connection strings that each grant full control over all aspects of the namespace. See [Service Bus authentication and authorization](../../../articles/service-bus-messaging/service-bus-authentication-and-authorization.md) for information about how to create rules with more constrained rights for regular senders and receivers. 
-
-A client can use the connection string to connect to the Service Bus namespace. To copy the primary connection string for your namespace, follow these steps: 
-
-1. On the **Service Bus Namespace** page, select **Shared access policies** on the left menu.
-3. On the **Shared access policies** page, select **RootManageSharedAccessKey**.
-4. In the **Policy: RootManageSharedAccessKey** window, select the copy button next to **Primary Connection String**, to copy the connection string to your clipboard for later use. Paste this value into Notepad or some other temporary location.
-   
-    :::image type="content" source="./media/service-bus-passwordless-template-tabbed/connection-string.png" lightbox="./media/service-bus-create-namespace-portal/connection-string.png" alt-text="Screenshot shows an SAS policy called RootManageSharedAccessKey, which includes keys and connection strings.":::
-
-    You can use this page to copy primary key, secondary key, primary connection string, and secondary connection string. 
-
-
 ## [Passwordless](#tab/passwordless)
 
 ## Authenticate the app to Azure
@@ -40,13 +24,21 @@ A client can use the connection string to connect to the Service Bus namespace.
 
 [!INCLUDE [service-bus-assign-roles](service-bus-assign-roles.md)]
 
-### Sign in and add the Azure Identity package
 
-You can authorize access to the service bus namespace using the following steps:
+## [Connection String](#tab/connection-string)
+
+## Get the connection string 
+Creating a new namespace automatically generates an initial Shared Access Signature (SAS) policy with primary and secondary keys, and primary and secondary connection strings that each grant full control over all aspects of the namespace. See [Service Bus authentication and authorization](../../../articles/service-bus-messaging/service-bus-authentication-and-authorization.md) for information about how to create rules with more constrained rights for regular senders and receivers. 
+
+A client can use the connection string to connect to the Service Bus namespace. To copy the primary connection string for your namespace, follow these steps: 
 
-[!INCLUDE [default-azure-credential-sign-in](../../../includes/passwordless/default-azure-credential-sign-in.md)]
+1. On the **Service Bus Namespace** page, select **Shared access policies** on the left menu.
+3. On the **Shared access policies** page, select **RootManageSharedAccessKey**.
+4. In the **Policy: RootManageSharedAccessKey** window, select the copy button next to **Primary Connection String**, to copy the connection string to your clipboard for later use. Paste this value into Notepad or some other temporary location.
+   
+    :::image type="content" source="./media/service-bus-passwordless-template-tabbed/connection-string.png" lightbox="./media/service-bus-create-namespace-portal/connection-string.png" alt-text="Screenshot shows an SAS policy called RootManageSharedAccessKey, which includes keys and connection strings.":::
 
-[!INCLUDE [visual-studio-add-identity](../../../includes/passwordless/visual-studio-add-identity.md)]
+    You can use this page to copy primary key, secondary key, primary connection string, and secondary connection string. 
 
 
 ---