Merge branch 'v-ssaunders-YinglueZhang-MS' of https://github.com/SteveSaunders1952/azure-docs-pr into v-ssaunders-YinglueZhang-MS

Author: SteveSaunders1952

articles/spring-apps/concept-outbound-type.md

@@ -15,15 +15,15 @@ ms.custom: devx-track-java, devx-track-azurecli
 
 **This article applies to:** ✔️ Basic/Standard tier ✔️ Enterprise tier
 
-Egress from an Azure Spring Apps application can be customized to fit specific scenarios. By default, Azure Spring Apps  provisions a Standard SKU Load Balancer that you can set up and use for egress. However, the default setup may not meet the requirements of all scenarios. For example, public IPs may not be allowed, or more hops may be required for egress.
+Egress from an Azure Spring Apps application can be customized to fit specific scenarios. By default, Azure Spring Apps provisions a Standard SKU Load Balancer that you can set up and use for egress. However, the default setup may not meet the requirements of all scenarios. For example, public IPs may not be allowed, or more hops may be required for egress.
 
 This article describes how to customize an instance's egress route to support custom network scenarios. For example, you might want to customize an instance's egress route for networks that disallow public IPs and require the instance to sit behind a network virtual appliance (NVA).
 
 ## Limitations
 
-- `OutboundType` could only be defined when you create a new Azure Spring Apps service instance and can't be updated afterwards. It only works with a VNet instance.
+- You can only define `OutboundType` when you create a new Azure Spring Apps service instance, and you can't updated it afterwards. `OutboundType` works only with a VNet instance.
 - Setting `outboundType` to `UserDefinedRouting` requires a user-defined route with valid outbound connectivity for your instance.
-- Setting `outboundType` to `UserDefinedRouting` implies the ingress source IP routed to the load-balancer may not match the instance's outgoing egress destination address.
+- Setting `outboundType` to `UserDefinedRouting` implies that the ingress source IP routed to the load-balancer may not match the instance's outgoing egress destination address.
 
 ## Prerequisites
 
@@ -35,16 +35,16 @@ This article describes how to customize an instance's egress route to support cu
 
 An Azure Spring Apps instance can be customized with a unique `outboundType` of type `loadBalancer` or `userDefinedRouting`.
 
-### loadBalancer outbound type
+### Outbound type loadBalancer
 
-The default `outboundType` value is `loadBalancer`. If `outboundType` is set to `loadBalancer`, Azure Spring Apps automatically configures egress paths and expects egress from the load balancers created by the Azure Spring Apps resource provider. Two load balancers re created--one for the service runtime and another for the user app. A public IP address is provisioned for each load balancer. The load balancer is used for egress traffic for the generated public IP.
+The default `outboundType` value is `loadBalancer`. If `outboundType` is set to `loadBalancer`, Azure Spring Apps automatically configures egress paths and expects egress from the load balancers created by the Azure Spring Apps resource provider. Two load balancers are recreated: one for the service runtime and another for the user app. A public IP address is provisioned for each load balancer. The load balancer is used for egress traffic for the generated public IP.
 
 ### userDefinedRouting outbound type
 
 > [!NOTE]
 > Using an outbound type is an advanced networking scenario and requires proper network configuration.
 
-If `outboundType` is set to `userDefinedRouting`, Azure Spring Apps won't automatically configure egress paths. You must set up egress paths yourself. You could still find two load balancers in your resource group. They're only used for internal traffic and won't expose any public IP. You must prepare two route tables associated with two subnets--one to service the runtime and another for the user app.
+If `outboundType` is set to `userDefinedRouting`, Azure Spring Apps won't automatically configure egress paths. You must set up egress paths yourself. You could still find two load balancers in your resource group. They're only used for internal traffic and won't expose any public IP. You must prepare two route tables associated with two subnets: one to service the runtime and another for the user app.
 
 > [!IMPORTANT]
-> An `outboundType` of `userDefinedRouting` requires that there is a route for 0.0.0.0/0 and the next hop destination of a network virtual appliance in the route table. For more information, see [Customer responsibilities for running Azure Spring Apps in VNET](vnet-customer-responsibilities.md).
+> An `outboundType` of `userDefinedRouting` requires a route for `0.0.0.0/0` and the next hop destination of a network virtual appliance in the route table. For more information, see [Customer responsibilities for running Azure Spring Apps in VNET](vnet-customer-responsibilities.md).

articles/spring-apps/how-to-create-udr-instance.md

@@ -15,7 +15,7 @@ ms.custom: devx-track-java, devx-track-azurecli
 
 **This article applies to:** ✔️ Basic/Standard tier ✔️ Enterprise tier
 
-This article describes how to secure outbound traffic from your Azure Spring Apps applications. It provides an example of a user-defined route (UDR) instance. UDR is an advanced feature that lets you fully control egress traffic. It may be used in scenarios such as disallowing an Azure Spring Apps auto-generated public IP.
+This article describes how to secure outbound traffic from your applications hosted in Azure Spring Apps. The article provides an example of a user-defined route (UDR) instance. UDR is an advanced feature that lets you fully control egress traffic. You can use UDR in scenarios such as disallowing an Azure Spring Apps auto-generated public IP.
 
 ## Prerequisites
 
@@ -31,7 +31,7 @@ This article describes how to secure outbound traffic from your Azure Spring App
 
 The following illustration shows an example of an Azure Spring Apps VNet instance using a user-defined route.
 
-:::image type="content" source="media/how-to-create-udr-instance/udr-example-arch.png" lightbox="media/how-to-create-udr-instance/udr-example-arch.png" alt-text="Graphic showing user-defined routing architecture.":::
+:::image type="content" source="media/how-to-create-udr-instance/udr-example-arch.png" lightbox="media/how-to-create-udr-instance/udr-example-arch.png" alt-text="Architecture diagram showing user-defined routing.":::
 
 ### Set configuration using environment variables
 
@@ -58,7 +58,7 @@ ASA_NAME="${PREFIX}-instance"
 
 ### Create a virtual network with multiple subnets
 
-This section shows how to provision a virtual network with three separate subnets--one for the user apps, one for service runtime, and one for the firewall.
+This section shows you how to provision a virtual network with three separate subnets: one for the user apps, one for service runtime, and one for the firewall.
 
 First create a resource group, as shown in the following example.
 
@@ -100,7 +100,7 @@ az network vnet subnet create \
 
 ### Create and set up an Azure Firewall with a user-defined route
 
-To create and set up an Azure Firewall with a user-defined route, configure Azure Firewall outbound rules. The firewall lets you configure granular egress traffic rules from an Azure Spring Apps instance.
+Use the following command to create and set up an Azure Firewall with a user-defined route and configure Azure Firewall outbound rules. The firewall lets you configure granular egress traffic rules from an Azure Spring Apps instance.
 
 > [!IMPORTANT]
 > If your cluster or application creates a large number of outbound connections directed to the same or small subset of destinations, you might require more firewall frontend IPs to avoid reaching the maximum ports per front-end IP. For more information on how to create an Azure firewall with multiple IPs, see [Quickstart: Create an Azure Firewall with multiple public IP addresses - ARM template](../firewall/quick-create-multiple-ip-template.md). Create a standard SKU public IP resource that will be used as the Azure Firewall front-end address.