Code blocks azcurecli.

TimShererWithAquent · TimShererWithAquent · commit 6a1b103ca864 · 2020-03-06T12:08:13.000-08:00
diff --git a/articles/dedicated-hsm/tutorial-deploy-hsm-cli.md b/articles/dedicated-hsm/tutorial-deploy-hsm-cli.md
@@ -43,7 +43,7 @@ Assumptions:
 - You created a Resource Group for these resources and the new ones deployed in this tutorial will join that group.
 - You already created the necessary virtual network, subnet, and virtual machines as per the diagram above and now want to integrate 2 HSMs into that deployment.
 
-All instructions below assume that you have already navigated to the Azure portal and you have opened the Cloud Shell (select “\>\_” towards the top right of the portal).
+All instructions below assume that you have already navigated to the Azure portal and you have opened the Cloud Shell (select "\>\_" towards the top right of the portal).
 
 ## Provisioning a Dedicated HSM
 
@@ -67,15 +67,15 @@ az feature show \
    --name AllowBaremetalServers
 ```
 
-Both commands should return a status of “Registered” (as shown below). If the commands don't return "Registered" you need to register for this service, contact your Microsoft account representative.
+Both commands should return a status of "Registered" (as shown below). If the commands don't return "Registered" you need to register for this service, contact your Microsoft account representative.
 
 ![subscription status](media/tutorial-deploy-hsm-cli/subscription-status.png)
 
 ### Creating HSM resources
 
-An HSM is provisioned into a customers’ virtual network so a virtual network and subnet are required. A dependency for the HSM to enable communication between the virtual network and physical device is an ExpressRoute Gateway, and finally a virtual machine is required to access the HSM device using the Gemalto client software. These resources have been collected into a template file, with corresponding parameter file, for ease of use. The files are available by contacting Microsoft directly as HSMrequest@Microsoft.com.
+An HSM is provisioned into a customers' virtual network so a virtual network and subnet are required. A dependency for the HSM to enable communication between the virtual network and physical device is an ExpressRoute Gateway, and finally a virtual machine is required to access the HSM device using the Gemalto client software. These resources have been collected into a template file, with corresponding parameter file, for ease of use. The files are available by contacting Microsoft directly as HSMrequest@Microsoft.com.
 
-Once you have the files, you must edit the parameter file to insert your preferred names for resources. Edit lines with “value”: “”.
+Once you have the files, you must edit the parameter file to insert your preferred names for resources. Edit lines with "value": "".
 
 - `namingInfix` Prefix for names of HSM resources
 - `ExistingVirtualNetworkName` Name of the virtual network used for the HSMs
@@ -122,7 +122,7 @@ The associated Azure Resource Manager template file will create 6 resources with
 - An HSM in stamp 1
 - An HSM in stamp 2
 
-Once parameter values are set, the files need to be uploaded to Azure portal cloud shell file share for use. In the Azure portal, click the “\>\_” cloud shell symbol top right and this will make the bottom portion of the screen a command environment. The options for this are BASH and PowerShell and you should select BASH if not already set.
+Once parameter values are set, the files need to be uploaded to Azure portal cloud shell file share for use. In the Azure portal, click the "\>\_" cloud shell symbol top right and this will make the bottom portion of the screen a command environment. The options for this are BASH and PowerShell and you should select BASH if not already set.
 
 The command shell has an upload/download option on the toolbar and you should select this to upload the template and parameter files to your file share:
 
@@ -140,7 +140,8 @@ az network vnet create \
 ```
 
 ```azurecli
---vnet-name myHSM-vnet \
+az network vnet create \
+  --vnet-name myHSM-vnet \
   --resource-group myRG \
   --name hsmsubnet \
   --address-prefixes 10.2.1.0/24 \
@@ -156,7 +157,7 @@ az network vnet subnet create \
 ```
 
 >[!NOTE]
->The most important configuration to note for the virtual network, is that the subnet for the HSM device must have delegations set to “Microsoft.HardwareSecurityModules/dedicatedHSMs”.  The HSM provisioning will not work without this option being set.
+>The most important configuration to note for the virtual network, is that the subnet for the HSM device must have delegations set to "Microsoft.HardwareSecurityModules/dedicatedHSMs".  The HSM provisioning will not work without this option being set.
 
 Once all pre-requisites are in place, run the following command to use the Azure Resource Manager template ensuring you have updated values with your unique names (at least the resource group name):
 
@@ -173,7 +174,7 @@ This deployment should take approximately 25 to 30 minutes to complete with the
 
 ![provisioning status](media/tutorial-deploy-hsm-cli/progress-status.png)
 
-When the deployment completes successfully “provisioningState”: “Succeeded” will be displayed. You can connect to your existing virtual machine and use SSH to ensure availability of the HSM device.
+When the deployment completes successfully "provisioningState": "Succeeded" will be displayed. You can connect to your existing virtual machine and use SSH to ensure availability of the HSM device.
 
 ## Verifying the Deployment
 
@@ -189,7 +190,7 @@ az resource show \
 
 ![provisioning output](media/tutorial-deploy-hsm-cli/progress-status2.png)
 
-You will also now be able to see the resources using the [Azure resource explorer](https://resources.azure.com/).   Once in the explorer, expand “subscriptions” on the left, expand your specific subscription for Dedicated HSM, expand “resource groups”, expand the resource group you used and finally select the “resources” item.
+You will also now be able to see the resources using the [Azure resource explorer](https://resources.azure.com/).   Once in the explorer, expand "subscriptions" on the left, expand your specific subscription for Dedicated HSM, expand "resource groups", expand the resource group you used and finally select the "resources" item.
 
 ## Testing the Deployment
 
@@ -203,9 +204,9 @@ The IP Address of the VM could also be used in place of the DNS name in the abov
 ![components list](media/tutorial-deploy-hsm-cli/resources.png)
 
 >[!NOTE]
->Notice the “Show hidden types” checkbox, which when selected will display HSM resources.
+>Notice the "Show hidden types" checkbox, which when selected will display HSM resources.
 
-In the screenshot above, clicking the “HSM1_HSMnic” or “HSM2_HSMnic” would show the appropriate Private IP Address. Otherwise, the `az resource show` command used above is a way to identify the right IP Address. 
+In the screenshot above, clicking the "HSM1_HSMnic" or "HSM2_HSMnic" would show the appropriate Private IP Address. Otherwise, the `az resource show` command used above is a way to identify the right IP Address. 
 
 When you have the correct IP address, run the following command substituting that address:
 
diff --git a/articles/key-vault/key-vault-manage-with-cli2.md b/articles/key-vault/key-vault-manage-with-cli2.md
@@ -233,9 +233,9 @@ Enable Key Vault for disk encryption: Required when using the vault for Azure Di
 
 Enable Key Vault for template deployment: Allows Resource Manager to retrieve secrets from the vault.
 
-```azurecli 
- az keyvault update --name "ContosoKeyVault" --resource-group "ContosoResourceGroup" --enabled-for-template-deployment "true"
- ```
+```azurecli
+az keyvault update --name "ContosoKeyVault" --resource-group "ContosoResourceGroup" --enabled-for-template-deployment "true"
+```
 
 ## Working with Hardware security modules (HSMs)
 
@@ -261,7 +261,7 @@ You can use the following command to import a key from a .pem file on your compu
 az keyvault key import --vault-name "ContosoKeyVaultHSM" --name "ContosoFirstHSMKey" --pem-file "/.softkey.pem" --protection "hsm" --pem-password "PaSSWORD"
 ```
 
-The next command imports a “bring your own key" (BYOK) package. This lets you generate your key in your local HSM, and transfer it to HSMs in the Key Vault service, without the key leaving the HSM boundary:
+The next command imports a "bring your own key" (BYOK) package. This lets you generate your key in your local HSM, and transfer it to HSMs in the Key Vault service, without the key leaving the HSM boundary:
 
 ```azurecli
 az keyvault key import --vault-name "ContosoKeyVaultHSM" --name "ContosoFirstHSMKey" --byok-file "./ITByok.byok" --protection "hsm"
diff --git a/articles/key-vault/key-vault-soft-delete-cli.md b/articles/key-vault/key-vault-soft-delete-cli.md
@@ -228,13 +228,13 @@ You can enable purge protection only if soft-delete is also enabled.
 
 To turn on both soft delete and purge protection when creating a vault, use the [az keyvault create](/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-create) command:
 
-```
+```azurecli
 az keyvault create --name ContosoVault --resource-group ContosoRG --location westus --enable-soft-delete true --enable-purge-protection true
 ```
 
 To add purge protection to an existing vault (that already has soft delete enabled), use the [az keyvault update](/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-update) command:
 
-```
+```azurecli
 az keyvault update --name ContosoVault --resource-group ContosoRG --enable-purge-protection true
 ```
 
diff --git a/articles/key-vault/tutorial-net-linux-virtual-machine.md b/articles/key-vault/tutorial-net-linux-virtual-machine.md
@@ -41,7 +41,7 @@ Before we go any further, read about [key vault basic concepts](basic-concepts.m
 
 ## Understand Managed Service Identity
 
-Azure Key Vault can store credentials securely so they aren’t in your code, but to retrieve them you need to authenticate to Azure Key Vault. However, to authenticate to Key Vault, you need a credential. It's a classic bootstrap problem. With Azure and Azure Active Directory (Azure AD), Managed Service Identity (MSI) can provide a bootstrap identity that makes it much simpler to get things started.
+Azure Key Vault can store credentials securely so they aren't in your code, but to retrieve them you need to authenticate to Azure Key Vault. However, to authenticate to Key Vault, you need a credential. It's a classic bootstrap problem. With Azure and Azure Active Directory (Azure AD), Managed Service Identity (MSI) can provide a bootstrap identity that makes it much simpler to get things started.
 
 When you enable MSI for an Azure service like Virtual Machines, App Service, or Functions, Azure creates a service principal for the instance of the service in Azure Active Directory. It injects the credentials for the service principal into the instance of the service.
 
@@ -112,7 +112,7 @@ az vm create \
 
 It takes a few minutes to create the VM and supporting resources. The following example output shows that the VM create operation was successful.
 
-```azurecli
+```output
 {
   "fqdns": "",
   "id": "/subscriptions/<guid>/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",
@@ -137,7 +137,7 @@ az vm identity assign --name <NameOfYourVirtualMachine> --resource-group <YourRe
 
 The output of the command should be:
 
-```azurecli
+```output
 {
   "systemAssignedIdentity": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
   "userAssignedIdentities": {}
diff --git a/articles/key-vault/tutorial-net-windows-virtual-machine.md b/articles/key-vault/tutorial-net-windows-virtual-machine.md
@@ -32,7 +32,7 @@ The tutorial shows you how to:
 
 Before you begin, read [Key Vault basic concepts](basic-concepts.md). 
 
-If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 
 ## Prerequisites
 
@@ -115,7 +115,7 @@ az vm identity assign --name <NameOfYourVirtualMachine> --resource-group <YourRe
 
 Note the system-assigned identity that's displayed in the following code. The output of the preceding command would be: 
 
-```azurecli
+```output
 {
   "systemAssignedIdentity": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
   "userAssignedIdentities": {}
@@ -155,9 +155,9 @@ dotnet run
 
 ### Install the packages
 
- From the console window, install the .NET packages required for this quickstart:
+From the console window, install the .NET packages required for this quickstart:
 
- ```console
+```console
 dotnet add package System.IO;
 dotnet add package System.Net;
 dotnet add package System.Text;
diff --git a/articles/key-vault/tutorial-python-linux-virtual-machine.md b/articles/key-vault/tutorial-python-linux-virtual-machine.md
@@ -40,7 +40,7 @@ Before you go any further, make sure you understand the [basic concepts about Ke
 
 ## Understand Managed Service Identity
 
-Azure Key Vault can store credentials securely so they aren’t in your code. To retrieve them, you need to authenticate to Azure Key Vault. However, to authenticate to Key Vault, you need a credential. It's a classic bootstrap problem. Through Azure and Azure Active Directory (Azure AD), Managed Service Identity (MSI) provides a bootstrap identity that makes it simpler to get things started.
+Azure Key Vault can store credentials securely so they aren't in your code. To retrieve them, you need to authenticate to Azure Key Vault. However, to authenticate to Key Vault, you need a credential. It's a classic bootstrap problem. Through Azure and Azure Active Directory (Azure AD), Managed Service Identity (MSI) provides a bootstrap identity that makes it simpler to get things started.
 
 When you enable MSI for an Azure service like Virtual Machines, App Service, or Functions, Azure creates a service principal for the instance of the service in Azure AD. It injects the credentials for the service principal into the instance of the service.
 
@@ -110,7 +110,7 @@ az vm create \
 
 It takes a few minutes to create the VM and supporting resources. The following example output shows that the VM creation was successful:
 
-```azurecli
+```output
 {
   "fqdns": "",
   "id": "/subscriptions/<guid>/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",
@@ -135,7 +135,7 @@ az vm identity assign --name <NameOfYourVirtualMachine> --resource-group <YourRe
 
 The output of the command is as follows.
 
-```azurecli
+```output
 {
   "systemAssignedIdentity": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
   "userAssignedIdentities": {}
diff --git a/articles/key-vault/tutorial-python-windows-virtual-machine.md b/articles/key-vault/tutorial-python-windows-virtual-machine.md
@@ -32,7 +32,7 @@ The tutorial shows you how to:
 
 Before you begin, read [Key Vault basic concepts](basic-concepts.md). 
 
-If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 
 ## Prerequisites
 
@@ -114,7 +114,7 @@ az vm identity assign --name <NameOfYourVirtualMachine> --resource-group <YourRe
 
 Note the system-assigned identity that's displayed in the following code. The output of the preceding command would be: 
 
-```azurecli
+```output
 {
   "systemAssignedIdentity": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
   "userAssignedIdentities": {}
@@ -145,7 +145,7 @@ The code presents a two-step process:
   Doing so also fetches a token from Azure AD.
 1. Pass the token to your key vault, and then fetch your secret. 
 
-```
+```python
     # importing the requests library 
     import requests 
 
@@ -167,7 +167,7 @@ The code presents a two-step process:
 
 You can display the secret value by running the following code: 
 
-```
+```console
 python Sample.py
 ```
 
diff --git a/articles/load-balancer/load-balancer-configure-ha-ports.md b/articles/load-balancer/load-balancer-configure-ha-ports.md
@@ -93,7 +93,7 @@ lbrule = New-AzLoadBalancerRuleConfig -Name "HAPortsRule" -FrontendIpConfigurati
 In step 4 of [Create an internal load balancer set](load-balancer-get-started-ilb-arm-cli.md), use the following command to create the High Availability Ports load balancer rule:
 
 ```azurecli
-azure network lb rule create --resource-group contoso-rg --lb-name contoso-ilb --name haportsrule --protocol all --frontend-port 0 --backend-port 0 --frontend-ip-name feilb --backend-address-pool-name beilb
+az network lb rule create --resource-group contoso-rg --lb-name contoso-ilb --name haportsrule --protocol all --frontend-port 0 --backend-port 0 --frontend-ip-name feilb --backend-address-pool-name beilb
 ```
 
 ## Next steps
diff --git a/articles/load-balancer/load-balancer-get-started-ilb-arm-cli.md b/articles/load-balancer/load-balancer-get-started-ilb-arm-cli.md
@@ -33,6 +33,7 @@ The following example creates a resource group named *myResourceGroupILB* in the
     --name myResourceGroupILB \
     --location eastus
 ```
+
 ## Create a virtual network
 
 Create a virtual network named *myVnet* with a subnet named *mySubnet* in the *myResourceGroup* using [az network vnet create](https://docs.microsoft.com/cli/azure/network/vnet).
@@ -44,6 +45,7 @@ Create a virtual network named *myVnet* with a subnet named *mySubnet* in the *m
     --location eastus \
     --subnet-name mySubnet
 ```
+
 ## Create Basic Load Balancer
 
 This section details how you can create and configure the following components of the load balancer:
@@ -65,7 +67,8 @@ Create an internal Load Balancer with [az network lb create](https://docs.micros
     --backend-pool-name myBackEndPool \
     --vnet-name myVnet \
     --subnet mySubnet      
-  ```
+```
+
 ### Create the health probe
 
 A health probe checks all virtual machine instances to make sure they can receive network traffic. The virtual machine instance with failed probe checks is removed from the load balancer until it goes back online and a probe check determines that it's healthy. Create a health probe with [az network lb probe create](https://docs.microsoft.com/cli/azure/network/lb/probe?view=azure-cli-latest) to monitor the health of the virtual machines. 
@@ -124,7 +127,7 @@ In this example, you create two virtual machines to be used as backend servers f
 
 Create an availability set with [az vm availabilityset create](/cli/azure/network/nic)
 
- ```azurecli-interactive
+```azurecli-interactive
   az vm availability-set create \
     --resource-group myResourceGroupILB \
     --name myAvailabilitySet
@@ -174,11 +177,11 @@ runcmd:
   - npm init
   - npm install express -y
   - nodejs index.js
-``` 
- 
+```
+
 Create the virtual machines with [az vm create](/cli/azure/vm#az-vm-create).
 
- ```azurecli-interactive
+```azurecli-interactive
 for i in `seq 1 2`; do
   az vm create \
     --resource-group myResourceGroupILB \
@@ -190,6 +193,7 @@ for i in `seq 1 2`; do
     --custom-data cloud-init.txt
     done
 ```
+
 It may take a few minutes for the VMs to get deployed.
 
 ### Create a VM for testing the load balancer
@@ -215,14 +219,15 @@ To get the private IP address of the load balancer, use [az network lb show](/cl
   az network lb show \
     --name myLoadBalancer \
     --resource-group myResourceGroupILB
-``` 
+```
+
 ![Test load balancer](./media/load-balancer-get-started-ilb-arm-cli/load-balancer-test.png)
 
 ## Clean up resources
 
 When no longer needed, you can use the [az group delete](/cli/azure/group#az-group-delete) command to remove the resource group, load balancer, and all related resources.
 
-```azurecli-interactive 
+```azurecli-interactive
   az group delete --name myResourceGroupILB
 ```
 
diff --git a/articles/load-balancer/load-balancer-get-started-ilb-arm-template.md b/articles/load-balancer/load-balancer-get-started-ilb-arm-template.md
@@ -53,9 +53,9 @@ To deploy the template you downloaded by using PowerShell, follow the steps belo
 To deploy the template by using the Azure CLI, follow the steps below.
 
 1. If you have never used Azure CLI, see [Install and Configure the Azure CLI](../cli-install-nodejs.md) and follow the instructions up to the point where you select your Azure account and subscription.
-2. Run the **azure config mode** command to switch to Resource Manager mode, as shown below.
+2. Go to [https://shell.azure.com](https://shell.azure.com) to open Cloud Shell in your browser. Run the **azure config mode** command to switch to Resource Manager mode, as shown below.
 
-    ```azurecli-interactive
+    ```console
     azure config mode arm
     ```
 
@@ -66,7 +66,7 @@ To deploy the template by using the Azure CLI, follow the steps below.
 3. Open the parameter file, select its contents, and save it to a file in your computer. For this example, we saved the parameters file to *parameters.json*.
 4. Run the **azure group deployment create** command to deploy the new internal load balancer by using the template and parameter files you downloaded and modified above. The list shown after the output explains the parameters used.
 
-    ```azurecli
+    ```console
     azure group create --name TestRG --location westus --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-2-vms-internal-load-balancer/azuredeploy.json --parameters-file parameters.json
     ```
 
diff --git a/articles/load-balancer/quickstart-load-balancer-standard-public-cli.md b/articles/load-balancer/quickstart-load-balancer-standard-public-cli.md
