MicrosoftDocs
diff --git a/‎articles/governance/policy/assign-policy-azurecli.md
Lines changed: 20 additions & 14 deletions b/‎articles/governance/policy/assign-policy-azurecli.md
Lines changed: 20 additions & 14 deletions
diff --git a/‎articles/governance/policy/assign-policy-portal.md
Lines changed: 38 additions & 19 deletions b/‎articles/governance/policy/assign-policy-portal.md
Lines changed: 38 additions & 19 deletions
diff --git a/‎articles/governance/policy/assign-policy-powershell.md
Lines changed: 5 additions & 4 deletions b/‎articles/governance/policy/assign-policy-powershell.md
Lines changed: 5 additions & 4 deletions
diff --git a/‎articles/governance/policy/assign-policy-template.md
Lines changed: 11 additions & 7 deletions b/‎articles/governance/policy/assign-policy-template.md
Lines changed: 11 additions & 7 deletions
@@ -22,17 +22,19 @@ Azure CLI is used to create and manage Azure resources from the command line or
 guide uses Azure CLI to create a policy assignment and to identify non-compliant resources in your
 Azure environment.
 
-If you don't have an Azure subscription, create a [free](https://azure.microsoft.com/free/) account before you begin.
+If you don't have an Azure subscription, create a [free](https://azure.microsoft.com/free/) account
+before you begin.
 
 [!INCLUDE [cloud-shell-try-it.md](../../../includes/cloud-shell-try-it.md)]
 
-This quickstart requires that you run Azure CLI version 2.0.4 or later to install and use the CLI locally. To find the version, run `az --version`. If you need to install or upgrade, see [Install Azure CLI](/cli/azure/install-azure-cli).
+This quickstart requires that you run Azure CLI version 2.0.4 or later to install and use the CLI
+locally. To find the version, run `az --version`. If you need to install or upgrade, see [Install Azure CLI](/cli/azure/install-azure-cli).
 
 ## Prerequisites
 
-Register the Policy Insights resource provider using Azure CLI. Registering the resource provider
-makes sure that your subscription works with it. To register a resource provider, you must have
-permission to the register resource provider operation. This operation is included in the
+Register the Azure Policy Insights resource provider using Azure CLI. Registering the resource
+provider makes sure that your subscription works with it. To register a resource provider, you must
+have permission to the register resource provider operation. This operation is included in the
 Contributor and Owner roles. Run the following command to register the resource provider:
 
 ```azurecli-interactive
@@ -47,8 +49,8 @@ tool that sends HTTP requests to Azure Resource Manager-based APIs.
 ## Create a policy assignment
 
 In this quickstart, you create a policy assignment and assign the **Audit VMs that do not use
-managed disks** definition. This policy definition identifies resources that aren't compliant to
-the conditions set in the policy definition.
+managed disks** definition. This policy definition identifies resources that aren't compliant to the
+conditions set in the policy definition.
 
 Run the following command to create a policy assignment:
 
@@ -58,11 +60,15 @@ az policy assignment create --name 'audit-vm-manageddisks' --display-name 'Audit
 
 The preceding command uses the following information:
 
-- **Name** - The actual name of the assignment.  For this example, *audit-vm-manageddisks* was used.
-- **DisplayName** - Display name for the policy assignment. In this case, you're using *Audit VMs without managed disks Assignment*.
-- **Policy** – The policy definition ID, based on which you're using to create the assignment. In this case, it's the ID of policy definition *Audit VMs that do not use managed disks*. To get the policy definition ID, run this command:
-        `az policy definition list --query "[?displayName=='Audit VMs that do not use managed disks']"`
-- **Scope** - A scope determines what resources or grouping of resources the policy assignment gets enforced on. It could range from a subscription to resource groups. Be sure to replace &lt;scope&gt; with the name of your resource group.
+- **Name** - The actual name of the assignment. For this example, *audit-vm-manageddisks* was used.
+- **DisplayName** - Display name for the policy assignment. In this case, you're using *Audit VMs
+  without managed disks Assignment*.
+- **Policy** – The policy definition ID, based on which you're using to create the assignment. In
+  this case, it's the ID of policy definition *Audit VMs that do not use managed disks*. To get the
+  policy definition ID, run this command: `az policy definition list --query "[?displayName=='Audit VMs that do not use managed disks']"`
+- **Scope** - A scope determines what resources or grouping of resources the policy assignment gets
+  enforced on. It could range from a subscription to resource groups. Be sure to replace
+  &lt;scope&gt; with the name of your resource group.
 
 ## Identify non-compliant resources
 
@@ -125,8 +131,8 @@ az policy assignment delete --name 'audit-vm-manageddisks' --scope '/subscriptio
 In this quickstart, you assigned a policy definition to identify non-compliant resources in your
 Azure environment.
 
-To learn more about assigning policies to validate that new resources are compliant, continue to
-the tutorial for:
+To learn more about assigning policies to validate that new resources are compliant, continue to the
+tutorial for:
 
 > [!div class="nextstepaction"]
 > [Creating and managing policies](./tutorials/create-and-manage.md)
@@ -23,42 +23,57 @@ before you begin.
 
 ## Create a policy assignment
 
-In this quickstart, you create a policy assignment and assign the *Audit VMs that do not use
-managed disks* policy definition.
+In this quickstart, you create a policy assignment and assign the *Audit VMs that do not use managed
+disks* policy definition.
 
-1. Launch the Azure Policy service in the Azure portal by clicking **All services**, then searching for and selecting **Policy**.
+1. Launch the Azure Policy service in the Azure portal by clicking **All services**, then searching
+   for and selecting **Policy**.
 
    ![Search for Policy in All Services](./media/assign-policy-portal/search-policy.png)
 
-1. Select **Assignments** on the left side of the Azure Policy page. An assignment is a policy that has been assigned to take place within a specific scope.
+1. Select **Assignments** on the left side of the Azure Policy page. An assignment is a policy that
+   has been assigned to take place within a specific scope.
 
    ![Select Assignments page from Policy Overview page](./media/assign-policy-portal/select-assignments.png)
 
 1. Select **Assign Policy** from the top of the **Policy - Assignments** page.
 
    ![Assign a policy definition from Assignments page](./media/assign-policy-portal/select-assign-policy.png)
 
-1. On the **Assign Policy** page, select the **Scope** by clicking the ellipsis and selecting either a management group or subscription. Optionally, select a resource group. A scope determines what resources or grouping of resources the policy assignment gets enforced on.  Then click **Select** at the bottom of the **Scope** page.
+1. On the **Assign Policy** page, select the **Scope** by clicking the ellipsis and selecting either
+   a management group or subscription. Optionally, select a resource group. A scope determines what
+   resources or grouping of resources the policy assignment gets enforced on. Then click **Select**
+   at the bottom of the **Scope** page.
 
    This example uses the **Contoso** subscription. Your subscription will differ.
 
-1. Resources can be excluded based on the **Scope**.  **Exclusions** start at one level lower than the level of the **Scope**. **Exclusions** are optional, so leave it blank for now.
+1. Resources can be excluded based on the **Scope**. **Exclusions** start at one level lower than
+   the level of the **Scope**. **Exclusions** are optional, so leave it blank for now.
 
-1. Select the **Policy definition** ellipsis to open the list of available definitions. Azure Policy comes with built-in policy definitions you can use. Many are available, such as:
+1. Select the **Policy definition** ellipsis to open the list of available definitions. Azure Policy
+   comes with built-in policy definitions you can use. Many are available, such as:
 
    - Enforce tag and its value
    - Apply tag and its value
    - Require SQL Server version 12.0
 
-   For a partial list of available built-in policies, see [Policy samples](./samples/index.md).
+   For a partial list of available built-in policies, see [Azure Policy samples](./samples/index.md).
 
-1. Search through the policy definitions list to find the *Audit VMs that do not use managed disks* definition. Click on that policy and click **Select**.
+1. Search through the policy definitions list to find the *Audit VMs that do not use managed disks*
+   definition. Click on that policy and click **Select**.
 
    ![Find the correct policy definition](./media/assign-policy-portal/select-available-definition.png)
 
-1. The **Assignment name** is automatically populated with the policy name you selected, but you can change it. For this example, leave *Audit VMs that do not use managed disks*. You can also add an optional **Description**. The description provides details about this policy assignment. **Assigned by** will automatically fill based on who is logged in. This field is optional, so custom values can be entered.
+1. The **Assignment name** is automatically populated with the policy name you selected, but you can
+   change it. For this example, leave *Audit VMs that do not use managed disks*. You can also add an
+   optional **Description**. The description provides details about this policy assignment.
+   **Assigned by** will automatically fill based on who is logged in. This field is optional, so
+   custom values can be entered.
 
-1. Leave **Create a Managed Identity** unchecked. This box _must_ be checked when the policy or initiative includes a policy with the [deployIfNotExists](./concepts/effects.md#deployifnotexists) effect. As the policy used for this quickstart doesn't, leave it blank. For more information, see [managed identities](../../active-directory/managed-identities-azure-resources/overview.md) and [how remediation security works](./how-to/remediate-resources.md#how-remediation-security-works).
+1. Leave **Create a Managed Identity** unchecked. This box _must_ be checked when the policy or
+   initiative includes a policy with the [deployIfNotExists](./concepts/effects.md#deployifnotexists)
+   effect. As the policy used for this quickstart doesn't, leave it blank. For more information, see
+   [managed identities](../../active-directory/managed-identities-azure-resources/overview.md) and [how remediation security works](./how-to/remediate-resources.md#how-remediation-security-works).
 
 1. Click **Assign**.
 
@@ -88,26 +103,30 @@ result is either compliant or non-compliant.
 | New | Audit, AuditIfNotExist\* | True | Non-Compliant |
 | New | Audit, AuditIfNotExist\* | False | Compliant |
 
-\* The Append, DeployIfNotExist, and AuditIfNotExist effects require the IF statement to be TRUE. The effects also require the existence condition to be FALSE to be non-compliant. When TRUE, the IF condition triggers evaluation of the existence condition for the related resources.
+\* The Append, DeployIfNotExist, and AuditIfNotExist effects require the IF statement to be TRUE.
+The effects also require the existence condition to be FALSE to be non-compliant. When TRUE, the IF
+condition triggers evaluation of the existence condition for the related resources.
 
 ## Clean up resources
 
 To remove the assignment created, follow these steps:
 
-1. Select **Compliance** (or **Assignments**) in the left side of the Azure Policy page and locate the **Audit VMs that do not use managed disks** policy assignment you created.
+1. Select **Compliance** (or **Assignments**) in the left side of the Azure Policy page and locate
+   the **Audit VMs that do not use managed disks** policy assignment you created.
 
-1. Right-click the **Audit VMs that do not use managed disks** policy assignment and select **Delete assignment**
+1. Right-click the **Audit VMs that do not use managed disks** policy assignment and select **Delete
+   assignment**
 
    ![Delete an assignment from the Compliance page](./media/assign-policy-portal/delete-assignment.png)
 
 ## Next steps
 
-In this quickstart, you assigned a policy definition to a scope and evaluated its compliance
-report. The policy definition validates that all the resources in the scope are compliant and
-identifies which ones aren't.
+In this quickstart, you assigned a policy definition to a scope and evaluated its compliance report.
+The policy definition validates that all the resources in the scope are compliant and identifies
+which ones aren't.
 
-To learn more about assigning policies to validate that new resources are compliant, continue to
-the tutorial for:
+To learn more about assigning policies to validate that new resources are compliant, continue to the
+tutorial for:
 
 > [!div class="nextstepaction"]
 > [Creating and managing policies](./tutorials/create-and-manage.md)
@@ -27,10 +27,11 @@ before you begin.
 
 - Before you start, make sure that the latest version of Azure PowerShell is installed. See [Install Azure PowerShell module](/powershell/azure/install-az-ps)
   for detailed information.
-- Register the Policy Insights resource provider using Azure PowerShell. Registering the resource
-  provider makes sure that your subscription works with it. To register a resource provider, you
-  must have permission to the register resource provider operation. This operation is included in
-  the Contributor and Owner roles. Run the following command to register the resource provider:
+- Register the Azure Policy Insights resource provider using Azure PowerShell. Registering the
+  resource provider makes sure that your subscription works with it. To register a resource
+  provider, you must have permission to the register resource provider operation. This operation is
+  included in the Contributor and Owner roles. Run the following command to register the resource
+  provider:
 
   ```azurepowershell-interactive
   # Register the resource provider if it's not already registered
 
@@ -23,7 +23,7 @@ before you begin.
 ## Create a policy assignment
 
 In this quickstart, you create a policy assignment and assign a built-in policy definition called
-*Audit VMs that do not use managed disks*. For a partial list of available built-in policies, see [Policy samples](./samples/index.md).
+*Audit VMs that do not use managed disks*. For a partial list of available built-in policies, see [Azure Policy samples](./samples/index.md).
 
 There are several methods for creating policy assignments. In this quickstart, you use a
 [quickstart template](https://azure.microsoft.com/resources/templates/101-azurepolicy-assign-builtinpolicy-resourcegroup/).
@@ -54,10 +54,12 @@ Here is a copy of the template:
 
 Some additional resources:
 
-- To find more samples templates, see [Azure Quickstart template](https://azure.microsoft.com/resources/templates/?resourceType=Microsoft.Authorization&pageNumber=1&sort=Popular).
+- To find more samples templates, see
+  [Azure Quickstart template](https://azure.microsoft.com/resources/templates/?resourceType=Microsoft.Authorization&pageNumber=1&sort=Popular).
 - To see the template reference, go to [Azure template reference](/azure/templates/microsoft.authorization/allversions).
 - To learn how to develop Resource Manager templates, see [Azure Resource Manager documentation](/azure/azure-resource-manager/).
-- To learn subscription-level deployment, see [Create resource groups and resources at the subscription level](../../azure-resource-manager/deploy-to-subscription.md).
+- To learn subscription-level deployment, see
+  [Create resource groups and resources at the subscription level](../../azure-resource-manager/deploy-to-subscription.md).
 
 ## Identify non-compliant resources
 
@@ -75,9 +77,11 @@ For more information, see [How compliance works](./how-to/get-compliance-data.md
 
 To remove the assignment created, follow these steps:
 
-1. Select **Compliance** (or **Assignments**) in the left side of the Azure Policy page and locate the **Audit VMs that do not use managed disks** policy assignment you created.
+1. Select **Compliance** (or **Assignments**) in the left side of the Azure Policy page and locate
+   the **Audit VMs that do not use managed disks** policy assignment you created.
 
-1. Right-click the **Audit VMs that do not use managed disks** policy assignment and select **Delete assignment**.
+1. Right-click the **Audit VMs that do not use managed disks** policy assignment and select **Delete
+   assignment**.
 
    ![Delete an assignment from the compliance overview page](./media/assign-policy-template/delete-assignment.png)
 
@@ -87,8 +91,8 @@ In this quickstart, you assigned a built-in policy definition to a scope and eva
 compliance report. The policy definition validates that all the resources in the scope are compliant
 and identifies which ones aren't.
 
-To learn more about assigning policies to validate that new resources are compliant, continue to
-the tutorial for:
+To learn more about assigning policies to validate that new resources are compliant, continue to the
+tutorial for:
 
 > [!div class="nextstepaction"]
 > [Creating and managing policies](./tutorials/create-and-manage.md)