MicrosoftDocs
diff --git a/‎articles/virtual-network/manage-subnet-delegation.md
Lines changed: 80 additions & 107 deletions b/‎articles/virtual-network/manage-subnet-delegation.md
Lines changed: 80 additions & 107 deletions
@@ -6,9 +6,9 @@ services: virtual-network
 author: asudbring
 ms.service: virtual-network
 ms.topic: how-to
-ms.date: 02/09/2023
+ms.date: 08/23/2023
 ms.author: allensu 
-ms.custom: devx-track-azurepowershell, devx-track-azurecli, FY23 content-maintenance
+ms.custom: devx-track-azurepowershell, devx-track-azurecli
 ---
 
 # Add or remove a subnet delegation
@@ -17,13 +17,17 @@ Subnet delegation gives explicit permissions to the service to create service-sp
 
 ## Prerequisites
 
+# [**Portal**](#tab/manage-subnet-delegation-portal)
+
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 
 - If you didn't create the subnet you would like to delegate to an Azure service, you need the following permission: `Microsoft.Network/virtualNetworks/subnets/write`. The built-in [Network Contributor](../role-based-access-control/built-in-roles.md?toc=%2fazure%2fvirtual-network%2ftoc.json#network-contributor) role also contains the necessary permissions.
 
-[!INCLUDE [azure-cli-prepare-your-environment-no-header.md](~/articles/reusable-content/azure-cli/azure-cli-prepare-your-environment-no-header.md)]
+# [**PowerShell**](#tab/manage-subnet-delegation-powershell)
 
-- This how-to article requires version 2.31.0 or later of the Azure CLI. If using Azure Cloud Shell, the latest version is already installed.
+- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+
+- If you didn't create the subnet you would like to delegate to an Azure service, you need the following permission: `Microsoft.Network/virtualNetworks/subnets/write`. The built-in [Network Contributor](../role-based-access-control/built-in-roles.md?toc=%2fazure%2fvirtual-network%2ftoc.json#network-contributor) role also contains the necessary permissions.
 
 - Azure PowerShell installed locally or Azure Cloud Shell.
 
@@ -32,83 +36,59 @@ Subnet delegation gives explicit permissions to the service to create service-sp
 - Ensure your `Az.Network` module is 4.3.0 or later. To verify the installed module, use the command `Get-InstalledModule -Name "Az.Network"`. If the module requires an update, use the command `Update-Module -Name Az.Network` if necessary.
 
 If you choose to install and use PowerShell locally, this article requires the Azure PowerShell module version 5.4.1 or later. Run `Get-Module -ListAvailable Az` to find the installed version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azure-powershell). If you're running PowerShell locally, you also need to run `Connect-AzAccount` to create a connection with Azure.
+# [**Azure CLI**](#tab/manage-subnet-delegation-cli)
 
-## Create the virtual network
-
-In this section, you create a virtual network and the subnet that you'll later delegate to an Azure service.
-# [**Portal**](#tab/manage-subnet-delegation-portal)
-
-1. Sign-in to the [Azure portal](https://portal.azure.com).
-
-1. In the search box at the top of the portal, enter **Virtual network**. Select **Virtual networks** in the search results.
-
-1. Select **+ Create**.
-
-1. Enter or select the following information in the **Basics** tab of **Create virtual network**:
+- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 
-    | Setting | Value |
-    | ------- | ----- |
-    | **Project details** |   |
-    | Subscription | Select your subscription. |
-    | Resource group | Select **Create new**. </br> Enter **myResourceGroup** in **Name**. </br> Select **OK**. |
-    | **Instance details** |   |
-    | Name | Enter **myVNet**. |
-    | Region | Select **East US 2** |
+- If you didn't create the subnet you would like to delegate to an Azure service, you need the following permission: `Microsoft.Network/virtualNetworks/subnets/write`. The built-in [Network Contributor](../role-based-access-control/built-in-roles.md?toc=%2fazure%2fvirtual-network%2ftoc.json#network-contributor) role also contains the necessary permissions.
 
-1. Select **Next: Security**, then **Next: IP Addresses**.
+[!INCLUDE [azure-cli-prepare-your-environment-no-header.md](~/articles/reusable-content/azure-cli/azure-cli-prepare-your-environment-no-header.md)]
 
-1. Select **Add an IP address space**, in the **Add an IP address space** pane, enter or select the following information, then select **Add**.  
+- This how-to article requires version 2.31.0 or later of the Azure CLI. If using Azure Cloud Shell, the latest version is already installed.
 
-    | Setting | Value |
-    | ------- | ----- |
-    | Address space type | Leave as default **IPV6**. |
-    | Starting address | Enter **10.1.0.0**. |
-    | Address space size | Select **/16**. |
+---
 
-1. Select **+ Add subnet** in the new IP address space. 
+## Create the virtual network
 
-1. Enter or select the following information in **Add a subnet**. Then select **Add**.
+In this section, you create a virtual network and the subnet that you delegate to an Azure service.
 
-    | Setting | Value |
-    | ------- | ----- |
-    | Name | Enter **mySubnet**. |
-    | Starting address | Enter **10.1.0.0**. |
-    | Subnet size | Select **/16**. |
+# [**Portal**](#tab/manage-subnet-delegation-portal)
 
-1. Select **Review + create**, then select **Create**. 
+[!INCLUDE [virtual-network-create-tabs.md](../../includes/virtual-network-create-tabs.md)]
 
 # [**PowerShell**](#tab/manage-subnet-delegation-powershell)
 
 ### Create a resource group
-Create a resource group with [New-AzResourceGroup](/cli/azure/group). An Azure resource group is a logical container into which Azure resources are deployed and managed.
 
-The following example creates a resource group named **myResourceGroup** in the **eastus2** location:
+Create a resource group with [`New-AzResourceGroup`](/cli/azure/group). An Azure resource group is a logical container into which Azure resources are deployed and managed.
+
+The following example creates a resource group named **test-rg** in the **eastus2** location:
 
 ```azurepowershell-interactive
 $rg = @{
-    Name = 'myResourceGroup'
+    Name = 'test-rg'
     Location = 'eastus2'
 }  
 New-AzResourceGroup @rg
 ```
 ### Create virtual network
 
-Create a virtual network named **myVnet** with a subnet named **mySubnet** using [New-AzVirtualNetworkSubnetConfig](/powershell/module/az.network/new-azvirtualnetworksubnetconfig) in the **myResourceGroup** using [New-AzVirtualNetwork](/powershell/module/az.network/new-azvirtualnetwork). 
+Create a virtual network named **vnet-1** with a subnet named **subnet-1** using [`New-AzVirtualNetworkSubnetConfig`](/powershell/module/az.network/new-azvirtualnetworksubnetconfig) in the **test-rg** using [`New-AzVirtualNetwork`](/powershell/module/az.network/new-azvirtualnetwork). 
 
-The IP address space for the virtual network is **10.1.0.0/16**. The subnet within the virtual network is **10.1.0.0/24**.  
+The IP address space for the virtual network is **10.0.0.0/16**. The subnet within the virtual network is **10.0.0.0/24**.  
 
 ```azurepowershell-interactive
 $sub = @{
-    Name = 'mySubnet'
-    AddressPrefix = '10.1.0.0/24'
+    Name = 'subnet-1'
+    AddressPrefix = '10.0.0.0/24'
 }
 $subnet = New-AzVirtualNetworkSubnetConfig @sub
 
 $net = @{
-    Name = 'myVNet'
-    ResourceGroupName = 'myResourceGroup'
+    Name = 'vnet-1'
+    ResourceGroupName = 'test-rg'
     Location = 'eastus2'
-    AddressPrefix = '10.1.0.0/16'
+    AddressPrefix = '10.0.0.0/16'
     Subnet = $subnet
 }
 New-AzVirtualNetwork @net
@@ -118,27 +98,28 @@ New-AzVirtualNetwork @net
 
 ### Create a resource group
 
-Create a resource group with [az group create](/cli/azure/group). An Azure resource group is a logical container into which Azure resources are deployed and managed.
+Create a resource group with [`az group create`](/cli/azure/group). An Azure resource group is a logical container into which Azure resources are deployed and managed.
 
-The following example creates a resource group named **myResourceGroup** in the **eastu2** location:
+The following example creates a resource group named **test-rg** in the **eastu2** location:
 
 ```azurecli-interactive
 az group create \
-    --name myResourceGroup \
+    --name test-rg \
     --location eastus2
 ```
 
 ### Create a virtual network
-Create a virtual network named **myVnet** with a subnet named **mySubnet** in the **myResourceGroup** using [az network vnet create](/cli/azure/network/vnet).
+
+Create a virtual network named **vnet-1** with a subnet named **subnet-1** in the **test-rg** using [`az network vnet create`](/cli/azure/network/vnet).
 
 ```azurecli-interactive
 az network vnet create \
-    --resource-group myResourceGroup \
+    --resource-group test-rg \
     --location eastus2 \
-    --name myVNet \
-    --address-prefix 10.1.0.0/16 \
-    --subnet-name mySubnet \
-    --subnet-prefix 10.1.0.0/24
+    --name vnet-1 \
+    --address-prefix 10.0.0.0/16 \
+    --subnet-name subnet-1 \
+    --subnet-prefix 10.0.0.0/24
 ```
 
 ---
@@ -153,11 +134,11 @@ In this section, you delegate the subnet that you created in the preceding secti
 
 1. In the search box at the top of the portal, enter **Virtual network**. Select **Virtual networks** in the search results.
 
-1. Select **myVNet**.
+1. Select **vnet-1**.
 
 1. Select **Subnets** in **Settings**.
 
-1. Select **mySubnet**.
+1. Select **subnet-1**.
 
 1. Enter or select the following information:
 
@@ -170,17 +151,17 @@ In this section, you delegate the subnet that you created in the preceding secti
 
 # [**PowerShell**](#tab/manage-subnet-delegation-powershell)
 
-Use [Add-AzDelegation](/powershell/module/az.network/add-azdelegation) to update the subnet named **mySubnet** with a delegation named **myDelegation** to an Azure service.  In this example **Microsoft.Sql/managedInstances** is used for the example delegation:
+Use [`Add-AzDelegation`](/powershell/module/az.network/add-azdelegation) to update the subnet named **subnet-1** with a delegation named **myDelegation** to an Azure service.  In this example **Microsoft.Sql/managedInstances** is used for the example delegation:
 
 ```azurepowershell-interactive
 $net = @{
-    Name = 'myVNet'
-    ResourceGroupName = 'myResourceGroup'
+    Name = 'vnet-1'
+    ResourceGroupName = 'test-rg'
 }
 $vnet = Get-AzVirtualNetwork @net
 
 $sub = @{
-    Name = 'mySubnet'
+    Name = 'subnet-1'
     VirtualNetwork = $vnet
 }
 $subnet = Get-AzVirtualNetworkSubnetConfig @sub
@@ -194,14 +175,14 @@ $subnet = Add-AzDelegation @del
 
 Set-AzVirtualNetwork -VirtualNetwork $vnet
 ```
-Use [Get-AzDelegation](/powershell/module/az.network/get-azdelegation) to verify the delegation:
+Use [`Get-AzDelegation`](/powershell/module/az.network/get-azdelegation) to verify the delegation:
 
 ```azurepowershell-interactive
 $sub = @{
-    Name = 'myVNet'
-    ResourceGroupName = 'myResourceGroup'
+    Name = 'vnet-1'
+    ResourceGroupName = 'test-rg'
 }  
-$subnet = Get-AzVirtualNetwork @sub | Get-AzVirtualNetworkSubnetConfig -Name 'mySubnet'
+$subnet = Get-AzVirtualNetwork @sub | Get-AzVirtualNetworkSubnetConfig -Name 'subnet-1'
 
 $dg = @{
     Name ='myDelegation'
@@ -215,28 +196,28 @@ Get-AzDelegation @dg
   Actions           : {Microsoft.Network/virtualNetworks/subnets/join/action}
   Name              : myDelegation
   Etag              : W/"9cba4b0e-2ceb-444b-b553-454f8da07d8a"
-  Id                : /subscriptions/3bf09329-ca61-4fee-88cb-7e30b9ee305b/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/mySubnet/delegations/myDelegation
+  Id                : /subscriptions/3bf09329-ca61-4fee-88cb-7e30b9ee305b/resourceGroups/test-rg/providers/Microsoft.Network/virtualNetworks/vnet-1/subnets/subnet-1/delegations/myDelegation
 ```
 
 # [**Azure CLI**](#tab/manage-subnet-delegation-cli)
 
-Use [az network vnet subnet update](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-update) to update the subnet named **mySubnet** with a delegation to an Azure service.  In this example **Microsoft.Sql/managedInstances** is used for the example delegation:
+Use [`az network virtual network subnet update`](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-update) to update the subnet named **subnet-1** with a delegation to an Azure service.  In this example **Microsoft.Sql/managedInstances** is used for the example delegation:
 
 ```azurecli-interactive
 az network vnet subnet update \
-    --resource-group myResourceGroup \
-    --name mySubnet \
-    --vnet-name myVNet \
+    --resource-group test-rg \
+    --name subnet-1 \
+    --vnet-name vnet-1 \
     --delegations Microsoft.Sql/managedInstances
 ```
 
-To verify the delegation was applied, use [az network vnet subnet show](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-show). Verify the service is delegated to the subnet in the property **serviceName**:
+To verify the delegation was applied, use [`az network vnet subnet show`](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-show). Verify the service is delegated to the subnet in the property **serviceName**:
 
 ```azurecli-interactive
 az network vnet subnet show \
-    --resource-group myResourceGroup \
-    --name mySubnet \
-    --vnet-name myVNet \
+    --resource-group test-rg \
+    --name subnet-1 \
+    --vnet-name vnet-1 \
     --query delegations
 ```
 
@@ -249,10 +230,10 @@ az network vnet subnet show \
       "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action"
     ],
     "etag": "W/\"30184721-8945-4e4f-9cc3-aa16b26589ac\"",
-    "id": "/subscriptions/23250d6d-28f0-41dd-9776-61fc80805b6e/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVNet/subnets/mySubnet/delegations/0",
+    "id": "/subscriptions/23250d6d-28f0-41dd-9776-61fc80805b6e/resourceGroups/test-rg/providers/Microsoft.Network/virtualNetworks/vnet-1/subnets/subnet-1/delegations/0",
     "name": "0",
     "provisioningState": "Succeeded",
-    "resourceGroup": "myResourceGroup",
+    "resourceGroup": "test-rg",
     "serviceName": "Microsoft.Sql/managedInstances",
     "type": "Microsoft.Network/virtualNetworks/subnets/delegations"
   }
@@ -263,19 +244,19 @@ az network vnet subnet show \
 
 ## Remove subnet delegation from an Azure service
 
-In this section, you'll remove a subnet delegation for an Azure service.
+In this section, you remove a subnet delegation for an Azure service.
 
 # [**Portal**](#tab/manage-subnet-delegation-portal)
 
 1. Sign-in to the [Azure portal](https://portal.azure.com).
 
 1. In the search box at the top of the portal, enter **Virtual network**. Select **Virtual networks** in the search results.
 
-1. Select **myVNet**.
+1. Select **vnet-1**.
 
 1. Select **Subnets** in **Settings**.
 
-1. Select **mySubnet**.
+1. Select **subnet-1**.
 
 1. Enter or select the following information:
 
@@ -288,17 +269,17 @@ In this section, you'll remove a subnet delegation for an Azure service.
 
 # [**PowerShell**](#tab/manage-subnet-delegation-powershell)
 
-Use [Remove-AzDelegation](/powershell/module/az.network/remove-azdelegation) to remove the delegation from the subnet named **mySubnet**:
+Use [`Remove-AzDelegation`](/powershell/module/az.network/remove-azdelegation) to remove the delegation from the subnet named **subnet-1**:
 
 ```azurepowershell-interactive
 $net = @{
-    Name = 'myVNet'
-    ResourceGroupName = 'myResourceGroup'
+    Name = 'vnet-1'
+    ResourceGroupName = 'test-rg'
 }
 $vnet = Get-AzVirtualNetwork @net
 
 $sub = @{
-    Name = 'mySubnet'
+    Name = 'subnet-1'
     VirtualNetwork = $vnet
 }
 $subnet = Get-AzVirtualNetworkSubnetConfig @sub
@@ -311,14 +292,14 @@ $subnet = Remove-AzDelegation @del
 
 Set-AzVirtualNetwork -VirtualNetwork $vnet
 ```
-Use [Get-AzDelegation](/powershell/module/az.network/get-azdelegation) to verify the delegation was removed:
+Use [`Get-AzDelegation`](/powershell/module/az.network/get-azdelegation) to verify the delegation was removed:
 
 ```azurepowershell-interactive
 $sub = @{
-    Name = 'myVNet'
-    ResourceGroupName = 'myResourceGroup'
+    Name = 'vnet-1'
+    ResourceGroupName = 'test-rg'
 }  
-$subnet = Get-AzVirtualNetwork @sub | Get-AzVirtualNetworkSubnetConfig -Name 'mySubnet'
+$subnet = Get-AzVirtualNetwork @sub | Get-AzVirtualNetworkSubnetConfig -Name 'subnet-1'
 
 $dg = @{
     Name ='myDelegation'
@@ -332,22 +313,22 @@ Get-AzDelegation: Sequence contains no matching element
 
 # [**Azure CLI**](#tab/manage-subnet-delegation-cli)
 
-Use [az network vnet subnet update](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-update) to remove the delegation from the subnet named **mySubnet**:
+Use [`az network vnet subnet update`](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-update) to remove the delegation from the subnet named **subnet-1**:
 
 ```azurecli-interactive
 az network vnet subnet update \
-    --resource-group myResourceGroup \
-    --name mySubnet \
-    --vnet-name myVNet \
+    --resource-group test-rg \
+    --name subnet-1 \
+    --vnet-name vnet-1 \
     --remove delegations
 ```
-To verify the delegation was removed, use [az network vnet subnet show](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-show). Verify the service is removed from the subnet in the property **serviceName**:
+To verify the delegation was removed, use [`az network vnet subnet show`](/cli/azure/network/vnet/subnet#az-network-vnet-subnet-show). Verify the service is removed from the subnet in the property **serviceName**:
 
 ```azurecli-interactive
 az network vnet subnet show \
-    --resource-group myResourceGroup \
-    --name mySubnet \
-    --vnet-name myVNet \
+    --resource-group test-rg \
+    --name subnet-1 \
+    --vnet-name vnet-1 \
     --query delegations
 ```
 Output from command is a null bracket:
@@ -357,15 +338,7 @@ Output from command is a null bracket:
 
 ---
 
-## Clean up resources
-
-When no longer needed, delete the resource group and all resources it contains: 
-
-1. Enter *myResourceGroup* in the **Search** box at the top of the Azure portal. When you see **myResourceGroup** in the search results, select it.
-
-1. Select **Delete resource group**.
-
-1. Enter *myResourceGroup* for **TYPE THE RESOURCE GROUP NAME:** and select **Delete**.
+[!INCLUDE [portal-clean-up.md](../../includes/portal-clean-up.md)]
 
 ## Next steps
 - Learn how to [manage subnets in Azure](virtual-network-manage-subnet.md).