MicrosoftDocs
diff --git a/‎articles/migrate/best-practices-least-privileged-account.md
Lines changed: 364 additions & 0 deletions b/‎articles/migrate/best-practices-least-privileged-account.md
Lines changed: 364 additions & 0 deletions
diff --git a/‎articles/migrate/best-practices-security.md
Lines changed: 2 additions & 2 deletions b/‎articles/migrate/best-practices-security.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/migrate/how-to-set-up-appliance-hyper-v.md
Lines changed: 0 additions & 3 deletions b/‎articles/migrate/how-to-set-up-appliance-hyper-v.md
Lines changed: 0 additions & 3 deletions
diff --git a/‎articles/migrate/media/best-practices-least-privileged-accounts/security-for-root.png
74.6 KB b/‎articles/migrate/media/best-practices-least-privileged-accounts/security-for-root.png
74.6 KB
diff --git a/‎articles/migrate/media/tutorial-discover-vmware/add-discovery-source.png
-483 KB b/‎articles/migrate/media/tutorial-discover-vmware/add-discovery-source.png
-483 KB
diff --git a/‎articles/migrate/migrate-appliance.md
Lines changed: 2 additions & 2 deletions b/‎articles/migrate/migrate-appliance.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/migrate/toc.yml
Lines changed: 3 additions & 1 deletion b/‎articles/migrate/toc.yml
Lines changed: 3 additions & 1 deletion
@@ -1,5 +1,5 @@
 ---
-title: Security Best Practices for Deploying Azure Migrate Appliance.
+title: Security Best Practices for Deploying Azure Migrate Appliance
 description: Learn the top security best practices for deploying the Azure Migrate appliance. This guide covers tips on resource group isolation, RBAC, and securing your Azure Migrate project to ensure a safe and efficient migration process.
 author: molishv
 ms.author: molir
@@ -12,7 +12,7 @@ ms.custom:
 # Customer intent: As a cloud migration specialist, I want to implement security best practices for deploying the migration appliance, so that I can ensure a secure and efficient migration process while protecting sensitive data.
 ---
 
-# Security best practices to deploy Azure Migrate Appliance
+# Appliance: Security best practices to deploy Azure Migrate Appliance
 
 [Azure Migrate](./migrate-services-overview.md) provides a hub of tools that help you to discover, assess, and migrate apps, infrastructure, and workloads to Microsoft Azure. The hub includes Azure Migrate tools, and non-Microsoft independent software vendor (ISV) offerings.
 
 
@@ -59,9 +59,6 @@ Check that the zipped file is secure, before you deploy it.
 2. Run the following command to generate the hash for the VHD
     - ```C:\>CertUtil -HashFile <file_location> [Hashing Algorithm]```
     - Example usage: ```C:\>Get-FileHash -Path ./AzureMigrateAppliance_v3.20.09.25.zip -Algorithm SHA256```
-
-Verify the latest hash value by comparing the outcome of above command to the value documented [here](./tutorial-discover-hyper-v.md#verify-security)
-
 ## Create the appliance
 
 Import the downloaded file, and create an appliance.
 
@@ -71,7 +71,7 @@ The following table summarizes the Azure Migrate appliance requirements for VMwa
 **Discovery limits** | An appliance can discover up to 10,000 severs running across multiple vCenter Servers.<br>A single appliance can connect to up to 10 vCenter Servers.
 **Supported deployment** | Deploy as new server running on vCenter Server using OVA template.<br><br> Deploy on an existing server running Windows Server 2019 or Windows Server 2022 using PowerShell installer script.
 **OVA template** | Download from project or from [here](https://go.microsoft.com/fwlink/?linkid=2191954).<br><br> Download size is 11.9 GB.<br><br> The downloaded appliance template comes with a Windows Server 2022 evaluation license, which is valid for 180 days.<br>If the evaluation period is close to expiry, we recommend that you download and deploy a new appliance using OVA template, or you activate the operating system license of the appliance server.
-**OVA verification** | [Verify](tutorial-discover-vmware.md#verify-security) the OVA template downloaded from project by checking the hash values.
+**OVA verification** | The OVA template downloaded from project by checking the hash values.
 **PowerShell script** | Refer to this [article](./deploy-appliance-script.md#set-up-the-appliance-for-vmware) on how to deploy an appliance using the PowerShell installer script.<br/><br/> 
 **Hardware and network requirements** |  The appliance should run on server with Windows Server 2019 or Windows Server 2022, 32-GB RAM, 8 vCPUs, around 80 GB of disk storage, and an external virtual switch.<br/> The appliance requires internet access, either directly or through a proxy.<br/><br/> If you deploy the appliance using OVA template, you need enough resources on the vCenter Server to create a server that meets the hardware requirements.<br/><br/> If you run the appliance on an existing server, make sure that it is running Windows Server 2019 or Windows Server 2022, and meets hardware requirements.
 **VMware requirements** | If you deploy the appliance as a server on vCenter Server, it  must be deployed on a vCenter Server running 5.5, 6.0, 6.5, 6.7 or 7.0 and an ESXi host running version 5.5 or later.<br/><br/> 
@@ -87,7 +87,7 @@ The following table summarizes the Azure Migrate appliance requirements for VMwa
 **Discovery limits** | An appliance can discover up to 5000 servers running in Hyper-V environment.<br> An appliance can connect to up to 300 Hyper-V hosts.
 **Supported deployment** | Deploy as server running on a Hyper-V host using a VHD template.<br><br> Deploy on an existing server running Windows Server 2019 or Windows Server 2022 using PowerShell installer script.
 **VHD template** | Zip file that includes a VHD. Download from project or from [here](https://go.microsoft.com/fwlink/?linkid=2140422).<br><br> Download size is 8.91 GB.<br><br> The downloaded appliance template comes with a Windows Server 2022 evaluation license, which is valid for 180 days. If the evaluation period is close to expiry, we recommend that you download and deploy a new appliance, or that you activate the operating system license of the appliance server.
-**VHD verification** | [Verify](tutorial-discover-hyper-v.md#verify-security) the VHD template downloaded from project by checking the hash values.
+**VHD verification** | The VHD template downloaded from project by checking the hash values.
 **PowerShell script** | Refer to this [article](./deploy-appliance-script.md#set-up-the-appliance-for-hyper-v) on how to deploy an appliance using the PowerShell installer script.<br/>
 **Hardware and network requirements**  |  The appliance should run on server with Windows Server 2019 or Windows Server 2022, 16-GB RAM, 8 vCPUs, around 80 GB of disk storage, and an external virtual switch.<br/> The appliance needs a static or dynamic IP address, and requires internet access, either directly or through a proxy.<br/><br/> If you run the appliance as a server running on a Hyper-V host, you need enough resources on the host to create a server that meets the hardware requirements.<br/><br/> If you run the appliance on an existing server, make sure that it is running Windows Server 2019 or Windows Server 2022, and meets hardware requirements.
 **Hyper-V requirements** | If you deploy the appliance with the VHD template, the appliance provided by Azure Migrate is Hyper-V VM version 5.0.<br/><br/> The Hyper-V host must be running Windows Server 2019 or Windows Server 2022.
 
@@ -23,8 +23,10 @@ items:
     href: supported-geographies.md
   - name: Security baseline
     href: /security/benchmark/azure/baselines/azure-migrate-security-baseline?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
-  - name: Security best practices
+  - name: Appliance:Security best practices
     href: best-practices-security.md
+  - name: Credentials:Security best practices
+    href: best-practices-least-privileged-account.md
   - name: Requirements for Private endpoints # Explain about private end points and support requirements 
     href: how-to-use-azure-migrate-with-private-endpoints.md
   - name: Support Matrix