Merge pull request #281553 from spelluru/sbusfreshness0722

Service Bus freshness - July 2024

Author: v-dirichards

articles/service-bus-messaging/duplicate-detection.md

@@ -2,12 +2,12 @@
 title: Azure Service Bus duplicate message detection | Microsoft Docs
 description: This article explains how you can detect duplicates in Azure Service Bus messages. The duplicate message can be ignored and dropped.
 ms.topic: article
-ms.date: 06/08/2023
+ms.date: 07/23/2024
 ---
 
 # Duplicate detection
 
-If an application fails due to a fatal error immediately after it sends a message, and the restarted application instance erroneously believes that the prior message delivery didn't occur, a subsequent send causes the same message to appear in the system twice.
+If an application fails due to a fatal error immediately after sending a message, and the restarted application instance erroneously believes that the prior message delivery didn't occur, a subsequent send causes the same message to appear in the system twice.
 
 It's also possible for an error at the client or network level to occur a moment earlier, and for a sent message to be committed into the queue, with the acknowledgment not successfully returned to the client. This scenario leaves the client in doubt about the outcome of the send operation.
 
@@ -21,7 +21,7 @@ Enabling duplicate detection helps keep track of the application-controlled `Mes
 
 Application control of the identifier is essential, because only that allows the application to tie the `MessageId` to a business process context from which it can be predictably reconstructed when a failure occurs.
 
-For a business process in which multiple messages are sent in the course of handling some application context, the `MessageId` may be a composite of the application-level context identifier, such as a purchase order number, and the subject of the message, for example, **12345.2017/payment**.
+For a business process in which multiple messages are sent in the course of handling some application context, the `MessageId` can be a composite of the application-level context identifier, such as a purchase order number, and the subject of the message, for example, **12345.2017/payment**.
 
 The `MessageId` can always be some GUID, but anchoring the identifier to the business process yields predictable repeatability, which is desired for using the duplicate detection feature effectively.
 
@@ -36,7 +36,7 @@ The `MessageId` can always be some GUID, but anchoring the identifier to the bus
 
 ## Duplicate detection window size
 
-Apart from just enabling duplicate detection, you can also configure the size of the duplicate detection history time window during which message-ids are retained. This value defaults to 10 minutes for queues and topics, with a minimum value of 20 seconds to maximum value of 7 days.
+Apart from just enabling duplicate detection, you can also configure the size of the duplicate detection history time window during which message IDs are retained. This value defaults to 10 minutes for queues and topics, with a minimum value of 20 seconds to maximum value of 7 days.
 
 Enabling duplicate detection and the size of the window directly impact the queue (and topic) throughput, since all recorded message IDs must be matched against the newly submitted message identifier.
 

articles/service-bus-messaging/media/service-bus-premium-messaging/select-premium-tier.png

@@ -2,7 +2,7 @@
 title: Managed identities for Azure resources with Service Bus
 description: This article describes how to use managed identities to access with Azure Service Bus entities (queues, topics, and subscriptions).
 ms.topic: article
-ms.date: 06/15/2023
+ms.date: 07/22/2024
 ---
 
 # Authenticate a managed identity with Microsoft Entra ID to access Azure Service Bus resources
@@ -12,14 +12,14 @@ Here are the high-level steps to use a managed identity to access a Service Bus
 
 1. Enable managed identity for your client app or environment. For example, enable managed identity for your Azure App Service app, Azure Functions app, or a virtual machine in which your app is running. Here are the articles that help you with this step:
     - [Configure managed identities for App Service and Azure Functions](../app-service/overview-managed-identity.md)
-    - [Configure managed identities for Azure resources on a VM](../active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm.md)    
+    - [Configure managed identities for Azure resources on a virtual machine (VM)](../active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm.md)    
 1. Assign Azure Service Bus Data Owner, Azure Service Bus Data Sender, or Azure Service Bus Data Receiver role to the managed identity at the appropriate scope (Azure subscription, resource group, Service Bus namespace, or Service Bus queue or topic). For instructions to assign a role to a managed identity, see [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.yml).
 1. In your application, use the managed identity and the endpoint to Service Bus namespace to connect to the namespace. 
 
     For example, in .NET, you use the [ServiceBusClient](/dotnet/api/azure.messaging.servicebus.servicebusclient.-ctor#azure-messaging-servicebus-servicebusclient-ctor(system-string-azure-core-tokencredential)) constructor that takes `TokenCredential` and `fullyQualifiedNamespace` (a string, for example: `cotosons.servicebus.windows.net`) parameters to connect to Service Bus using the managed identity. You pass in [DefaultAzureCredential](/dotnet/api/azure.identity.defaultazurecredential), which derives from `TokenCredential` and uses the managed identity. In `DefaultAzureCredentialOptions`, set the `ManagedIdentityClientId` to the ID of client's managed identity.
 
     ```csharp
-    string fullyQualifiedNamespace = "<your Namespace>.servicebus.windows.net>";
+    string fullyQualifiedNamespace = "<your namespace>.servicebus.windows.net>";
     string userAssignedClientId = "<your managed identity client ID>";
 
     var credential = new DefaultAzureCredential(
@@ -35,7 +35,7 @@ Here are the high-level steps to use a managed identity to access a Service Bus
     > You can disable local or SAS key authentication for a Service Bus namespace and allow only Microsoft Entra authentication. For step-by-step instructions, see [Disable local authentication](disable-local-authentication.md).
 
 ## Azure built-in roles for Azure Service Bus
-Microsoft Entra authorizes access to secured resources through [Azure role-based access control (Azure RBAC)](../role-based-access-control/overview.md). Azure Service Bus defines a set of Azure built-in roles that encompass common sets of permissions used to access Service Bus entities. You can also define custom roles for accessing the data. 
+Microsoft Entra authorizes access to secured resources through [Azure role-based access control (RBAC)](../role-based-access-control/overview.md). Azure Service Bus defines a set of Azure built-in roles that encompass common sets of permissions used to access Service Bus entities. You can also define custom roles for accessing the data. 
 
 Azure provides the following Azure built-in roles for authorizing access to a Service Bus namespace:
 
@@ -51,7 +51,7 @@ Before you assign an Azure role to a managed identity, determine the scope of ac
 The following list describes the levels at which you can scope access to Service Bus resources, starting with the narrowest scope:
 
 - **Queue**, **topic**, or **subscription**: Role assignment applies to the specific Service Bus entity. 
-- **Service Bus namespace**: Role assignment spans the entire topology of Service Bus under the namespace and to the consumer group associated with it.
+- **Service Bus namespace**: Role assignment spans the entire topology of Service Bus under the namespace.
 - **Resource group**: Role assignment applies to all the Service Bus resources under the resource group.
 - **Subscription**: Role assignment applies to all the Service Bus resources in all of the resource groups in the subscription.