Merge pull request #201474 from halkazwini/pl-tut-cosmos

hmacgregor1 · web-flow · commit 913c4236d864 · 2022-06-13T20:58:13.000-07:00
Private Endpoint: Tutorial Freshness Review: Connect to an Azure Cosmos account using an Azure Private Endpoint
diff --git a/articles/private-link/tutorial-private-endpoint-cosmosdb-portal.md b/articles/private-link/tutorial-private-endpoint-cosmosdb-portal.md
@@ -1,17 +1,18 @@
 ---
 title: 'Tutorial: Connect to an Azure Cosmos account using an Azure Private endpoint'
 titleSuffix: Azure Private Link
-description: Get started with this tutorial using Azure Private endpoint to connect to an Azure Cosmos account privately.
+description: Get started with this tutorial using Azure Private endpoint to connect to an Azure Cosmos DB account privately.
 author: asudbring
 ms.author: allensu
 ms.service: private-link
 ms.topic: tutorial
-ms.date: 9/25/2020
+ms.date: 06/14/2022
+ms.custom: template-tutorial #Required; leave this attribute/value as-is.
 ---
 
 # Tutorial: Connect to an Azure Cosmos account using an Azure Private Endpoint
 
-Azure Private endpoint is the fundamental building block for Private Link in Azure. It enables Azure resources, like virtual machines (VMs), to communicate with Private Link resources privately.
+Azure Private endpoint is the fundamental building block for Private Link in Azure. It enables Azure resources, like virtual machines (VMs), to privately and securely communicate with Private Link resources such as Azure Cosmos DB.
 
 In this tutorial, you learn how to:
 
@@ -25,7 +26,7 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
 
 ## Prerequisites
 
-* An Azure subscription
+* An Azure subscription.
 
 ## Sign in to Azure
 
@@ -101,7 +102,8 @@ In this section, you'll create a virtual machine that will be used to test the p
     | Virtual machine name | Enter **myVM** |
     | Region | Select **East US** |
     | Availability Options | Select **No infrastructure redundancy required** |
-    | Image | Select **Windows Server 2019 Datacenter - Gen1** |
+    | Security type | Select **Standard** |
+    | Image | Select **Windows Server 2019 Datacenter - Gen2** |
     | Azure Spot instance | Select **No** |
     | Size | Choose VM size or take default setting |
     | **Administrator account** |  |
@@ -132,7 +134,9 @@ In this section, you'll create a virtual machine that will be used to test the p
 
 In this section, you'll create a Cosmos DB account and configure the private endpoint.
 
-1. In the left-hand menu, select **Create a resource** > **Databases** > **Cosmos DB Account**, or search for **Cosmos DB account** in the search box.
+1. In the left-hand menu, select **Create a resource** > **Databases** > **Azure Cosmos DB**, or search for **Azure Cosmos DB** in the search box.
+
+2. In **Select API option** page, Select **Create** under **Core (SQL)**.
 
 2. In the **Basics** tab of **Create Cosmos DB account** enter or select the following information:
 
@@ -143,14 +147,11 @@ In this section, you'll create a Cosmos DB account and configure the private end
     | Resource Group | Select **myResourceGroup**. |
     | **Instance details** |  |
     | Account name | Enter **mycosmosdb**. If the name is unavailable, enter a unique name. |
-    | API | Select **Core (SQL)**. |
-    | Location | Select **East US**. |
+    | Location | Select **(US) East US**. |
     | Capacity mode | Leave the default **Provisioned throughput**. |
     | Apply Free Tier Discount | Leave the default **Do Not Apply**. |
-    | Geo-Redundancy | Leave the default **Disable**. |
-    | Multi-region Writes | Leave the default **Disable**. |
    
-3. Select the **Networking** tab or select the **Next: Networking** button.
+3. Select the **Networking** tab, or select **Next: Global Distribution**, then **Next: Networking**.
 
 4. In the **Networking** tab, enter or select the following information:
 
@@ -168,17 +169,17 @@ In this section, you'll create a Cosmos DB account and configure the private end
 
     | Setting | Value                                          |
     |-----------------------|----------------------------------|
-    | Subscription | Select your Azure subscription |
-    | Resource Group | Select **myResourceGroup** |
-    | Location | Select **East US** |
-    | Name | Enter **myPrivateEndpoint** |
-    | Target subresource | Leave the default **Core (SQL)** |
+    | Subscription | Select your Azure subscription. |
+    | Resource Group | Select **myResourceGroup**. |
+    | Location | Select **East US**. |
+    | Name | Enter **myPrivateEndpoint**. |
+    | CosmosDB sub-resource | Leave the default **Core (SQL) - Recommended**. |
     | **Networking** |  |
-    | Virtual network | Select **myVNet** |
-    | Subnet | Select **mySubnet** |
-    | **Private DNS integration** |
-    | Integrate with private DNS zone | Leave the default **Yes** |
-    | Private DNS Zone | Leave the default (New) privatelink.documents.azure.com |
+    | Virtual network | Select **myVNet**. |
+    | Subnet | Select **mySubnet**. |
+    | **Private DNS integration** |  |
+    | Integrate with private DNS zone | Leave the default **Yes**. |
+    | Private DNS Zone | Leave the default **(New) privatelink.documents.azure.com**. |
 
 7. Select **OK**.
 
@@ -188,30 +189,30 @@ In this section, you'll create a Cosmos DB account and configure the private end
 
 ### Add a database and a container
 
-1. Select **Got to resource** or in the left-hand menu of the Azure portal, select **All Resources** > **mycosmosdb**.
+1. Select **Go to resource**, or in the left-hand menu of the Azure portal, select **All Resources** > **mycosmosdb**.
 
 2. In the left-hand menu, select **Data Explorer**.
 
 3. In the **Data Explorer** window, select **New Container**.
 
-4. In **Add Container**, enter or select the following information:
+4. In **New Container**, enter or select the following information:
 
     | Setting | Value |
     | ------- | ----- |
-    | Database ID | Leave the default of **Create new**. </br> Enter **mydatabaseid** in the text box. |
-    | Throughput (400 - 100,000 RU/s) | Leave the default of **Manual**. </br> Enter **400** in the text box. |
-    | Container ID | Enter **mycontainerid** |
-    | Partition key | Enter **/mykey** |
+    | Database id | Leave the default of **Create new**. </br> Enter **mydatabaseid** in the box. |
+    | Database throughput (400 - unlimited RU/s) | Select **Manual**. </br> Enter **400** in the box. |
+    | Container id | Enter **mycontainerid**. |
+    | Partition key | Enter **/mykey**. |
 
 5. Select **OK**.
 
-6. In the **Settings** section of the CosmosDB account, select **Keys**.
+6. In the **Settings** section of the Cosmos DB account, select **Keys**.
 
-7. Select copy on the **PRIMARY CONNECTION STRING**.
+7. Select copy on the **PRIMARY CONNECTION STRING**. A valid connection string is in the format: `AccountEndpoint=https://<cosmosdb-account-name>.documents.azure.com:443/;AccountKey=<accountKey>;`
 
 ## Test connectivity to private endpoint
 
-In this section, you'll use the virtual machine you created in the previous step to connect to the Cosmos DB account across the private endpoint.
+In this section, you'll use the virtual machine you created in the previous steps to connect to the Cosmos DB account across the private endpoint using **Azure Cosmos DB Explorer**.
 
 1. Select **Resource groups** in the left-hand navigation pane.
 
@@ -221,51 +222,31 @@ In this section, you'll use the virtual machine you created in the previous step
 
 1. On the overview page for **myVM**, select **Connect** then **Bastion**.
 
-1. Select the blue **Use Bastion** button.
-
 1. Enter the username and password that you entered during the virtual machine creation.
 
+1. Select **Connect** button.
+
 1. Open Windows PowerShell on the server after you connect.
 
-1. Enter `nslookup <cosmosdb-account-name>.documents.azure.com` and validate the name resolution. Replace **\<cosmosdb-account-name>** with the name of the Cosmos DB account you created in the previous steps. 
+1. Enter `nslookup <cosmosdb-account-name>.documents.azure.com` and validate the name resolution. Replace **\<cosmosdb-account-name>** with the name of the Cosmos DB account you created in the previous steps. You'll receive a message similar to what is displayed below:
 
     ```powershell
     Server:  UnKnown
     Address:  168.63.129.16
 
     Non-authoritative answer:
-    Name:    mycosmosdb8675.privatelink.documents.azure.com
+    Name:    mycosmosdb.privatelink.documents.azure.com
     Address:  10.1.0.5
-    Aliases:  mycosmosdb8675.documents.azure.com
+    Aliases:  mycosmosdb.documents.azure.com
     ```
-    A private IP address of **10.1.0.5** is returned for the Cosmos DB account name.  This address is in the subnet of the virtual network you created previously.
-    
-1. Get your Azure Cosmos DB primary connection string from portal. A valid connection string is in the format:
-   
-   For SQL API accounts: `https://<accountName>.documents.azure.com:443/;AccountKey=<accountKey>;` 
-   For Azure Cosmos DB API for MongoDB: `mongodb://<accountName>:<accountKey>@cdbmongo36.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retrywrites=false`
-
-1. Install [Microsoft Azure Storage Explorer](../vs-azure-tools-storage-manage-with-storage-explorer.md?tabs=windows&toc=%2fazure%2fstorage%2fblobs%2ftoc.json) on the virtual machine.
-
-1. Select **Finish** after the **Microsoft Azure Storage Explorer** is installed.  Leave the box checked to open the application.
-
-1. In the **Connect to Azure Storage** screen, select **Cancel**.
-
-1. In Storage Explorer, select the right mouse button on **Cosmos DB Accounts** and select **Connect to Cosmos DB**.
+    A private IP address of **10.1.0.5** is returned for the Cosmos DB account name.  This address is in **mySubnet** subnet of **myVNet** virtual network you created previously.
 
-1. Leave the default of **SQL** under **Select API**.
+1. Go to https://cosmos.azure.com/. Select **Connect to your account with connection string**, then paste the connection string that you copied in the previous steps and select **Connect**.
 
-1. In the box under **Connection String**, paste the connection string from the Cosmos DB account you copied in the previous steps.
-
-1. Select **Next**.
-
-1. Verify the settings are correct in **Connection Summary**.  
-
-1. Select **Connect**.
+1. Under the SQL API left-hand menu, you see **mydatabaseid** and **mycontainerid** that you previously created in **mycosmosdb**.
 
 1. Close the connection to **myVM**.
 
-
 ## Clean up resources
 
 If you're not going to continue to use this application, delete the virtual network, virtual machine, and Cosmos DB account with the following steps:
@@ -282,12 +263,12 @@ If you're not going to continue to use this application, delete the virtual netw
 
 ## Next steps
 
-In this tutorial, you created a:
+In this tutorial, you learned how to create:
 
 * Virtual network and bastion host.
 * Virtual Machine.
 * Cosmos DB Account.
 
-Learn how to create a Private Link service:
+Learn how to connect to a web app using an Azure Private Endpoint:
 > [!div class="nextstepaction"]
-> [Create a Private Link service](create-private-link-service-portal.md)
+> [Connect to a web app using Private Endpoint](tutorial-private-endpoint-webapp-portal.md)
