Merge pull request #180134 from jonels-msft/hsc-access-screens

Update public/private access interface

Author: Court72

articles/postgresql/howto-hyperscale-manage-firewall-using-portal.md

@@ -6,7 +6,7 @@ ms.author: jonels
 ms.service: postgresql
 ms.subservice: hyperscale-citus
 ms.topic: how-to
-ms.date: 10/15/2021
+ms.date: 11/16/2021
 ---
 # Manage public access for Azure Database for PostgreSQL - Hyperscale (Citus)
 
@@ -22,28 +22,30 @@ To step through this how-to guide, you need:
 ## Create a server-level firewall rule in the Azure portal
 
 > [!NOTE]
-> These settings are also accessible during the creation of an Azure Database for PostgreSQL - Hyperscale (Citus) server group. Under the **Networking** tab, click **Public endpoint**.
-
+> These settings are also accessible during the creation of an Azure Database for PostgreSQL - Hyperscale (Citus) server group. Under the **Networking** tab, select **Public access (allowed IP address)**.
+>
 > :::image type="content" source="./media/howto-hyperscale-manage-firewall-using-portal/0-create-public-access.png" alt-text="Azure portal - networking tab":::
 
 1. On the PostgreSQL server group page, under the Security heading, click **Networking** to open the Firewall rules.
 
    :::image type="content" source="./media/howto-hyperscale-manage-firewall-using-portal/1-connection-security.png" alt-text="Azure portal - click Networking":::
 
-2. If desired, select **Enable access to the worker nodes**. With this option, the firewall rules will allow access to all worker nodes as well as the coordinator node.
+2. Select **Allow public access from Azure services and resources within Azure to this server group**.
+
+3. If desired, select **Enable access to the worker nodes**. With this option, the firewall rules will allow access to all worker nodes as well as the coordinator node.
 
-3. Click **Add current client IP address** to create a firewall rule with the public IP address of your computer, as perceived by the Azure system.
+4. Click **Add current client IP address** to create a firewall rule with the public IP address of your computer, as perceived by the Azure system.
 
 Alternately, clicking **+Add 0.0.0.0 - 255.255.255.255** (to the right of option B) allows not just your IP, but the whole internet to access the coordinator node's port 5432. In this situation, clients still must log in with the correct username and password to use the cluster. Nevertheless, we recommend allowing worldwide access for only short periods of time and for only non-production databases.
 
-4. Verify your IP address before saving the configuration. In some situations, the IP address observed by Azure portal differs from the IP address used when accessing the internet and Azure servers. Thus, you may need to change the Start IP and End IP to make the rule function as expected.
+5. Verify your IP address before saving the configuration. In some situations, the IP address observed by Azure portal differs from the IP address used when accessing the internet and Azure servers. Thus, you may need to change the Start IP and End IP to make the rule function as expected.
    Use a search engine or other online tool to check your own IP address. For example, search for "what is my IP."
 
    :::image type="content" source="./media/howto-hyperscale-manage-firewall-using-portal/3-what-is-my-ip.png" alt-text="Bing search for What is my IP":::
 
-5. Add more address ranges. In the firewall rules, you can specify a single IP address or a range of addresses. If you want to limit the rule to a single IP address, type the same address in the field for Start IP and End IP. Opening the firewall enables administrators, users, and applications to access the coordinator node on port 5432.
+6. Add more address ranges. In the firewall rules, you can specify a single IP address or a range of addresses. If you want to limit the rule to a single IP address, type the same address in the field for Start IP and End IP. Opening the firewall enables administrators, users, and applications to access the coordinator node on port 5432.
 
-6. Click **Save** on the toolbar to save this server-level firewall rule. Wait for the confirmation that the update to the firewall rules was successful.
+7. Click **Save** on the toolbar to save this server-level firewall rule. Wait for the confirmation that the update to the firewall rules was successful.
 
 ## Connecting from Azure
 

articles/postgresql/howto-hyperscale-private-access.md

@@ -6,14 +6,14 @@ ms.author: jonels
 ms.service: postgresql
 ms.subservice: hyperscale-citus
 ms.topic: how-to
-ms.date: 10/15/2021
+ms.date: 11/16/2021
 ---
 
 # Private access (preview) in Azure Database for PostgreSQL Hyperscale (Citus)
 
 [Private access](concepts-hyperscale-private-access.md) (preview) allows
 resources in an Azure virtual network to connect securely and privately to
-nodes in a Hyperscale (Citus) server group. This howto assumes you've already
+nodes in a Hyperscale (Citus) server group. This how-to assumes you've already
 created a virtual network and subnet. For an example of setting up
 prerequisites, see the [private access
 tutorial](tutorial-hyperscale-private-access.md).
@@ -72,7 +72,7 @@ To create a private endpoint to a node in an existing server group, open the
 
    :::image type="content" source="media/howto-hyperscale-private-access/networking.png" alt-text="Networking screen":::
 
-1. In the **Basics** tab, confirm the **Subscription**, **Resource group**, and
+2. In the **Basics** tab, confirm the **Subscription**, **Resource group**, and
    **Region**. Enter a **Name** for the endpoint, such as `my-server-group-eq`.
 
 	> [!NOTE]
@@ -82,16 +82,16 @@ To create a private endpoint to a node in an existing server group, open the
 	> default values for the form fields may not be correct; check them and
 	> update if necessary.
 
-2. Select **Next: Resource >**. In the **Target sub-resource** choose the target
+3. Select **Next: Resource >**. In the **Target sub-resource** choose the target
    node of the server group. Generally `coordinator` is the desired node.
 
-3. Select **Next: Configuration >**. Choose the desired **Virtual network** and
+4. Select **Next: Configuration >**. Choose the desired **Virtual network** and
    **Subnet**. Customize the **Private DNS integration** or accept its default
    settings.
 
-4. Select **Next: Tags >** and add any desired tags.
+5. Select **Next: Tags >** and add any desired tags.
 
-5. Finally, select **Review + create >**. Review the settings and select
+6. Finally, select **Review + create >**. Review the settings and select
    **Create** when satisfied.
 
 ## Next steps

articles/postgresql/media/howto-hyperscale-manage-firewall-using-portal/0-create-public-access.png

@@ -7,7 +7,7 @@ ms.service: postgresql
 ms.subservice: hyperscale-citus
 ms.custom: mvc
 ms.topic: quickstart
-ms.date: 08/03/2021
+ms.date: 11/16/2021
 #Customer intent: As a developer, I want to provision a hyperscale server group so that I can run queries quickly on large datasets.
 ---
 

articles/postgresql/media/howto-hyperscale-manage-firewall-using-portal/1-connection-security.png

@@ -7,7 +7,7 @@ ms.service: postgresql
 ms.subservice: hyperscale-citus
 ms.custom: mvc
 ms.topic: quickstart
-ms.date: 08/17/2020
+ms.date: 11/16/2021
 #Customer intent: As a developer, I want to provision a hyperscale server group so that I can run queries quickly on large datasets.
 ---
 

articles/postgresql/quickstart-create-hyperscale-basic-tier.md

@@ -8,7 +8,7 @@ ms.subservice: hyperscale-citus
 ms.custom: mvc
 ms.devlang: azurecli
 ms.topic: tutorial
-ms.date: 12/16/2020
+ms.date: 11/16/2021
 ---
 
 # Tutorial: create server group

articles/postgresql/quickstart-create-hyperscale-portal.md

@@ -5,7 +5,7 @@
  ms.service: postgresql
  ms.subservice: hyperscale-citus
  ms.topic: include
- ms.date: 08/03/2021
+ ms.date: 11/16/2021
  ms.author: jonels
  ms.custom: include file
 ---
@@ -36,18 +36,15 @@ Follow these steps to create an Azure Database for PostgreSQL server:
    - Click **Save**.
 6. Click **Next : Networking >** at the bottom of the screen.
 
-7. In the **Networking** tab, click the **Public endpoint** radio button.
+7. In the **Networking** tab, select **Allow public access from Azure services and resources within Azure to this server group**. Then select **+ Add current client IP address**.
    ![Public endpoint selected](./media/azure-postgresql-hyperscale-create-db/network-public-endpoint.png)
-8. Click the link **+ Add current client IP address**.
-   ![Added client IP](./media/azure-postgresql-hyperscale-create-db/network-add-client-ip.png)
-
    > [!NOTE]
    > Azure PostgreSQL server communicates over port 5432. If you are trying to connect from within a corporate network, outbound traffic over port 5432 may not be allowed by your network's firewall. If so, you cannot connect to your Hyperscale (Citus) cluster unless your IT department opens port 5432.
    >
 
-9. Click **Review + create** and then **Create** to provision the server. Provisioning takes a few minutes.
-10. The page will redirect to monitor deployment. When the live status changes from **Your deployment is underway** to **Your deployment is complete**, click the **Outputs** menu item on the left of the page.
-11. The outputs page will contain a coordinator hostname with a button next to it to copy the value to the clipboard. Record this information for later use.
+8. Click **Review + create** and then **Create** to provision the server. Provisioning takes a few minutes.
+9. The page will redirect to monitor deployment. When the live status changes from **Your deployment is underway** to **Your deployment is complete**, click the **Outputs** menu item on the left of the page.
+10. The outputs page will contain a coordinator hostname with a button next to it to copy the value to the clipboard. Record this information for later use.
 
 ## Connect to the database using psql
 

articles/postgresql/tutorial-hyperscale-server-group.md

@@ -35,19 +35,15 @@ Follow these steps to create an Azure Database for PostgreSQL server:
 
 5. Click **Configure server group**. Leave the settings in that section unchanged and click **Save**.
 6. Click **Next : Networking >** at the bottom of the screen.
-
-7. In the **Networking** tab, click the **Public endpoint** radio button.
+7. In the **Networking** tab, select **Allow public access from Azure services and resources within Azure to this server group**. Then select **+ Add current client IP address**.
    ![Public endpoint selected](./media/azure-postgresql-hyperscale-create-db/network-public-endpoint.png)
-8. Click the link **+ Add current client IP address**.
-   ![Added client IP](./media/azure-postgresql-hyperscale-create-db/network-add-client-ip.png)
-
    > [!NOTE]
    > Azure PostgreSQL server communicates over port 5432. If you are trying to connect from within a corporate network, outbound traffic over port 5432 may not be allowed by your network's firewall. If so, you cannot connect to your Hyperscale (Citus) cluster unless your IT department opens port 5432.
    >
 
-9. Click **Review + create** and then **Create** to provision the server. Provisioning takes a few minutes.
-10. The page will redirect to monitor deployment. When the live status changes from **Your deployment is underway** to **Your deployment is complete**, click the **Outputs** menu item on the left of the page.
-11. The outputs page will contain a coordinator hostname with a button next to it to copy the value to the clipboard. Record this information for later use.
+8. Click **Review + create** and then **Create** to provision the server. Provisioning takes a few minutes.
+9. The page will redirect to monitor deployment. When the live status changes from **Your deployment is underway** to **Your deployment is complete**, click the **Outputs** menu item on the left of the page.
+10. The outputs page will contain a coordinator hostname with a button next to it to copy the value to the clipboard. Record this information for later use.
 
 ### Connect to the database using psql