Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into lb-portfoward-edit

Author: asudbring

articles/azure-arc/data/create-data-controller-using-kubernetes-native-tools.md

@@ -46,7 +46,7 @@ kubectl delete crd sqlmanagedinstancerestoretasks.tasks.sql.arcdata.microsoft.co
 kubectl delete crd dags.sql.arcdata.microsoft.com
 kubectl delete crd exporttasks.tasks.arcdata.microsoft.com
 kubectl delete crd monitors.arcdata.microsoft.com
-activedirectoryconnectors.arcdata.microsoft.com
+kubectl delete crd activedirectoryconnectors.arcdata.microsoft.com
 
 # Substitute the name of the namespace the data controller was deployed in into {namespace}.
 

articles/storage/common/storage-network-security.md

@@ -5,7 +5,7 @@ services: storage
 author: normesta
 ms.service: storage
 ms.topic: how-to
-ms.date: 02/16/2022
+ms.date: 03/12/2022
 ms.author: normesta
 ms.reviewer: santoshc
 ms.subservice: common 
@@ -634,7 +634,7 @@ You can grant access to trusted Azure services by creating a network rule except
 When you grant access to trusted Azure services, you grant the following types of access:
 
 - Trusted access for select operations to resources that are registered in your subscription.
-- Trusted access to resources based on system-assigned managed identity.
+- Trusted access to resources based on a managed identity.
 
 <a id="trusted-access-resources-in-subscription"></a>
 
@@ -657,14 +657,15 @@ Resources of some services, **when registered in your subscription**, can access
 | Azure Site Recovery      | Microsoft.SiteRecovery     | Enable replication for disaster-recovery of Azure IaaS virtual machines when using firewall-enabled cache, source, or target storage accounts.  [Learn more](../../site-recovery/azure-to-azure-tutorial-enable-replication.md). |
 
 <a id="trusted-access-system-assigned-managed-identity"></a>
+<a id="trusted-access-based-on-system-assigned-managed-identity"></a>
 
-### Trusted access based on system-assigned managed identity
+### Trusted access based on a managed identity
 
 The following table lists services that can have access to your storage account data if the resource instances of those services are given the appropriate permission.
 
-If your account does not have the hierarchical namespace feature enabled on it, you can grant permission, by explicitly assigning an Azure role to the [system-assigned managed identity](../../active-directory/managed-identities-azure-resources/overview.md) for each resource instance. In this case, the scope of access for the instance corresponds to the Azure role assigned to the managed identity.
+If your account does not have the hierarchical namespace feature enabled on it, you can grant permission, by explicitly assigning an Azure role to the [managed identity](../../active-directory/managed-identities-azure-resources/overview.md) for each resource instance. In this case, the scope of access for the instance corresponds to the Azure role assigned to the managed identity.
 
-You can use the same technique for an account that has the hierarchical namespace feature enable on it. However, you don't have to assign an Azure role if you add the system-assigned managed identity to the access control list (ACL) of any directory or blob contained in the storage account. In that case, the scope of access for the instance corresponds to the directory or file to which the system-assigned managed identity has been granted access. You can also combine Azure roles and ACLs together. To learn more about how to combine them together to grant access, see [Access control model in Azure Data Lake Storage Gen2](../blobs/data-lake-storage-access-control-model.md).
+You can use the same technique for an account that has the hierarchical namespace feature enable on it. However, you don't have to assign an Azure role if you add the managed identity to the access control list (ACL) of any directory or blob contained in the storage account. In that case, the scope of access for the instance corresponds to the directory or file to which the managed identity has been granted access. You can also combine Azure roles and ACLs together. To learn more about how to combine them together to grant access, see [Access control model in Azure Data Lake Storage Gen2](../blobs/data-lake-storage-access-control-model.md).
 
 > [!TIP]
 > The recommended way to grant access to specific resources is to use resource instance rules. To grant access to specific resource instances, see the [Grant access from Azure resource instances (preview)](#grant-access-specific-instances) section of this article.

includes/iot-hub-include-create-hub-quickstart.md

@@ -0,0 +1,45 @@
+---
+title: include file
+description: include file
+author: kgremban
+ms.author: kgremban
+ms.service: iot-hub
+ms.topic: include
+ms.date: 03/10/2022
+---
+
+## Create an IoT hub
+
+In this section, you use Azure CLI to create an IoT hub and a resource group.  An Azure resource group is a logical container into which Azure resources are deployed and managed. An IoT hub acts as a central message hub for bi-directional communication between your IoT application and the devices.
+
+If you already have an IoT hub in your Azure subscription, you can skip this section.
+
+To create an IoT hub and a resource group:
+
+1. Launch your CLI app. To run the CLI commands in the rest of this quickstart, copy the command syntax, paste it into your CLI app, edit variable values, and press `Enter`.
+
+    - If you're using Cloud Shell, select the **Try It** button on the CLI commands to launch Cloud Shell in a split browser window. Or you can open the [Cloud Shell](https://shell.azure.com/bash) in a separate browser tab.
+    - If you're using Azure CLI locally, start your CLI console app and sign in to Azure CLI.
+
+1. Run [az extension add](/cli/azure/extension#az_extension_add) to install or upgrade the *azure-iot* extension to the current version.
+
+    ```azurecli-interactive
+    az extension add --upgrade --name azure-iot
+    ```
+
+1. In your CLI app, run the [az group create](/cli/azure/group#az_group_create) command to create a resource group. The following command creates a resource group named *MyResourceGroup* in the *eastus* location.
+
+    >[!NOTE]
+    > Optionally, you can set a different location. To see available locations, run `az account list-locations`.
+
+    ```azurecli-interactive
+    az group create --name MyResourceGroup --location eastus
+    ```
+
+1. Run the [az iot hub create](/cli/azure/iot/hub#az_iot_hub_create) command to create an IoT hub. It might take a few minutes to create an IoT hub.
+
+    *YourIotHubName*. Replace this placeholder and the surrounding braces in the following command, using the name you chose for your IoT hub. An IoT hub name must be globally unique in Azure. Use your IoT hub name in the rest of this quickstart wherever you see the placeholder.
+
+    ```azurecli-interactive
+    az iot hub create --resource-group MyResourceGroup --name {YourIoTHubName}
+    ```

includes/quickstart-control-device-java.md

@@ -1,15 +1,18 @@
 ---
-author: phlmea
-ms.author: philmea
+author: kgremban
+ms.author: kgremban
 ms.service: iot-hub
 services: iot-hub
 ms.devlang: java
 ms.topic: include
 ms.custom: [mvc, seo-java-august2019, seo-java-september2019, mqtt, devx-track-java, devx-track-azurecli]
-ms.date: 06/21/2019
+ms.date: 03/10/2022
 ---
 
-This quickstart uses two Java applications: a simulated device application that responds to direct methods called from a back-end application and a service application that calls the direct method on the simulated device.
+This quickstart uses two Java applications: 
+
+* A simulated device application that responds to direct methods called from a back-end application.
+* A service application that calls the direct method on the simulated device.
 
 ## Prerequisites
 
@@ -31,27 +34,23 @@ This quickstart uses two Java applications: a simulated device application that
     mvn --version
     ```
 
-* [A sample Java project](https://github.com/Azure-Samples/azure-iot-samples-java/archive/master.zip).
+* Clone or download the [Azure IoT Java samples](https://github.com/Azure-Samples/azure-iot-samples-java/) from GitHub.
 
-* Port 8883 open in your firewall. The device sample in this quickstart uses MQTT protocol, which communicates over port 8883. This port may be blocked in some corporate and educational network environments. For more information and ways to work around this issue, see [Connecting to IoT Hub (MQTT)](../articles/iot-hub/iot-hub-mqtt-support.md#connecting-to-iot-hub).
+* Make sure that port 8883 open in your firewall. The device sample in this quickstart uses MQTT protocol, which communicates over port 8883. This port may be blocked in some corporate and educational network environments. For more information and ways to work around this issue, see [Connecting to IoT Hub (MQTT)](../articles/iot-hub/iot-hub-mqtt-support.md#connecting-to-iot-hub).
 
 [!INCLUDE [azure-cli-prepare-your-environment.md](azure-cli-prepare-your-environment-no-header.md)]
 
 [!INCLUDE [iot-hub-cli-version-info](iot-hub-cli-version-info.md)]
 
-## Create an IoT hub
-
-If you completed the previous [Quickstart: Send telemetry from a device to an IoT hub](../articles/iot-develop/quickstart-send-telemetry-iot-hub.md?pivots=programming-language-java), you can skip this step.
-
-[!INCLUDE [iot-hub-include-create-hub](iot-hub-include-create-hub.md)]
+[!INCLUDE [iot-hub-include-create-hub](iot-hub-include-create-hub-quickstart.md)]
 
 ## Register a device
 
-If you completed the previous [Quickstart: Send telemetry from a device to an IoT hub](../articles/iot-develop/quickstart-send-telemetry-iot-hub.md?pivots=programming-language-java), you can skip this step.
+A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud Shell to create a device identity.
 
-A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud Shell to register a simulated device.
+If you already have a device registered in your IoT hub, you can skip this section.
 
-1. Run the following command in Azure Cloud Shell to create the device identity.
+1. Run the [az iot hub device-identity create](/cli/azure/iot/hub/device-identity#az_iot_hub_device_identity_create) command in Azure Cloud Shell to create the device identity.
 
    **YourIoTHubName**: Replace this placeholder below with the name you chose for your IoT hub.
 
@@ -62,7 +61,7 @@ A device must be registered with your IoT hub before it can connect. In this qui
       --hub-name {YourIoTHubName} --device-id MyJavaDevice
     ```
 
-2. Run the following commands in Azure Cloud Shell to get the _device connection string_ for the device you just registered:
+2. Run the [az iot hub device-identity connection-string show](/cli/azure/iot/hub/device-identity/connection-string#az_iot_hub_device_identity_connection_string_show) command in Azure Cloud Shell to get the _device connection string_ for the device you just registered:
 
    **YourIoTHubName**: Replace this placeholder below with the name you choose for your IoT hub.
 
@@ -95,7 +94,7 @@ Make a note of the service connection string, which looks like:
 
 You use this value later in the quickstart. This service connection string is different from the device connection string you noted in the previous step.
 
-## Listen for direct method calls
+## Simulate a device
 
 The simulated device application connects to a device-specific endpoint on your IoT hub, sends simulated telemetry, and listens for direct method calls from your hub. In this quickstart, the direct method call from the hub tells the device to change the interval at which it sends telemetry. The simulated device sends an acknowledgment back to your hub after it executes the direct method.
 

includes/quickstart-control-device-node.md

@@ -1,15 +1,18 @@
 ---
-author: philmea
-ms.author: philmea
+author: kgremban
+ms.author: kgremban
 ms.service: iot-hub
 services: iot-hub
 ms.devlang: nodejs
 ms.topic: include
 ms.custom: [mvc, seo-javascript-september2019, seo-javascript-october2019, mqtt, 'Role: Cloud Development', devx-track-js, devx-track-azurecli]
-ms.date: 06/21/2019
+ms.date: 03/09/2022
 ---
 
-This quickstart uses two Node.js applications: a simulated device application that responds to direct methods called from a back-end application and a back-end application that calls the direct methods on the simulated device.
+This quickstart uses two Node.js applications: 
+
+* A simulated device application that responds to direct methods called from a back-end application. To receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
+* A back-end application that calls the direct methods on the simulated device. To call a direct method on a device, this application connects to a service-specific endpoint on your IoT hub.
 
 ## Prerequisites
 
@@ -23,27 +26,23 @@ This quickstart uses two Node.js applications: a simulated device application th
     node --version
     ```
 
-* [A sample Node.js project](https://github.com/Azure-Samples/azure-iot-samples-node/archive/master.zip).
+* Clone or download the [Azure IoT Node.js samples](https://github.com/Azure-Samples/azure-iot-samples-node/) from GitHub.
 
-* Port 8883 open in your firewall. The device sample in this quickstart uses MQTT protocol, which communicates over port 8883. This port may be blocked in some corporate and educational network environments. For more information and ways to work around this issue, see [Connecting to IoT Hub (MQTT)](../articles/iot-hub/iot-hub-mqtt-support.md#connecting-to-iot-hub).
+* Make sure that port 8883 is open in your firewall. The device sample in this quickstart uses MQTT protocol, which communicates over port 8883. This port may be blocked in some corporate and educational network environments. For more information and ways to work around this issue, see [Connecting to IoT Hub (MQTT)](../articles/iot-hub/iot-hub-mqtt-support.md#connecting-to-iot-hub).
 
 [!INCLUDE [azure-cli-prepare-your-environment.md](azure-cli-prepare-your-environment-no-header.md)]
 
 [!INCLUDE [iot-hub-cli-version-info](iot-hub-cli-version-info.md)]
 
-## Create an IoT hub
-
-If you completed the previous [Quickstart: Send telemetry from a device to an IoT hub](../articles/iot-develop/quickstart-send-telemetry-iot-hub.md?pivots=programming-language-nodejs), you can skip this step.
-
-[!INCLUDE [iot-hub-include-create-hub](iot-hub-include-create-hub.md)]
+[!INCLUDE [iot-hub-include-create-hub](iot-hub-include-create-hub-quickstart.md)]
 
 ## Register a device
 
-If you completed the previous [Quickstart: Send telemetry from a device to an IoT hub](../articles/iot-develop/quickstart-send-telemetry-iot-hub.md?pivots=programming-language-nodejs), you can skip this step.
+A device must be registered with your IoT hub before it can connect. In this quickstart, you use Azure CLI to create a device identity.
 
-A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud Shell to register a simulated device.
+If you already have a device registered in your IoT hub, you can skip this section.
 
-1. Run the following command in Azure Cloud Shell to create the device identity.
+1. Run the [az iot hub device-identity create](/cli/azure/iot/hub/device-identity#az_iot_hub_device_identity_create) command in Azure Cloud Shell to create the device identity.
 
    **YourIoTHubName**: Replace this placeholder below with the name you chose for your IoT hub.
 
@@ -54,7 +53,7 @@ A device must be registered with your IoT hub before it can connect. In this qui
       --hub-name {YourIoTHubName} --device-id MyNodeDevice
     ```
 
-2. Run the following commands in Azure Cloud Shell to get the _device connection string_ for the device you just registered:
+2. Run the [az iot hub device-identity connection-string show](/cli/azure/iot/hub/device-identity/connection-string#az_iot_hub_device_identity_connection_string_show) command in Azure Cloud Shell to get the _device connection string_ for the device you just registered:
 
     **YourIoTHubName**: Replace this placeholder below with the name you chose for your IoT hub.
 
@@ -71,23 +70,24 @@ A device must be registered with your IoT hub before it can connect. In this qui
 
     You use this value later in the quickstart.
 
-3. You also need a _service connection string_ to enable the back-end application to connect to your IoT hub and retrieve the messages. The following command retrieves the service connection string for your IoT hub:
+## Retrieve the service connection string
 
-    **YourIoTHubName**: Replace this placeholder below with the name you chose for your IoT hub.
+You also need your IoT hub's _service connection string_ to enable the back-end application to connect to your IoT hub and retrieve the messages. The following command retrieves the service connection string for your IoT hub:
 
-    ```azurecli-interactive
-    az iot hub connection-string show \
-      --policy-name service --name {YourIoTHubName} --output table
+**YourIoTHubName**: Replace this placeholder below with the name you chose for your IoT hub.
 
-    ```
+```azurecli-interactive
+az iot hub connection-string show \
+  --policy-name service --name {YourIoTHubName} --output table
+```
 
-    Make a note of the service connection string, which looks like:
+Make a note of the service connection string, which looks like:
 
-   `HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey={YourSharedAccessKey}`
+`HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey={YourSharedAccessKey}`
 
-    You use this value later in the quickstart. This service connection string is different from the device connection string you noted in the previous step.
+You use this value later in the quickstart. This service connection string is different from the device connection string you noted in the previous step.
 
-## Listen for direct method calls
+## Simulate a device
 
 The simulated device application connects to a device-specific endpoint on your IoT hub, sends simulated telemetry, and listens for direct method calls from your hub. In this quickstart, the direct method call from the hub tells the device to change the interval at which it sends telemetry. The simulated device sends an acknowledgment back to your hub after it executes the direct method.
 
@@ -110,7 +110,7 @@ The simulated device application connects to a device-specific endpoint on your
 
 ## Call the direct method
 
-The back-end application connects to a service-side endpoint on your IoT Hub. The application makes direct method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end application typically runs in the cloud.
+The back-end application connects to a service-side endpoint on your IoT hub. The application makes direct method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end application typically runs in the cloud.
 
 1. In another local terminal window, navigate to the root folder of the sample Node.js project. Then navigate to the **iot-hub\Quickstarts\back-end-application** folder.