MicrosoftDocs
diff --git a/‎articles/active-directory/fundamentals/add-custom-domain.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/fundamentals/add-custom-domain.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/role-based-access-control/TOC.yml
Lines changed: 4 additions & 4 deletions b/‎articles/role-based-access-control/TOC.yml
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/role-based-access-control/best-practices.md
Lines changed: 3 additions & 3 deletions b/‎articles/role-based-access-control/best-practices.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/role-based-access-control/built-in-roles.md
Lines changed: 5 additions & 5 deletions b/‎articles/role-based-access-control/built-in-roles.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/role-based-access-control/check-access.md
Lines changed: 4 additions & 4 deletions b/‎articles/role-based-access-control/check-access.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/role-based-access-control/classic-administrators.md
Lines changed: 6 additions & 6 deletions b/‎articles/role-based-access-control/classic-administrators.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎articles/role-based-access-control/custom-roles-cli.md
Lines changed: 7 additions & 7 deletions b/‎articles/role-based-access-control/custom-roles-cli.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/role-based-access-control/custom-roles-portal.md
Lines changed: 4 additions & 4 deletions b/‎articles/role-based-access-control/custom-roles-portal.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/role-based-access-control/custom-roles-powershell.md
Lines changed: 7 additions & 7 deletions b/‎articles/role-based-access-control/custom-roles-powershell.md
Lines changed: 7 additions & 7 deletions
@@ -33,7 +33,7 @@ Create your new directory by following the steps in [Create a new tenant for you
 >[!IMPORTANT]
 >The person who creates the tenant is automatically the Global administrator for that tenant. The Global administrator can add additional administrators to the tenant.
 
-For more information about subscription roles, see [Azure RBAC roles](../../role-based-access-control/rbac-and-directory-admin-roles.md#azure-rbac-roles).
+For more information about subscription roles, see [Azure roles](../../role-based-access-control/rbac-and-directory-admin-roles.md#azure-roles).
 
 >[!TIP]
 > If you plan to federate your on-premises Windows Server AD with Azure AD, then you need to select **I plan to configure this domain for single sign-on with my local Active Directory** when you run the Azure AD Connect tool to synchronize your directories.
 
@@ -1,9 +1,9 @@
-- name: RBAC for Azure resources documentation
+- name: Azure RBAC documentation
   href: index.yml
   items:
 - name: Overview
   items:
-  - name: What is RBAC?
+  - name: What is Azure RBAC?
     href: overview.md
   - name: Understand the different roles
     href: rbac-and-directory-admin-roles.md
@@ -74,7 +74,7 @@
       href: deny-assignments-powershell.md
     - name: REST API
       href: deny-assignments-rest.md
-  - name: Create custom roles
+  - name: Create or update custom roles
     items:
     - name: Overview
       href: custom-roles.md
@@ -100,7 +100,7 @@
     href: built-in-roles.md
   - name: Resource provider operations
     href: resource-provider-operations.md
-  - name: RBAC limits
+  - name: Azure RBAC limits
     href: ../azure-resource-manager/management/azure-subscription-service-limits.md#role-based-access-control-limits
   - name: Azure PowerShell
     href: /powershell/module/az.resources
 
@@ -25,11 +25,11 @@ This article describes some best practices for using Azure role-based access con
 
 Using Azure RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs. Instead of giving everybody unrestricted permissions in your Azure subscription or resources, you can allow only certain actions at a particular scope.
 
-When planning your access control strategy, it's a best practice to grant users the least privilege to get their work done. The following diagram shows a suggested pattern for using RBAC.
+When planning your access control strategy, it's a best practice to grant users the least privilege to get their work done. The following diagram shows a suggested pattern for using Azure RBAC.
 
-![RBAC and least privilege](./media/best-practices/rbac-least-privilege.png)
+![Azure RBAC and least privilege](./media/best-practices/rbac-least-privilege.png)
 
-For information about how to add role assignments, see [Add or remove role assignments](role-assignments-portal.md).
+For information about how to add role assignments, see [Add or remove Azure role assignments using the Azure portal](role-assignments-portal.md).
 
 ## Limit the number of subscription owners
 
 
@@ -1,6 +1,6 @@
 ---
-title: Azure built-in roles for Azure RBAC
-description: This article describes the Azure built-in roles for Azure role-based access control (RBAC). It lists Actions, NotActions, DataActions, and NotDataActions.
+title: Azure built-in roles - Azure RBAC
+description: This article describes the Azure built-in roles for Azure role-based access control (Azure RBAC). It lists Actions, NotActions, DataActions, and NotDataActions.
 services: active-directory
 documentationcenter: ''
 author: rolyon
@@ -20,13 +20,13 @@ ms.custom: it-pro
 ---
 # Azure built-in roles
 
-[Azure role-based access control (RBAC)](overview.md) has several Azure built-in roles that you can assign to users, groups, service principals, and managed identities. Role assignments are the way you control access to Azure resources. If the built-in roles don't meet the specific needs of your organization, you can create your own [Azure custom roles](custom-roles.md).
+[Azure role-based access control (Azure RBAC)](overview.md) has several Azure built-in roles that you can assign to users, groups, service principals, and managed identities. Role assignments are the way you control access to Azure resources. If the built-in roles don't meet the specific needs of your organization, you can create your own [Azure custom roles](custom-roles.md).
 
-This article lists the built-in roles for Azure resources, which are always evolving. To get the latest roles, use [Get-AzRoleDefinition](/powershell/module/az.resources/get-azroledefinition) or [az role definition list](/cli/azure/role/definition#az-role-definition-list). If you are looking for administrator roles for Azure Active Directory (Azure AD), see [Administrator role permissions in Azure Active Directory](../active-directory/users-groups-roles/directory-assign-admin-roles.md).
+This article lists the Azure built-in roles, which are always evolving. To get the latest roles, use [Get-AzRoleDefinition](/powershell/module/az.resources/get-azroledefinition) or [az role definition list](/cli/azure/role/definition#az-role-definition-list). If you are looking for administrator roles for Azure Active Directory (Azure AD), see [Administrator role permissions in Azure Active Directory](../active-directory/users-groups-roles/directory-assign-admin-roles.md).
 
 ## All
 
-The following table provides a brief description and the unique ID of each built-in role. Select the role name to see the list of `Actions`, `NotActions`, `DataActions`, and `NotDataActions` for each role. For information about what these actions mean and how they apply to the management and data planes, see [Understand role definitions for Azure resources](role-definitions.md).
+The following table provides a brief description and the unique ID of each built-in role. Select the role name to see the list of `Actions`, `NotActions`, `DataActions`, and `NotDataActions` for each role. For information about what these actions mean and how they apply to the management and data planes, see [Understand Azure role definitions](role-definitions.md).
 
 
 > [!div class="mx-tableFixed"]
 
@@ -1,6 +1,6 @@
 ---
-title: Quickstart - View the access a user has to Azure resources
-description: In this QuickStart, learn how to view the access a user or other security principal has to Azure resources using role-based access control (RBAC) and the Azure portal.
+title: Quickstart - View the access a user has to Azure resources - Azure RBAC
+description: In this quickstart, you learn how to view the access a user or other security principal has to Azure resources using the Azure portal and Azure role-based access control (Azure RBAC).
 services: role-based-access-control
 documentationCenter: ''
 author: rolyon
@@ -22,7 +22,7 @@ ms.reviewer: bagovind
 
 # Quickstart: View the access a user has to Azure resources
 
-You can use the **Access control (IAM)** blade in [role-based access control (RBAC)](overview.md) to view the access a user or another security principal has to Azure resources. However, sometimes you just need to quickly view the access for a single user or another security principal. The easiest way to do this is to use the **Check access** feature in the Azure portal.
+You can use the **Access control (IAM)** blade in [Azure role-based access control (Azure RBAC)](overview.md) to view the access a user or another security principal has to Azure resources. However, sometimes you just need to quickly view the access for a single user or another security principal. The easiest way to do this is to use the **Check access** feature in the Azure portal.
 
 ## View role assignments
 
@@ -53,4 +53,4 @@ You can use the **Access control (IAM)** blade in [role-based access control (RB
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Tutorial: Grant a user access to Azure resources using RBAC and the Azure portal](quickstart-assign-role-user-portal.md)
+> [Tutorial: Grant a user access to Azure resources using the Azure portal](quickstart-assign-role-user-portal.md)
@@ -1,5 +1,5 @@
 ---
-title: Azure classic subscription administrators | Microsoft Docs
+title: Azure classic subscription administrators
 description: Describes how to add or change the Azure Co-Administrator and Service Administrator roles, and how to view the Account Administrator.
 services: active-directory
 documentationcenter: ''
@@ -19,7 +19,7 @@ ms.reviewer: bagovind
 
 # Azure classic subscription administrators
 
-Microsoft recommends that you manage access to Azure resources using role-based access control (RBAC). However, if you are still using the classic deployment model, you'll need to use a classic subscription administrator role: Service Administrator and Co-Administrator. For more information, see [Azure Resource Manager vs. classic deployment](../azure-resource-manager/management/deployment-models.md).
+Microsoft recommends that you manage access to Azure resources using Azure role-based access control (Azure RBAC). However, if you are still using the classic deployment model, you'll need to use a classic subscription administrator role: Service Administrator and Co-Administrator. For more information, see [Azure Resource Manager vs. classic deployment](../azure-resource-manager/management/deployment-models.md).
 
 This article describes how to add or change the Co-Administrator and Service Administrator roles, and how to view the Account Administrator.
 
@@ -67,9 +67,9 @@ Guest users that have been assigned the Co-Administrator role might see some dif
 
 You would expect that user B could manage everything. The reason for this difference is that the Microsoft account is added to the subscription as a guest user instead of a member user. Guest users have different default permissions in Azure AD as compared to member users. For example, member users can read other users in Azure AD and guest users cannot. Member users can register new service principals in Azure AD and guest users cannot.
 
-If a guest user needs to be able to perform these tasks, a possible solution is to assign the specific Azure AD administrator roles the guest user needs. For example, in the previous scenario, you could assign the [Directory Readers](../active-directory/users-groups-roles/directory-assign-admin-roles.md#directory-readers) role to read other users and assign the [Application Developer](../active-directory/users-groups-roles/directory-assign-admin-roles.md#application-developer) role to be able to create service principals. For more information about member and guest users and their permissions, see [What are the default user permissions in Azure Active Directory?](../active-directory/fundamentals/users-default-permissions.md). For more information about granting access for guest users, see [Manage access to Azure resources for external guest users using RBAC](role-assignments-external-users.md).
+If a guest user needs to be able to perform these tasks, a possible solution is to assign the specific Azure AD roles the guest user needs. For example, in the previous scenario, you could assign the [Directory Readers](../active-directory/users-groups-roles/directory-assign-admin-roles.md#directory-readers) role to read other users and assign the [Application Developer](../active-directory/users-groups-roles/directory-assign-admin-roles.md#application-developer) role to be able to create service principals. For more information about member and guest users and their permissions, see [What are the default user permissions in Azure Active Directory?](../active-directory/fundamentals/users-default-permissions.md). For more information about granting access for guest users, see [Add or remove Azure role assignments for external guest users using the Azure portal](role-assignments-external-users.md).
 
-Note that the [built-in roles for Azure resources](../role-based-access-control/built-in-roles.md) are different than the [Azure AD administrator roles](../active-directory/users-groups-roles/directory-assign-admin-roles.md). The built-in roles don't grant any access to Azure AD. For more information, see [Understand the different roles](../role-based-access-control/rbac-and-directory-admin-roles.md).
+Note that the [Azure built-in roles](../role-based-access-control/built-in-roles.md) are different than the [Azure AD roles](../active-directory/users-groups-roles/directory-assign-admin-roles.md). The built-in roles don't grant any access to Azure AD. For more information, see [Understand the different roles](../role-based-access-control/rbac-and-directory-admin-roles.md).
 
 For information that compares member users and guest users, see [What are the default user permissions in Azure Active Directory?](../active-directory/fundamentals/users-default-permissions.md).
 
@@ -146,6 +146,6 @@ Follow these steps to view the Account Administrator.
 
 ## Next steps
 
-* [Understand the different roles in Azure](../role-based-access-control/rbac-and-directory-admin-roles.md)
-* [Manage access to Azure resources using RBAC and the Azure portal](../role-based-access-control/role-assignments-portal.md)
+* [Understand the different roles](../role-based-access-control/rbac-and-directory-admin-roles.md)
+* [Add or remove Azure role assignments using the Azure portal](../role-based-access-control/role-assignments-portal.md)
 * [Add or change Azure subscription administrators](../cost-management-billing/manage/add-change-subscription-administrator.md)
@@ -1,6 +1,6 @@
 ---
-title: Create or update custom roles for Azure resources using Azure CLI | Microsoft Docs
-description: Learn how to list, create, update, or delete custom roles with role-based access control (RBAC) for Azure resources using Azure CLI.
+title: Create or update Azure custom roles using Azure CLI - Azure RBAC
+description: Learn how to list, create, update, or delete Azure custom roles using Azure CLI and Azure role-based access control (Azure RBAC).
 services: active-directory
 documentationcenter: ''
 author: rolyon
@@ -16,16 +16,16 @@ ms.date: 03/18/2020
 ms.author: rolyon
 ms.reviewer: bagovind
 ---
-# Create or update custom roles for Azure resources using Azure CLI
+# Create or update Azure custom roles using Azure CLI
 
 > [!IMPORTANT]
 > Adding a management group to `AssignableScopes` is currently in preview.
 > This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
 > For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
-If the [built-in roles for Azure resources](built-in-roles.md) don't meet the specific needs of your organization, you can create your own custom roles. This article describes how to list, create, update, or delete custom roles using Azure CLI.
+If the [Azure built-in roles](built-in-roles.md) don't meet the specific needs of your organization, you can create your own custom roles. This article describes how to list, create, update, or delete custom roles using Azure CLI.
 
-For a step-by-step tutorial on how to create a custom role, see [Tutorial: Create a custom role for Azure resources using Azure CLI](tutorial-custom-role-cli.md).
+For a step-by-step tutorial on how to create a custom role, see [Tutorial: Create an Azure custom role using Azure CLI](tutorial-custom-role-cli.md).
 
 ## Prerequisites
 
@@ -239,6 +239,6 @@ az role definition delete --name "Virtual Machine Operator"
 
 ## Next steps
 
-- [Tutorial: Create a custom role for Azure resources using Azure CLI](tutorial-custom-role-cli.md)
-- [Custom roles for Azure resources](custom-roles.md)
+- [Tutorial: Create an Azure custom role using Azure CLI](tutorial-custom-role-cli.md)
+- [Azure custom roles](custom-roles.md)
 - [Azure Resource Manager resource provider operations](resource-provider-operations.md)
@@ -1,6 +1,6 @@
 ---
 title: Create or update Azure custom roles using the Azure portal - Azure RBAC
-description: Learn how to create Azure custom roles for Azure role-based access control (Azure RBAC) using the Azure portal. This includes how to list, create, update, and delete custom roles.
+description: Learn how to create Azure custom roles using the Azure portal and Azure role-based access control (Azure RBAC). This includes how to list, create, update, and delete custom roles.
 services: active-directory
 documentationcenter: ''
 author: rolyon
@@ -100,7 +100,7 @@ If you prefer, you can specify most of your custom role values in a JSON file. Y
     }
     ```
 
-1. In the JSON file, specify values for the various properties. Here's an example with some values added. For information about the different properties, see [Understand role definitions](role-definitions.md).
+1. In the JSON file, specify values for the various properties. Here's an example with some values added. For information about the different properties, see [Understand Azure role definitions](role-definitions.md).
 
     ```json
     {
@@ -343,6 +343,6 @@ Follow these steps to view your custom roles.
 
 ## Next steps
 
-- [Tutorial: Create a custom role using Azure PowerShell](tutorial-custom-role-powershell.md)
-- [Custom roles in Azure](custom-roles.md)
+- [Tutorial: Create an Azure custom role using Azure PowerShell](tutorial-custom-role-powershell.md)
+- [Azure custom roles](custom-roles.md)
 - [Azure Resource Manager resource provider operations](resource-provider-operations.md)
@@ -1,6 +1,6 @@
 ---
-title: Create or update custom roles for Azure resources with Azure PowerShell
-description: Learn how to list, create, update, or delete custom roles with role-based access control (RBAC) for Azure resources using Azure PowerShell.
+title: Create or update Azure custom roles using Azure PowerShell - Azure RBAC
+description: Learn how to list, create, update, or delete custom roles using Azure PowerShell and Azure role-based access control (Azure RBAC).
 services: active-directory
 documentationcenter: ''
 author: rolyon
@@ -16,16 +16,16 @@ ms.date: 03/18/2020
 ms.author: rolyon
 ms.reviewer: bagovind
 ---
-# Create or update custom roles for Azure resources using Azure PowerShell
+# Create or update Azure custom roles using Azure PowerShell
 
 > [!IMPORTANT]
 > Adding a management group to `AssignableScopes` is currently in preview.
 > This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
 > For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
-If the [built-in roles for Azure resources](built-in-roles.md) don't meet the specific needs of your organization, you can create your own custom roles. This article describes how to list, create, update, or delete custom roles using Azure PowerShell.
+If the [Azure built-in roles](built-in-roles.md) don't meet the specific needs of your organization, you can create your own custom roles. This article describes how to list, create, update, or delete custom roles using Azure PowerShell.
 
-For a step-by-step tutorial on how to create a custom role, see [Tutorial: Create a custom role for Azure resources using Azure PowerShell](tutorial-custom-role-powershell.md).
+For a step-by-step tutorial on how to create a custom role, see [Tutorial: Create an Azure custom role using Azure PowerShell](tutorial-custom-role-powershell.md).
 
 [!INCLUDE [az-powershell-update](../../includes/updated-for-az.md)]
 
@@ -396,6 +396,6 @@ Are you sure you want to remove role definition with name 'Virtual Machine Opera
 
 ## Next steps
 
-- [Tutorial: Create a custom role for Azure resources using Azure PowerShell](tutorial-custom-role-powershell.md)
-- [Custom roles for Azure resources](custom-roles.md)
+- [Tutorial: Create an Azure custom role using Azure PowerShell](tutorial-custom-role-powershell.md)
+- [Azure custom roles](custom-roles.md)
 - [Azure Resource Manager resource provider operations](resource-provider-operations.md)