Converting image format

DCtheGeek · DCtheGeek · commit b85d523595e5 · 2020-04-26T14:35:59.000-07:00
diff --git a/articles/governance/policy/assign-policy-template.md b/articles/governance/policy/assign-policy-template.md
@@ -75,7 +75,7 @@ Some additional resources:
 Select **Compliance** in the left side of the page. Then locate the **Audit VMs that do not use
 managed disks** policy assignment you created.
 
-![Policy compliance overview page](./media/assign-policy-template/policy-compliance.png)
+:::image type="content" source="./media/assign-policy-template/policy-compliance.png" alt-text="Policy compliance overview page" border="false":::
 
 If there are any existing resources that aren't compliant with this new assignment, they appear
 under **Non-compliant resources**.
@@ -93,7 +93,7 @@ To remove the assignment created, follow these steps:
 1. Right-click the **Audit VMs that do not use managed disks** policy assignment and select **Delete
    assignment**.
 
-   ![Delete an assignment from the compliance overview page](./media/assign-policy-template/delete-assignment.png)
+   :::image type="content" source="./media/assign-policy-template/delete-assignment.png" alt-text="Delete an assignment from the compliance overview page" border="false":::
 
 ## Next steps
 
diff --git a/articles/governance/policy/concepts/definition-structure.md b/articles/governance/policy/concepts/definition-structure.md
@@ -764,7 +764,7 @@ Policy, use one of the following methods:
   Use the [Azure Policy extension for Visual Studio Code](../how-to/extension-for-vscode.md) to view
   and discover aliases for resource properties.
 
-  ![Azure Policy extension for Visual Studio Code](../media/extension-for-vscode/extension-hover-shows-property-alias.png)
+  :::image type="content" source="../media/extension-for-vscode/extension-hover-shows-property-alias.png" alt-text="Azure Policy extension for Visual Studio Code" border="false":::
 
 - Azure Resource Graph
 
diff --git a/articles/governance/policy/concepts/policy-as-code.md b/articles/governance/policy/concepts/policy-as-code.md
@@ -31,7 +31,7 @@ before it's too late and they're attempting to deploy in production.
 
 The recommended general workflow of Policy as Code looks like this diagram:
 
-![Policy as Code workflow overview](../media/policy-as-code/policy-as-code-workflow.png)
+:::image type="content" source="../media/policy-as-code/policy-as-code-workflow.png" alt-text="Policy as Code workflow overview" border="false":::
 
 ### Create and update policy definitions
 
diff --git a/articles/governance/policy/concepts/rego-for-aks.md b/articles/governance/policy/concepts/rego-for-aks.md
@@ -42,11 +42,11 @@ preview, follow these steps in either the Azure portal or with Azure CLI:
   1. Launch the Azure Policy service in the Azure portal by clicking **All services**, then
      searching for and selecting **Policy**.
 
-     ![Search for Policy in All Services](../media/rego-for-aks/search-policy.png)
+     :::image type="content" source="../media/rego-for-aks/search-policy.png" alt-text="Search for Policy in All Services" border="false":::
 
   1. Select **Join Preview** on the left side of the Azure Policy page.
 
-     ![Join the Policy for AKS preview](../media/rego-for-aks/join-aks-preview.png)
+     :::image type="content" source="../media/rego-for-aks/join-aks-preview.png" alt-text="Join the Policy for AKS preview" border="false":::
 
   1. Select the row of the subscription you want added to the preview.
 
@@ -144,11 +144,11 @@ manage.
 
   1. Select **Policies (preview)** on the left side of the Kubernetes service page.
 
-     ![Policies from the AKS cluster](../media/rego-for-aks/policies-preview-from-aks-cluster.png)
+     :::image type="content" source="../media/rego-for-aks/policies-preview-from-aks-cluster.png" alt-text="Policies from the AKS cluster" border="false":::
 
   1. In the main page, select the **Enable add-on** button.
 
-     ![Enable the Azure Policy for AKS add-on](../media/rego-for-aks/enable-policy-add-on.png)
+     :::image type="content" source="../media/rego-for-aks/enable-policy-add-on.png" alt-text="Enable the Azure Policy for AKS add-on" border="false":::
 
      > [!NOTE]
      > If the **Enable add-on** button is grayed out, the subscription has not yet been added to the
@@ -252,11 +252,11 @@ To remove the Azure Policy Add-on from your AKS cluster, use either the Azure po
 
   1. Select **Policies (preview)** on the left side of the Kubernetes service page.
 
-     ![Policies from the AKS cluster](../media/rego-for-aks/policies-preview-from-aks-cluster.png)
+     :::image type="content" source="../media/rego-for-aks/policies-preview-from-aks-cluster.png" alt-text="Policies from the AKS cluster" border="false":::
 
   1. In the main page, select the **Disable add-on** button.
 
-     ![Disable the Azure Policy for AKS add-on](../media/rego-for-aks/disable-policy-add-on.png)
+     :::image type="content" source="../media/rego-for-aks/disable-policy-add-on.png" alt-text="Disable the Azure Policy for AKS add-on" border="false":::
 
 - Azure CLI
 
diff --git a/articles/governance/policy/how-to/determine-non-compliance.md b/articles/governance/policy/how-to/determine-non-compliance.md
@@ -43,14 +43,14 @@ To view the compliance details, follow these steps:
    the ellipsis of a resource in a **compliance state** that is _Non-compliant_. Then select **View
    compliance details**.
 
-   ![View compliance details option](../media/determine-non-compliance/view-compliance-details.png)
+   :::image type="content" source="../media/determine-non-compliance/view-compliance-details.png" alt-text="View compliance details option" border="false":::
 
 1. The **Compliance details** pane displays information from the latest evaluation of the resource
    to the current policy assignment. In this example, the field **Microsoft.Sql/servers/version** is
    found to be _12.0_ while the policy definition expected _14.0_. If the resource is non-compliant
    for multiple reasons, each is listed on this pane.
 
-   ![Compliance details pane and reasons for non-compliance](../media/determine-non-compliance/compliance-details-pane.png)
+   :::image type="content" source="../media/determine-non-compliance/compliance-details-pane.png" alt-text="Compliance details pane and reasons for non-compliance" border="false":::
 
    For an **auditIfNotExists** or **deployIfNotExists** policy definition, the details include the
    **details.type** property and any optional properties. For a list, see [auditIfNotExists
@@ -83,7 +83,7 @@ To view the compliance details, follow these steps:
    }
    ```
 
-   ![Compliance details pane - *ifNotExists](../media/determine-non-compliance/compliance-details-pane-existence.png)
+   :::image type="content" source="../media/determine-non-compliance/compliance-details-pane-existence.png" alt-text="Compliance details pane - *ifNotExists" border="false":::
 
 > [!NOTE]
 > To protect data, when a property value is a _secret_ the current value displays asterisks.
@@ -123,10 +123,10 @@ The following matrix maps each possible _reason_ to the responsible
 
 ## Compliance details for Guest Configuration
 
-For _auditIfNotExists_ policies in the _Guest Configuration_ category, there could be multiple settings
-evaluated inside the VM and you'll need to view per-setting details. For example, if you're auditing
-for a list of password policies and only one of them has status _Non-compliant_, you'll need to
-know which specific password policies are out of compliance and why.
+For _auditIfNotExists_ policies in the _Guest Configuration_ category, there could be multiple
+settings evaluated inside the VM and you'll need to view per-setting details. For example, if you're
+auditing for a list of password policies and only one of them has status _Non-compliant_, you'll
+need to know which specific password policies are out of compliance and why.
 
 You also might not have access to sign in to the VM directly but you need to report on why the VM is
 _Non-compliant_.
@@ -137,15 +137,15 @@ Begin by following the same steps in the section above for viewing policy compli
 
 In the **Compliance details** pane view click the link **Last evaluated resource**.
 
-   ![View auditIfNotExists definition details](../media/determine-non-compliance/guestconfig-auditifnotexists-compliance.png)
+:::image type="content" source="../media/determine-non-compliance/guestconfig-auditifnotexists-compliance.png" alt-text="View auditIfNotExists definition details" border="false":::
 
 The **Guest Assignment** page displays all available compliance details. Each row in the view
 represents an evaluation that was performed inside the machine. In the **Reason** column, a
 phrase describing why the Guest Assignment is _Non-compliant_ is shown. For example, if you're
 auditing password policies, the **Reason** column would display text including
 the current value for each setting.
 
-![View compliance details](../media/determine-non-compliance/guestconfig-compliance-details.png)
+:::image type="content" source="../media/determine-non-compliance/guestconfig-compliance-details.png" alt-text="View compliance details" border="false":::
 
 ### Azure PowerShell
 
@@ -234,12 +234,12 @@ triggered when the Resource Manager properties are added, removed, or altered.
 1. Select the **Change History (preview)** tab on the **Resource Compliance** page. A list of
    detected changes, if any exist, are displayed.
 
-   ![Azure Policy Change History tab on Resource Compliance page](../media/determine-non-compliance/change-history-tab.png)
+   :::image type="content" source="../media/determine-non-compliance/change-history-tab.png" alt-text="Azure Policy Change History tab on Resource Compliance page" border="false":::
 
 1. Select one of the detected changes. The _visual diff_ for the resource is presented on the
    **Change history** page.
 
-   ![Azure Policy Change History Visual Diff on Change history page](../media/determine-non-compliance/change-history-visual-diff.png)
+   :::image type="content" source="../media/determine-non-compliance/change-history-visual-diff.png" alt-text="Azure Policy Change History Visual Diff on Change history page" border="false":::
 
 The _visual diff_ aides in identifying changes to a resource. The changes detected may not be
 related to the current compliance state of the resource.
diff --git a/articles/governance/policy/how-to/extension-for-vscode.md b/articles/governance/policy/how-to/extension-for-vscode.md
@@ -53,7 +53,7 @@ For a national cloud user, follow these steps to set the Azure environment first
 
 1. Select the nation cloud from the list:
 
-   ![Set default Azure cloud sign in for Visual Studio Code](../media/extension-for-vscode/set-default-azure-cloud-sign-in.png)
+   :::image type="content" source="../media/extension-for-vscode/set-default-azure-cloud-sign-in.png" alt-text="Set default Azure cloud sign in for Visual Studio Code" border="false":::
 
 ## Connect to an Azure account
 
@@ -66,13 +66,13 @@ to connect to Azure from Visual Studio Code:
 
      From the Azure Policy extension, select **Sign in to Azure**.
 
-     ![Azure cloud sign in for Visual Studio Code from Azure Policy extension](../media/extension-for-vscode/azure-cloud-sign-in-policy-extension.png)
+     :::image type="content" source="../media/extension-for-vscode/azure-cloud-sign-in-policy-extension.png" alt-text="Azure cloud sign in for Visual Studio Code from Azure Policy extension" border="false":::
 
    - Command Palette
 
      From the menu bar, go to **View** > **Command Palette**, and enter **Azure: Sign In**.
 
-     ![Azure cloud sign in for Visual Studio Code from Command Palette](../media/extension-for-vscode/azure-cloud-sign-in-command-palette.png)
+     :::image type="content" source="../media/extension-for-vscode/azure-cloud-sign-in-command-palette.png" alt-text="Azure cloud sign in for Visual Studio Code from Command Palette" border="false":::
 
 1. Follow the sign in instructions to sign in to Azure. After you're connected, your Azure account
    name is shown on the status bar at the bottom of the Visual Studio Code window.
@@ -150,7 +150,7 @@ Azure Policy alias if one exists. In this example, the resource is a
 **properties.storageProfile.imageReference.offer** property is hovered over. Hovering shows the
 matching aliases.
 
-![Azure Policy extension hover shows Resource Manager property alias](../media/extension-for-vscode/extension-hover-shows-property-alias.png)
+:::image type="content" source="../media/extension-for-vscode/extension-hover-shows-property-alias.png" alt-text="Azure Policy extension hover shows Resource Manager property alias" border="false":::
 
 ## Search for and view policies and assignments
 
diff --git a/articles/governance/policy/how-to/get-compliance-data.md b/articles/governance/policy/how-to/get-compliance-data.md
@@ -128,13 +128,13 @@ condition triggers evaluation of the existence condition for the related resourc
 For example, assume that you have a resource group – ContsoRG, with some storage accounts
 (highlighted in red) that are exposed to public networks.
 
-![Storage accounts exposed to public networks](../media/getting-compliance-data/resource-group01.png)
+:::image type="content" source="../media/getting-compliance-data/resource-group01.png" alt-text="Storage accounts exposed to public networks" border="false":::
 
 In this example, you need to be wary of security risks. Now that you've created a policy assignment,
 it's evaluated for all storage accounts in the ContosoRG resource group. It audits the three
 non-compliant storage accounts, consequently changing their states to **Non-compliant.**
 
-![Audited non-compliant storage accounts](../media/getting-compliance-data/resource-group03.png)
+:::image type="content" source="../media/getting-compliance-data/resource-group03.png" alt-text="Audited non-compliant storage accounts" border="false":::
 
 Besides **Compliant** and **Non-compliant**, policies and resources have three other states:
 
@@ -156,7 +156,7 @@ divided by the sum of all distinct resources. In the image below, there are 20 d
 that are applicable and only one is **Non-compliant**. The overall resource compliance is 95% (19
 out of 20).
 
-![Example of policy compliance from Compliance page](../media/getting-compliance-data/simple-compliance.png)
+:::image type="content" source="../media/getting-compliance-data/simple-compliance.png" alt-text="Example of policy compliance from Compliance page" border="false":::
 
 ## Portal
 
@@ -167,14 +167,14 @@ and count per assignment, it contains a chart showing compliance over the last s
 **Compliance** page contains much of this same information (except the chart), but provide
 additional filtering and sorting options.
 
-![Example of Azure Policy Compliance page](../media/getting-compliance-data/compliance-page.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-page.png" alt-text="Example of Azure Policy Compliance page" border="false":::
 
 Since a policy or initiative can be assigned to different scopes, the table includes the scope for
 each assignment and the type of definition that was assigned. The number of non-compliant resources
 and non-compliant policies for each assignment are also provided. Clicking on a policy or initiative
 in the table provides a deeper look at the compliance for that particular assignment.
 
-![Example of Azure Policy Compliance Details page](../media/getting-compliance-data/compliance-details.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-details.png" alt-text="Example of Azure Policy Compliance Details page" border="false":::
 
 The list of resources on the **Resource compliance** tab shows the evaluation status of existing
 resources for the current assignment. The tab defaults to **Non-compliant**, but can be filtered.
@@ -184,29 +184,28 @@ the **Events** tab.
 > [!NOTE]
 > For an AKS Engine policy, the resource shown is the resource group.
 
-![Example of Azure Policy Compliance events](../media/getting-compliance-data/compliance-events.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-events.png" alt-text="Example of Azure Policy Compliance events" border="false":::
 
 For [Resource Provider mode](../concepts/definition-structure.md#resource-provider-modes) resources,
 on the **Resource compliance** tab, selecting the resource or right-clicking on the row and
 selecting **View compliance details** opens the component compliance details. This page also offers
 tabs to see the policies that are assigned to this resource, events, component events, and change
 history.
 
-![Example of Azure Policy Component compliance details](../media/getting-compliance-data/compliance-components.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-components.png" alt-text="Example of Azure Policy Component compliance details" border="false":::
 
 Back on the resource compliance page, right-click on the row of the event you would like to gather
 more details on and select **Show activity logs**. The activity log page opens and is pre-filtered
 to the search showing details for the assignment and the events. The activity log provides
 additional context and information about those events.
 
-![Example of Azure Policy Compliance Activity Log](../media/getting-compliance-data/compliance-activitylog.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-activitylog.png" alt-text="Example of Azure Policy Compliance Activity Log" border="false":::
 
 ### Understand non-compliance
 
-<a name="change-history-preview"></a>
-
 When a resources is determined to be **non-compliant**, there are many possible reasons. To
-determine the reason a resource is **non-compliant** or to find the change responsible, see [Determine non-compliance](./determine-non-compliance.md).
+determine the reason a resource is **non-compliant** or to find the change responsible, see
+[Determine non-compliance](./determine-non-compliance.md).
 
 ## Command line
 
@@ -485,13 +484,13 @@ Trent Baker
 ## Azure Monitor logs
 
 If you have a [Log Analytics workspace](../../../log-analytics/log-analytics-overview.md) with
-`AzureActivity` from the [Activity Log Analytics solution](../../../azure-monitor/platform/activity-log-collect.md) tied to your subscription, you
-can also view non-compliance results from the evaluation cycle using simple Kusto queries and the
-`AzureActivity` table. With details in Azure Monitor logs, alerts can be configured to watch for
-non-compliance.
-
+`AzureActivity` from the
+[Activity Log Analytics solution](../../../azure-monitor/platform/activity-log-collect.md) tied to
+your subscription, you can also view non-compliance results from the evaluation cycle using simple
+Kusto queries and the `AzureActivity` table. With details in Azure Monitor logs, alerts can be
+configured to watch for non-compliance.
 
-![Azure Policy Compliance using Azure Monitor logs](../media/getting-compliance-data/compliance-loganalytics.png)
+:::image type="content" source="../media/getting-compliance-data/compliance-loganalytics.png" alt-text="Azure Policy Compliance using Azure Monitor logs" border="false":::
 
 ## Next steps
 
diff --git a/articles/governance/policy/how-to/remediate-resources.md b/articles/governance/policy/how-to/remediate-resources.md
diff --git a/articles/governance/policy/tutorials/create-custom-policy-definition.md b/articles/governance/policy/tutorials/create-custom-policy-definition.md
