Merge pull request #194774 from dksimpson/1912257-RBAC-fix-24

Update RBAC role assignment steps - batch 24

Author: ttorble

articles/azure-sql/database/audit-write-storage-account-behind-vnet-firewall.md

@@ -9,7 +9,7 @@ author: sravanisaluru
 ms.author: srsaluru
 ms.date: "03/23/2022"
 ms.reviewer: kendralittle, vanto, mathoma
-ms.custom: azure-synapse
+ms.custom: azure-synapse, subject-rbac-steps
 ---
 # Write audit to a storage account behind VNet and firewall
 [!INCLUDE[appliesto-sqldb-asa](../includes/appliesto-sqldb-asa.md)]
@@ -112,12 +112,14 @@ To configure SQL Audit to write events to a storage account behind a VNet or Fir
    }
    ```
 
-2. Open [Azure portal](https://portal.azure.com). Navigate to your storage account. Locate **Access Control (IAM)**, and click **Add role assignment**. Assign **Storage Blob Data Contributor** Azure role to the server hosting the database that you registered with Azure Active Directory (Azure AD) as in the previous step.
+1. Assign the Storage Blob Data Contributor role to the server hosting the database that you registered with Azure Active Directory (Azure AD) in the previous step.
+
+    For detailed steps, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).
 
    > [!NOTE]
    > Only members with Owner privilege can perform this step. For various Azure built-in roles, refer to [Azure built-in roles](../../role-based-access-control/built-in-roles.md).
 
-3. Configure the [server's blob auditing policy](/rest/api/sql/server%20auditing%20settings/createorupdate), without specifying a *storageAccountAccessKey*:
+1. Configure the [server's blob auditing policy](/rest/api/sql/server%20auditing%20settings/createorupdate), without specifying a *storageAccountAccessKey*:
 
    Sample request
 

articles/cosmos-db/sql/certificate-based-authentication.md

@@ -8,7 +8,7 @@ ms.topic: how-to
 ms.date: 06/11/2019
 ms.author: jroth
 ms.reviewer: sngun 
-ms.custom: devx-track-azurepowershell
+ms.custom: devx-track-azurepowershell, subject-rbac-steps
 
 ---
 
@@ -106,13 +106,11 @@ The above command results in the output similar to the screenshot below:
 
 1. Sign into the [Azure portal](https://portal.azure.com/).
 
-1. Navigate to your Azure Cosmos account, open the **Access control (IAM)** blade.
+1. Navigate to your Azure Cosmos account.
 
-1. Select **Add** and **Add role assignment**. Add the sampleApp you created in the previous step with **Contributor** role as shown in the following screenshot:
+1. Assign the Contributor role to the sample app you created in the previous section.
 
-   :::image type="content" source="./media/certificate-based-authentication/configure-cosmos-account-with-identify.png" alt-text="Configure Azure Cosmos account to use the new identity":::
-
-1. Select **Save** after you fill out the form
+    For detailed steps, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).
 
 ## Register your certificate with Azure AD