freshness review

Author: cherylmc

articles/bastion/media/upgrade-sku/configuration-sku.png

@@ -1,37 +1,37 @@
 ---
-title: 'Create a shareable link for Azure Bastion'
+title: Create a shareable link for Azure Bastion
 description: Learn how to create a shareable link to let a user connect to a target resource via Bastion without using the Azure portal.
 author: cherylmc
 ms.service: azure-bastion
 ms.topic: how-to
-ms.date: 05/10/2023
+ms.date: 12/09/2024
 ms.author: cherylmc
 ---
 
 # Create a shareable link for Bastion
 
 The Bastion **Shareable Link** feature lets users connect to a target resource (virtual machine or virtual machine scale set) using Azure Bastion without accessing the Azure portal. This article helps you use the Shareable Link feature to create a shareable link for an existing Azure Bastion deployment.
 
-When a user without Azure credentials clicks a shareable link, a webpage opens that prompts the user to sign in to the target resource via RDP or SSH. Users authenticate using username and password or private key, depending on what you have configured for the target resource. The shareable link does not contain any credentials - the admin must provide sign-in credentials to the user.
+When a user without Azure credentials clicks a shareable link, a webpage opens that prompts the user to sign in to the target resource via RDP or SSH. Users authenticate using username and password or private key, depending on what is configured for the target resource. The shareable link doesn't contain any credentials - the admin must provide sign-in credentials to the user.
 
-By default, users in your org will have only read access to shared links. If a user has read access, they'll only be able to use and view shared links, but can't create or delete a shareable link. For more information, see the [Permissions](#permissions) section of this article.
+By default, users in your org have only **Read** access to shared links. If a user has **Read** access, they'll only be able to use and view shared links, but can't create or delete a shareable link. For more information, see the [Permissions](#permissions) section of this article.
 
 ## Considerations
 
-* Shareable Links isn't currently supported for peered VNETs across tenants. 
+* Shareable Links isn't currently supported for peered virtual networks across tenants.
 * Shareable Links isn't currently supported over Virtual WAN.
-* Shareable Links does not support connection to on-premises or non-Azure VMs and VMSS. 
+* Shareable Links doesn't support connection to on-premises or non-Azure virtual machines and Virtual Machine Scale Sets.
 * The Standard SKU is required for this feature.
 * Bastion only supports 50 requests, including creates and deletes, for shareable links at a time.
-* Bastion only supports 500 shareable links per Bastion resource. 
+* Bastion only supports 500 shareable links per Bastion resource.
 
 ## Prerequisites
 
-* Azure Bastion is deployed to your VNet. See [Tutorial - Deploy Bastion using manual settings](tutorial-create-host-portal.md) for steps.
+* Azure Bastion is deployed to your virtual network. See [Tutorial - Deploy Bastion using manual settings](tutorial-create-host-portal.md) for steps.
 
 * Bastion must be configured to use the **Standard** SKU for this feature. You can update the SKU from Basic to Standard when you configure the shareable links feature.
 
-* The VNet in which the Bastion resource is deployed or a directly peered VNet contains the VM resource to which you want to create a shareable link.
+* The virtual network in which the Bastion resource is deployed or a directly peered virtual network contains the VM resource to which you want to create a shareable link.
 
 ## Enable Shareable Link feature
 
@@ -49,7 +49,7 @@ Before you can create a shareable link to a VM, you must first enable the featur
 
 1. Verify that you've selected the settings that you want, then click **Apply**.
 
-1. Bastion will immediately begin updating the settings for your bastion host. Updates will take about 10 minutes.
+1. Bastion will immediately begin updating the settings for your bastion host. Updates take about 10 minutes.
 
 ## Create shareable links
 
@@ -61,7 +61,7 @@ In this section, you specify each resource for which you want to create a sharea
 
    :::image type="content" source="./media/shareable-link/add.png" alt-text="Screenshot shareable links page with + add." lightbox="./media/shareable-link/add.png":::
 
-1. On the **Create shareable link** page, select the resources for which you want to create a shareable link. You can select specific resources, or you can select all. A separate shareable link will be created for each selected resource. Click **Apply** to create links.
+1. On the **Create shareable link** page, select the resources for which you want to create a shareable link. You can select specific resources, or you can select all. A separate shareable link is created for each selected resource. Click **Apply** to create links.
 
    :::image type="content" source="./media/shareable-link/select-vm.png" alt-text="Screenshot of shareable links page to create a shareable link." lightbox="./media/shareable-link/select-vm.png":::
 
@@ -71,7 +71,7 @@ In this section, you specify each resource for which you want to create a sharea
 
 ## Connect to a VM
 
-1. After receiving the link, the user opens the link in their browser.
+1. After the user receives the link, the user opens the link in their browser.
 
 1. In the left corner, the user can select whether to see text and images copied to the clipboard. The user inputs the required information, then clicks **Login** to connect. A shared link doesn't contain authentication credentials. The admin must provide sign-in credentials to the user. Custom port and protocols are supported.
 
@@ -91,7 +91,7 @@ In this section, you specify each resource for which you want to create a sharea
 
 ## Permissions
 
-Permissions to the Shareable Link feature are configured using Access control (IAM). By default, users in your org will have only read access to shared links. If a user has read access, they'll only be able to use and view shared links, but can't create or delete a shared link.
+Permissions to the Shareable Link feature are configured using Access control (IAM). By default, users in your org have only **Read** access to shared links. If a user has **Read** access, they'll only be able to use and view shared links, but can't create or delete a shared link.
 
 To give someone permissions to create or delete a shared link, use the following steps:
 

articles/bastion/media/upgrade-sku/sku-values.png

@@ -4,7 +4,7 @@ description: Learn how to deploy Azure Bastion by using settings that you specif
 author: cherylmc
 ms.service: azure-bastion
 ms.topic: tutorial
-ms.date: 03/29/2024
+ms.date: 12/09/2024
 ms.author: cherylmc
 ---
 

articles/bastion/shareable-link.md

@@ -1,11 +1,11 @@
 ---
-title: 'Upgrade or view a SKU: portal'
+title: Upgrade or view a SKU - portal
 titleSuffix: Azure Bastion
 description: Learn how to view a SKU and upgrade SKU tiers.
 author: cherylmc
 ms.service: azure-bastion
 ms.topic: how-to
-ms.date: 10/13/2023
+ms.date: 12/09/2024
 ms.author: cherylmc
 
 ---
@@ -24,8 +24,6 @@ To view the SKU for your bastion host, use the following steps.
 1. In the Azure portal, go to your bastion host.
 1. In the left pane, select **Configuration** to open the Configuration page. Click through the different Tier options. Notice that the SKU affects the available features you can select for your bastion host.
 
-   :::image type="content" source="./media/upgrade-sku/configuration-sku.png" alt-text="Screenshot of the configuration page with the Basic SKU selected." lightbox="./media/upgrade-sku/configuration-sku.png":::
-
 ## Upgrade from the Developer SKU
 
 When you upgrade from a Developer SKU to a dedicated deployment SKU, you need to create a public IP address and an Azure Bastion subnet.
@@ -38,7 +36,7 @@ Use the following steps to upgrade to a higher SKU.
 1. Create a new public IP address value unless you have already created one for your bastion host, in which case, select the value.
 1. Because you already created the AzureBastionSubnet, the **Subnet** field will automatically populate.
 1. You can add features at the same time you upgrade the SKU. You don't need to upgrade the SKU and then go back to add the features as a separate step.
-1. Select **Apply** to apply changes. The bastion host updates. This takes about 10 minutes to complete.
+1. Select **Apply** to apply changes. The bastion host updates. This procedure takes about 10 minutes to complete.
 
 ## Upgrade from the Basic or Standard SKU
 
@@ -50,7 +48,7 @@ Use the following steps to upgrade to a higher SKU.
 
 1. You can add features at the same time you upgrade the SKU. You don't need to upgrade the SKU and then go back to add the features as a separate step.
 
-1. Select **Apply** to apply changes. The bastion host updates. This takes about 10 minutes to complete.
+1. Select **Apply** to apply changes. The bastion host updates. This procedure takes about 10 minutes to complete.
 
 ## Next steps
 

articles/bastion/tutorial-create-host-portal.md

@@ -1,17 +1,17 @@
 ---
-title: 'VNet peering and Azure Bastion architecture'
-description: Learn how VNet peering and Azure Bastion can be used together to connect to VMs.
+title: VNet peering and Azure Bastion architecture
+description: Learn how virtual network peering and Azure Bastion can be used together to connect to VMs.
 author: cherylmc
 ms.service: azure-bastion
 ms.topic: conceptual
-ms.date: 04/05/2024
+ms.date: 12/09/2024
 ms.author: cherylmc
 
 ---
 
 # Virtual network peering and Azure Bastion
 
-Azure Bastion and Virtual Network peering can be used together. When Virtual Network peering is configured, you don't have to deploy Azure Bastion in each peered VNet. This means if you have an Azure Bastion host configured in one virtual network (VNet), it can be used to connect to VMs deployed in a peered VNet without deploying an additional bastion host. For more information about VNet peering, see [About virtual network peering](../virtual-network/virtual-network-peering-overview.md).
+Azure Bastion and Virtual Network peering can be used together. When Virtual Network peering is configured, you don't have to deploy Azure Bastion in each peered VNet (virtual network). This means if you have an Azure Bastion host configured in one virtual network, it can be used to connect to virtual machines (VMs) deployed in a peered virtual network without deploying an additional bastion host. For more information about virtual network peering, see [About virtual network peering](../virtual-network/virtual-network-peering-overview.md).
 
 Azure Bastion works with the following types of peering:
 
@@ -20,35 +20,34 @@ Azure Bastion works with the following types of peering:
 
 > [!NOTE]
 > Deploying Azure Bastion **within** a Virtual WAN hub is not supported. You can deploy Azure Bastion in a spoke VNet and use the [IP-based connection](connect-ip-address.md) feature to connect to virtual machines deployed across a different VNet via the Virtual WAN hub.
->
 
 ## Architecture
 
-When VNet peering is configured, Azure Bastion can be deployed in hub-and-spoke or full-mesh topologies. Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine.
+When virtual network peering is configured, Azure Bastion can be deployed in hub-and-spoke or full-mesh topologies. Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine.
 
-Once you provision the Azure Bastion service in your virtual network, the RDP/SSH experience is available to all your VMs in the same VNet and peered VNets. This means you can consolidate Bastion deployment to single VNet and still reach VMs deployed in a peered VNet, centralizing the overall deployment.
+Once you provision the Azure Bastion service in your virtual network, the RDP/SSH experience is available to all your virtual machines in the same virtual network and peered virtual networks. This means you can consolidate Bastion deployment to single virtual network and still reach virtual machines deployed in a peered virtual network, centralizing the overall deployment.
 
 :::image type="content" source="./media/vnet-peering/design.png" alt-text="Design and Architecture diagram":::
 
 The diagram shows the architecture of an Azure Bastion deployment in a hub-and-spoke model. In the diagram, you can see the following configuration:
 
 * The bastion host is deployed in the centralized hub virtual network.
 * Centralized Network Security Group (NSG) is deployed.
-* A public IP is not required on the Azure VM.
+* A public IP isn't required on the Azure VM.
 
 ## <a name="deploy"></a>Deployment overview
 
-1. Verify that you have configured [VNets](../virtual-network/quick-create-portal.md), and [virtual machines](/azure/virtual-machines/windows/quick-create-portal) within the VNets.
-1. [Configure VNet peering](../virtual-network/virtual-network-peering-overview.md).
+1. Verify that you have configured [virtual networks](../virtual-network/quick-create-portal.md), and [virtual machines](/azure/virtual-machines/windows/quick-create-portal) within the virtual networks.
+1. [Configure virtual network peering](../virtual-network/virtual-network-peering-overview.md).
 1. [Configure Bastion](tutorial-create-host-portal.md) in one of the VNets.
 1. [Verify permissions](#permissions).
-1. [Connect to a VM](bastion-connect-vm-rdp-windows.md) via Azure Bastion. In order to connect via Azure Bastion, you must have the correct permissions for the subscription you are signed into.
+1. [Connect to a virtual machine](bastion-connect-vm-rdp-windows.md) via Azure Bastion. In order to connect via Azure Bastion, you must have the correct permissions for the subscription you're signed into.
 
 ### <a name="permissions"></a>To verify permissions
 
 Verify the following permissions when working with this architecture:
 
-* Ensure you have **read** access to both the target VM and the peered VNet.
+* Ensure you have **read** access to both the target VM and the peered virtual network.
 * Check your permissions in **YourSubscription | IAM** and verify that you have read access to the following resources:
   * Reader role on the virtual machine.
   * Reader role on the NIC with private IP of the virtual machine.
@@ -57,7 +56,7 @@ Verify the following permissions when working with this architecture:
 
 ## <a name="FAQ"></a>Bastion VNet peering FAQ
 
-For frequently asked questions, see the Bastion VNet peering [FAQ](bastion-faq.md#peering).
+For frequently asked questions, see the Bastion virtual network peering [FAQ](bastion-faq.md#peering).
 
 ## Next steps