Merge pull request #288968 from MicrosoftDocs/main

10/22/2024 AM Publish

Author: Taojunshen

articles/app-service/overview-managed-identity.md

@@ -304,8 +304,8 @@ For .NET apps and functions, the simplest way to work with a managed identity is
 See the respective documentation headings of the client library for information:
 
 - [Add Azure Identity client library to your project](/dotnet/api/overview/azure/identity-readme#getting-started)
-- [Access Azure service with a system-assigned identity](/dotnet/api/overview/azure/identity-readme#authenticating-with-defaultazurecredential)
-- [Access Azure service with a user-assigned identity](/dotnet/api/overview/azure/identity-readme#specifying-a-user-assigned-managed-identity-with-the-defaultazurecredential)
+- [Access Azure service with a system-assigned identity](/dotnet/api/overview/azure/identity-readme#authenticate-with-defaultazurecredential)
+- [Access Azure service with a user-assigned identity](/dotnet/api/overview/azure/identity-readme#specify-a-user-assigned-managed-identity-with-defaultazurecredential)
 
 The linked examples use [`DefaultAzureCredential`](/dotnet/api/overview/azure/identity-readme#defaultazurecredential). It's useful for the majority of the scenarios because the same pattern works in Azure (with managed identities) and on your local machine (without managed identities).
 
@@ -316,8 +316,8 @@ For Node.js apps and JavaScript functions, the simplest way to work with a manag
 See the respective documentation headings of the client library for information:
 
 - [Add Azure Identity client library to your project](/javascript/api/overview/azure/identity-readme#install-the-package)
-- [Access Azure service with a system-assigned identity](/javascript/api/overview/azure/identity-readme#authenticating-with-defaultazurecredential)
-- [Access Azure service with a user-assigned identity](/javascript/api/overview/azure/identity-readme#authenticating-a-user-assigned-managed-identity-with-defaultazurecredential)
+- [Access Azure service with a system-assigned identity](/javascript/api/overview/azure/identity-readme#authenticate-with-defaultazurecredential)
+- [Access Azure service with a user-assigned identity](/javascript/api/overview/azure/identity-readme#specify-a-user-assigned-managed-identity-with-defaultazurecredential)
 
 The linked examples use [`DefaultAzureCredential`](/javascript/api/overview/azure/identity-readme#defaultazurecredential). It's useful for the majority of the scenarios because the same pattern works in Azure (with managed identities) and on your local machine (without managed identities).
 
@@ -330,8 +330,8 @@ For Python apps and functions, the simplest way to work with a managed identity
 See the respective documentation headings of the client library for information:
 
 - [Add Azure Identity client library to your project](/python/api/overview/azure/identity-readme#getting-started)
-- [Access Azure service with a system-assigned identity](/python/api/overview/azure/identity-readme#authenticating-with-defaultazurecredential)
-- [Access Azure service with a user-assigned identity](/python/api/overview/azure/identity-readme#authenticating-a-user-assigned-managed-identity-with-defaultazurecredential)
+- [Access Azure service with a system-assigned identity](/python/api/overview/azure/identity-readme#authenticate-with-defaultazurecredential)
+- [Access Azure service with a user-assigned identity](/python/api/overview/azure/identity-readme#authenticate-with-a-user-assigned-managed-identity)
 
 The linked examples use [`DefaultAzureCredential`](/python/api/overview/azure/identity-readme#defaultazurecredential). It's useful for the majority of the scenarios because the same pattern works in Azure (with managed identities) and on your local machine (without managed identities).
 
@@ -342,8 +342,8 @@ For Java apps and functions, the simplest way to work with a managed identity is
 See the respective documentation headings of the client library for information:
 
 - [Add Azure Identity client library to your project](/java/api/overview/azure/identity-readme#include-the-package)
-- [Access Azure service with a system-assigned identity](/java/api/overview/azure/identity-readme#authenticating-with-defaultazurecredential)
-- [Access Azure service with a user-assigned identity](/java/api/overview/azure/identity-readme#authenticating-a-user-assigned-managed-identity-with-defaultazurecredential)
+- [Access Azure service with a system-assigned identity](/java/api/overview/azure/identity-readme#authenticate-with-defaultazurecredential)
+- [Access Azure service with a user-assigned identity](/java/api/overview/azure/identity-readme#authenticate-a-user-assigned-managed-identity-with-defaultazurecredential)
 
 The linked examples use [`DefaultAzureCredential`](/azure/developer/java/sdk/identity-azure-hosted-auth#default-azure-credential). It's useful for the majority of the scenarios because the same pattern works in Azure (with managed identities) and on your local machine (without managed identities).
 

articles/azure-netapp-files/use-availability-zones.md

@@ -1,19 +1,19 @@
 ---
-title: Use availability zones zonal placement for application high availability with Azure NetApp Files
+title: Use availability zone placement for application high availability with Azure NetApp Files
 description: Azure availability zones are highly available, fault tolerant, and more scalable than traditional single or multiple data center infrastructures.
 services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: conceptual
-ms.date: 05/22/2024
+ms.date: 10/22/2024
 ms.author: anfdocs
 ---
-# Use availability zones zonal placement for application high availability with Azure NetApp Files
+# Use availability zone placement for application high availability with Azure NetApp Files
 
 Azure [availability zones](../availability-zones/az-overview.md#availability-zones) are physically separate locations within each supporting Azure region that are tolerant to local failures. Failures can range from software and hardware failures to events such as earthquakes, floods, and fires. Tolerance to failures is achieved because of redundancy and logical isolation of Azure services. To ensure resiliency, a minimum of three separate availability zones are present in all [availability zone-enabled regions](../availability-zones/az-overview.md#azure-regions-with-availability-zones). 
 
 >[!IMPORTANT]
-> Availability zones are referred to as _logical zones_. Each data center is assigned to a physical zone. Physical zones are mapped to logical zones in your Azure subscription, and the mapping is different with different subscriptions. Azure subscriptions are automatically assigned this mapping when a subscription is created. Azure NetApp Files aligns with the generic logical-to-physical availability zone mapping for all Azure services for the subscription. 
+> Availability zones are referred to as _logical zones_. Each data center is assigned to a physical zone. [Physical zones are mapped to logical zones in your Azure subscription](/azure/reliability/availability-zones-overview#physical-and-logical-availability-zones), and the mapping is different with different subscriptions. Azure subscriptions are automatically assigned this mapping when a subscription is created. Azure NetApp Files aligns with the generic logical-to-physical availability zone mapping for all Azure services for the subscription. 
 
 Azure availability zones are highly available, fault tolerant, and more scalable than traditional single or multiple data center infrastructures. Azure availability zones let you design and operate applications and databases that automatically transition between zones without interruption. You can design resilient solutions by using Azure services that use availability zones.  
 

articles/cost-management-billing/manage/avoid-unused-subscriptions.md

@@ -6,7 +6,7 @@ ms.reviewer: mijeffer
 ms.service: cost-management-billing
 ms.subservice: billing
 ms.topic: concept-article
-ms.date: 10/08/2024
+ms.date: 10/22/2024
 ms.author: banders
 # customer intent: As a billing administrator, I want to prevent my subscriptions from getting blocked or deleted.
 ---
@@ -16,7 +16,11 @@ ms.author: banders
 Unused and abandoned subscriptions can increase potential security risks to your Azure account. To reduce this risk, Microsoft takes measures to secure, protect, and ultimately delete unused Azure subscriptions.
 
 >[!NOTE]
-> This article only applies to Microsoft Online Service Program (MOSP) and Cloud Solution Provider (CSP) subscriptions.
+> This article only applies to the following subscription types:
+> - Microsoft Online Service Program (MOSP)
+> - Cloud Solution Provider (CSP)
+> - Microsoft Customer Agreement (MCA) that you bought through the Azure website or Azure portal
+> - Microsoft Customer Agreement (MCA) that you bought through a Microsoft representative
 
 ## What is an unused subscription?
 

articles/expressroute/expressroute-troubleshooting-arp-classic.md

@@ -50,8 +50,8 @@ The following section provides information about how to view the ARP tables that
 ## Prerequisites for using ARP tables
 Ensure that you have the following before you continue:
 
-* A valid ExpressRoute circuit that's configured with at least one peering. The circuit must be fully configured by the connectivity provider. You (or your connectivity provider) must configure at least one of the peerings (Azure private, Azure public, or Microsoft) on this circuit.
-* IP address ranges that are used for configuring the peerings (Azure private, Azure public, and Microsoft). Review the IP address assignment examples in the [ExpressRoute routing requirements page](expressroute-routing.md) to get an understanding of how IP addresses are mapped to interfaces on your side and on the ExpressRoute side. You can get information about the peering configuration by reviewing the [ExpressRoute peering configuration page](expressroute-howto-routing-classic.md).
+* A valid ExpressRoute circuit that's configured with at least one peering. The circuit must be fully configured by the connectivity provider. You (or your connectivity provider) must configure at least one of the peerings (Azure private or Microsoft) on this circuit.
+* IP address ranges that are used for configuring the peerings (Azure private and Microsoft). Review the IP address assignment examples in the [ExpressRoute routing requirements page](expressroute-routing.md) to get an understanding of how IP addresses are mapped to interfaces on your side and on the ExpressRoute side. You can get information about the peering configuration by reviewing the [ExpressRoute peering configuration page](expressroute-howto-routing-classic.md).
 * Information from your networking team or connectivity provider about the MAC addresses of the interfaces that are used with these IP addresses.
 * The latest Windows PowerShell module for Azure (version 1.50 or later).
 
@@ -63,7 +63,7 @@ The following cmdlet provides the ARP tables for Azure private peering:
 
 ```azurepowershell
 # Required variables
-$ckt = "<your Service Key here>
+$ckt = "<your Service Key here>"
 
 # ARP table for Azure private peering--primary path
 Get-AzureDedicatedCircuitPeeringArpInfo -ServiceKey $ckt -AccessType Private -Path Primary
@@ -110,7 +110,7 @@ The ARP table of a peering can be used to validate Layer 2 configuration and con
 * The ARP table has an entry for the on-premises side with a valid IP and MAC address, and a similar entry for the Microsoft side.
 * The last octet of the on-premises IP address is always an odd number.
 * The last octet of the Microsoft IP address is always an even number.
-* The same MAC address appears on the Microsoft side for all three peerings (primary/secondary).
+* The same MAC address appears on the Microsoft side for the peerings (Azure private and Microsoft).
 
 ```output
 Age InterfaceProperty IpAddress  MacAddress    

articles/iot-central/core/concepts-private-endpoints.md

@@ -3,7 +3,7 @@ title: Network security using private endpoints in IoT Central
 description: Use private endpoints to limit and secure device connectivity to your IoT Central application instead of using public URLs.
 author: dominicbetts
 ms.author: dobett
-ms.date: 05/22/2023
+ms.date: 10/22/2024
 ms.topic: conceptual
 ms.service: azure-iot-central
 services: iot-central
@@ -51,7 +51,7 @@ IoT Central creates multiple customer visible FQDNs as part of a private endpoin
 
 :::image type="content" source="media/concepts-private-endpoints/visible-fqdns.png" alt-text="Screenshot from the Azure portal that shows the customer visible FQDNs.":::
 
-The IoT Central private endpoint uses multiple IP addresses from your virtual network and subnet. Also, based on application's load profile, IoT Central [autoscales its underlying IoT Hubs](/azure/iot-central/core/concepts-scalability-availability) so the number of IP addresses used by a private endpoint may increase. Plan for this possible increase when you determine the size for the subnet.
+The IoT Central private endpoint uses multiple IP addresses from your virtual network and subnet. Also, based on application's load profile, IoT Central [autoscales its underlying IoT Hubs](/azure/iot-central/core/concepts-scalability-availability) so the number of IP addresses used by a private endpoint might increase. Plan for this possible increase when you determine the size for the subnet.
 
 Use the following information to help determine the total number of IP addresses required in your subnet:
 

articles/iot-central/core/howto-create-organizations.md

@@ -5,7 +5,7 @@ services: iot-central
 ms.service: azure-iot-central
 author: dominicbetts
 ms.author: dobett
-ms.date: 06/14/2023
+ms.date: 10/22/2024
 ms.topic: how-to
 ---
 
@@ -99,7 +99,7 @@ Then select the permissions for the role.
 
 ## Invite users
 
-After you've created your organization hierarchy and assigned devices to organizations, invite users to your application and assign them to organizations.
+After you create your organization hierarchy and assigned devices to organizations, invite users to your application and assign them to organizations.
 
 To invite a user, navigate to **Permissions > Users**. Enter their email address, the organization they're assigned to, and the role or roles they're a member of. The organization you select filters the list of available roles to make sure you assign the user to a valid role:
 
@@ -112,13 +112,13 @@ You can assign the same user to multiple organizations. The user can have a diff
 | [email protected] | Org Administrator | Custom app |
 | [email protected] | Org Viewer | Custom app |
 
-When you invite a new user, you need to share the application URL with them and ask them to sign in. After the user has signed in for the first time, the application appears on the user's [My apps](https://apps.azureiotcentral.com/myapps) page.
+When you invite a new user, you need to share the application URL with them and ask them to sign in. After the user signs in for the first time, the application appears on the user's [My apps](https://apps.azureiotcentral.com/myapps) page.
 
 To access the application for the first time, an invited user must first navigate to the application using the link they receive from the administrator. The application isn't visible on the [My apps](https://apps.azureiotcentral.com/myapps) page on the Azure IoT Central site until then.
 
 ## Use organizations
 
-After you've created your organization hierarchy, you can use organizations in areas of your application such as:
+After you create your organization hierarchy, you can use organizations in areas of your application such as:
 
 - [Organization dashboards](howto-manage-dashboards.md) that show information to users about devices in their organization.
 - [Device groups](tutorial-use-device-groups.md) for devices in specific organizations.
@@ -139,7 +139,7 @@ To set the default organization, select **Settings** on the top menu bar:
 
 ## Add organizations to an existing application
 
-An application may contain devices, users, and experiences such as dashboards, device groups, and jobs before you add an organization hierarchy.
+An application might contain devices, users, and experiences such as dashboards, device groups, and jobs before you add an organization hierarchy.
 
 When you start adding organizations, all existing devices, users, and experiences remain associated with the root organization in the application:
 

articles/iot-central/core/howto-create-private-endpoint.md

@@ -3,7 +3,7 @@ title: Create a private endpoint for Azure IoT Central
 description: Learn how to create and configure a private endpoint to securely connect your devices to IoT Central over a private virtual network.
 author: dominicbetts
 ms.author: dobett
-ms.date: 05/19/2023
+ms.date: 10/22/2024
 ms.topic: how-to
 ms.service: azure-iot-central
 services: iot-central
@@ -73,7 +73,7 @@ To see all the private endpoints created for your application:
 
 ### Use a custom DNS server
 
-In some situations, you may not be able to integrate with the private DNS zone of the virtual network. For example, you may use your own DNS server or create DNS records using the host files on your virtual machines. This section describes how to get to the DNS zones.
+In some situations, you might not be able to integrate with the private DNS zone of the virtual network. For example, you might use your own DNS server or create DNS records using the host files on your virtual machines. This section describes how to get to the DNS zones.
 
 1. Install [chocolatey](https://chocolatey.org/install).
 1. Install ARMClient:
@@ -160,9 +160,9 @@ Update your device code to use the direct DPS endpoint.
 
 - Don't use private link subdomain URLs to connect your devices to IoT Central. Always use the DPS URL shown in your IoT Central application after you create the private endpoint.
 
-- Using Azure provided private DNS zones for DNS management. Avoid using your own DNS server because you would need to constantly update your DNS configuration to keep up as IoT Central autoscales its resources.
+- Use Azure provided private DNS zones for DNS management. Avoid using your own DNS server because you would need to constantly update your DNS configuration to keep up as IoT Central autoscales its resources.
 
-- If you create multiple private endpoints for same IoT Central resource, the DNS Zone may overwrite the FQDNs so you should add them again.
+- If you create multiple private endpoints for same IoT Central resource, the DNS Zone might overwrite the FQDNs so you should add them again.
 
 ## Limitations
 
@@ -226,9 +226,9 @@ If you find an FQDN that doesn't match its corresponding IP address, fix your cu
 DNS configuration can be overwritten if you create or delete multiple private endpoints for a single IoT Central application:
 
 - In the Azure portal, navigate to the private endpoint resource.
-- In the DNS section, make sure there are entries for all required resources:  IoT Hubs, Event Hubs, DPS and IoT Central FQDNs.
+- In the DNS section, make sure there are entries for all required resources:  IoT Hubs, Event Hubs, DPS, and IoT Central FQDNs.
 - Verify that the IPs (and IPs for other private endpoints using this DNS zone) are reflected in the A record of the DNS.
-- Remove any A records for IPs from older private endpoints that have already been deleted.
+- Remove any A records for IPs from older private endpoints that were previously deleted.
 
 ### Other troubleshooting tips