Merge pull request #176514 from dereklegenzoff/rbac-how-to

updating rbac signup instructions

Author: v-shils

articles/search/media/search-howto-aad/rbac-signup-afec.png

@@ -19,7 +19,7 @@ Preview features that transition to general availability are removed from this l
 |Feature                          | Category | Description | Availability  |
 |---------|------------------|-------------|---------------|
 | [**Search REST API 2021-04-30-Preview**](/rest/api/searchservice/index-preview) | Security | Modifies [Create or Update Data Source](/rest/api/searchservice/preview-api/create-or-update-data-source) to support managed identities under Azure Active Directory, for indexers that connect to external data sources. | Public preview, [Search REST API 2021-04-30-Preview](/rest/api/searchservice/index-preview) |
-| [**Azure RBAC support**](search-security-rbac.md) | Security | Use new built-in roles to control access to indexes and indexing, eliminating or reducing the dependency on API keys. | Public preview ([by request](https://aka.ms/azure-cognitive-search/rbac-preview)). After your subscription is on-boarded, use Azure portal or the Management REST API version 2021-04-01-Preview to configure a search service for data plane authentication. |
+| [**Azure RBAC support**](search-security-rbac.md) | Security | Use new built-in roles to control access to indexes and indexing, eliminating or reducing the dependency on API keys. | Public preview ([by request](/azure/search/search-security-rbac?tabs=config-svc-portal%2Croles-portal%2Ctest-portal#step-1-preview-sign-up)). After your subscription is on-boarded, use Azure portal or the Management REST API version 2021-04-01-Preview to configure a search service for data plane authentication. |
 | [**Management REST API 2021-04-01-Preview**](/rest/api/searchmanagement/) | Security | Modifies [Create or Update Service](/rest/api/searchmanagement/2021-04-01-preview/services/create-or-update) to support new [DataPlaneAuthOptions](/rest/api/searchmanagement/2021-04-01-preview/services/create-or-update#dataplaneauthoptions). | Public preview, [Management REST API ](/rest/api/searchmanagement/), API version 2021-04-01-Preview.|
 | [**Reset Documents**](search-howto-run-reset-indexers.md) | Indexer | Reprocesses individually selected search documents in indexer workloads. | Use the [Reset Documents REST API](/rest/api/searchservice/preview-api/reset-documents), API versions 2021-04-30-Preview or 2020-06-30-Preview. |
 |  [**Power Query connectors**](search-how-to-index-power-query-data-sources.md) | Indexer data source | Indexers can now index from other cloud platforms. If you are using an indexer to crawl external data sources for indexing, you can now use Power Query connectors to connect to Amazon Redshift, Elasticsearch, PostgreSQL, Salesforce Objects, Salesforce Reports, Smartsheet, and Snowflake. | [Sign up](https://aka.ms/azure-cognitive-search/indexer-preview) is required so that support can be enabled for your subscription on the backend. Configure this data source using [Create or Update Data Source](/rest/api/searchservice/preview-api/create-or-update-data-source), API versions 2021-04-30-Preview or 2020-06-30-Preview, or the Azure portal.|

articles/search/search-api-preview.md

@@ -25,11 +25,20 @@ As a first step, [create a search service](search-create-service-portal.md) and
 
 ### Sign up for the preview
 
-The parts of Azure Cognitive Search's RBAC capabilities required to use Azure AD for querying the search service are still in a gated preview. 
+The parts of Azure Cognitive Search's RBAC capabilities required to use Azure AD for querying the search service are still in preview. To use these capabilities, you'll need to add the preview feature to your Azure subscription.
 
-For enrollment into the preview, [fill out this form](https://aka.ms/azure-cognitive-search/rbac-preview).
+To add your subscription to the preview:
+
+1. Navigate to the **Subscriptions** page in the [Azure portal](https://portal.azure.com/).
+1. Select the subscription you want to use.
+1. On the left-hand side of the subscription page, select **Preview Features**.
+1. Use the search bar or filters to find and select **Role Based Access Control for Search Service (Preview)**
+1. Select **Register** to add the feature to your subscription.
+
+![sign up for rbac on afec](media/search-howto-aad/rbac-signup-afec.png)
+
+For more information on adding preview features, see [Set up preview features in Azure subscription](/azure/azure-resource-manager/management/preview-features?tabs=azure-portal).
 
-It may take a few business days to process your request. 
 
 ### Enable RBAC for data plane operations
 
@@ -38,7 +47,7 @@ Once your subscription is onboarded to the preview, you'll still need to enable
 To enable role-based access control:
 
 1. Navigate to the Azure portal with this preview link: [https://ms.portal.azure.com/?feature.enableRbac=true](https://ms.portal.azure.com/?feature.enableRbac=true). 
-1. On the left navigation pane, select **Keys**
+1. On the left navigation pane, select **Keys**.
 1. Determine if you'd like to allow both key-based and role-based access control, or only role-based access control.
 
 ![authentication options for azure cognitive search in the portal](media/search-howto-aad/portal-api-access-control.png)
@@ -65,7 +74,7 @@ At this point, you've created your Azure AD application and service principal. M
 
 The application will also need a client secret or certificate to prove its identity when requesting a token. In this document, we'll show how to use a client secret.
 
-1. Navigate to the app registration you just created
+1. Navigate to the app registration you just created.
 1. Select **Certificates and secrets**.
 1. Under **Client secrets**, click **New client secret**.
 1. Provide a description of the secret and select the desired expiration interval.
@@ -87,7 +96,7 @@ To assign a role to your app registration:
 1. On the right side under **Grant access to this resource**, select **Add role assignment**.
 1. Select the role you'd like to use and then click **Next**.
 1. On the next page, click **Select members** and find the application you created previously. 
-1. Finally, click **Review + assign**
+1. Finally, click **Review + assign**.
 
 ![Add role assignment in the azure portal](media/search-howto-aad/role-assignment.png)
 

articles/search/search-howto-aad.md

@@ -17,10 +17,10 @@ Azure provides a global [role-based access control (RBAC) authorization system](
 
 + Use generally available roles for service administration.
 
-+ Use new preview roles for content management (creating and managing indexes and other top-level objects), [**available by request**](https://aka.ms/azure-cognitive-search/rbac-preview).
++ Use new preview roles for content management (creating and managing indexes and other top-level objects), [**available in preview**](#step-1-preview-sign-up).
 
 > [!NOTE]
-> Search Service Contributor is a "generally available" role that has "preview" capabilities. It's the only role that supports a true hybrid of service and content management tasks, allowing all operations on a given search service. To get the preview capabilities of content management on this role, [**sign up for the preview**](https://aka.ms/azure-cognitive-search/rbac-preview).
+> Search Service Contributor is a "generally available" role that has "preview" capabilities. It's the only role that supports a true hybrid of service and content management tasks, allowing all operations on a given search service. To get the preview capabilities of content management on this role, [**sign up for the preview**](#step-1-preview-sign-up).
 
 A few RBAC scenarios are **not** supported, or not covered in this article:
 
@@ -58,11 +58,18 @@ Skip this step if you are using generally available roles (Owner, Contributor, R
 
 New built-in preview roles provide a granular set of permissions over content on the search service. Although built-in roles are always visible in the Azure portal, service enrollment is required to make them operational.
 
-For enrollment into the preview program:
+To add your subscription to the preview:
 
-+ [Fill out this form](https://aka.ms/azure-cognitive-search/rbac-preview)
+1. Navigate to the **Subscriptions** page in the [Azure portal](https://portal.azure.com/).
+1. Select the subscription you want to use.
+1. On the left-hand side of the subscription page, select **Preview Features**.
+1. Use the search bar or filters to find and select **Role Based Access Control for Search Service (Preview)**
+1. Select **Register** to add the feature to your subscription.
+
+![sign up for rbac on afec](media/search-howto-aad/rbac-signup-afec.png)
+
+For more information on adding preview features, see [Set up preview features in Azure subscription](/azure/azure-resource-manager/management/preview-features?tabs=azure-portal).
 
-It can take up to two business days to process enrollment requests. You'll receive an email when your service is ready.
 
 ## Step 2: Preview configuration
 

articles/search/search-security-rbac.md

@@ -19,7 +19,7 @@ Learn what's new in the service. Bookmark this page to keep up to date with the
 |Feature                          |  Description | Availability  |
 |------------------------------------|--------------|---------------|
 | [Search REST API 2021-04-30-Preview](/rest/api/searchservice/index-preview) | Adds REST API support for indexer connections made using [managed identities](search-howto-managed-identities-data-sources.md) and Azure Active Directory (Azure AD) authentication. | Public preview |
-| [Role-based authorization (preview)](search-security-rbac.md) | Authenticate using Azure Active Directory and new built-in roles for data plane access to indexes and indexing, eliminating or reducing the dependency on API keys. | Public preview ([by request](https://aka.ms/azure-cognitive-search/rbac-preview)). After your subscription is on-boarded, use Azure portal or the Management REST API version 2021-04-01-Preview to configure a search service for data plane authentication.|
+| [Role-based authorization (preview)](search-security-rbac.md) | Authenticate using Azure Active Directory and new built-in roles for data plane access to indexes and indexing, eliminating or reducing the dependency on API keys. | Public preview ([by request](/azure/search/search-security-rbac?tabs=config-svc-portal%2Croles-portal%2Ctest-portal#step-1-preview-sign-up)). After your subscription is on-boarded, use Azure portal or the Management REST API version 2021-04-01-Preview to configure a search service for data plane authentication.|
 | [Management REST API 2021-04-01-Preview](/rest/api/searchmanagement/) | Modifies [Create or Update Service](/rest/api/searchmanagement/2021-04-01-preview/services/create-or-update) to support new [DataPlaneAuthOptions](/rest/api/searchmanagement/2021-04-01-preview/services/create-or-update#dataplaneauthoptions). | Public preview |
 
 ## May 2021