Merge pull request #291760 from spelluru/relayfreshness1210

Azure Relay: Freshness review of the first set of articles

Author: denrea

articles/azure-relay/authenticate-application.md

@@ -2,7 +2,7 @@
 title: Authenticate from an application - Azure Relay 
 description: This article provides information about authenticating an application with Microsoft Entra ID to access Azure Relay resources. 
 ms.topic: article
-ms.date: 08/10/2023
+ms.date: 12/10/2024
 ---
 
 # Authenticate and authorize an application with Microsoft Entra ID to access Azure Relay entities 
@@ -111,7 +111,7 @@ Here's the code from the sample that shows how to use Microsoft Entra authentica
     - [Add or remove Azure role assignments using the REST API](../role-based-access-control/role-assignments-rest.md)
     - [Add or remove Azure role assignments using Azure Resource Manager Templates](../role-based-access-control/role-assignments-template.md)
 
-To learn more about Azure Relay, see the following topics.
+To learn more about Azure Relay, see the following articles.
 - [What is Relay?](relay-what-is-it.md)
 - [Get started with Azure Relay Hybrid connections WebSockets](relay-hybrid-connections-dotnet-get-started.md)
 - [Get stated with Azure Relay Hybrid connections HTTP requests](relay-hybrid-connections-http-requests-dotnet-get-started.md)

articles/azure-relay/includes/relay-create-namespace-portal.md

@@ -2,7 +2,7 @@
 author: spelluru
 ms.service: azure-relay
 ms.topic: include
-ms.date: 01/04/2024
+ms.date: 12/04/2024
 ms.author: spelluru
 ---
 1. Sign in to the [Azure portal].
@@ -24,7 +24,7 @@ ms.author: spelluru
 
 ### Get management credentials
 
-1. On the **Relay** page, select **Shared access policies** on the left menu.  `
+1. On the **Relay** page, select **Shared access policies** on the left menu.
 1. On the **Shared access policies** page, select **RootManageSharedAccessKey**.
 1. Under **SAS Policy: RootManageSharedAccessKey**, select the **Copy** button next to **Primary Connection String**. This action copies the connection string to your clipboard for later use. Paste this value into Notepad or some other temporary location.
 1. Repeat the preceding step to copy and paste the value of **Primary key** to a temporary location for later use.  

articles/azure-relay/includes/relay-hybrid-connections-dotnet-get-started-client.md

@@ -2,7 +2,7 @@
 author: clemensv
 ms.service: azure-relay
 ms.topic: include
-ms.date: 08/10/2023
+ms.date: 12/10/2024
 ms.author: samurp
 ---
 ### Create a console application

articles/azure-relay/includes/relay-hybrid-connections-dotnet-get-started-server.md

@@ -2,7 +2,7 @@
 author: clemensv
 ms.service: azure-relay
 ms.topic: include
-ms.date: 01/04/2024
+ms.date: 12/10/2024
 ms.author: samurp
 ---
 

articles/azure-relay/index.yml

@@ -10,7 +10,7 @@ metadata:
   ms.topic: landing-page
   author: spelluru
   ms.author: spelluru
-  ms.date: 08/10/2023
+  ms.date: 12/10/2024
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
 

articles/azure-relay/ip-firewall-virtual-networks.md

@@ -1,8 +1,9 @@
 ---
 title: Configure IP firewall for Azure Relay namespace
 description: This article describes how to Use firewall rules to allow connections from specific IP addresses to Azure Relay namespaces. 
-ms.topic: article
-ms.date: 02/15/2023
+ms.topic: how-to
+ms.date: 12/10/2024
+# Customer intent: As an Azure Relay user, I want to know how to restrict access to an Azure Relay namespace to certain IP addresses or ranges. 
 ---
 
 # Configure IP firewall for an Azure Relay namespace
@@ -12,7 +13,7 @@ This feature is helpful in scenarios in which Azure Relay should be only accessi
 
 
 ## Enable IP firewall rules
-The IP firewall rules are applied at the namespace level. Therefore, the rules apply to all connections from clients using any supported protocol. Any connection attempt from an IP address that does not match an allowed IP rule on the namespace is rejected as unauthorized. The response does not mention the IP rule. IP filter rules are applied in order, and the first rule that matches the IP address determines the accept or reject action.
+The IP firewall rules are applied at the namespace level. Therefore, the rules apply to all connections from clients using any supported protocol. Any connection attempt from an IP address that doesn't match an allowed IP rule on the namespace is rejected as unauthorized. The response doesn't mention the IP rule. IP filter rules are applied in order, and the first rule that matches the IP address determines the accept or reject action.
 
 ### Use Azure portal
 This section shows you how to use the Azure portal to create IP firewall rules for a namespace. 
@@ -123,7 +124,7 @@ To deploy the template, follow the instructions for [Azure Resource Manager](../
 
 [!INCLUDE [trusted-services](./includes/trusted-services.md)]
 
-## Next steps
+## Related content
 To learn about other network security-related features, see [Network security](network-security.md).
 
 

articles/azure-relay/move-across-regions.md

@@ -2,15 +2,16 @@
 title: Move an Azure Relay namespace to another region
 description: This article shows you how to move an Azure Relay namespace from the current region to another region. 
 ms.topic: how-to
-ms.date: 08/10/2023
+ms.date: 12/10/2024
 ms.custom: subject-moving-resources
+# Customer intent: As an Azure Relay user, I want to know how to move a Relay namespace from one region to another region. 
 ---
 
 # Move an Azure Relay namespace to another region
 This article shows you how to move an Azure Relay namespace from one region to another region. Here are the high-level steps:
 
 1. **Export** the Relay namespace to an Azure Resource Manager template.
-1. **Update location (region)** for resources in the template. Also, delete any **dynamic** WCF relays from the template. 
+1. **Update location (region)** for resources in the template. Also, delete any **dynamic** Windows Communication Foundation (WCF) relays from the template. 
 
     WCF relays have two modes. In the first mode, the WCF relay is  explicitly created using the Azure portal or Azure Resource Manager template. On the **WCF Relays** page of the Azure portal, you see the **isDynamic** property set to **false** for a relay in this mode. 
 
@@ -88,7 +89,7 @@ To delete an Azure Relay namespace (source or target) by using the Azure portal:
     ![Delete namespace - button](./media/move-across-regions/delete-namespace-button.png)
 3. On the **Delete Namespace** page, type the name of the Azure Relay namespace to confirm the deletion, and then select **Delete**. 
 
-## Next steps
+## Related content
 In this tutorial, you moved an Azure Relay namespace from one region to another region. To learn more about moving resources between regions and disaster recovery in Azure, refer to:
 
 - [Move resources to a new resource group or subscription](../azure-resource-manager/management/move-resource-group-and-subscription.md)

articles/azure-relay/network-security.md

@@ -1,8 +1,9 @@
 ---
 title: Network security for Azure Relay
-description: This article describes how to use IP firewall rules and private endpoints with Azure Relay.
-ms.topic: conceptual
-ms.date: 08/10/2023
+description: This article describes how to use security features - IP firewall rules and private endpoints - supported by Azure Relay.
+ms.topic: concept-article
+ms.date: 12/10/2024
+# Customer intent: As an Azure Relay user, I want to know what security features are available in Azure Relay. 
 ---
 
 # Network security for Azure Relay 
@@ -28,12 +29,12 @@ For more information, see [How to configure IP firewall for a Relay namespace](i
 
 Azure **Private Link Service** enables you to access Azure services (for example, Azure Relay, Azure Service Bus, Azure Event Hubs, Azure Storage, and Azure Cosmos DB) and Azure hosted customer/partner services over a private endpoint in your virtual network. For more information, see [What is Azure Private Link?](../private-link/private-link-overview.md)
 
-A **private endpoint** is a network interface that allows your workloads running in a virtual network to connect privately and securely to a service that has a **private link resource** (for example, a Relay namespace). The private endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute, VPN connections, or public IP addresses are needed. Traffic between your virtual network and the service traverses over the Microsoft backbone network eliminating exposure from the public Internet. You can provide a level of granularity in access control by allowing connections to specific Azure Relay namespaces.
+A **private endpoint** is a network interface that allows your workloads running in a virtual network to connect privately and securely to a service that has a **private link resource** (for example, a Relay namespace). The private endpoint uses a private IP address from your virtual network, effectively bringing the service into your virtual network. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute, VPN connections, or public IP addresses are needed. Traffic between your virtual network and the service traverses over the Microsoft backbone network eliminating exposure from the public Internet. You can provide a level of granularity in access control by allowing connections to specific Azure Relay namespaces.
 
 For more information, see [How to configure private endpoints](private-link-service.md)
 
 
-## Next steps
+## Related content
 See the following articles:
 
 - [How to configure IP firewall](ip-firewall-virtual-networks.md)

articles/azure-relay/private-link-service.md

@@ -1,29 +1,29 @@
 ---
 title: Integrate Azure Relay with Azure Private Link Service
-description: Learn how to integrate Azure Relay with Azure Private Link Service
-ms.date: 02/15/2023
-ms.topic: article 
+description: This article describes how to integrate Azure Relay with Azure Private Link Service to secure access to Azure Relay resources only from a private network.
+ms.date: 12/10/2024
+ms.topic: how-to
 ms.custom: devx-track-azurepowershell
+# Customer intent: As an Azure Relay user, I want to learn how to integrate Azure Relay with Azure Private Link service. 
 ---
 
 # Integrate Azure Relay with Azure Private Link 
 Azure **Private Link Service** enables you to access Azure services (for example, Azure Relay, Azure Service Bus, Azure Event Hubs, Azure Storage, and Azure Cosmos DB) and Azure hosted customer/partner services over a private endpoint in your virtual network. For more information, see [What is Azure Private Link?](../private-link/private-link-overview.md)
 
-A **private endpoint** is a network interface that allows your workloads running in a virtual network to connect privately and securely to a service that has a **private link resource** (for example, a Relay namespace). The private endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute, VPN connections, or public IP addresses are needed. Traffic between your virtual network and the service traverses over the Microsoft backbone network, eliminating exposure from the public Internet. You can provide a level of granularity in access control by allowing connections to specific Azure Relay namespaces. 
+A **private endpoint** is a network interface that allows your workloads running in a virtual network to connect privately and securely to a service that has a **private link resource** (for example, a Relay namespace). The private endpoint uses a private IP address from your virtual network, effectively bringing the service into your virtual network. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute, VPN connections, or public IP addresses are needed. Traffic between your virtual network and the service traverses over the Microsoft backbone network, eliminating exposure from the public Internet. You can provide a level of granularity in access control by allowing connections to specific Azure Relay namespaces. 
 
 > [!NOTE]
 > If you use the **relay listener** over a private link, open ports **9400-9599** for outgoing communication along with the standard relay ports. Note that you need to do this step only for the **relay listener**.
 
-## Add a private endpoint using Azure portal
-
-### Prerequisites
+## Prerequisites
 To integrate an Azure Relay namespace with Azure Private Link, you need the following entities or permissions:
 
 - An Azure Relay namespace.
 - An Azure virtual network.
 - A subnet in the virtual network.
 - Owner or contributor permissions on the virtual network.
 
+## Add a private endpoint using Azure portal
 Your private endpoint and virtual network must be in the same region. When you select a region for the private endpoint using the portal, it will automatically filter only virtual networks that are in that region. Your namespace can be in a different region.
 
 Your private endpoint uses a private IP address in your virtual network.
@@ -151,7 +151,7 @@ There are four provisioning states:
 | None | Pending | Connection is created manually and is pending approval from the Azure Relay namespace owner. |
 | Approve | Approved | Connection was automatically or manually approved and is ready to be used. |
 | Reject | Rejected | Connection was rejected by the Azure Relay namespace owner. |
-| Remove | Disconnected | Connection was removed by the Azure Relay namespace owner, the private endpoint becomes informative and should be deleted for cleanup. |
+| Remove | Disconnected | Connection was removed by the Azure Relay namespace owner. The private endpoint becomes informative and should be deleted for cleanup. |
 
 ###  Approve, reject, or remove a private endpoint connection
 
@@ -233,7 +233,7 @@ Aliases:  <namespace-name>.servicebus.windows.net
 
 [!INCLUDE [trusted-services](./includes/trusted-services.md)]
 
-## Next Steps
+## Related content
 
 - Learn more about [Azure Private Link](../private-link/private-link-service-overview.md)
 - Learn more about [Azure Relay](relay-what-is-it.md)

articles/azure-relay/relay-api-overview.md

@@ -3,7 +3,7 @@ title: Azure Relay API overview | Microsoft Docs
 description: This article provides an overview of available Azure Relay APIs (.NET Standard, .NET Framework, Node.js, etc.)
 ms.topic: article
 ms.custom: devx-track-dotnet
-ms.date: 08/10/2023
+ms.date: 12/10/2024
 ---
 
 # Available Relay APIs
@@ -17,7 +17,7 @@ The [additional information](#additional-information) section contains more info
 | Language/Platform | Available feature | Client package | Repository |
 | --- | --- | --- | --- |
 | .NET Standard | Hybrid Connections | [Microsoft.Azure.Relay](https://www.nuget.org/packages/Microsoft.Azure.Relay/) | [GitHub](https://github.com/azure/azure-relay-dotnet) |
-| .NET Framework | WCF Relay | [WindowsAzure.ServiceBus](https://www.nuget.org/packages/WindowsAzure.ServiceBus/) | N/A |
+| .NET Framework | Windows Communication Foundation (WCF) Relay | [WindowsAzure.ServiceBus](https://www.nuget.org/packages/WindowsAzure.ServiceBus/) | N/A |
 | Node | Hybrid Connections | [WebSockets: `hyco-ws`](https://www.npmjs.com/package/hyco-ws)<br/>[WebSockets: `hyco-websocket`](https://www.npmjs.com/package/hyco-websocket)<br/>[HTTP Requests: `hyco-https`](https://www.npmjs.com/package/hyco-https) | [GitHub](https://github.com/Azure/azure-relay-node) |
 
 ### Additional information