Fixing some link references

normesta · normesta · commit cda39cb1f349 · 2025-06-30T12:49:22.000-07:00
diff --git a/articles/api-management/api-management-howto-use-managed-service-identity.md b/articles/api-management/api-management-howto-use-managed-service-identity.md
@@ -317,7 +317,7 @@ API Management is a trusted Microsoft service to the following resources. This t
 
 
 - [Trusted access for Key Vault](/azure/key-vault/general/overview-vnet-service-endpoints#trusted-services)
-- [Trusted access for Azure Storage](../storage/common/storage-network-security.md?tabs=azure-portal#trusted-access-based-on-system-assigned-managed-identity)
+- [Trusted access for Azure Storage](../storage/common/storage-network-security-trusted-azure-services.md?tabs=azure-portal#trusted-access-based-on-system-assigned-managed-identity)
 - [Trusted access for Azure Services Bus](../service-bus-messaging/service-bus-ip-filtering.md#trusted-microsoft-services)
 - [Trusted access for Azure Event Hubs](../event-hubs/event-hubs-ip-filtering.md#trusted-microsoft-services)
 
diff --git a/articles/cost-management-billing/costs/tutorial-improved-exports.md b/articles/cost-management-billing/costs/tutorial-improved-exports.md
@@ -60,7 +60,7 @@ For Azure Storage accounts:
     
     - `Microsoft.Authorization/permissions/read`
     
-  When you configure the firewall, ensure that [Allow trusted Azure service access](../../storage/common/storage-network-security.md#grant-access-to-trusted-azure-services) is enabled on the storage account. If you want to use the [Exports REST API](/rest/api/cost-management/exports) to write to a storage account behind a firewall, use API version __2023-08-01__ or later. All newer API versions continue to support exports behind firewalls.
+  When you configure the firewall, ensure that [Allow trusted Azure service access](../../storage/common/storage-network-security-trusted-azure-services.md#grant-access-to-trusted-azure-services) is enabled on the storage account. If you want to use the [Exports REST API](/rest/api/cost-management/exports) to write to a storage account behind a firewall, use API version __2023-08-01__ or later. All newer API versions continue to support exports behind firewalls.
   
   A __system-assigned managed identity__ is created for a new export if the user has `Microsoft.Authorization/roleAssignments/write` permissions on the storage account. This setup ensures that the export will continue to work if you enable a firewall in the future. After the export is created or updated, the user no longer needs the __Owner__ role for routine operations.
   
@@ -155,7 +155,7 @@ A system-assigned managed identity is created for a new job export when created
 > - When a user updates destination details or deletes an export, the *StorageBlobDataContributor* role assigned to the managed identity is automatically removed. To enable the system to remove the role assignment, the user must have `microsoft.Authorization/roleAssignments/delete` permissions. If the permissions aren't available, the user needs to manually remove the role assignment on the managed identity.
 > - Currently, firewalls are supported for storage accounts in the same tenant. However, firewalls on storage accounts aren't supported for cross-tenant exports.
 
-Add exports to the list of trusted services. For more information, see [Trusted access based on a managed identity](../../storage/common/storage-network-security.md#trusted-access-based-on-a-managed-identity).
+Add exports to the list of trusted services. For more information, see [Trusted access based on a managed identity](../../storage/common/storage-network-security-trusted-azure-services.md#trusted-access-based-on-a-managed-identity).
 
 ## Manage exports
 
diff --git a/articles/data-factory/data-access-strategies.md b/articles/data-factory/data-access-strategies.md
@@ -95,5 +95,5 @@ For more information about supported network security mechanisms on data stores
 For more information, see the following related articles:
 * [Supported data stores](./copy-activity-overview.md#supported-data-stores-and-formats)
 * [Azure Key Vault ‘Trusted Services’](/azure/key-vault/general/overview-vnet-service-endpoints#trusted-services)
-* [Azure Storage ‘Trusted Microsoft Services’](../storage/common/storage-network-security.md#trusted-microsoft-services)
+* [Azure Storage ‘Trusted Microsoft Services’](../storage/common/storage-network-security-trusted-azure-services.md#trusted-microsoft-services)
 * [Managed identity for Data Factory](./data-factory-service-identity.md)
diff --git a/articles/data-share/security.md b/articles/data-share/security.md
@@ -26,7 +26,7 @@ Once a share is created or received, users with proper permission to the Data Sh
 
 ## Share data from or to data stores with firewall enabled
 
-To share data from or to storage accounts with firewall turned on, you need to enable **Allow trusted Microsoft services** in your storage account. See [Configure Azure Storage firewalls and virtual networks](../storage/common/storage-network-security.md#trusted-microsoft-services) for details.
+To share data from or to storage accounts with firewall turned on, you need to enable **Allow trusted Microsoft services** in your storage account. See [Configure Azure Storage firewalls and virtual networks](../storage/common/storage-network-security-trusted-azure-services.md#trusted-microsoft-services) for details.
 
 ## Related content
 
diff --git a/includes/storage-account-key-note-include.md b/includes/storage-account-key-note-include.md
@@ -19,4 +19,4 @@ Storage account access keys provide full access to the storage account data and
 >
 > To protect an Azure Storage account with Microsoft Entra Conditional Access policies, you must disallow Shared Key authorization for the storage account.
 > 
-> If you have disabled shared key access and you are seeing Shared Key authorization reported in the diagnostic logs, this indicates that trusted access is being used to access storage. For more details, see [Trusted access for resources registered in your Microsoft Entra tenant](../articles/storage/common/storage-network-security.md#trusted-access-for-resources-registered-in-your-microsoft-entra-tenant).
+> If you have disabled shared key access and you are seeing Shared Key authorization reported in the diagnostic logs, this indicates that trusted access is being used to access storage. For more details, see [Trusted access for resources registered in your Microsoft Entra tenant](../articles/storage/common/storage-network-security-trusted-azure-services.md#trusted-access-for-resources-registered-in-your-microsoft-entra-tenant).

Original file line number	Diff line number	Diff line change
`@@ -19,4 +19,4 @@ Storage account access keys provide full access to the storage account data and`
`19`	`19`	`>`
`20`	`20`	`> To protect an Azure Storage account with Microsoft Entra Conditional Access policies, you must disallow Shared Key authorization for the storage account.`
`21`	`21`	`>`
`22`		`-> If you have disabled shared key access and you are seeing Shared Key authorization reported in the diagnostic logs, this indicates that trusted access is being used to access storage. For more details, see [Trusted access for resources registered in your Microsoft Entra tenant](../articles/storage/common/storage-network-security.md#trusted-access-for-resources-registered-in-your-microsoft-entra-tenant).`
	`22`	`+> If you have disabled shared key access and you are seeing Shared Key authorization reported in the diagnostic logs, this indicates that trusted access is being used to access storage. For more details, see [Trusted access for resources registered in your Microsoft Entra tenant](../articles/storage/common/storage-network-security-trusted-azure-services.md#trusted-access-for-resources-registered-in-your-microsoft-entra-tenant).`