Merge pull request #3 from MicrosoftDocs/master

Merging upstream changes

Author: rrishabhjn

articles/azure-arc/data/toc.yml

@@ -112,7 +112,7 @@
           href: supported-versions-postgres-hyperscale.md
         - name: Create Postgres Hyperscale server group (CLI)
           href: create-postgresql-hyperscale-server-group.md
-        - name: Crate Postgres Hyperscale server group (portal)
+        - name: Create Postgres Hyperscale server group (portal)
           href: create-postgresql-hyperscale-server-group-azure-portal.md
         - name: Create Postgres Hyperscale server group (Azure Data Studio)
           href: create-postgresql-hyperscale-server-group-azure-data-studio.md

articles/backup/backup-azure-delete-vault.md

@@ -172,7 +172,7 @@ To stop protection and delete backup data, do the following steps:
        >[!NOTE]
        >The PIN is valid for only five minutes.
     1. In the management console, paste the PIN, and then select **Submit**.
-       ![Enter Security PIN](./media/backup-azure-delete-vault/enter-security-pin.png)
+       ![Enter security PIN to delete backup items from the MABS and DPM management console](./media/backup-azure-delete-vault/enter-security-pin.png)
 
 4. If you had selected **Delete storage online** in the **Stop Protection** dialog box earlier, ignore this step. Right-click the inactive protection group and select **Remove inactive protection**.
 
@@ -198,7 +198,7 @@ To stop protection and delete backup data, do the following steps:
        >[!NOTE]
        >The PIN is valid for only five minutes.
     1. In the management console, paste the PIN, and then select **Submit**.
-       ![Enter Security PIN](./media/backup-azure-delete-vault/enter-security-pin.png)
+       ![Enter security PIN to delete backup items from the MABS and DPM management console](./media/backup-azure-delete-vault/enter-security-pin.png)
 
      The protected member status changes to *Inactive replica available*.
 

articles/backup/backup-azure-vm-backup-faq.yml

@@ -3,7 +3,7 @@ metadata:
   title: FAQ - Backing up Azure VMs
   description: In this article, discover answers to common questions about backing up Azure VMs with the Azure Backup service.
   ms.topic: conceptual
-  ms.date: 01/26/2021
+  ms.date: 04/30/2021
 
 title: Frequently asked questions-Back up Azure VMs
 summary: |
@@ -212,4 +212,6 @@ sections:
           One way to view the retention settings for your backups, is to navigate to the backup item [dashboard](./backup-azure-manage-vms.md#view-vms-on-the-dashboard) for your VM, in the Azure portal. Selecting the link to its backup policy helps you view the retention duration of all the daily, weekly, monthly and yearly retention points associated with the VM.
           
           You can also use [Backup Explorer](./monitor-azure-backup-with-backup-explorer.md) to view the retention settings for all your VMs within a single pane of glass. Navigate to Backup Explorer from any Recovery Services vault, go to the **Backup Items** tab and select the Advanced View to see detailed retention information for each VM.
+      - question: When the snapshot is moved from a storage account to a vault, how is encryption in the transit managed?
+        answer: Azure VM Backup uses [HTTPS communication for encryption in transit](guidance-best-practices.md#encryption-of-data-in-transit-and-at-rest). The data transfer uses Azure fabric (and not public endpoints), which do not need Internet access for VM backup.
 

articles/dns/dns-import-export.md

@@ -1,64 +1,64 @@
 ---
 title: Import and export a domain zone file - Azure CLI
 titleSuffix: Azure DNS
-description: Learn how to import and export a DNS zone file to Azure DNS by using Azure CLI 
+description: Learn how to import and export a DNS (Domain Name System) zone file to Azure DNS by using Azure CLI 
 services: dns
 author: rohinkoul
 ms.service: dns
-ms.date: 7/30/2020
+ms.date: 04/29/2021
 ms.author: rohink
 ms.topic: how-to
 ---
 
 # Import and export a DNS zone file using the Azure CLI
 
-This article walks you through how to import and export DNS zone files for Azure DNS using the Azure CLI.
+In this article, you'll learn how to  import and export a DNS zone file in Azure DNS using Azure CLI.
 
 ## Introduction to DNS zone migration
 
-A DNS zone file is a text file that contains details of every Domain Name System (DNS) record in the zone. It follows a standard format, making it suitable for transferring DNS records between DNS systems. Using a zone file is a quick, reliable, and convenient way to transfer a DNS zone into or out of Azure DNS.
+A DNS zone file is a text file containing information about every Domain Name System (DNS) record in the zone. It follows a standard format, making it suitable for transferring DNS records between DNS systems. Using a zone file is a fast and convenient way to import DNS zones into Azure DNS. You can also export a zone file from Azure DNS to use with other DNS systems.
 
-Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI). Zone file import is **not** currently supported via Azure PowerShell or the Azure portal.
+Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI). Zone file import is currently **not** supported with Azure PowerShell or the Azure portal.
 
-The Azure CLI is a cross-platform command-line tool used for managing Azure services. It is available for the Windows, Mac, and Linux platforms from the [Azure downloads page](https://azure.microsoft.com/downloads/). Cross-platform support is important for importing and exporting zone files, because the most common name server software, [BIND](https://www.isc.org/downloads/bind/), typically runs on Linux.
+Azure CLI is a cross-platform command-line tool used for managing Azure services. It's available for Windows, Mac, and Linux from the [Azure downloads page](https://azure.microsoft.com/downloads/).
 
 ## Obtain your existing DNS zone file
 
 Before you import a DNS zone file into Azure DNS, you need to obtain a copy of the zone file. The source of this file depends on where the DNS zone is currently hosted.
 
-* If your DNS zone is hosted by a partner service (such as a domain registrar, dedicated DNS hosting provider, or alternative cloud provider), that service should provide the ability to download the DNS zone file.
-* If your DNS zone is hosted on Windows DNS, the default folder for the zone files is **%systemroot%\system32\dns**. The full path to each zone file also shows on the **General** tab of the DNS console.
-* If your DNS zone is hosted by using BIND, the location of the zone file for each zone is specified in the BIND configuration file **named.conf**.
+* If your DNS zone is currently hosted by a partner service, they'll have a way for you to download the DNS zone file. Partner services include domain registrar, dedicated DNS hosting provider, or an alternative cloud provider.
+* If your DNS zone is hosted on Windows DNS, the default folder for the zone files is **%systemroot%\system32\dns**. The full path to each zone file is also shown on the **General** tab of the DNS console.
+* If your DNS zone is hosted using BIND, the location of the zone file for each zone gets specified in the BIND configuration file **named.conf**.
 
 ## Import a DNS zone file into Azure DNS
 
-Importing a zone file creates a new zone in Azure DNS if one does not already exist. If the zone already exists, the record sets in the zone file must be merged with the existing record sets.
+Importing a zone file creates a new zone in Azure DNS if the zone doesn't already exist. If the zone exist, then the record sets in the zone file will be merged with the existing record sets.
 
 ### Merge behavior
 
-* By default, existing and new record sets are merged. Identical records within a merged record set are de-duplicated.
-* When record sets are merged, the time to live (TTL) of preexisting record sets is used.
-* Start of Authority (SOA) parameters (except `host`) are always taken from the imported zone file. Similarly, for the name server record set at the zone apex, the TTL is always taken from the imported zone file.
-* An imported CNAME record does not replace an existing CNAME record with the same name.  
-* When a conflict arises between a CNAME record and another record of the same name but different type (regardless of which is existing or new), the existing record is retained. 
+* By default, the new record sets get merged with the existing record sets. Identical records within a merged record set aren't duplicated.
+* When record sets are merged, the time to live (TTL) of pre-existing record sets is used.
+* Start of Authority (SOA) parameters, except `host` are always taken from the imported zone file. The name server record set at the zone apex will also always use the TTL taken from the imported zone file.
+* An imported CNAME record doesn't replace an existing CNAME record with the same name.  
+* When a conflict happens between a CNAME record and another record with the same name of different type, the existing record gets used.
 
 ### Additional information about importing
 
-The following notes provide additional technical details about the zone import process.
+The following notes provide more technical details about the zone import process.
 
-* The `$TTL` directive is optional, and it is supported. When no `$TTL` directive is given, records without an explicit TTL are imported set to a default TTL of 3600 seconds. When two records in the same record set specify different TTLs, the lower value is used.
-* The `$ORIGIN` directive is optional, and it is supported. When no `$ORIGIN` is set, the default value used is the zone name as specified on the command line (plus the terminating ".").
-* The `$INCLUDE` and `$GENERATE` directives are not supported.
+* The `$TTL` directive is optional, and is supported. When no `$TTL` directive is given, records without an explicit TTL are imported set to a default TTL of 3600 seconds. When two records in the same record set specify different TTLs, the lower value is used.
+* The `$ORIGIN` directive is optional, and is supported. When no `$ORIGIN` is set, the default value used is the zone name as specified on the command line including the ending ".".
+* The `$INCLUDE` and `$GENERATE` directives aren't supported.
 * These record types are supported: A, AAAA, CAA, CNAME, MX, NS, SOA, SRV, and TXT.
-* The SOA record is created automatically by Azure DNS when a zone is created. When you import a zone file, all SOA parameters are taken from the zone file *except* the `host` parameter. This parameter uses the value provided by Azure DNS. This is because this parameter must refer to the primary name server provided by Azure DNS.
+* The SOA record is created automatically by Azure DNS when a zone is created. When you import a zone file, all SOA parameters are taken from the zone file *except* the `host` parameter. This parameter uses the value provided by Azure DNS because it needs to refer to the primary name server provided by Azure DNS.
 * The name server record set at the zone apex is also created automatically by Azure DNS when the zone is created. Only the TTL of this record set is imported. These records contain the name server names provided by Azure DNS. The record data is not overwritten by the values contained in the imported zone file.
-* During Public Preview, Azure DNS supports only single-string TXT records. Multistring TXT records are be concatenated and truncated to 255 characters.
+* During Public Preview, Azure DNS supports only single-string TXT records. Multistring TXT records are to be concatenated and truncated to 255 characters.
 
 ### CLI format and values
 
 The format of the Azure CLI command to import a DNS zone is:
 
-```azurecli
+```azurecli-interactive-interactive
 az network dns zone import -g <resource group> -n <zone name> -f <zone file name>
 ```
 
@@ -68,38 +68,40 @@ Values:
 * `<zone name>` is the name of the zone.
 * `<zone file name>` is the path/name of the zone file to be imported.
 
-If a zone with this name does not exist in the resource group, it is created for you. If the zone already exists, the imported record sets are merged with existing record sets. 
+If a zone with this name doesn't already exist in the resource group, one will be created for you. For an existing zone, the imported record sets will get merged with existing record sets. 
 
-### Step 1. Import a zone file
+### Import a zone file
 
 To import a zone file for the zone **contoso.com**.
 
-1. If you don't have one already, you need to create a Resource Manager resource group.
+1. Create a resource group if you don't have one.
 
-    ```azurecli
+    ```azurecli-interactive
     az group create --resource-group myresourcegroup -l westeurope
     ```
 
-2. To import the zone **contoso.com** from the file **contoso.com.txt** into a new DNS zone in the resource group **myresourcegroup**, you will run the command `az network dns zone import`.<BR>This command loads the zone file and parses it. The command executes a series of commands on the Azure DNS service to create the zone and all the record sets in the zone. The command reports progress in the console window, along with any errors or warnings. Because record sets are created in series, it may take a few minutes to import a large zone file.
+1. To import the zone **contoso.com** from the file **contoso.com.txt** into a new DNS zone in the resource group **myresourcegroup**, you'll run the command `az network dns zone import`.
 
-    ```azurecli
+    This command loads the zone file and parses it. The command executes a series of operations on the Azure DNS service to create the zone and all the record sets in the zone. The command will report the progress in the console window along with any errors or warnings. Since record sets are created in series, it may take a few minutes to import a large zone file.
+
+    ```azurecli-interactive
     az network dns zone import -g myresourcegroup -n contoso.com -f contoso.com.txt
     ```
 
-### Step 2. Verify the zone
+### Verify the zone
 
-To verify the DNS zone after you import the file, you can use any one of the following methods:
+You can use any one of the following methods to verify the DNS zone after you've imported the file:
 
-* You can list the records by using the following Azure CLI command:
+* To list the records, use the following Azure CLI command:
 
-    ```azurecli
+    ```azurecli-interactive
     az network dns record-set list -g myresourcegroup -z contoso.com
     ```
 
-* You can list the records by using the Azure CLI command `az network dns record-set ns list`.
-* You can use `nslookup` to verify name resolution for the records. Because the zone isn't delegated yet, you need to specify the correct Azure DNS name servers explicitly. The following sample shows how to retrieve the name server names assigned to the zone. This also shows how to query the "www" record by using `nslookup`.
+* You can also list the records by using the Azure CLI command `az network dns record-set ns list`.
+* Use `nslookup` to verify name resolution for the records. If the zone hasn't been delegated yet, you need to specify the correct Azure DNS name servers explicitly. The following sample shows how to retrieve the name server names assigned to the zone.
 
-    ```azurecli
+    ```azurecli-interactive
     az network dns record-set ns list -g myresourcegroup -z contoso.com  --output json 
     ```
 
@@ -133,6 +135,8 @@ To verify the DNS zone after you import the file, you can use any one of the fol
     ]
     ```
 
+    Use Windows Command Prompt to query the "www" record with the `nslookup` command.
+
     ```cmd
     nslookup www.contoso.com ns1-03.azure-dns.com
 
@@ -144,15 +148,15 @@ To verify the DNS zone after you import the file, you can use any one of the fol
         134.170.188.221
     ```
 
-### Step 3. Update DNS delegation
+### Update DNS delegation
 
-After you have verified that the zone has been imported correctly, you need to update the DNS delegation to point to the Azure DNS name servers. For more information, see the article [Update the DNS delegation](dns-domain-delegation.md).
+After you've verified that the zone has been imported correctly, you then need to update the DNS delegation to point to the Azure DNS name servers. For more information, see [Update the DNS delegation](dns-domain-delegation.md).
 
 ## Export a DNS zone file from Azure DNS
 
-The format of the Azure CLI command to export a DNS zone is:
+To export a DNS zone, use the following Azure CLI command:
 
-```azurecli
+```azurecli-interactive
 az network dns zone export -g <resource group> -n <zone name> -f <zone file name>
 ```
 
@@ -168,12 +172,12 @@ As with the zone import, you first need to sign in, choose your subscription, an
 
 To export the existing Azure DNS zone **contoso.com** in resource group **myresourcegroup** to the file **contoso.com.txt** (in the current folder), run `azure network dns zone export`. This command  calls the Azure DNS service to enumerate record sets in the zone and export the results to a BIND-compatible zone file.
 
-```azurecli
+```azurecli-interactive
 az network dns zone export -g myresourcegroup -n contoso.com -f contoso.com.txt
 ```
 
 ## Next steps
 
 * Learn how to [manage record sets and records](./dns-getstarted-cli.md) in your DNS zone.
 
-* Learn how to [delegate your domain to Azure DNS](dns-domain-delegation.md).
+* Learn how to [delegate your domain to Azure DNS](dns-domain-delegation.md).

articles/expressroute/TOC.yml

@@ -104,6 +104,8 @@
     href: expressroute-bfd.md
   - name: QoS requirements
     href: expressroute-qos.md
+  - name: Routing Microsoft 365 traffic over ExpressRoute 
+    href: using-expressroute-for-microsoft365.md
   - name: High Availability - Design
     href: designing-for-high-availability-with-expressroute.md
   - name: Disaster Recovery - Design