MicrosoftDocs
diff --git a/‎articles/dev-box/includes/developer-portal-landing-page.md
Lines changed: 15 additions & 2 deletions b/‎articles/dev-box/includes/developer-portal-landing-page.md
Lines changed: 15 additions & 2 deletions
diff --git a/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-1.png
21.9 KB b/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-1.png
21.9 KB
diff --git a/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-2.png
221 KB b/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-2.png
221 KB
diff --git a/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-3.png
455 KB b/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tip-3.png
455 KB
diff --git a/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tour.png
66.9 KB b/‎articles/dev-box/media/developer-portal-landing-page/developer-portal-welcome-tour.png
66.9 KB
diff --git a/‎articles/dev-box/quickstart-create-dev-box.md
Lines changed: 5 additions & 5 deletions b/‎articles/dev-box/quickstart-create-dev-box.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/synapse-analytics/sql/query-cosmos-db-analytical-store.md
Lines changed: 7 additions & 4 deletions b/‎articles/synapse-analytics/sql/query-cosmos-db-analytical-store.md
Lines changed: 7 additions & 4 deletions
diff --git a/‎articles/virtual-wan/how-to-network-virtual-appliance-inbound.md
Lines changed: 1 addition & 2 deletions b/‎articles/virtual-wan/how-to-network-virtual-appliance-inbound.md
Lines changed: 1 addition & 2 deletions
diff --git a/‎articles/virtual-wan/roles-permissions.md
Lines changed: 1 addition & 1 deletion b/‎articles/virtual-wan/roles-permissions.md
Lines changed: 1 addition & 1 deletion
@@ -10,15 +10,28 @@ ms.service: dev-box
 
    :::image type="content" source="../media/developer-portal-landing-page/developer-portal-landing-page-sign-in.png" alt-text="Screenshot of the developer portal landing page with sign-in highlighted.":::
 
+2. The first time you visit the developer portal, you're welcomed with a short tour. Select **Continue** to learn about the developer portal.
+
+   :::image type="content" source="../media/developer-portal-landing-page/developer-portal-welcome-tour.png" alt-text="Screenshot of the welcome tour in the developer portal.":::
+
+   Follow the tips to learn about the developer portal.
+
+   :::image type="content" source="../media/developer-portal-landing-page/developer-portal-welcome-tip-1.png" alt-text="Screenshot of the developer portal showing the first welcome tour tip.":::
+
+   :::image type="content" source="../media/developer-portal-landing-page/developer-portal-welcome-tip-2.png" alt-text="Screenshot of the developer portal showing the second welcome tour tip.":::
+
+   :::image type="content" source="../media/developer-portal-landing-page/developer-portal-welcome-tip-3.png" alt-text="Screenshot of the developer portal showing the third welcome tour tip.":::
+   
+
 #### [No existing dev boxes](#tab/no-existing-dev-boxes)
 
-2. If you don't have any dev boxes, you see this screen. Select **New dev box**.
+3. If you don't have any dev boxes, you see this screen. Select **New dev box**.
 
    :::image type="content" source="../media/developer-portal-landing-page/developer-portal-new-dev-box.png" alt-text="Screenshot of the developer portal with new dev box highlighted." lightbox="../media/developer-portal-landing-page/developer-portal-new-dev-box.png":::
 
 #### [Existing dev boxes](#tab/existing-dev-boxes)
 
-2. Select **New** > **New dev box**.
+3. Select **New** > **New dev box**.
 
    :::image type="content" source="../media/developer-portal-landing-page/developer-portal-new-menu.png" alt-text="Screenshot of the developer portal with the New menu and Dev box option highlighted." lightbox="../media/developer-portal-landing-page/developer-portal-new-menu.png":::
 
 
@@ -24,7 +24,7 @@ You can create and manage multiple dev boxes as a dev box user. Create a dev box
 
 To complete this quickstart, you need:
 
-- Your organization must have configured Microsoft Dev Box with at least one project and dev box pool before you can create a dev box. 
+- Your organization must have Microsoft Dev Box with at least one project and dev box pool before you can create a dev box. 
     - Platform engineers can follow these steps to configure Microsoft Dev Box: [Quickstart: Configure Microsoft Dev Box](quickstart-configure-dev-box-service.md).  
 - You must have permissions as a [Dev Box User](quickstart-configure-dev-box-service.md#provide-access-to-a-dev-box-project) for a project that has an available dev box pool. If you don't have permissions to a project, contact your administrator.
 
@@ -35,13 +35,13 @@ Microsoft Dev Box enables you to create cloud-hosted developer workstations in a
 Depending on the project configuration and your permissions, you have access to different projects and associated dev box configurations. If you have a choice of projects and dev box pools, select the project and dev box pool that best fits your needs. For example, you might choose a project that has a dev box pool located near to you for least latency.
 
 > [!IMPORTANT]
-> You organization must have configured Microsoft Dev Box with at least one project and dev box pool before you can create a dev box. If you don't see any projects or dev box pools, contact your administrator.
+> Your organization must have Microsoft Dev Box with at least one project and dev box pool before you can create a dev box. If you don't see any projects or dev box pools, contact your administrator.
 
 To create a dev box in the Microsoft Dev Box developer portal:
 
 [!INCLUDE [developer-portal-landing-page](includes/developer-portal-landing-page.md)]
 
-3. In **Add a dev box**, enter the following values:
+4. In **Add a dev box**, enter the following values:
 
    | Setting | Value |
    |---|---|
@@ -59,9 +59,9 @@ To create a dev box in the Microsoft Dev Box developer portal:
    - A shutdown time if the pool where you're creating the dev box has a shutdown schedule.
    - A notification that the dev box creation process can take 25 minutes or longer.
 
-4. Select **Create** to begin creating your dev box.
+5. Select **Create** to begin creating your dev box.
 
-5. Use the dev box tile in the developer portal to track the progress of creation.
+6. Track the progress of creation by using the dev box tile in the developer portal. The status changes from *Creating* to *Running* when the dev box is ready for you to connect to it.
 
    :::image type="content" source="./media/quickstart-create-dev-box/dev-box-tile-creating.png" alt-text="Screenshot of the developer portal that shows the dev box card with a status of Creating." lightbox="./media/quickstart-create-dev-box/dev-box-tile-creating.png":::
 
 
@@ -19,9 +19,6 @@ For querying Azure Cosmos DB, the full [SELECT](/sql/t-sql/queries/select-transa
 
 This article explains how to write a query with a serverless SQL pool that queries data from Azure Cosmos DB containers that are enabled with Azure Synapse Link. You can then learn more about building serverless SQL pool views over Azure Cosmos DB containers and connecting them to Power BI models in [this tutorial](./tutorial-data-analyst.md). This tutorial uses a container with an [Azure Cosmos DB well-defined schema](/azure/cosmos-db/analytical-store-introduction#schema-representation). You can also check out the Learn module on how to [Query Azure Cosmos DB with SQL Serverless for Azure Synapse Analytics](/training/modules/query-azure-cosmos-db-with-sql-serverless-for-azure-synapse-analytics/).
 
->[!NOTE]
-> You can't use managed identity to access an Azure Cosmos DB container from serverless SQL pool.
-
 ## Prerequisites
 
 - Make sure that you prepare the analytical store:
@@ -37,10 +34,11 @@ This article explains how to write a query with a serverless SQL pool that queri
 ## Overview
 
 Serverless SQL pool enables you to query Azure Cosmos DB analytical storage using `OPENROWSET` function. 
+- `OPENROWSET` that uses workspace managed identity to access the analytical store.
 - `OPENROWSET` with inline key. This syntax can be used to query Azure Cosmos DB collections without the need to prepare credentials.
 - `OPENROWSET` that references a credential that contains the Azure Cosmos DB account key. This syntax can be used to create views on Azure Cosmos DB collections.
 
-### [OPENROWSET with key](#tab/openrowset-key)
+### [OPENROWSET with key or managed identity](#tab/openrowset-key)
 
 To support querying and analyzing data in an Azure Cosmos DB analytical store, a serverless SQL pool is used. The serverless SQL pool uses the `OPENROWSET` SQL syntax, so you must first convert your Azure Cosmos DB connection string to this format:
 
@@ -67,6 +65,11 @@ The SQL connection string has the following format:
 ```
 
 The region is optional. If omitted, the container's primary region is used.
+You can use workspace managed identity instead fo the CosmosDB account key:
+
+```sql
+'account=<databases account name>;database=<database_name>;authtype=ManagedIdentity'
+```
 
 > [!IMPORTANT]
 > There's another optional parameter in connection string called `endpoint`. The `endpoint` param is needed for accounts that don't match the standard `*.documents.azure.com` format. For example, if your Azure Cosmos DB account ends with `.documents.azure.us`, make sure that you add `endpoint=<account name>.documents.azure.us` in the connection string.
 
@@ -70,7 +70,6 @@ The following table describes known issues related to the internet inbound/DNAT
 |Issue | Description| Mitigation|
 |--|--|--|
 | DNAT traffic isn't forwarded to the NVA after associating an additional IP address.| After associating additional IP address(es) to an NVA that already has active inbound security rules, DNAT traffic isn't forwarded properly to the NVA due to a code defect. | Use partner orchestration/management software to modify (create or delete existing) configured inbound-security rules to restore connectivity. |
-|Inbound security rule configuration scalability| Inbound security rule configuration might fail when a large number (approximately 100)  rules are configured.| No mitigation, reach out to Azure Support for fix timelines.|
 
 ### Limitations
 
@@ -86,7 +85,7 @@ The following table describes known issues related to the internet inbound/DNAT
 
 ### Considerations
 
-* Inbound Traffic is automatically load-balanced across all healthy instances of the Network Virtual Appliance.
+* Inbound traffic is automatically load-balanced across all healthy instances of the Network Virtual Appliance. Virtual WAN uses five-tuple hashing algorithm to distribute flows for backend NVA instances. For certain use cases such as File Transfer Protocol (FTP) where a single application session might have   multiple five-tuple flows (e.g. FTP control and data plane packets on different ports), Virtual WAN does not guarantee that all flows in that session are distributed to the same NVA instance.
 * In most cases, NVAs must perform source-NAT to the Firewall private IP in addition to  destination-NAT to ensure flow symmetry. Certain NVA types might not require source-NAT. Contact your NVA provider for best practices around source-NAT.
 * Timeout for idle flows is automatically set to 4 minutes.
 * You can assign individual IP address resources generated from an IP address prefix to the NVA as internet inbound IPs. Assign each IP address from the prefix individually.
 
@@ -182,7 +182,7 @@ NVAs (Network Virtual Appliances) in Virtual WAN are typically deployed through
 
 |Resource | Required Azure permissions due to resource references |
 |---|---|
-| networkVirtualAppliances  | Microsoft.Network/virtualHubs/read  |
+| networkVirtualAppliances  | Microsoft.Network/virtualHubs/read   <br? Microsoft.Network/publicIPAddresses/join|
 | networkVirtualAppliances/networkVirtualApplianceConnections  | Microsoft.Network/virtualHubs/routeMaps/read <br>Microsoft.Network/virtualHubs/hubRouteTables/read |