Edit metadata, titles, and intro

Author: baanders

articles/digital-twins/concepts-security.md

@@ -101,7 +101,7 @@ For instructions on how to enable a system-managed identity for Azure Digital Tw
 
 [Azure Private Link](../private-link/private-link-overview.md) is a service that enables you to access Azure resources (like [Azure Event Hubs](../event-hubs/event-hubs-about.md), [Azure Storage](../storage/common/storage-introduction.md), and [Azure Cosmos DB](../cosmos-db/introduction.md)) and Azure-hosted customer and partner services over a private endpoint in your [Azure Virtual Network (VNet)](../virtual-network/virtual-networks-overview.md). 
 
-Similarly, you can use private endpoints for your Azure Digital Twin instance to allow clients located in your virtual network to securely access the instance over Private Link. 
+Similarly, you can use private endpoints for your Azure Digital Twins instance to allow clients located in your virtual network to securely access the instance over Private Link. Configuring a private endpoint for your Azure Digital Twins instance enables you to secure your Azure Digital Twins instance and eliminate public exposure. Additionally, it helps avoid data exfiltration from your [Azure Virtual Network (VNet)](../virtual-network/virtual-networks-overview.md).
 
 The private endpoint uses an IP address from your Azure VNet address space. Network traffic between a client on your private network and the Azure Digital Twins instance traverses over the VNet and a Private Link on the Microsoft backbone network, eliminating exposure to the public internet. Here's a visual representation of this system:
 

articles/digital-twins/how-to-enable-private-link.md

@@ -1,36 +1,32 @@
 ---
-# Mandatory fields.
-title: Enable private access with Private Link
+title: Enable private access to Azure Digital Twins
 titleSuffix: Azure Digital Twins
-description: Learn how to enable private access for Azure Digital Twins solutions with Private Link.
+description: Learn how to enable private access to your Azure Digital Twins solutions, using Azure Private Link.
 author: baanders
-ms.author: baanders # Microsoft employees only
-ms.date: 02/22/2022
+ms.author: baanders
+ms.date: 06/07/2022
 ms.topic: how-to
 ms.service: digital-twins
-ms.custom: contperf-fy22q1 
+ms.custom: contperf-fy22q1, contperf-fy22q4
 ms.devlang: azurecli
-
-# Optional fields. Don't forget to remove # if you need a field.
-# ms.custom: can-be-multiple-comma-separated
-# ms.reviewer: MSFT-alias-of-reviewer
-# manager: MSFT-alias-of-manager-or-PM-counterpart
 ---
 
-# Enable private access with Private Link
+# Enable private access to Azure Digital Twins using Private Link
 
-This article describes the different ways to enable [Private Link with a private endpoint for an Azure Digital Twins instance](concepts-security.md#private-network-access-with-azure-private-link). Configuring a private endpoint for your Azure Digital Twins instance enables you to secure your Azure Digital Twins instance and eliminate public exposure. Additionally, it helps avoid data exfiltration from your [Azure Virtual Network (VNet)](../virtual-network/virtual-networks-overview.md).
+By using Azure Digital Twins together with [Azure Private Link](../private-link/private-link-overview.md), you can enable private endpoints for your Azure Digital Twins instance, to eliminate public exposure and allow clients located in your virtual network to securely access the instance over Private Link. For more information about this security strategy for Azure Digital Twins, see [Private Link with a private endpoint for an Azure Digital Twins instance](concepts-security.md#private-network-access-with-azure-private-link).
 
 Here are the steps that are covered in this article: 
 1. Turn on Private Link and configure a private endpoint for an Azure Digital Twins instance.
-1. View, edit, or delete a private endpoint from an instance.
-1. Disable or enable public network access flags, to restrict API access to Private Link connections only.
+1. View, edit, or delete a private endpoint from an Azure Digital Twins instance.
+1. Disable or enable public network access flags, to restrict API access for an Azure Digital Twins to Private Link connections only.
+ 
+This article also contains information for deploying Azure Digital Twins with Private Link using an ARM template, and troubleshooting the configuration.
 
 ## Prerequisites
 
 Before you can set up a private endpoint, you'll need an [Azure Virtual Network (VNet)](../virtual-network/virtual-networks-overview.md) where the endpoint can be deployed. If you don't have a VNet already, you can follow one of the [Azure Virtual Network quickstarts](../virtual-network/quick-create-portal.md) to set this up.
 
-## Add a private endpoint to Azure Digital Twins 
+## Add private endpoints to Azure Digital Twins 
 
 You can use either the [Azure portal](https://portal.azure.com) or the [Azure CLI](/cli/azure/what-is-azure-cli) to turn on Private Link with a private endpoint for an Azure Digital Twins instance. 
 
@@ -147,7 +143,7 @@ For a full list of required and optional parameters, as well as more private end
 
 --- 
 
-## Manage private endpoint connections
+## Manage private endpoints
 
 In this section, you'll see how to view, edit, and delete a private endpoint after it's been created.
 
@@ -255,9 +251,9 @@ For a sample template that allows an Azure function to connect to Azure Digital
 
 This template creates an Azure Digital Twins instance, a virtual network, an Azure function connected to the virtual network, and a Private Link connection to make the Azure Digital Twins instance accessible to the Azure function through a private endpoint.
 
-## Troubleshoot Private Link with Azure Digital Twins
+## Troubleshoot
 
-Here are some common issues experienced with Private Link for Azure Digital Twins.
+Here are some common issues that might arise when using Private Link with Azure Digital Twins.
 
 * **Issue:** When trying to access Azure Digital Twins APIs, you see an HTTP error code 403 with the following error in the response body:
     ```json