update

msmbaldwin · msmbaldwin · commit d4d20f1083a5 · 2024-02-10T15:36:56.000-08:00
diff --git a/articles/confidential-ledger/overview.md b/articles/confidential-ledger/overview.md
@@ -11,7 +11,7 @@ ms.author: mbaldwin
 ---
 # Microsoft Azure confidential ledger
 
-Microsoft Azure confidential ledger (ACL) is a new and highly secure service for managing sensitive data records. It runs exclusively on hardware-backed secure enclaves, a heavily monitored and isolated runtime environment which keeps potential attacks at bay. Furthermore, Azure confidential ledger runs on a minimalistic Trusted Computing Base (TCB), which ensures that no one⁠—not even Microsoft⁠—is "above" the ledger.
+Microsoft Azure confidential ledger (ACL) is a new and highly secure service for managing sensitive data records. It runs exclusively on hardware-backed secure enclaves, a heavily monitored and isolated runtime environment, which keeps potential attacks at bay. Furthermore, Azure confidential ledger runs on a minimalistic Trusted Computing Base (TCB), which ensures that no one⁠—not even Microsoft⁠—is "above" the ledger.
 
 As its name suggests, Azure confidential ledger utilizes the [Azure Confidential Computing platform](../confidential-computing/index.yml) and the [Confidential Consortium Framework](https://ccf.dev) to provide a high integrity solution that is tamper-protected and evident. One ledger spans across three or more identical instances, each of which run in a dedicated, fully attested hardware-backed enclave. The ledger's integrity is maintained through a consensus-based blockchain.
 
@@ -28,19 +28,19 @@ For more information, you can watch the [Azure confidential ledger demo](https:/
 
 ## Key Features
 
-The confidential ledger is exposed through REST APIs which can be integrated into new or existing applications. The confidential ledger can be managed by administrators utilizing Administrative APIs (Control Plane). It can also be called directly by application code through Functional APIs (Data Plane). The Administrative APIs support basic operations such as create, update, get and, delete. The Functional APIs allow direct interaction with your instantiated ledger and include operations such as put and get data.
+The confidential ledger is exposed through REST APIs, which can be integrated into new or existing applications. Administrators can manage the confidential ledger with Administrative APIs (Control Plane). The confidential ledger can also be called directly by application code through Functional APIs (Data Plane). The Administrative APIs support basic operations such as create, update, get and, delete. The Functional APIs allow direct interaction with your instantiated ledger and include operations such as put and get data.
 
 ## Ledger security
 
 The ledger APIs support certificate-based authentication process with owner roles as well as Microsoft Entra ID based authentication and also role-based access (for example, owner, reader, and contributor).
 
-The data to the ledger is sent through TLS 1.3 connection and the TLS 1.3 connection terminates inside the hardware backed security enclaves (Intel® SGX enclaves). This ensures that no one can intercept the connection between a customer's client and the confidential ledger server nodes.
+The data to the ledger is sent through TLS 1.3 connection and the TLS 1.3 connection terminates inside the hardware backed security enclaves (Intel® SGX enclaves), ensuring that no one can intercept the connection between a customer's client and the confidential ledger server nodes.
 
 ### Ledger storage
 
 Confidential ledgers are created as blocks in blob storage containers belonging to an Azure Storage account. Transaction data can either be stored encrypted or in plaintext depending on your needs.
 
-The confidential ledger can be managed by administrators utilizing Administrative APIs (Control Plane), and can be called directly by your application code through Functional APIs (Data Plane). The Administrative APIs support basic operations such as create, update, get and, delete.
+Administrators can manage the confidential ledger with Administrative APIs (Control Plane), and the confidential ledger can be called directly by your application code through Functional APIs (Data Plane). The Administrative APIs support basic operations such as create, update, get and, delete.
 
 The Functional APIs allow direct interaction with your instantiated confidential ledger and include operations such as put and get data.
 
@@ -56,8 +56,8 @@ The Functional APIs allow direct interaction with your instantiated confidential
 |--|--|
 | ACL | Azure confidential ledger |
 | Ledger | An immutable append-only record of transactions (also known as a Blockchain) |
-| Commit | A confirmation that a transaction has been appended to the ledger. |
-| Receipt | Proof that the transaction was processed by the ledger. |
+| Commit | A confirmation that a transaction was appended to the ledger. |
+| Receipt | Proof that the ledger processed a transaction. |
 
 ## Next steps
 
diff --git a/articles/confidential-ledger/quickstart-net.md b/articles/confidential-ledger/quickstart-net.md
@@ -26,26 +26,22 @@ Azure confidential ledger client library resources:
 - [.NET Core 3.1 SDK or later](https://dotnet.microsoft.com/download/dotnet-core)
 - [Azure CLI](/cli/azure/install-azure-cli)
 
-You will also need a running confidential ledger, and a registered user with the `Administrator` privileges. You can create a confidential ledger (and an administrator) using the [Azure portal](quickstart-portal.md), the [Azure CLI](quickstart-cli.md), or [Azure PowerShell](quickstart-powershell.md).
+You also need a running confidential ledger, and a registered user with the `Administrator` privileges. You can create a confidential ledger (and an administrator) using the [Azure portal](quickstart-portal.md), the [Azure CLI](quickstart-cli.md), or [Azure PowerShell](quickstart-powershell.md).
 
 ## Setup
 
 ### Create new .NET console app
 
 1. In a command shell, run the following command to create a project named `acl-app`:
-
     ```dotnetcli
     dotnet new console --name acl-app
     ```
-
 1. Change to the newly created *acl-app* directory, and run the following command to build the project:
 
     ```dotnetcli
     dotnet build
     ```
-
     The build output should contain no warnings or errors.
-    
     ```console
     Build succeeded.
      0 Warning(s)
@@ -60,15 +56,15 @@ Install the Confidential Ledger client library for .NET with [NuGet][client_nuge
 dotnet add package Azure.Security.ConfidentialLedger --version 1.0.0
 ```
 
-For this quickstart, you'll also need to install the Azure SDK client library for Azure Identity:
+For this quickstart, you also need to install the Azure SDK client library for Azure Identity:
 
 ```dotnetcli
 dotnet add package Azure.Identity
 ```
 
 ## Object model
 
-The Azure confidential ledger client library for .NET allows you to create an immutable ledger entry in the service.  The [Code examples](#code-examples) section shows how to create a write to the ledger and retrieve the transaction ID.
+The Azure confidential ledger client library for .NET allows you to create an immutable ledger entry in the service. The [Code examples](#code-examples) section shows how to create a write to the ledger and retrieve the transaction ID.
 
 ## Code examples
 
@@ -86,7 +82,7 @@ using Azure.Security.ConfidentialLedger.Certificate;
 
 ### Authenticate and create a client
 
-In this quickstart, logged in user is used to authenticate to Azure confidential ledger, which is preferred method for local development.  The name of your confidential ledger is expanded to the key vault URI, in the format "https://\<your-confidential-ledger-name\>.confidential-ledger.azure.com". This example is using ['DefaultAzureCredential()'](/dotnet/api/azure.identity.defaultazurecredential) class from [Azure Identity Library](/dotnet/api/overview/azure/identity-readme), which allows to use the same code across different environments with different options to provide identity. 
+In this quickstart, logged in user is used to authenticate to Azure confidential ledger, which is preferred method for local development. The name of your confidential ledger is expanded to the key vault URI, in the format "https://\<your-confidential-ledger-name\>.confidential-ledger.azure.com". This example is using ['DefaultAzureCredential()'](/dotnet/api/azure.identity.defaultazurecredential) class from [Azure Identity Library](/dotnet/api/overview/azure/identity-readme), which allows to use the same code across different environments with different options to provide identity. 
 
 ```csharp
 credential = DefaultAzureCredential()
diff --git a/articles/confidential-ledger/quickstart-portal.md b/articles/confidential-ledger/quickstart-portal.md
@@ -11,7 +11,7 @@ ms.custom: mode-ui
 
 # Quickstart: Create a confidential ledger using the Azure portal
 
-Azure confidential ledger is a cloud service that provides a high integrity store for sensitive data logs and records that require data to be kept intact. For more information on Azure confidential ledger, and for examples of what can be stored in a confidential ledger, see [About Microsoft Azure confidential ledger](overview.md).
+Azure confidential ledger is a cloud service that provides a high integrity store for sensitive data logs and records that require data to be kept intact. For more information on Azure confidential ledger and examples of what can be stored in a confidential ledger, see [About Microsoft Azure confidential ledger](overview.md).
 
 [!INCLUDE [quickstarts-free-trial-note](../../includes/quickstarts-free-trial-note.md)]
 
@@ -28,32 +28,25 @@ Sign in to the [Azure portal](https://portal.azure.com).
 ## Create a confidential ledger
 
 1. From the Azure portal menu, or from the Home page, select **Create a resource**.
-
 1. In the Search box, enter "Confidential Ledger", select said application, and then choose **Create**.
-
 1. On the Create confidential ledger section, provide the following information:
     - **Name**: Provide a unique name.
     - **Subscription**: Choose the desired subscription.
     - **Resource Group**: Select **Create new*** and enter a resource group name.
     - **Location**: In the pull-down menu, choose a location.
     - Leave the other options to their defaults.
-   
 1. Select the **Security** tab.
-
-1. You must now add a Microsoft Entra ID-based or certificate-based user to your confidential ledger with a role of "Administrator." In this quickstart, we'll add a Microsoft Entra ID-based user. Select **+ Add Microsoft Entra ID-Based User**.
-
+1. You must now add a Microsoft Entra ID-based or certificate-based user to your confidential ledger with a role of "Administrator." In this quickstart, you add a Microsoft Entra ID-based user. Select **+ Add Microsoft Entra ID-Based User**.
 1. You must add a Microsoft Entra ID-based or Certificate-based user. Search the right-hand pane for your email address. Select your row, and then choose **Select** at the bottom of the pane. Your user profile may already be in the Microsoft Entra ID-based user section, in which case you cannot add yourself again.
-
 1. In the **Ledger Role** drop-down field, select **Administrator**.
+1. Select **Review + Create**. After validation, select **Create**.
 
-1. Select **Review + Create**. After validation has passed, select **Create**.
-
-When the deployment is complete. select **Go to resource**.
+When the deployment is complete, select **Go to resource**.
 
 :::image type="content" source="./media/confidential-ledger-portal-quickstart.png" alt-text="ACL portal create screen":::
 
-Take note of the two properties listed below:
-- **confidential ledger name**: In the example, it is "test-create-ledger-demo." You will use this name for other steps.
+Take note of these two properties:
+- **confidential ledger name**: In the example, it is "test-create-ledger-demo." Use this name for other steps.
 - **Ledger endpoint**: In the example, this endpoint is `https://test-create-ledger-demo.confidential-ledger.azure.net/`. 
 
 You will need these property names to transact with the confidential ledger from the data plane.
diff --git a/articles/confidential-ledger/quickstart-powershell.md b/articles/confidential-ledger/quickstart-powershell.md
@@ -11,13 +11,13 @@ ms.topic: quickstart
 
 # Quickstart: Create a confidential ledger using Azure PowerShell
 
-Azure confidential ledger is a cloud service that provides a high integrity store for sensitive data logs and records that must be kept intact. In this quickstart you will use [Azure PowerShell](/powershell/azure/) to create a confidential ledger, view and update its properties, and delete it. For more information on Azure confidential ledger, and for examples of what can be stored in a confidential ledger, see [About Microsoft Azure confidential ledger](overview.md).
+Azure confidential ledger is a cloud service that provides a high integrity store for sensitive data logs and records that must be kept intact. In this quickstart, you use [Azure PowerShell](/powershell/azure/) to create a confidential ledger, view and update its properties, and delete it. For more information on Azure confidential ledger and examples of what can be stored in a confidential ledger, see [About Microsoft Azure confidential ledger](overview.md).
 
 If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
 
 [!INCLUDE [cloud-shell-try-it.md](../../includes/cloud-shell-try-it.md)]
 
-In this quickstart, you create a confidential ledger with [Azure PowerShell](/powershell/azure/). If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azure-powershell). If you are running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.
+In this quickstart, you create a confidential ledger with [Azure PowerShell](/powershell/azure/). If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azure-powershell). If you're running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.
 
 ## Prerequisites
 
@@ -29,26 +29,26 @@ In this quickstart, you create a confidential ledger with [Azure PowerShell](/po
 
 ## Get your principal ID and tenant ID
 
-To create a confidential ledger, you'll need your Microsoft Entra principal ID (also called your object ID).  To obtain your principal ID, use the Azure PowerShell [Get-AzADUser](/powershell/module/az.resources/get-azaduser) cmdlet, with the `-SignedIn` flag:
+To create a confidential ledger, use your Microsoft Entra principal ID (also called your object ID). To obtain your principal ID, use the Azure PowerShell [Get-AzADUser](/powershell/module/az.resources/get-azaduser) cmdlet, with the `-SignedIn` flag:
 
 ```azurepowershell
 Get-AzADUser -SignedIn
 ```
 
-Your result will be listed under "Id", in the format `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`.
+Your result is listed under "Id", in the format `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`.
 
 ## Create a confidential ledger
 
-Use the Azure Powershell [New-AzConfidentialLedger](/powershell/module/az.confidentialledger/new-azconfidentialledger) command to create a confidential ledger in your new resource group.
+Use the Azure PowerShell [New-AzConfidentialLedger](/powershell/module/az.confidentialledger/new-azconfidentialledger) command to create a confidential ledger in your new resource group.
 
 ```azurepowershell
 New-AzConfidentialLedger -Name "myLedger" -ResourceGroupName "myResourceGroup" -Location "EastUS" -LedgerType "Public" -AadBasedSecurityPrincipal @{ LedgerRoleName="Administrator"; PrincipalId="34621747-6fc8-4771-a2eb-72f31c461f2e"; }
 
 ```
 
-A successful operation will return the properties of the newly created ledger. Take note of the **ledgerUri**. In the example above, this URI is "https://myledger.confidential-ledger.azure.com".
+A successful operation returns the properties of the newly created ledger. Take note of the **ledgerUri**. In the example above, this URI is "https://myledger.confidential-ledger.azure.com".
 
-You'll need this URI to transact with the confidential ledger from the data plane.
+You need this URI to transact with the confidential ledger from the data plane.
 
 ## View and update your confidential ledger properties
 
@@ -64,7 +64,7 @@ To update the properties of a confidential ledger, use do so, use the Azure Powe
 Update-AzConfidentialLedger -Name "myLedger" -ResourceGroupName "myResourceGroup" -Location "EastUS" -LedgerType "Public" -AadBasedSecurityPrincipal @{ LedgerRoleName="Reader"; PrincipalId="34621747-6fc8-4771-a2eb-72f31c461f2e"; }
 ```
 
-If you again run [Get-AzConfidentialLedger](/powershell/module/az.confidentialledger/get-azconfidentialledger), you'll see that the role has been updated.
+If you again run [Get-AzConfidentialLedger](/powershell/module/az.confidentialledger/get-azconfidentialledger), you see that the role is updated.
 
 ```json
 "ledgerRoleName": "Reader",
diff --git a/articles/confidential-ledger/quickstart-python.md b/articles/confidential-ledger/quickstart-python.md
