Merge pull request #250019 from spelluru/egridfreshness0831

Event Grid freshness reviews

Author: v-regandowner

articles/event-grid/handler-functions.md

@@ -2,7 +2,7 @@
 title: Use a function in Azure as an event handler for Azure Event Grid events
 description: Describes how you can use functions created in and hosted by Azure Functions as event handlers for Event Grid events. 
 ms.topic: conceptual
-ms.date: 05/23/2022
+ms.date: 08/31/2023
 ---
 
 # Use a function as an event handler for Event Grid events
@@ -23,8 +23,6 @@ We recommend that you use the first approach (Event Grid trigger) as it has the
 > - When you add an event subscription using an Azure function, Event Grid fetches the access key for the target function using Event Grid service principal's credentials. The permissions are granted to Event Grid when you register the Event Grid resource provider in their Azure subscription. 
 > - If you protect your Azure function with an **Azure Active Directory** application, you'll have to take the generic webhook approach using the HTTP trigger. Use the Azure function endpoint as a webhook URL when adding the subscription.
 
-
-
 ## Tutorials
 
 |Title  |Description  |

articles/event-grid/security-authentication.md

@@ -2,7 +2,7 @@
 title: Authenticate event delivery to event handlers (Azure Event Grid)
 description: This article describes different ways of authenticating delivery to event handlers in Azure Event Grid. 
 ms.topic: conceptual
-ms.date: 06/22/2022
+ms.date: 08/31/2023
 ---
 
 # Authenticate event delivery to event handlers (Azure Event Grid)
@@ -11,15 +11,15 @@ This article provides information on authenticating event delivery to event hand
 ## Overview
 Azure Event Grid uses different authentication methods to deliver events to event handlers. `
 
-| Authentication method | Supported handlers | Description  |
+| Authentication method | Supported event handlers | Description  |
 |--|--|--|
-Access key | <p>Event Hubs</p><p>Service Bus</p><p>Storage Queues</p><p>Relay Hybrid Connections</p><p>Azure Functions</p><p>Storage Blobs (Deadletter)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p> | Access keys are fetched using Event Grid service principal's credentials. The permissions are granted to Event Grid when you register the Event Grid resource provider in their Azure subscription. |  
-Managed System Identity <br/>&<br/> Role-based access control | <p>Event Hubs</p><p>Service Bus</p><p>Storage Queues</p><p>Storage  Blobs (Deadletter)</p></li></ul> | Enable managed system identity for the topic and add it to the appropriate role on the destination. For details, see [Use system-assigned identities for event delivery](#use-system-assigned-identities-for-event-delivery).  |
-|Bearer token authentication with Azure AD protected webhook | Webhook | See the [Authenticate event delivery to webhook endpoints](#authenticate-event-delivery-to-webhook-endpoints) section for details.. |
+Access key | - Event Hubs<br/>- Service Bus<br/>- Storage Queues<br/>- Relay Hybrid Connections<br/>- Azure Functions<br/>- Storage Blobs (Deadletter) | Access keys are fetched using Event Grid service principal's credentials. The permissions are granted to Event Grid when you register the Event Grid resource provider in their Azure subscription. |  
+Managed System Identity <br/>&<br/> Role-based access control | - Event Hubs<br/>- Service Bus<br/>- Storage Queues<br/>- Storage  Blobs (Deadletter) | Enable managed system identity for the topic and add it to the appropriate role on the destination. For details, see [Use system-assigned identities for event delivery](#use-system-assigned-identities-for-event-delivery).  |
+|Bearer token authentication with Microsoft Entra ID protected webhook | Webhook | See the [Authenticate event delivery to webhook endpoints](#authenticate-event-delivery-to-webhook-endpoints) section for details. |
 Client secret as a query parameter | Webhook | See the [Using client secret as a query parameter](#using-client-secret-as-a-query-parameter) section for details. |
 
 > [!NOTE]
-> If you protect your Azure function with an Azure Active Directory app, you'll have to take the generic webhook approach using the HTTP trigger. Use the Azure function endpoint as a webhook URL when adding the subscription.
+> If you protect your Azure function with an Microsoft Entra ID app, you'll have to take the generic webhook approach using the HTTP trigger. Use the Azure function endpoint as a webhook URL when adding the subscription.
 
 ## Use system-assigned identities for event delivery
 You can enable a system-assigned managed identity for a topic or domain and use the identity to forward events to supported destinations such as Service Bus queues and topics, event hubs, and storage accounts.
@@ -37,13 +37,13 @@ For detailed step-by-step instructions, see [Event delivery with a managed ident
 The following sections describe how to authenticate event delivery to webhook endpoints. Use a validation handshake mechanism irrespective of the method you use. See [Webhook event delivery](webhook-event-delivery.md) for details. 
 
 
-### Using Azure Active Directory (Azure AD)
-You can secure the webhook endpoint that's used to receive events from Event Grid by using Azure AD. You'll need to create an Azure AD application, create a role and service principal in your application authorizing Event Grid, and configure the event subscription to use the Azure AD application. Learn how to [Configure Azure Active Directory with Event Grid](secure-webhook-delivery.md).
+### Using Microsoft Entra ID
+You can secure the webhook endpoint that's used to receive events from Event Grid by using Microsoft Entra ID. You need to create a Microsoft Entra ID application, create a role and a service principal in your application authorizing Event Grid, and configure the event subscription to use the Microsoft Entra ID application. Learn how to [Configure Microsoft Entra ID with Event Grid](secure-webhook-delivery.md).
 
 ### Using client secret as a query parameter
 You can also secure your webhook endpoint by adding query parameters to the webhook destination URL specified as part of creating an Event Subscription. Set one of the query parameters to be a client secret such as an [access token](https://en.wikipedia.org/wiki/Access_token) or a shared secret. Event Grid service includes all the query parameters in every event delivery request to the webhook. The webhook service can retrieve and validate the secret. If the client secret is updated, event subscription also needs to be updated. To avoid delivery failures during this secret rotation, make the webhook accept both old and new secrets for a limited duration before updating the event subscription with the new secret. 
 
-As query parameters could contain client secrets, they are handled with extra care. They are stored as encrypted and are not accessible to service operators. They are not logged as part of the service logs/traces. When retrieving the Event Subscription properties, destination query parameters aren't returned by default. For example: [--include-full-endpoint-url](/cli/azure/eventgrid/event-subscription#az-eventgrid-event-subscription-show) parameter is to be used in Azure [CLI](/cli/azure).
+As query parameters could contain client secrets, they're handled with extra care. They're stored as encrypted and aren't accessible to service operators. They aren't logged as part of the service logs/traces. When retrieving the Event Subscription properties, destination query parameters aren't returned by default. For example: [--include-full-endpoint-url](/cli/azure/eventgrid/event-subscription#az-eventgrid-event-subscription-show) parameter is to be used in Azure [CLI](/cli/azure).
 
 For more information on delivering events to webhooks, see [Webhook event delivery](webhook-event-delivery.md)