Merge pull request #109081 from craigcaseyMSFT/vcraic0325

rmca14 · web-flow · commit df7be7a01b8d · 2020-03-25T16:17:30.000-07:00
fix PM build warnings
diff --git a/articles/automation/troubleshoot/desired-state-configuration.md b/articles/automation/troubleshoot/desired-state-configuration.md
@@ -107,7 +107,7 @@ VM has reported a failure when processing extension 'Microsoft.Powershell.DSC /
 
 ### Cause
 
-This issue is caused by a bad or expired certificate.  For more information, see [Certificate expiration and reregistration](../automation-dsc-onboarding.md#certificate-expiration-and-re-registration).
+This issue is caused by a bad or expired certificate.  For more information, see [Certificate expiration and reregistration](../automation-dsc-onboarding.md#re-registering-a-node).
 
 ### Resolution
 
@@ -271,8 +271,8 @@ Treat the cross-subscription node as though it lives in a separate cloud, or on-
 
 Follow the steps below to register the node.
 
-* Windows - [Physical/virtual Windows machines on-premises, or in a cloud other than Azure/AWS](../automation-dsc-onboarding.md#physicalvirtual-windows-machines-on-premises-or-in-a-cloud-other-than-azure-including-aws-ec2-instances).
-* Linux - [Physical/virtual Linux machines on-premises, or in a cloud other than Azure](../automation-dsc-onboarding.md#physicalvirtual-linux-machines-on-premises-or-in-a-cloud-other-than-azure).
+* Windows - [Physical/virtual Windows machines on-premises, or in a cloud other than Azure/AWS](../automation-dsc-onboarding.md#onboarding-physicalvirtual-windows-machines-on-premises-or-in-a-cloud-other-than-azure-including-aws-ec2-instances).
+* Linux - [Physical/virtual Linux machines on-premises, or in a cloud other than Azure](../automation-dsc-onboarding.md#onboarding-physicalvirtual-linux-machines-on-premises-or-in-a-cloud-other-than-azure).
 
 ### <a name="agent-has-a-problem"></a>Scenario: Error message - "Provisioning Failed"
 
diff --git a/articles/site-recovery/azure-to-azure-architecture.md b/articles/site-recovery/azure-to-azure-architecture.md
@@ -137,7 +137,7 @@ If outbound access for VMs is controlled with URLs, allow these URLs.
 ### Outbound connectivity for IP address ranges
 
 To control outbound connectivity for VMs using IP addresses, allow these addresses.
-Please note that details of network connectivity requirements can be found in  [networking white paper](azure-to-azure-about-networking.md#outbound-connectivity-for-ip-address-ranges) 
+Please note that details of network connectivity requirements can be found in  [networking white paper](azure-to-azure-about-networking.md#outbound-connectivity-using-service-tags) 
 
 #### Source region rules
 
@@ -172,7 +172,7 @@ If you control VM connectivity by filtering network traffic to and from Azure ne
     - Service tags represent a group of IP address prefixes gathered together to minimize complexity when creating security rules.
     - Microsoft automatically updates service tags over time. 
  
-Learn more about [outbound connectivity](azure-to-azure-about-networking.md#outbound-connectivity-for-ip-address-ranges) for Site Recovery, and [controlling connectivity with NSGs](concepts-network-security-group-with-site-recovery.md).
+Learn more about [outbound connectivity](azure-to-azure-about-networking.md#outbound-connectivity-using-service-tags) for Site Recovery, and [controlling connectivity with NSGs](concepts-network-security-group-with-site-recovery.md).
 
 
 ### Connectivity for multi-VM consistency
diff --git a/articles/site-recovery/azure-to-azure-troubleshoot-network-connectivity.md b/articles/site-recovery/azure-to-azure-troubleshoot-network-connectivity.md
@@ -87,7 +87,7 @@ These rules are required so that replication can be enabled from the target regi
   - Connection cannot be established to Azure Site Recovery service endpoints.
 
 - **Resolution**
-  - Azure Site Recovery required access to [Site Recovery IP ranges](https://docs.microsoft.com/azure/site-recovery/azure-to-azure-about-networking#outbound-connectivity-for-ip-address-ranges) depending on the region. Make sure that required ip ranges are accessible from the virtual machine.
+  - Azure Site Recovery required access to [Site Recovery IP ranges](https://docs.microsoft.com/azure/site-recovery/azure-to-azure-about-networking#outbound-connectivity-using-service-tags) depending on the region. Make sure that required ip ranges are accessible from the virtual machine.
 
 
 ## Issue 4: A2A replication failed when the network traffic goes through on-premises proxy server (151072)
@@ -107,7 +107,7 @@ These rules are required so that replication can be enabled from the target regi
   4. Azure Site Recovery Mobility Service agent supports only ***un-authenticated proxies***.
 
 ### Fix the problem
-To allow [the required URLs](azure-to-azure-about-networking.md#outbound-connectivity-for-urls) or the [required IP ranges](azure-to-azure-about-networking.md#outbound-connectivity-for-ip-address-ranges), follow the steps in the [networking guidance document](site-recovery-azure-to-azure-networking-guidance.md).
+To allow [the required URLs](azure-to-azure-about-networking.md#outbound-connectivity-for-urls) or the [required IP ranges](azure-to-azure-about-networking.md#outbound-connectivity-using-service-tags), follow the steps in the [networking guidance document](site-recovery-azure-to-azure-networking-guidance.md).
 
 
 ## Next steps
diff --git a/articles/site-recovery/azure-to-azure-tutorial-enable-replication.md b/articles/site-recovery/azure-to-azure-tutorial-enable-replication.md
@@ -70,7 +70,7 @@ If you're using a URL-based firewall proxy to control outbound connectivity, all
 
 ### Outbound connectivity for IP address ranges
 
-If you're using a network security group (NSG), create service-tag based NSG rules for access to Azure Storage, Azure Active Directory, Site Recovery service, and Site Recovery monitoring. [Learn more](azure-to-azure-about-networking.md#outbound-connectivity-for-ip-address-ranges).
+If you're using a network security group (NSG), create service-tag based NSG rules for access to Azure Storage, Azure Active Directory, Site Recovery service, and Site Recovery monitoring. [Learn more](azure-to-azure-about-networking.md#outbound-connectivity-using-service-tags).
 
 ## Verify Azure VM certificates
 
diff --git a/articles/site-recovery/concepts-network-security-group-with-site-recovery.md b/articles/site-recovery/concepts-network-security-group-with-site-recovery.md
@@ -19,12 +19,12 @@ This article describes how you can use Network Security Groups with Azure Site R
 
 ## Using Network Security Groups
 
-An individual subnet can have zero, or one, associated NSG. An individual network interface can also have zero, or one, associated NSG. So, you can effectively have dual traffic restriction for a virtual machine by associating an NSG first to a subnet, and then another NSG to the VM’s network interface. The application of NSG rules in this case depends on the direction of traffic and priority of applied security rules.
+An individual subnet can have zero, or one, associated NSG. An individual network interface can also have zero, or one, associated NSG. So, you can effectively have dual traffic restriction for a virtual machine by associating an NSG first to a subnet, and then another NSG to the VM's network interface. The application of NSG rules in this case depends on the direction of traffic and priority of applied security rules.
 
 Consider a simple example with one virtual machine as follows:
--	The virtual machine is placed inside the **Contoso Subnet**.
--	**Contoso Subnet** is associated with **Subnet NSG**.
--	The VM network interface is additionally associated with **VM NSG**.
+-    The virtual machine is placed inside the **Contoso Subnet**.
+-    **Contoso Subnet** is associated with **Subnet NSG**.
+-    The VM network interface is additionally associated with **VM NSG**.
 
 ![NSG with Site Recovery](./media/concepts-network-security-group-with-site-recovery/site-recovery-with-network-security-group.png)
 
@@ -40,34 +40,34 @@ You may not always be aware when network security groups are applied to both a n
 
 Azure Site Recovery enables disaster recovery and migration to Azure for on-premises [Hyper-V virtual machines](hyper-v-azure-architecture.md), [VMware virtual machines](vmware-azure-architecture.md), and [physical servers](physical-azure-architecture.md). For all on-premises to Azure scenarios, replication data is sent to and stored in an Azure Storage account. During replication, you don't pay any virtual machine charges. When you run a failover to Azure, Site Recovery automatically creates Azure IaaS virtual machines.
 
-Once VMs have been created after failover to Azure, NSGs can be used to limit network traffic to the virtual network and VMs. Site Recovery does not create NSGs as part of the failover operation. We recommend creating the required Azure NSGs before initiating failover. You can then associate NSGs to failed over VMs automatically during failover, using automation scripts with Site Recovery’s powerful [recovery plans](site-recovery-create-recovery-plans.md).
+Once VMs have been created after failover to Azure, NSGs can be used to limit network traffic to the virtual network and VMs. Site Recovery does not create NSGs as part of the failover operation. We recommend creating the required Azure NSGs before initiating failover. You can then associate NSGs to failed over VMs automatically during failover, using automation scripts with Site Recovery's powerful [recovery plans](site-recovery-create-recovery-plans.md).
 
 For example, if the post-failover VM configuration is similar to the [example scenario](concepts-network-security-group-with-site-recovery.md#using-network-security-groups) detailed above:
--	You can create **Contoso VNet** and **Contoso Subnet** as part of DR planning on the target Azure region.
--	You can also create and configure both **Subnet NSG** as well as **VM NSG** as part the same DR planning.
--	**Subnet NSG** can then be immediately associated with **Contoso Subnet**, as both the NSG and the subnet are already available.
--	**VM NSG** can be associated with VMs during failover using recovery plans.
+-    You can create **Contoso VNet** and **Contoso Subnet** as part of DR planning on the target Azure region.
+-    You can also create and configure both **Subnet NSG** as well as **VM NSG** as part the same DR planning.
+-    **Subnet NSG** can then be immediately associated with **Contoso Subnet**, as both the NSG and the subnet are already available.
+-    **VM NSG** can be associated with VMs during failover using recovery plans.
 
 Once the NSGs are created and configured, we recommend running a [test failover](site-recovery-test-failover-to-azure.md) to verify scripted NSG associations and post-failover VM connectivity.
 
 ## Azure to Azure replication with NSG
 
 Azure Site Recovery enables disaster recovery of [Azure virtual machines](azure-to-azure-architecture.md). When enabling replication for Azure VMs, Site Recovery can create the replica virtual networks (including subnets and gateway subnets) on the target region and create the required mappings between the source and target virtual networks. You can also pre-create the target side networks and subnets, and use the same while enabling replication. Site Recovery does not create any VMs on the target Azure region prior to [failover](azure-to-azure-tutorial-failover-failback.md).
 
-For Azure VM replication, ensure that the NSG rules on the source Azure region allow [outbound connectivity](azure-to-azure-about-networking.md#outbound-connectivity-for-ip-address-ranges) for replication traffic. You can also test and verify these required rules through this [example NSG configuration](azure-to-azure-about-networking.md#example-nsg-configuration).
+For Azure VM replication, ensure that the NSG rules on the source Azure region allow [outbound connectivity](azure-to-azure-about-networking.md#outbound-connectivity-using-service-tags) for replication traffic. You can also test and verify these required rules through this [example NSG configuration](azure-to-azure-about-networking.md#example-nsg-configuration).
 
-Site Recovery does not create or replicate NSGs as part of the failover operation. We recommend creating the required NSGs on the target Azure region before initiating failover. You can then associate NSGs to failed over VMs automatically during failover, using automation scripts with Site Recovery’s powerful [recovery plans](site-recovery-create-recovery-plans.md).
+Site Recovery does not create or replicate NSGs as part of the failover operation. We recommend creating the required NSGs on the target Azure region before initiating failover. You can then associate NSGs to failed over VMs automatically during failover, using automation scripts with Site Recovery's powerful [recovery plans](site-recovery-create-recovery-plans.md).
 
 Considering the [example scenario](concepts-network-security-group-with-site-recovery.md#using-network-security-groups) described earlier:
--	Site Recovery can create replicas of **Contoso VNet** and **Contoso Subnet** on the target Azure region when replication is enabled for the VM.
--	You can create the desired replicas of **Subnet NSG** and **VM NSG** (named, for example, **Target Subnet NSG** and **Target VM NSG**, respectively) on the target Azure region, allowing for any additional rules required on the target region.
--	**Target Subnet NSG** can then be immediately associated with the target region subnet, as both the NSG and the subnet are already available.
--	**Target VM NSG** can be associated with VMs during failover using recovery plans.
+-    Site Recovery can create replicas of **Contoso VNet** and **Contoso Subnet** on the target Azure region when replication is enabled for the VM.
+-    You can create the desired replicas of **Subnet NSG** and **VM NSG** (named, for example, **Target Subnet NSG** and **Target VM NSG**, respectively) on the target Azure region, allowing for any additional rules required on the target region.
+-    **Target Subnet NSG** can then be immediately associated with the target region subnet, as both the NSG and the subnet are already available.
+-    **Target VM NSG** can be associated with VMs during failover using recovery plans.
 
 Once the NSGs are created and configured, we recommend running a [test failover](azure-to-azure-tutorial-dr-drill.md) to verify scripted NSG associations and post-failover VM connectivity.
 
 ## Next steps
--	Learn more about [Network Security Groups](../virtual-network/security-overview.md#network-security-groups).
--	Learn more about NSG [security rules](../virtual-network/security-overview.md#security-rules).
--	Learn more about [effective security rules](../virtual-network/diagnose-network-traffic-filter-problem.md) for an NSG.
--	Learn more about [recovery plans](site-recovery-create-recovery-plans.md) to automate application failover.
+-    Learn more about [Network Security Groups](../virtual-network/security-overview.md#network-security-groups).
+-    Learn more about NSG [security rules](../virtual-network/security-overview.md#security-rules).
+-    Learn more about [effective security rules](../virtual-network/diagnose-network-traffic-filter-problem.md) for an NSG.
+-    Learn more about [recovery plans](site-recovery-create-recovery-plans.md) to automate application failover.
diff --git a/articles/virtual-machines/extensions/dsc-overview.md b/articles/virtual-machines/extensions/dsc-overview.md
@@ -71,7 +71,7 @@ three values will need to be provided.
 - NodeConfigurationName - the name of the Node Configuration (MOF) to pull from the service to configure the server role
 
 This information can be seen in the
-[Azure portal](../../automation/automation-dsc-onboarding.md#azure-portal) or you can use PowerShell.
+[Azure portal](../../automation/automation-dsc-onboarding.md#onboard-a-vm-using-azure-portal) or you can use PowerShell.
 
 ```powershell
 (Get-AzAutomationRegistrationInfo -ResourceGroupName <resourcegroupname> -AutomationAccountName <accountname>).Endpoint
