Merge pull request #107777 from WilliamAntonRohm/azurecli-batch-two

American-Dipper · web-flow · commit e0dcabd0a56e · 2020-03-20T14:14:41.000-07:00
updating tags for azurecli and others
diff --git a/articles/sql-database/sql-database-always-encrypted-azure-key-vault.md b/articles/sql-database/sql-database-always-encrypted-azure-key-vault.md
@@ -77,7 +77,7 @@ Set-AzKeyVaultAccessPolicy  -VaultName $vaultName  -ResourceGroupName $resourceG
 
 # [Azure CLI](#tab/azure-cli)
 
-```powershell
+```azurecli
 $subscriptionName = '<subscriptionName>'
 $userPrincipalName = '<username@domain.com>'
 $applicationId = '<applicationId from AAD application>'
diff --git a/articles/sql-database/sql-database-implement-geo-distributed-database.md b/articles/sql-database/sql-database-implement-geo-distributed-database.md
@@ -89,7 +89,7 @@ Get-AzSqlDatabase -ResourceGroupName $resourceGroup -ServerName $server -Databas
 > [!IMPORTANT]
 > Run `az login` to sign in to Azure.
 
-```powershell
+```azurecli
 $admin = "<adminName>"
 $password = "<password>"
 $resourceGroup = "<resourceGroupName>"
diff --git a/articles/sql-database/sql-database-single-database-scale.md b/articles/sql-database/sql-database-single-database-scale.md
@@ -71,7 +71,7 @@ Next, click on the button labeled **Cancel this operation**.
 
 From a PowerShell command prompt, set the `$resourceGroupName`, `$serverName`, and `$databaseName`, and then run the following command:
 
-```powershell
+```azurecli
 $operationName = (az sql db op list --resource-group $resourceGroupName --server $serverName --database $databaseName --query "[?state=='InProgress'].name" --out tsv)
 if (-not [string]::IsNullOrEmpty($operationName)) {
     (az sql db op cancel --resource-group $resourceGroupName --server $serverName --database $databaseName --name $operationName)
diff --git a/articles/sql-database/transparent-data-encryption-byok-azure-sql-configure.md b/articles/sql-database/transparent-data-encryption-byok-azure-sql-configure.md
@@ -122,7 +122,7 @@ For specifics on Key Vault, see [Manage Key Vault using CLI 2.0](../key-vault/ke
 
 ## Assign an Azure AD identity to your server
 
-```powershell
+```azurecli
 # create server (with identity) and database
 az sql server create --name <servername> --resource-group <rgname>  --location <location> --admin-user <user> --admin-password <password> --assign-identity
 az sql db create --name <dbname> --server <servername> --resource-group <rgname>
@@ -133,7 +133,7 @@ az sql db create --name <dbname> --server <servername> --resource-group <rgname>
 
 ## Grant Key Vault permissions to your server
 
-```powershell
+```azurecli
 # create key vault, key and grant permission
 az keyvault create --name <kvname> --resource-group <rgname> --location <location> --enable-soft-delete true
 az keyvault key create --name <keyname> --vault-name <kvname> --protection software
@@ -145,7 +145,7 @@ az keyvault set-policy --name <kvname>  --object-id <objectid> --resource-group
 
 ## Add the Key Vault key to the server and set the TDE Protector
 
-```powershell
+```azurecli
 # add server key and update encryption protector
 az sql server key create --server <servername> --resource-group <rgname> --kid <keyID>
 az sql server tde-key set --server <servername> --server-key-type AzureKeyVault  --resource-group <rgname> --kid <keyID>
@@ -156,7 +156,7 @@ az sql server tde-key set --server <servername> --server-key-type AzureKeyVault
 
 ## Turn on TDE
 
-```powershell
+```azurecli
 # enable encryption
 az sql db tde set --database <dbname> --server <servername> --resource-group <rgname> --status Enabled
 ```
@@ -165,7 +165,7 @@ Now the database or data warehouse has TDE enabled with a customer-managed encry
 
 ## Check the encryption state and encryption activity
 
-```powershell
+```azurecli
 # get encryption scan progress
 az sql db tde list-activity --database <dbname> --server <servername> --resource-group <rgname>  
 
@@ -183,7 +183,7 @@ az sql db tde show --database <dbname> --server <servername> --resource-group <r
 
    ```powershell
    Set-AzSqlDatabaseTransparentDataEncryption -ServerName <LogicalServerName> -ResourceGroupName <SQLDatabaseResourceGroupName> `
-      -DatabaseName <DatabaseName> -State "Disabled”
+      -DatabaseName <DatabaseName> -State "Disabled"
    ```
 
 - Use the [Get-AzSqlServerKeyVaultKey](/powershell/module/az.sql/get-azsqlserverkeyvaultkey) cmdlet to return the list of Key Vault keys added to the server.
diff --git a/articles/sql-database/transparent-data-encryption-byok-azure-sql-key-rotation.md b/articles/sql-database/transparent-data-encryption-byok-azure-sql-key-rotation.md
@@ -14,7 +14,7 @@ ms.date: 03/12/2019
 ---
 # Rotate the Transparent Data Encryption (TDE) protector using PowerShell
 
-This article describes key rotation for an Azure SQL server using a TDE protector from Azure Key Vault. Rotating an Azure SQL server’s TDE protector means switching to a new asymmetric key that protects the databases on the server. Key rotation is an online operation and should only take a few seconds to complete, because this only decrypts and re-encrypts the database’s data encryption key, not the entire database.
+This article describes key rotation for an Azure SQL server using a TDE protector from Azure Key Vault. Rotating an Azure SQL server's TDE protector means switching to a new asymmetric key that protects the databases on the server. Key rotation is an online operation and should only take a few seconds to complete, because this only decrypts and re-encrypts the database's data encryption key, not the entire database.
 
 This guide discusses two options to rotate the TDE protector on the server.
 
@@ -70,7 +70,7 @@ Set-AzSqlServerTransparentDataEncryptionProtector -Type AzureKeyVault -KeyId <ke
 
 Use the [az keyvault key create](/cli/azure/keyvault/key#az-keyvault-key-create), [az sql server key create](/cli/azure/sql/server/key#az-sql-server-key-create), and [az sql server tde-key set](/cli/azure/sql/server/tde-key#az-sql-server-tde-key-set) commands.
 
-```azure-cli
+```azurecli
 # add a new key to Key Vault
 az keyvault key create --name <keyVaultKeyName> --vault-name <keyVaultName> --protection <hsmOrSoftware>
 
@@ -107,13 +107,13 @@ The following examples use [az sql server tde-key set](/powershell/module/az.sql
 
 - To switch the TDE protector from Microsoft-managed to BYOK mode,
 
-   ```azure-cli
+   ```azurecli
    az sql server tde-key set --server-key-type AzureKeyVault --kid <keyVaultKeyId> --resource-group <SQLDatabaseResourceGroupName> --server <logicalServerName>
    ```
 
 - To switch the TDE protector from BYOK mode to Microsoft-managed,
 
-   ```azure-cli
+   ```azurecli
    az sql server tde-key set --server-key-type ServiceManaged --resource-group <SQLDatabaseResourceGroupName> --server <logicalServerName>
    ```
 
diff --git a/articles/sql-database/transparent-data-encryption-byok-azure-sql-remove-tde-protector.md b/articles/sql-database/transparent-data-encryption-byok-azure-sql-remove-tde-protector.md
@@ -39,7 +39,7 @@ This how-to guide describes how to respond to a potentially compromised TDE prot
 
 The following procedures should only be done in extreme cases or in test environments. Review the how-to guide carefully, as deleting actively used TDE protectors from Azure Key Vault will result in **database unavailability**.
 
-If a key is ever suspected to be compromised, such that a service or user had unauthorized access to the key, it’s best to delete the key.
+If a key is ever suspected to be compromised, such that a service or user had unauthorized access to the key, it's best to delete the key.
 
 Keep in mind that once the TDE protector is deleted in Key Vault, in up to 10 minutes all encrypted databases will start denying all connections with the corresponding error message and change its state to [Inaccessible](https://docs.microsoft.com/azure/sql-database/transparent-data-encryption-byok-azure-sql#inaccessible-tde-protector).
 
@@ -81,7 +81,7 @@ This how-to guide goes over two approaches depending on the desired result after
 
 1. Create a [new key in Key Vault](/powershell/module/az.keyvault/add-azkeyvaultkey). Make sure this new key is created in a separate key vault from the potentially compromised TDE protector, since access control is provisioned on a vault level.
 
-2. Add the new key to the server using the [Add-AzSqlServerKeyVaultKey](/powershell/module/az.sql/add-azsqlserverkeyvaultkey) and [Set-AzSqlServerTransparentDataEncryptionProtector](/powershell/module/az.sql/set-azsqlservertransparentdataencryptionprotector) cmdlets and update it as the server’s new TDE protector.
+2. Add the new key to the server using the [Add-AzSqlServerKeyVaultKey](/powershell/module/az.sql/add-azsqlserverkeyvaultkey) and [Set-AzSqlServerTransparentDataEncryptionProtector](/powershell/module/az.sql/set-azsqlservertransparentdataencryptionprotector) cmdlets and update it as the server's new TDE protector.
 
    ```powershell
    # add the key from Key Vault to the server  
@@ -126,9 +126,9 @@ For command reference, see the [Azure CLI keyvault](/cli/azure/keyvault/key).
 
 1. Create a [new key in Key Vault](/cli/azure/keyvault/key#az-keyvault-key-create). Make sure this new key is created in a separate key vault from the potentially compromised TDE protector, since access control is provisioned on a vault level.
 
-2. Add the new key to the server and update it as the server’s new TDE protector.
+2. Add the new key to the server and update it as the server's new TDE protector.
 
-   ```powershell
+   ```azurecli
    # add the key from Key Vault to the server  
    az sql server key create --kid <KeyVaultKeyId> --resource-group <SQLDatabaseResourceGroupName> --server <LogicalServerName>
 
@@ -141,26 +141,26 @@ For command reference, see the [Azure CLI keyvault](/cli/azure/keyvault/key).
    > [!NOTE]
    > It may take a few minutes for the new TDE protector to propagate to all databases and secondary databases under the server.
 
-   ```powershell
+   ```azurecli
    az sql server tde-key show --resource-group <SQLDatabaseResourceGroupName> --server <LogicalServerName>
    ```
 
 4. Take a backup of the new key in Key Vault.
 
-   ```powershell
+   ```azurecli
    # --file parameter is optional; if removed, a file name is automatically generated.
    az keyvault key backup --file <DesiredBackupFilePath> --name <KeyVaultKeyName> --vault-name <KeyVaultName>
    ```
 
 5. Delete the compromised key from Key Vault.
 
-   ```powershell
+   ```azurecli
    az keyvault key delete --name <KeyVaultKeyName> --vault-name <KeyVaultName>
    ```
 
 6. To restore a key to Key Vault in the future.
 
-   ```powershell
+   ```azurecli
    az keyvault key restore --file <BackupFilePath> --vault-name <KeyVaultName>
    ```
 
diff --git a/articles/storage/common/storage-account-upgrade.md b/articles/storage/common/storage-account-upgrade.md
@@ -48,7 +48,7 @@ To upgrade a general-purpose v1 account to a general-purpose v2 account using Az
 
 Next, call the following command to upgrade the account, substituting your resource group name, storage account name, and desired account access tier.
 
-```cli
+```azurecli
 az storage account update -g <resource-group> -n <storage-account> --set kind=StorageV2 --access-tier=<Hot/Cool>
 ```
 
diff --git a/articles/storage/files/storage-files-how-to-create-large-file-share.md b/articles/storage/files/storage-files-how-to-create-large-file-share.md
@@ -74,7 +74,7 @@ First, [install the latest version of PowerShell](https://docs.microsoft.com/pow
 
 To create a storage account with large file shares enabled, use the following command. Replace `<yourStorageAccountName>`, `<yourResourceGroup>`, and `<yourDesiredRegion>` with your information.
 
-```PowerShell
+```powershell
 ## This command creates a large file share–enabled account. It will not support GZRS, GRS, or RA-GRS.
 New-AzStorageAccount -ResourceGroupName <yourResourceGroup> -Name <yourStorageAccountName> -Location <yourDesiredRegion> -SkuName Standard_LRS -EnableLargeFileShare;
 ```
@@ -108,7 +108,7 @@ az storage account update --name <yourStorageAccountName> -g <yourResourceGroup>
 
 To enable large file shares on your existing account, use the following command. Replace `<yourStorageAccountName>` and `<yourResourceGroup>` with your information.
 
-```PowerShell
+```powershell
 Set-AzStorageAccount -ResourceGroupName <yourResourceGroup> -Name <yourStorageAccountName> -EnableLargeFileShare
 ```
 
@@ -138,7 +138,7 @@ az storage share create --account-name <yourStorageAccountName> --account-key <y
 
 To create a large file share, use the following command. Replace `<YourStorageAccountName>`, `<YourStorageAccountKey>`, and `<YourStorageAccountFileShareName>` with your information.
 
-```PowerShell
+```powershell
 ##Config
 $storageAccountName = "<YourStorageAccountName>"
 $storageAccountKey = "<YourStorageAccountKey>"
@@ -171,7 +171,7 @@ az storage share update --account-name <yourStorageAccountName> --account-key <y
 
 To set the quota to the maximum size, use the following command. Replace `<YourStorageAccountName>`, `<YourStorageAccountKey>`, and `<YourStorageAccountFileShareName>` with your information.
 
-```PowerShell
+```powershell
 ##Config
 $storageAccountName = "<YourStorageAccountName>"
 $storageAccountKey = "<YourStorageAccountKey>"
diff --git a/articles/storage/files/storage-how-to-use-files-linux.md b/articles/storage/files/storage-how-to-use-files-linux.md
@@ -221,7 +221,7 @@ sudo modinfo -p cifs | grep disable_legacy_dialects
 
 This command should output the following message:
 
-```Output
+```output
 disable_legacy_dialects: To improve security it may be helpful to restrict the ability to override the default dialects (SMB2.1, SMB3 and SMB3.02) on mount with old dialects (CIFS/SMB1 and SMB2) since vers=1.0 (CIFS/SMB1) and vers=2.0 are weaker and less secure. Default: n/N/0 (bool)
 ```
 
