Merge pull request #235100 from KarlErickson/doc_04_issue_17595276

edit "Validate the service connector result #234630"

Author: Jill Grant

articles/spring-apps/connect-managed-identity-to-azure-sql.md

@@ -1,6 +1,6 @@
 ---
-title:  Use Managed identity to connect Azure SQL to Azure Spring Apps app
-description: Set up managed identity to connect Azure SQL to an Azure Spring Apps app.
+title:  Use Managed identity to connect Azure SQL Database to an app deployed to Azure Spring Apps
+description: Set up managed identity to connect Azure SQL to an app deployed to Azure Spring Apps.
 author: karlerickson
 ms.author: karler
 ms.service: spring-apps
@@ -9,27 +9,29 @@ ms.date: 09/26/2022
 ms.custom: devx-track-java, event-tier1-build-2022, passwordless-java, service-connector
 ---
 
-# Use a managed identity to connect Azure SQL Database to an Azure Spring Apps app
+# Use a managed identity to connect Azure SQL Database to an app deployed to Azure Spring Apps
 
 > [!NOTE]
 > Azure Spring Apps is the new name for the Azure Spring Cloud service. Although the service has a new name, you'll see the old name in some places for a while as we work to update assets such as screenshots, videos, and diagrams.
 
 **This article applies to:** ✔️ Java ❌ C#
 
-**This article applies to:** ✔️ Basic/Standard tier ✔️ Enterprise tier
+**This article applies to:** ✔️ Basic/Standard ✔️ Enterprise
 
-This article shows you how to create a managed identity for an Azure Spring Apps app and use it to access Azure SQL Database.
+This article shows you how to create a managed identity for an app deployed to Azure Spring Apps and use it to access Azure SQL Database.
 
 [Azure SQL Database](https://azure.microsoft.com/services/sql-database/) is the intelligent, scalable, relational database service built for the cloud. It’s always up to date, with AI-powered and automated features that optimize performance and durability. Serverless compute and Hyperscale storage options automatically scale resources on demand, so you can focus on building new applications without worrying about storage size or resource management.
 
 ## Prerequisites
 
-* Follow the [Spring Data JPA tutorial](/azure/developer/java/spring-framework/configure-spring-data-jpa-with-azure-sql-server) to provision an Azure SQL Database and get it work with a Java app locally
-* Follow the [Azure Spring Apps system-assigned managed identity tutorial](./how-to-enable-system-assigned-managed-identity.md) to provision an Azure Spring Apps app with MI enabled
+* An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+* [Azure CLI](/cli/azure/install-azure-cli) version 2.45.0 or higher.
+* Follow the [Spring Data JPA tutorial](/azure/developer/java/spring-framework/configure-spring-data-jpa-with-azure-sql-server) to provision an Azure SQL Database and get it work with a Java app locally.
+* Follow the [Azure Spring Apps system-assigned managed identity tutorial](./how-to-enable-system-assigned-managed-identity.md) to provision an app in Azure Spring Apps with managed identity enabled.
 
 ## Connect to Azure SQL Database with a managed identity
 
-You can connect your application deployed to Azure Spring Apps to an Azure SQL Database with a managed identity by following manual steps or using [Service Connector](../service-connector/overview.md).
+You can connect your application to an Azure SQL Database with a managed identity by following manual steps or using [Service Connector](../service-connector/overview.md).
 
 ### [Manual configuration](#tab/manual)
 
@@ -38,14 +40,14 @@ You can connect your application deployed to Azure Spring Apps to an Azure SQL D
 Connect to your SQL server and run the following SQL query:
 
 ```sql
-CREATE USER [<MIName>] FROM EXTERNAL PROVIDER;
-ALTER ROLE db_datareader ADD MEMBER [<MIName>];
-ALTER ROLE db_datawriter ADD MEMBER [<MIName>];
-ALTER ROLE db_ddladmin ADD MEMBER [<MIName>];
+CREATE USER [<managed-identity-name>] FROM EXTERNAL PROVIDER;
+ALTER ROLE db_datareader ADD MEMBER [<managed-identity-name>];
+ALTER ROLE db_datawriter ADD MEMBER [<managed-identity-name>];
+ALTER ROLE db_ddladmin ADD MEMBER [<managed-identity-name>];
 GO
 ```
 
-The value of the `<MIName>` placeholder follows the rule `<service-instance-name>/apps/<app-name>`; for example: `myspringcloud/apps/sqldemo`. You can also query the MIName with Azure CLI:
+The value of the `<managed-identity-name>` placeholder follows the rule `<service-instance-name>/apps/<app-name>`; for example: `myspringcloud/apps/sqldemo`. You can also use the following command to query the managed identity name with Azure CLI:
 
 ```azurecli
 az ad sp show --id <identity-object-ID> --query displayName
@@ -61,18 +63,15 @@ spring.datasource.url=jdbc:sqlserver://$AZ_DATABASE_NAME.database.windows.net:14
 
 #### [Service Connector](#tab/service-connector)
 
-Configure your app deployed to Azure Spring to connect to an SQL Database with a system-assigned managed identity using the `az spring connection create` command, as shown in the following example.
+Configure your app deployed to Azure Spring Apps to connect to an Azure SQL Database with a system-assigned managed identity using the `az spring connection create` command, as shown in the following example.
 
-> [!NOTE]
-> These commands require [Azure CLI](/cli/azure/install-azure-cli) version 2.45.0 or higher.
-
-1. Install the Service Connector passwordless extension for the Azure CLI.
+1. Use the following command to install the Service Connector passwordless extension for the Azure CLI:
 
    ```azurecli
    az extension add --name serviceconnector-passwordless --upgrade
    ```
 
-1. Run the `az spring connection create` command, as shown in the following example.
+1. Use the following command to connect to the database:
 
    ```azurecli
    az spring connection create sql \
@@ -86,11 +85,28 @@ Configure your app deployed to Azure Spring to connect to an SQL Database with a
        --system-identity
    ```
 
+1. Use the following command to check the creation result:
+
+   ```azurecli
+   CONNECTION_NAME=$(az spring connection list \
+      --resource-group $SPRING_APP_RESOURCE_GROUP \
+      --service $SPRING_APP_SERVICE_NAME \
+      --app $APP_NAME  \
+      --query '[0].name' \
+      --output tsv)
+   
+   az spring connection list-configuration \
+      --resource-group $SPRING_APP_RESOURCE_GROUP \
+      --service $SPRING_APP_SERVICE_NAME \
+      --app $APP_NAME  \
+      --connection $CONNECTION_NAME 
+   ```
+
 ---
 
 ## Build and deploy the app to Azure Spring Apps
 
-Rebuild the app and deploy it to the Azure Spring Apps provisioned in the second bullet point under Prerequisites. Now you have a Spring Boot application, authenticated by a managed identity, that uses JPA to store and retrieve data from an Azure SQL Database in Azure Spring Apps.
+Rebuild the app and deploy it to the Azure Spring Apps provisioned in the second bullet point under Prerequisites. You now have a Spring Boot application authenticated by a managed identity that uses JPA to store and retrieve data from an Azure SQL Database in Azure Spring Apps.
 
 ## Next steps
 

articles/spring-apps/how-to-bind-cosmos.md

@@ -16,7 +16,7 @@ ms.custom: devx-track-java, event-tier1-build-2022, ignite-2022, service-connect
 
 **This article applies to:** ✔️ Java ❌ C#
 
-**This article applies to:** ✔️ Basic/Standard tier ✔️ Enterprise tier
+**This article applies to:** ✔️ Basic/Standard ✔️ Enterprise
 
 Instead of manually configuring your Spring Boot applications, you can automatically bind select Azure services to your applications by using Azure Spring Apps. This article demonstrates how to bind your application to an Azure Cosmos DB database.
 
@@ -76,46 +76,50 @@ If you don't have a deployed Azure Spring Apps instance, follow the steps in the
 
 ### [Service Connector](#tab/Service-Connector)
 
-1. Use the Azure CLI to configure your Spring app to connect to a Cosmos SQL Database with a system-assigned managed identity by using the `az spring connection create` command, as shown in the following example.
+#### Use the Azure CLI
 
-   > [!NOTE]
-   > Updating Azure Cosmos DB database settings can take a few minutes to complete.
-
-   ```azurecli
-   az spring connection create cosmos-sql \
-       --resource-group $AZURE_SPRING_APPS_RESOURCE_GROUP \
-       --service $AZURE_SPRING_APPS_SERVICE_INSTANCE_NAME \
-       --app $APP_NAME \
-       --deployment $DEPLOYMENT_NAME \
-       --target-resource-group $COSMOSDB_RESOURCE_GROUP \
-       --account $COSMOSDB_ACCOUNT_NAME \
-       --database $DATABASE_NAME \
-       --system-assigned-identity
-   ```
+Use the following command to configure your Spring app to connect to a Cosmos SQL Database with a system-assigned managed identity:
 
-   > [!NOTE]
-   > If you're using [Service Connector](../service-connector/overview.md) for the first time, start by running the command `az provider register --namespace Microsoft.ServiceLinker` to register the Service Connector resource provider.
-   >
-   > If you're using Cosmos Cassandra, use a `--key_space` instead of `--database`.
+> [!NOTE]
+> Updating Azure Cosmos DB database settings can take a few minutes to complete.
+
+```azurecli
+az spring connection create cosmos-sql \
+    --resource-group $AZURE_SPRING_APPS_RESOURCE_GROUP \
+    --service $AZURE_SPRING_APPS_SERVICE_INSTANCE_NAME \
+    --app $APP_NAME \
+    --deployment $DEPLOYMENT_NAME \
+    --target-resource-group $COSMOSDB_RESOURCE_GROUP \
+    --account $COSMOSDB_ACCOUNT_NAME \
+    --database $DATABASE_NAME \
+    --system-assigned-identity
+```
+
+> [!NOTE]
+> If you're using [Service Connector](../service-connector/overview.md) for the first time, start by running the command `az provider register --namespace Microsoft.ServiceLinker` to register the Service Connector resource provider.
+>
+> If you're using Cosmos Cassandra, use a `--key_space` instead of `--database`.
+
+> [!TIP]
+> Run the command `az spring connection list-support-types --output table` to get a list of supported target services and authentication methods for Azure Spring Apps. If the `az spring` command isn't recognized by the system, check that you have installed the required extension by running `az extension add --name spring`.
 
-   > [!TIP]
-   > Run the command `az spring connection list-support-types --output table` to get a list of supported target services and authentication methods for Azure Spring Apps. If the `az spring` command isn't recognized by the system, check that you have installed the required extension by running `az extension add --name spring`.
+#### Use the Azure portal
 
-1. Alternately, you can use the Azure portal to configure this connection by completing the following steps. The Azure portal provides the same capabilities as the Azure CLI and provides an interactive experience.
+Alternately, you can use the Azure portal to configure this connection by completing the following steps. The Azure portal provides the same capabilities as the Azure CLI and provides an interactive experience.
 
-   1. Select your Azure Spring Apps instance in the Azure portal and select **Apps** from the navigation menu. Choose the app you want to connect and select **Service Connector** on the navigation menu.
+1. Select your Azure Spring Apps instance in the Azure portal and select **Apps** from the navigation menu. Choose the app you want to connect and select **Service Connector** on the navigation menu.
 
-   1. Select **Create**.
+1. Select **Create**.
 
-   1. On the **Basics** tab, for service type, select Cosmos DB, then choose a subscription. For API type, select Core (SQL), choose a Cosmos DB account, and a database. For client type, select Java, then select **Next: Authentication**. If you haven't created your database yet, see [Quickstart: Create an Azure Cosmos DB account, database, container, and items from the Azure portal](../cosmos-db/nosql/quickstart-portal.md).
+1. On the **Basics** tab, for service type, select Cosmos DB, then choose a subscription. For API type, select Core (SQL), choose a Cosmos DB account, and a database. For client type, select Java, then select **Next: Authentication**. If you haven't created your database yet, see [Quickstart: Create an Azure Cosmos DB account, database, container, and items from the Azure portal](../cosmos-db/nosql/quickstart-portal.md).
 
-   1. On the **Authentication** tab, choose **Connection string**. Service Connector automatically retrieves the access key from your Cosmos DB account. Select **Next: Networking**.
+1. On the **Authentication** tab, choose **Connection string**. Service Connector automatically retrieves the access key from your Cosmos DB account. Select **Next: Networking**.
 
-   1. On the **Networking** tab, select **Configure firewall rules to enable access to target service**, then select **Next: Review + Create**.
+1. On the **Networking** tab, select **Configure firewall rules to enable access to target service**, then select **Next: Review + Create**.
 
-   1. On the **Review + Create** tab, wait for the validation to pass and then select **Create**. The creation can take a few minutes to complete.
+1. On the **Review + Create** tab, wait for the validation to pass and then select **Create**. The creation can take a few minutes to complete.
 
-   1. Once the connection between your Spring apps and your Cosmos DB database has been generated, you can see it in the Service Connector page and select the unfold button to view the configured connection variables.
+1. Once the connection between your Spring apps and your Cosmos DB database has been generated, you can see it in the Service Connector page and select the unfold button to view the configured connection variables.
 
 ### [Service Binding](#tab/Service-Binding)
 
@@ -152,7 +156,7 @@ Azure Cosmos DB has five different API types that support binding. The following
 
 ### [Terraform](#tab/Terraform)
 
-The following Terraform script shows how to set up an Azure Spring Apps app with an Azure Cosmos DB account.
+The following Terraform script shows how to set up an app deployed to Azure Spring Apps with an Azure Cosmos DB account.
 
 ```terraform
 provider "azurerm" {