Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into instantRestore

Author: roygara

articles/aks/TOC.yml

@@ -202,8 +202,6 @@
           href: ../migrate/tutorial-app-containerization-aspnet-kubernetes.md?toc=/azure/aks/toc.json&bc=/azure/aks/breadcrumb/toc.json
     - name: Clusters
       items:
-        - name: Create a cluster
-          href: create-cluster.md
         - name: Deploy a cluster in an Edge Zone
           href: edge-zones.md
         - name: Cluster configuration options

articles/aks/breadcrumb/TOC.yml

@@ -40,4 +40,16 @@
     topicHref: /azure/aks/index
   - name: Azure Kubernetes Service
     tocHref: /azure/storage/
+    topicHref: /azure/aks/index
+  - name: Azure Kubernetes Service
+    tocHref: /azure/architecture/
+    topicHref: /azure/aks/index
+  - name: Azure Kubernetes Service
+    tocHref: /azure/backup/
+    topicHref: /azure/aks/index
+  - name: Azure Kubernetes Service
+    tocHref: /azure/security/
+    topicHref: /azure/aks/index
+  - name: Azure Kubernetes Service
+    tocHref: /compliance/regulatory/
     topicHref: /azure/aks/index

articles/firewall/media/snat-private-range/add-route-server.png

@@ -177,9 +177,9 @@ You can use the Azure portal to specify private IP address ranges for the firewa
 
 ## Auto-learn SNAT routes (preview)
 
-You can configure Azure Firewall to auto-learn both registered and private ranges every 30 minutes. These learned address ranges are considered to be internal to the network and hence traffic to destinations in the learned ranges aren't SNATed. Configure auto-learn SNAT ranges requires Azure Route Server to be deployed in the same VNet as the Azure Firewall. The Firewall must be associated with the Azure Route Server and configured to auto-learn SNAT ranges in the Azure Firewall Policy. You can currently use JSON, Azure PowerShell, or the Azure portal to configure auto-learn SNAT routes.
+You can configure Azure Firewall to auto-learn both registered and private ranges every 30 minutes. These learned address ranges are considered to be internal to the network, so traffic to destinations in the learned ranges aren't SNATed. Auto-learn SNAT ranges requires Azure Route Server to be deployed in the same VNet as the Azure Firewall. The firewall must be associated with the Azure Route Server and configured to auto-learn SNAT ranges in the Azure Firewall Policy. You can currently use an ARM template, Azure PowerShell, or the Azure portal to configure auto-learn SNAT routes.
 
-### Configure using JSON
+### Configure using an ARM template
 
 You can use the following JSON to configure auto-learn. Azure Firewall must be associated with an Azure Route Server.
 
@@ -284,14 +284,15 @@ Use the following JSON to associate an Azure Route Server:
 
 You can use the portal to associate a Route Server with Azure Firewall to configure auto-learn SNAT routes (preview).
 
-1. Select your resource group, and then select your firewall. 
-2.	Select **Overview**.
-3.	Add a Route Server.
+Use the portal to complete the following tasks:
 
-Review learned routes:
-
-1. Select your resource group, and then select your firewall.
-2.	Select **Learned SNAT IP Prefixes (preview)** in the **Settings** column.
+- Add a subnet named **RouteServerSubnet** to your existing firewall VNet. The size of the subnet should be at least /27.
+- Deploy a Route Server into the existing firewall VNet. For information about Azure Route Server, see [Quickstart: Create and configure Route Server using the Azure portal](../route-server/quickstart-configure-route-server-portal.md).
+- Modify your firewall policy to enable **Auto-learn IP prefixes (preview)** in the **Private IP ranges (SNAT)** section.
+   :::image type="content" source="media/snat-private-range/auto-learn.png" alt-text="Screenshot showing firewall policy Private IP ranges (SNAT) settings." lightbox="media/snat-private-range/auto-learn.png":::
+- Add the route server on the firewall **Learned SNAT IP Prefixes (preview)** page.
+   :::image type="content" source="media/snat-private-range/add-route-server.png" alt-text="Screenshot showing firewall add a route server." lightbox="media/snat-private-range/add-route-server.png":::
+- You can see the learned routes on the **Learned SNAT IP Prefixes (preview)** page.
 
 
 ## Next steps