review-1

Author: v-thpra

learn-pr/azure/plan-deploy-azure-arc-enabled-servers/2-what-is-azure-arc-enabled-servers.yml

@@ -1,15 +1,15 @@
-### YamlMime:ModuleUnit
-uid: learn.azure.plan-deploy-azure-arc-enabled-servers.what-is-azure-arc-enabled-servers
-title: What is Azure Arc-enabled servers and its capabilities? 
-metadata:
-  title: What is Azure Arc-enabled servers and its capabilities? 
-  description: Overview of Azure Arc-enabled servers and the basic architecture of the Connected Machine agent
-  ms.date: 03/22/2023
-  author: aurnovcy
-  ms.author: aurnovc
-  ms.topic: unit
-azureSandbox: false
-durationInMinutes: 5
-content: |
-  [!include[](includes/2-what-is-azure-arc-enabled-servers.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.azure.plan-deploy-azure-arc-enabled-servers.what-is-azure-arc-enabled-servers
+title: What is Azure Arc-enabled servers and its capabilities? 
+metadata:
+  title: What is Azure Arc-enabled servers and its capabilities? 
+  description: Overview of Azure Arc-enabled servers and the basic architecture of the Connected Machine agent.
+  ms.date: 03/22/2023
+  author: aurnovcy
+  ms.author: aurnovc
+  ms.topic: unit
+azureSandbox: false
+durationInMinutes: 5
+content: |
+  [!include[](includes/2-what-is-azure-arc-enabled-servers.md)]
+

learn-pr/azure/plan-deploy-azure-arc-enabled-servers/3-test-azure-arc-enabled-server-capabilities.yml

@@ -1,15 +1,15 @@
-### YamlMime:ModuleUnit
-uid: learn.azure.plan-deploy-azure-arc-enabled-servers.test-azure-arc-enabled-server-capabilities
-title: Test Azure Arc-enabled servers capabilities using Azure VMs
-metadata:
-  title: Test Azure Arc-enabled servers capabilities using Azure VMs
-  description: Walkthrough of how to prepare and onboard a Windows VM on Azure to Azure Arc-enabled servers.
-  ms.date: 03/22/2023
-  author: aurnovcy
-  ms.author: aurnovc
-  ms.topic: unit
-azureSandbox: false
-durationInMinutes: 10
-content: |
-  [!include[](includes/3-test-azure-arc-enabled-server-capabilities.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.azure.plan-deploy-azure-arc-enabled-servers.test-azure-arc-enabled-server-capabilities
+title: Test Azure Arc-enabled servers capabilities using Azure VMs
+metadata:
+  title: Test Azure Arc-enabled servers capabilities using Azure VMs
+  description: Walkthrough of how to prepare and onboard a Windows virtual machine (VM) on Azure to Azure Arc-enabled servers.
+  ms.date: 03/22/2023
+  author: aurnovcy
+  ms.author: aurnovc
+  ms.topic: unit
+azureSandbox: false
+durationInMinutes: 10
+content: |
+  [!include[](includes/3-test-azure-arc-enabled-server-capabilities.md)]
+

learn-pr/azure/plan-deploy-azure-arc-enabled-servers/includes/1-introduction.md

@@ -1,10 +1,10 @@
-Azure Arc promises to bridge the gap between on-premises and cloud environments by providing consistent operational approach, agility, automation, and hyperscale of the Azure platform and its services. In this module, you learn about planning and securely deploying Arc-enabled servers at scale to realize Azure Arc's capabilities.
+Azure Arc promises to bridge the gap between on-premises and cloud environments by providing a consistent operational approach, agility, automation, and hyperscale of the Azure platform and its services. In this module, you learn about planning and securely deploying Arc-enabled servers at scale to realize Azure Arc's capabilities.
 
 Suppose you're an IT administrator at Wide World Importers, a leading import-export business specializing in trans-Atlantic routes. The company is organized around six regional offices based in key port cities. While you work at Headquarters, each regional office has its own IT infrastructure, running unique inventory and logistics software. While some regional offices rely on Azure, others have their own on-premises datacenter and resources in other public clouds.  
 
-Wide World Importers is expanding to two new regional offices, each of which will develop its own IT infrastructure. Furthermore, one of Wide World Importer's on-premises datacenters was targeted by a cyberattack, creating a logistical bottleneck with negative revenue impacts. Worldwide Importers faces increasing operational overhead and security vulnerabilities with a fragile IT infrastructure distributed across on-premises and multicloud environments, and the company is under pressure to ensure improved management of its servers.
+Wide World Importers is expanding to two new regional offices, each of which is developing its own IT infrastructure. Furthermore, a cyberattack recently targeted one of Wide World Importer's on-premises datacenters, creating a logistical bottleneck with negative revenue impacts. Worldwide Importers faces increasing operational overhead and security vulnerabilities. It has a fragile IT infrastructure distributed across on-premises and multicloud environments, and the company is under pressure to ensure improved management of its servers.
 
-Azure Arc-enabled servers offers Wide World Imports with unified security, governance, and insights across their digital estate. As Wide World Imports is ready to use Azure Arc-enabled servers, you're tasked with the testing, planning, and deployment of the service. You're responsible for securely onboarding thousands of machines to Azure Arc.
+Wide World Importers decides that Azure Arc-enabled servers can offer them unified security, governance, and insights across their digital estate. As Wide World Importers is ready to use Azure Arc-enabled servers, you're tasked with the testing, planning, and deployment of the service. You're responsible for securely onboarding thousands of machines to Azure Arc.
 
 ## Learning objectives
 
@@ -16,8 +16,8 @@ After completing this module, you'll be able to:
 
 ## Prerequisites
 
-For the best learning experience from this module, you should have knowledge of, and experience with, the following:
+For the best learning experience from this module, you should have knowledge of, and experience with, the following subjects:
 
-- Basic characteristics of Azure services and Azure Arc
-- Core compute, storage, networking, and virtualization technologies
-- Basic Windows Server and Linux administration tasks
+- The basic characteristics of Azure services and Azure Arc.
+- Core compute resources, storage, networking, and virtualization technologies.
+- Basic Windows Server and Linux administration tasks.

learn-pr/azure/plan-deploy-azure-arc-enabled-servers/includes/2-what-is-azure-arc-enabled-servers.md

@@ -1,6 +1,6 @@
 Using Microsoft Defender for Cloud to improve security posture across one's entire digital estate—Microsoft Sentinel for vulnerability and threat intelligence in other clouds, and Azure Monitor to monitor on-premises services—Azure Arc-enabled servers offers customers immense value that is delivered through a simple architecture. 
 
-As Wide World Importers has prioritized its deployment of Azure Arc-enabled servers, you want to first understand how Azure Arc can extend Azure's management plane to servers outside Azure and learn about what capabilities Azure Arc-enabled servers could deliver for the firm.  
+Wide World Importers has prioritized its deployment of Azure Arc-enabled servers. You want to first understand how Azure Arc can extend Azure's management plane to servers outside Azure and learn about what capabilities Azure Arc-enabled servers could deliver for the firm.  
 
 ## Overview of the Connected Machine agent  
 
@@ -10,33 +10,33 @@ Azure Arc relies on a locally installed agent to establish a logical connection
 
 - The guest configuration agent provides functionality like assessing whether the machine complies with required policies and enforcing compliance.
 
-- The Extension agent manages VM extensions, including install, uninstall, and upgrade.
+- The Extension agent manages virtual machine (VM) extensions, including install, uninstall, and upgrade.
 
-By establishing a connection between Azure and a local resource, the Azure Connected Machine Agent effectively "arc-enables" the resource. Consequently, the non-Azure resource automatically becomes a hybrid Azure resource as part of the Azure Resource Manager plane. Azure Resource Manager serves as the management interface that allows you to create, modify, and delete Azure resources.
+When the Azure Connected Machine Agent establishes a connection between Azure and a local resource, it effectively "arc-enables" the resource. The non-Azure resource automatically becomes a hybrid Azure resource as part of the Azure Resource Manager plane. Azure Resource Manager serves as the management interface that allows you to create, modify, and delete Azure resources.
 
 [![Illustration showing the Connected Machine agent architecture. The Connected Machine agent includes HIMDS, the guest configuration agent, and the Extension agent.](../media/2-connected-machine-agent-architecture.png)](../media/2-connected-machine-agent-architecture-large.png#ligntbox)
 
 ## Capabilities of Azure Arc-enabled servers
 
-Azure Arc-enabled servers can leverage a breadth of capabilities, so you can bring Azure services to your machines anywhere: across on-premises, multicloud, and edge environments. These capabilities serve diverse use cases across security, observability, and governance needs.
+Azure Arc-enabled servers can make use of a breadth of capabilities, so you can bring Azure services to your machines anywhere: across on-premises, multicloud, and edge environments. These capabilities serve diverse use cases across security, observability, and governance needs.
 
 | Service | Description |
 |---|---|
 | **Azure Resource** | Azure Arc-enabled servers benefit from Azure's robust resource management functions, including:<ul><li>The ability to organize all organizational resources by using Azure management groups, subscriptions, resource groups, and tags.</li><li>A single, comprehensive inventory of organizational assets across multiclouds and on-premises, including support for searching and indexing by using Azure Resource Graph.</li><li>A consolidated view of Azure and Azure Arc-enabled resources via the Azure portal, Azure Command Line Interface (CLI), Azure PowerShell, and Representational State Transfer (REST) Application Programming Interface (API).</li></ul> |
 | **Microsoft Defender for Cloud** | Microsoft Defender for Cloud enables customers to protect non-Azure servers with Microsoft Defender for Endpoint (included through Microsoft Defender for Cloud) for threat detection, for vulnerability management, and to proactively monitor for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected, and consolidates security posture with a high-level security score. |
 | **Microsoft Sentinel** | You can configure machines connected to Arc-enabled servers with Microsoft Sentinel to collect security-related events and correlate them with other data sources. |
-| **Azure Monitor** | Monitor the connected machine guest operating system performance and discover application components to monitor their processes and dependencies with other resources using VM insights. Collect other log data, such as performance data and events, from the operating system or workload(s) running on the machine with the Log Analytics agent. |
+| **Azure Monitor** | Monitor the connected machine guest operating system performance and discover application components to monitor their processes and dependencies with other resources using VM insights. Use the Log Analytics agent to collect other log data, such as performance data and events, from the operating system or workloads running on the machine. |
 | **Azure Policy** | Azure Policy enables customers to manage and evaluate their Arc-enabled servers' internal and regulatory compliance. Users can define, assign, and remediate based on Azure Policy guest configurations to audit settings inside the machine like their time zone or security vulnerabilities. |
-| **Azure Automation** | Automate frequent and time-consuming management tasks using PowerShell and Python runbooks. Assess configuration changes about installed software, Microsoft services, Windows registry and files, and Linux daemons using Change Tracking and Inventory. Use Update Management to manage operating system updates for your Windows and Linux servers. |
+| **Azure Automation** | Automate frequent and time-consuming management tasks using PowerShell and Python runbooks. Assess configuration changes about installed software, Microsoft services, Windows registry and files, and Linux daemons using Change Tracking and Inventory. Use Update Management to manage updates to the operating system for your Windows and Linux servers. |
 | **Azure Automanage** | Automate onboarding and configuration of a set of Azure services when you use Automanage Machine for Azure Arc-enabled servers. |
 
-Azure Arc-enabled servers can leverage Azure VM extensions. Azure VM extensions are lightweight software components that automate post-operating system deployment configuration and automation tasks. Traditionally, Azure VM extensions were available only on Azure VMs, but it's now possible to use selected ones on Azure Arc-enabled servers.
+Azure Arc-enabled servers can use Azure VM extensions. Azure VM extensions are lightweight software components that automate post-operating system deployment configuration and automation tasks. Traditionally, Azure VM extensions were available only on Azure VMs, but it's now possible to use selected ones on Azure Arc-enabled servers.
 
 | Extension | Description |
 |---|---|
-| Custom Script Extension | Executes a script on the target Azure Arc-enabled server |
-| Desired State Configuration | Applies a PowerShell DSC configuration on the target Azure Arc-enabled server |
-| Log Analytics agent | Installs the Log Analytics agent on the target Azure Arc-enabled server and configures it for log forwarding to a Log Analytics workspace |
-| Dependency agent | Installs the Dependency agent on the target Azure Arc-enabled server to facilitate identifying internal and external dependencies of server workloads |
-| Azure Key Vault agent | Synchronizes certificates from an Azure Key Vault instance to the Arc enabled server |
-| Qualys extension | Microsoft Defender for servers' vulnerability-assessment scanning solution |
+| Custom Script Extension | Executes a script on the target Azure Arc-enabled server. |
+| Desired State Configuration (DSC) | Applies a PowerShell DSC on the target Azure Arc-enabled server. |
+| Log Analytics agent | Installs the Log Analytics agent on the target Azure Arc-enabled server and configures it for log forwarding to a Log Analytics workspace. |
+| Dependency agent | Installs the Dependency agent on the target Azure Arc-enabled server to facilitate identifying internal and external dependencies of server workloads. |
+| Azure Key Vault agent | Synchronizes certificates from an Azure Key Vault instance to the Arc enabled server. |
+| Qualys extension | Microsoft Defender for servers' vulnerability-assessment scanning solution. |

learn-pr/azure/plan-deploy-azure-arc-enabled-servers/includes/3-test-azure-arc-enabled-server-capabilities.md

@@ -1,24 +1,20 @@
-> [!CAUTION]
-> This article references CentOS, a Linux distribution that is End Of Life (EOL) status. Please consider your use and plan accordingly. For more information, see the [CentOS End Of Life guidance](/azure/virtual-machines/workloads/centos/centos-end-of-life).
-
 As you prepare to deploy across Wide World Importers' thousands of machines, you're first interested in testing Azure Arc-enabled servers and its capabilities. While you can't install Azure Arc-enabled servers on an Azure virtual machine (VM) for production scenarios, it's possible to configure Azure Arc-enabled servers to run on an Azure VM for evaluation and testing purposes only. In this unit, we showcase how Azure VMs can be used to test Azure Arc-enabled servers functionality.
 
 ## Hypothetical environment description
 
-For this discussion, we'll assume that you already have a Windows Server Azure VM. The version of Windows Server deployed in Azure should be Windows Server 2008 R2 SP1 and later versions (including Server Core).
+For this discussion, we assume that you already have a Windows Server Azure VM. The version of Windows Server deployed in Azure should be Windows Server 2012 and later versions (including Server Core).
 
 That being said, Azure Arc-enabled servers also supports the following Linux distributions:
 
-- Ubuntu 16.04, 18.04, and 20.04 LTS (x64)
-- CentOS Linux 7 and 8 (x64)
-- SUSE Linux Enterprise Server (SLES) 12 and 15 (x64)
-- Red Hat Enterprise Linux (RHEL) 7 and 8 (x64)
-- Amazon Linux 2 (x64)
-- Oracle Linux 7
+- Ubuntu 18.04 (limited support), 20.04, 22.04, and 24.04
+- SUSE Linux Enterprise Server (SLES) 12 (limited support) and 15 (x64)
+- Red Hat Enterprise Linux (RHEL) 7, 8 and 9 (x64)
+- Amazon Linux 2, and 2023 (x64)
+- Oracle Linux 7, 8, and 9 (x64)
 
 ## Prepare an Azure VM for Azure Arc-enabled servers
 
-Because your Azure VM is already registered and managed as an Azure resource, it's necessary to reconfigure the VM. Reconfiguring the VM involves removing extensions, disabling the Azure VM guest agent, and blocking Azure IMDS access. After you've made these three changes, your Azure VM behaves like any machine or server outside of Azure. This reconfigured Azure VM offers a starting point to install and evaluate Azure Arc-enabled servers.
+Because your Azure VM is already registered and managed as an Azure resource, it's necessary to reconfigure the VM. Reconfiguring the VM involves removing extensions, disabling the Azure VM guest agent, and blocking Azure IMDS access. After you make these three changes, your Azure VM behaves like any machine or server outside of Azure. This reconfigured Azure VM offers a starting point to install and evaluate Azure Arc-enabled servers.
 
 1. Remove any VM extensions on the Azure VM.
 
@@ -30,7 +26,7 @@ Because your Azure VM is already registered and managed as an Azure resource, it
 
 1. Disable the Azure VM Guest Agent.
 
-    To disable the Azure VM Guest Agent, you'll need to connect to your VM using Remote Desktop Connection (Windows) or SSH (Linux).
+    To disable the Azure VM Guest Agent, you need to connect to your VM using Remote Desktop Connection (Windows) or SSH (Linux).
 
     When you're connected to a Windows machine, run the following PowerShell commands to disable the guest agent:
 
@@ -51,7 +47,7 @@ Because your Azure VM is already registered and managed as an Azure resource, it
 
 ## Reconfigure the Azure VM
 
-The Azure portal has a wizard that will automate the script to automate the download, installation, and connection with Azure Arc. To generate a custom script for your environment, perform the following steps:
+The Azure portal has a wizard that automates the script to automate the download, installation, and connection with Azure Arc. To generate a custom script for your environment, perform the following steps:
 
 1. From your browser, go to the Azure portal.
 
@@ -87,12 +83,12 @@ The Azure portal has a wizard that will automate the script to automate the down
 
 To install with the script, you must run the downloaded script from PowerShell in your reconfigured Azure Virtual Machine.
 
-1. Connect and log in to your reconfigured Azure VM.
+1. Connect and sign in to your reconfigured Azure VM.
 
 1. Copy the script that you downloaded in the previous steps to a known location on your VM.
 
 1. Open an elevated PowerShell command prompt. The script only supports running from a 64-bit version of Windows PowerShell.
 
 1. Change to the folder or share where you copied the script and execute it on the server by running the `./OnboardingScript.ps1` script.
 
-Now that you have an Azure Arc-enabled server, you can begin to test Microsoft Defender for Cloud, Azure Monitor, Azure Policies, VM Extensions and the range of Azure Arc-enabled server capabilities.
+Now that you have an Azure Arc-enabled server, you can begin to test Microsoft Defender for Cloud, Azure Monitor, Azure Policies, VM Extensions, and the range of Azure Arc-enabled server capabilities.