Merge pull request #50803 from JnHs/jh-arc-linux-0625

review and update module

Author: v-shils

learn-pr/azure/manage-linux-with-arc/1-introduction.yml

@@ -4,7 +4,7 @@ title: Introduction
 metadata:
   title: Introduction
   description: Introduction to Manage Linux with Azure Arc.
-  ms.date: 07/30/2024
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit

learn-pr/azure/manage-linux-with-arc/2-describe-managing-linux-concepts.yml

@@ -4,7 +4,7 @@ title: Describe concepts around managing Linux with Azure Arc
 metadata:
   title: Describe concepts around managing Linux with Azure Arc
   description: Describe how to manage Linux systems with Azure Arc and the cross-team coordination required to deploy the solution.
-  ms.date: 07/30/2024
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit

learn-pr/azure/manage-linux-with-arc/3-describe-using-ssh.yml

@@ -4,12 +4,12 @@ title: Describe how to use SSH in Azure Arc to manage Linux
 metadata:
   title: Describe how to use SSH in Azure Arc to manage Linux
   description: Describe how to use SSH with Azure Arc to manage Linux systems
-  ms.date: 07/30/2024
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit
   ms.custom: linux-related-content
-durationInMinutes: 10
+durationInMinutes: 8
 content: |
   [!include[](includes/3-describe-using-ssh.md)]
 

learn-pr/azure/manage-linux-with-arc/4-options-for-managing-multiple-systems.yml

@@ -3,13 +3,13 @@ uid: learn.manage-linux-with-arc.options-for-managing-multiple-systems
 title: Describe options around managing large numbers of Linux systems
 metadata:
   title: Describe options around managing large numbers of Linux systems
-  description: Describe the options for managing large numbers of Linux systems with Azure Arc and Ansible.
-  ms.date: 07/30/2024
+  description: Describe the options for managing large numbers of Linux systems with Azure Arc.
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit
   ms.custom: devx-track-ansible, linux-related-content
-durationInMinutes: 10
+durationInMinutes: 6
 content: |
   [!include[](includes/4-options-for-managing-multiple-systems.md)]
 

learn-pr/azure/manage-linux-with-arc/5-knowledge-check.yml

@@ -4,7 +4,7 @@ title: Module assessment
 metadata:
   title: Module assessment
   description: Knowledge check.
-  ms.date: 07/30/2024
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit
@@ -15,49 +15,49 @@ quiz:
 
   - content: "What type of Linux resources can Azure Arc help you manage?"
     choices:
-    - content: "Virtual resources."
+    - content: "Virtual resources only."
       isCorrect: false
-      explanation: "Incorrect. Azure Arc can be used to manage both physical and virtual Linux machines out of Azure."
-    - content: "Physical resources."
+      explanation: "Incorrect. Azure Arc can be used to manage both physical and virtual Linux machines hosted outside of Azure."
+    - content: "Physical resources online."
       isCorrect: false
-      explanation: "Incorrect. Azure Arc can be used to manage both physical and virtual Linux machines out of Azure."
+      explanation: "Incorrect. Azure Arc can be used to manage both physical and virtual Linux machines hosted outside of Azure."
     - content: "Both physical and virtual resources."
       isCorrect: true
-      explanation: "Correct! Azure Arc can be used to manage both physical and virtual Linux machines out of Azure."
+      explanation: "Correct! Azure Arc can be used to manage both physical and virtual Linux machines hosted outside of Azure."
 
-  - content: "Linux machines managed by Azure Arc have what Azure capabilities?"
+  - content: "Which of the following is required in order to onboard a Linux machine to Azure Arc?"
     choices:
-    - content: "Linux machines on Azure Arc enjoy the same capabilities as native Azure Linux resources."
-      isCorrect: true
-      explanation: "Correct! Linux machines onboarded to Azure Arc enjoy the same capabilities as native Azure machines."
-    - content: "A subset of Azure capabilities focused on security."
+    - content: "A supported Ubuntu operating system."
       isCorrect: false
-      explanation: "Incorrect. Linux machines onboarded to Azure Arc enjoy the same capabilities as native Azure machines, including robust security capabilities."
-    - content: "Linux machines onboarded to Azure Arc have limitations that make them more difficult to manage than other Azure resources."
+      explanation: "Incorrect. Many Linux distributions are supported in addition to Ubuntu."
+    - content: "A new Azure tenant set up specifically for the connected machine."
       isCorrect: false
-      explanation: "Incorrect. Linux machines onboarded to Azure Arc enjoy the same capabilities as native Azure machines and are equally easy to manage."
+      explanation: "Incorrect. You don't need a separate Azure tenant in order to connect a Linux machine to Azure Arc."
+    - content: "The Azure Arc Connected Machine agent must be deployed to the machine."
+      isCorrect: true
+      explanation: "Correct! The Azure Arc Connected Machine agent must be deployed to a machine in order to connect it to Azure Arc."
 
-  - content: "What is required in order to use SSH for Linux machines connected to Azure Arc?"
+  - content: "Which of the following is required in order to use SSH for Linux machines connected to Azure Arc?"
     choices:
-    - content: "A public IP address."
-      isCorrect: false
-      explanation: "Incorrect. You don't need to expose a public IP address to use SSH to access a Linux machine connected to Azure Arc."
-    - content: "The opening of another inbound port."
-      isCorrect: false
-      explanation: "Incorrect. You don't need to open any other inbound ports to use SSH to access a Linux machine connected to Azure Arc."
     - content: "Installation of the SSH extension."
       isCorrect: true
-      explanation: "Correct! Once a Linux resource is fully Arc enabled, you need to install the SSH extension on your workstation and then run a command to enable the SSH connection."
+      explanation: "Correct! Linux machines onboarded to Azure Arc enjoy the same capabilities as native Azure machines."
+    - content: "An Azure Policy definition that allows SSH access."
+      isCorrect: false
+      explanation: "Incorrect. SSH access doesn't require you to use Azure Policy."
+    - content: "A public IP address."
+      isCorrect: false
+      explanation: "Incorrect. A public IP address isn't required to use SSH."
 
-  - content: "What Azure tools can be used specifically to help you manage large numbers of Linux machines in Azure Arc?"
+  - content: "What Azure tools can be used to help you manage large numbers of Linux machines in Azure Arc?"
     choices:
-    - content: "Azure Policy and Azure Automanage."
+    - content: "Azure Policy and Azure Machine Configuration."
       isCorrect: true
-      explanation: "Correct! Once your Linux machines are onboarded to Azure Arc, you can use tools like Azure Policy and Azure Automanage to enforce standards and simplify ongoing management."
-    - content: "Microsoft Sentinel and Microsoft Defender."
+      explanation: "Correct! Once your Linux machines are onboarded to Azure Arc, you can use tools like Azure Policy and Azure Machine Configuration to enforce standards and simplify ongoing management."
+    - content: "Microsoft Sentinel and Microsoft Defender for Cloud."
       isCorrect: false
-      explanation: "Incorrect. Although Microsoft Sentinel and Microsoft Defender both work with Arc-enabled Linux machines, the tolls are designed for security enhancement."
-    - content: "Arc SSH and Microsoft Entra ID."
+      explanation: "Incorrect. Although Microsoft Sentinel and Microsoft Defender for Cloud both work with Arc-enabled Linux machines, these tools are designed for security enhancement."
+    - content: "SSH and Microsoft Entra ID."
       isCorrect: false
-      explanation: "Incorrect. Although Arc SSH and Microsoft Entra ID both work with Arc-enabled Linux machines, their primary purpose is security and connection related."
+      explanation: "Incorrect. Although SSH and Microsoft Entra ID both work with Arc-enabled Linux machines, they are used to connect and authenticate, not to manage machines directly."
 

learn-pr/azure/manage-linux-with-arc/6-summary.yml

@@ -4,7 +4,7 @@ title: Summary
 metadata:
   title: Summary
   description: Summary
-  ms.date: 07/30/2024
+  ms.date: 06/04/2025
   author: JnHs
   ms.author: jenhayes
   ms.topic: unit

learn-pr/azure/manage-linux-with-arc/includes/1-introduction.md

@@ -1,6 +1,6 @@
-Microsoft Azure Arc can help you manage your Linux instances in addition to your Windows resources. Azure Arc provides a set of technologies for organizations that want to simplify their complex and distributed environments. Azure Arc provides a centralized, unified, and self-service approach to managing Linux resources.
+Azure Arc provides a set of technologies for organizations that want to simplify their complex and distributed environments. Azure Arc provides a centralized, unified, and self-service approach to managing resources hosted outside of Azure. This applies to both Windows and Linux VMs in an on-premises corporate network or hosted on another cloud provider.
 
-Contoso, Ltd. is a midsize financial services company in London with a branch office in New York City. Contoso deployed and evaluated Azure Arc-enabled servers for their on-premises Windows servers. Given their positive experience with Azure Arc on their Windows estate, management is tasking you with learning about Azure Arc-enabled server capabilities for similarly managing Linux workloads.
+Contoso, Ltd. is a midsize financial services company in London with a branch office in New York City. Contoso deployed and evaluated Azure Arc-enabled servers for their on-premises Windows servers. Given their positive experience with Azure Arc for their Windows resources, management is tasking you with learning about Azure Arc's capabilities for similarly managing Linux workloads.
 
 ## Learning objectives
 
@@ -13,5 +13,5 @@ After completing this module, you're able to:
 
 To get the best learning experience from this module, you should already have the following knowledge and experience:
 
-- Basic understanding of Azure Arc
+- Basic understanding of Azure and Azure Arc concepts
 - Basic understanding of Linux server management

learn-pr/azure/manage-linux-with-arc/includes/2-describe-managing-linux-concepts.md

@@ -1,24 +1,27 @@
-Azure Arc lets you manage physical and virtual Linux machines hosted outside of Azure, on your corporate network, or other cloud provider. Organizations like Contoso can manage their Linux resources with Azure just as they do their Arc-enabled Windows machines. Linux machines onboarded to Azure Arc enjoy the same capabilities as native Azure machines, including standard Azure constructs such as Azure policy and applying tags.
+Azure Arc lets you manage physical and virtual Linux machines hosted outside of Azure, whether in your corporate network or hosted on another cloud provider. Organizations like Contoso can manage their Linux resources with Azure, just as they do their Arc-enabled Windows machines. Linux machines onboarded to Azure Arc can be managed just like native Azure machines, including the use of standard Azure constructs such as Azure policy and applying tags.
+
+To onboard a Linux machine to Azure Arc, you deploy the Azure Arc Connected Machine agent to the machine. Azure Arc provides multiple options for deploying the agent individually or at scale across multiple machines. Once the agent is installed and functioning properly, the machine appears as an Arc resource in the Azure portal, and you can manage it like any other Azure resource.
 
 Once your Linux machines are onboarded to Azure Arc, you can:
 
 - Proactively monitor the OS and workloads running on the machine.
-- Manage the machines using automation runbooks or solutions like Update Management.
+- Manage the machines using automation runbooks or solutions such as Update Manager.
 - Use other Azure services such as Microsoft Defender for Cloud.
 
 ## Supported Linux distributions
 
-The following Linux distributions are officially supported for the Azure Connected Machine agent:
+The Azure Connected Machine agent supports a wide range of Linux distributions, including recent versions of:
+
+- Ubuntu
+- Debian
+- Rocky Linux
+- SUSE Linux Enterprise Server (SLES)
+- Red Hat Enterprise Linux (RHEL)
+- AlmaLinux
+- Amazon Linux
+- Oracle Linux
 
-- Ubuntu 18.04, 20.04, and 22.04 LTS12
-- Debian 11 and 12
-- Rocky Linux 8 and 9
-- SUSE Linux Enterprise Server (SLES) 12 SP3-SP5 and 15
-- Red Hat Enterprise Linux (RHEL) 7, 8, and 9
-- AlmaLinux 9
-- Amazon Linux 2 and 2023
-- Azure Linux (CBL-Mariner) 2.0
-- Oracle Linux 7, 8 and 9
+x86-64 (64-bit) architecture is fully supported, while only some features are supported on Arm64. The Azure Connected Machine agent doesn't run on 32-bit architectures.
 
 ## Change tracking and inventory
 
@@ -28,35 +31,35 @@ You can track changes in your Azure Arc Linux machines to help you pinpoint oper
 - Linux files
 - Linux daemons
 
-## Update Management
+## Update management
 
-Your onboarded Linux machines can use Update Management to manage your operating system updates. You can quickly assess the status of available updates and manage the process of installing required updates for your Linux machines. Update Management integrates with Azure Monitor Logs to store update assessments and update deployment results as log data.
+Your onboarded Linux machines can use Azure Update Manager to manage your operating system updates. You can quickly assess the status of available updates and manage the process of installing required updates for your Linux machines.
 
 ## Security
 
-Linux machines on Azure Arc enjoy the same security features as all Azure resources, including Microsoft Defender for Cloud and Microsoft Sentinel.
+Linux machines on Azure Arc can use the same security features as all Azure resources, including Microsoft Defender for Cloud and Microsoft Sentinel.
 
 ### Microsoft Defender for Cloud
 
-Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP). Defender for cloud can monitor the security posture of your Linux machines on Azure Arc and fills three vital needs as you manage the security of your Linux resources and workloads:
+Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP), including a cloud security posture management (CSPM) solution and a cloud workload protection platform (CWPP). Defender for Cloud can monitor the security posture of your Linux machines on Azure Arc by:
 
-- Provides continuous assessment of your security posture so you can track new security opportunities and precisely report on the progress of your security efforts.
-- Secures your workloads with step-by-step actions that protect your workloads from known security risks.
-- Provides alerts to defend your workloads in real-time so you can react immediately and prevent security events from developing.
+- Providing continuous assessment of your security posture, so you can track new security opportunities and precisely report on the progress of your security efforts.
+- Securing your workloads with step-by-step actions that protect your workloads from known security risks.
+- Providing alerts to defend your workloads in real-time, so you can respond immediately and limit the risk to your resources
 
 ### Microsoft Sentinel
 
-Microsoft Sentinel is an integrated SIEM (scalable, cloud-native, security information, and event management) and a SOAR (security orchestration, automation, and response) solution. Microsoft Sentinel delivers threat intelligence, providing a single solution for attack detection, proactive hunting, and threat response. It provides a birds-eye view across the enterprise. Microsoft Sentinel alleviates the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
+Microsoft Sentinel is a scalable, cloud-native security information and event management (SIEM) with built-in security orchestration, automation, and response (SOAR). Microsoft Sentinel delivers threat intelligence, providing a single solution for attack detection, proactive hunting, and threat response. By providing a birds-eye view across the enterprise, Microsoft Sentinel helps alleviate the stress of dealing with increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
 
-The benefits of Microsoft Sentinel include:
+Microsoft Sentinel can help keep your environment secure by:
 
-- Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
-- Detect previously undetected threats and minimize false positives using Microsoft's analytics and unparalleled threat intelligence.
-- Investigate threats with artificial intelligence and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
-- Respond to incidents rapidly with built-in orchestration and automation of common tasks.
+- Collecting data at cloud scale across all users, devices, applications, and infrastructure, including on-premises and across multiple clouds.
+- Detecting previously undetected threats and minimizing false positives using Microsoft's analytics and unparalleled threat intelligence.
+- Investigating threats with artificial intelligence and hunting for suspicious activities at scale.
+- Responding to incidents rapidly with built-in orchestration and automation of common tasks.
 
-Microsoft Sentinel comes with many connectors for Microsoft solutions, available out of the box and providing real-time integration. For physical and virtual Linux machines, you can install the Log Analytics agent that collects the logs and forwards them to Microsoft Sentinel.
+Microsoft Sentinel comes with many connectors for Microsoft solutions, available out of the box and providing real-time integration.
 
 ## Monitoring
 
-Azure Monitor Agent (AMA) collects monitoring data from the guest operating system of Azure and hybrid virtual machines. It delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Defender for Cloud. AMA uses data collection rules that let you define the types of data you want each agent you install to collect. Data collection rules allow you to create unique, scoped configurations for subsets of your Linux machines. These rules are independent of the workspace and the virtual machine, which means you can define a rule once and reuse it across machines and environments.
+The Azure Monitor Agent collects monitoring data from the guest operating system of Azure and hybrid virtual machines. It delivers this data to Azure Monitor, allowing it to be used by other services, such as Microsoft Defender for Cloud. Data collection rules allow you to create unique, scoped configurations for subsets of your Linux machines. These rules are independent of the workspace and the virtual machine, which means you can define a rule once and reuse it across machines and environments.