Merge pull request #14551 from jmart1428/update-components-jm

[SCOPED] Quality check: AI-readiness: Component spec alignment - add missing descriptions and purpose [10 AAC articles]

Author: v-dirichards

docs/hybrid/azure-arc-sql-server-content.md

@@ -10,25 +10,25 @@ This reference architecture illustrates how to use Azure Arc for management, mai
 
 The architecture consists of the following components and capabilities:
 
-- [SQL Server][sql-server-service-page]. This data platform gives you a wide range of choices of development languages, data types, on-premises or cloud environments, and operating systems.
-- [Azure Arc][azure-arc-service-page]. This cloud-based service extends the Azure Resource Manager-based management model to non-Azure resources including virtual machines (VMs), Kubernetes clusters, and containerized databases.
-- [Azure Arc enabled servers][azure-arc-enabled-servers-service-page]. This hybrid service allows you to manage your Windows and Linux machines, hosted outside of Azure, on your corporate network or other cloud provider. This is similar to how you manage native Azure VMs.
-- [Azure Arc enabled SQL Server][azure-arc-enabled-sql-server-service-page]. This part of the Azure Arc enabled servers extends Azure services to SQL Server instances, hosted outside of Azure in the customer's datacenter, on the edge or in a multicloud environment.
-- [Kubernetes][kubernetes-open-source]. This is a portable, extensible open-source platform for managing and orchestrating containerized workloads.
-- [Azure Kubernetes Service][azure-kubernetes-service-service-page]. This is a service that provides a managed Kubernetes cluster in Azure.
-- [Azure Kubernetes Service (AKS) on Azure Local][azure-kubernetes-service-on-azs-hci-service-page]. This is an implementation of AKS, which automates running containerized applications at scale on Azure Local.
-- [Azure Arc-enabled Kubernetes][azure-arc-enabled-kubernetes-service-page]. This hybrid service allows you to streamline deployment and management of Kubernetes clusters inside or outside of Azure.
-- [Azure Arc-enabled data services][azure-arc-enabled-data-services-service-page]. This hybrid service makes it possible to run Azure data services on-premises, at the edge, and in public clouds using Kubernetes and the infrastructure of your choice.
-- [Azure SQL Managed Instance][sql-managed-instance-service-page]. This intelligent, scalable cloud database service combines the broadest SQL Server database engine compatibility with all the benefits of a fully managed and evergreen platform as a service.
-- [Azure Arc enabled SQL Managed Instance][azure-arc-enabled-sql-managed-instance-service-page]. This Azure SQL data service can be created on your choice of infrastructure that hosts Azure Arc enabled data services.
-- [Azure Arc-enabled VMware vSphere](/azure/azure-arc/vmware-vsphere/overview) is an Azure Arc service that helps you manage your hybrid IT estate distributed across VMware vSphere and Azure.
-- [Azure Arc-enabled System Center Virtual Machine Manager (SCVMM)](/azure/azure-arc/system-center-virtual-machine-manager/overview) is an Azure Arc service that helps you manage your hybrid IT estate distributed across SCVMM managed environment and Azure.
-- [Azure Resource Manager][azure-resource-manager-service-page]. Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags to secure and organize your resources after deployment.
-- [Azure Monitor][azure-monitor-service-page]. This cloud-based service maximizes the availability and performance of applications and services by delivering a comprehensive solution for collecting, analyzing, and acting on telemetry from Azure and non-Azure locations.
-- [Log Analytics][azure-log-analytics-service-page]. This is the primary tool in the Azure portal for writing log queries and interactively analyzing their results.
-- [Microsoft Sentinel][azure-sentinel-service-page]. This is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution.
-- [Microsoft Defender for Cloud][azure-security-center-service-page]. This unified infrastructure security management system strengthens the security posture of your datacenters and provides advanced threat protection across your hybrid workloads.
-- [Azure Backup][azure-backup-service-page]. The Azure Backup service provides secure, cost-effective solutions to back up your data and recover it from the Microsoft Azure cloud.
+- [SQL Server][sql-server-service-page] is a relational database platform that supports a wide range of development languages, data types, on-premises or cloud environments, and operating systems. In this architecture, it serves as the core data engine hosted outside Azure and managed through Azure Arc for unified governance and monitoring.
+- [Azure Arc][azure-arc-service-page] is a cloud-based service that extends Azure management to non-Azure resources. In this architecture, it enables centralized control of SQL Server instances, Kubernetes clusters, and virtual machines (VMs) across on-premises and multicloud environments.
+- [Azure Arc-enabled servers][azure-arc-enabled-servers-service-page] provide management of Windows and Linux machines outside Azure on your corporate network or other cloud provider. In this architecture, they provide the foundation for managing SQL Server instances as hybrid Azure resources.
+- [Azure Arc-enabled SQL Server][azure-arc-enabled-sql-server-service-page] extends Azure services to SQL Server instances hosted outside Azure. In this architecture, it enables advanced monitoring, security, and compliance capabilities for SQL Server that runs in datacenters, edge, or multicloud setups.
+- [Kubernetes][kubernetes-open-source] is an open-source platform for managing and orchestrating containerized workloads. In this architecture, it hosts Azure Arc-enabled data services, including containerized deployments of Azure SQL Managed Instance.
+- [Azure Kubernetes Service (AKS)][azure-kubernetes-service-service-page] is a managed Kubernetes service in Azure. In this architecture, AKS on Azure Local simplifies deployment and management of containerized SQL workloads in on-premises environments. 
+- [AKS on Azure Local][azure-kubernetes-service-on-azs-hci-service-page] is an on-premises implementation of AKS. In this architecture, it runs containerized applications at scale on Azure Local.
+- [Azure Arc-enabled Kubernetes][azure-arc-enabled-kubernetes-service-page] enables Azure management of Kubernetes clusters that run outside Azure. In this architecture, it supports governance, policy enforcement, and monitoring of SQL workloads deployed on Kubernetes.
+- [Azure Arc-enabled data services][azure-arc-enabled-data-services-service-page] allow Azure data services to run on any infrastructure, including on-premises and multicloud. In this architecture, they host containerized instances of SQL Managed Instance, which enables cloud-native capabilities in hybrid environments.
+- [SQL Managed Instance][sql-managed-instance-service-page] is a managed SQL database service that provides high compatibility with SQL Server. In this architecture, it's deployed in containerized form via Azure Arc-enabled data services to deliver scalable, secure, and evergreen database capabilities.
+- [Azure Arc-enabled SQL Managed Instance][azure-arc-enabled-sql-managed-instance-service-page] is a containerized version of SQL Managed Instance that runs on Azure Arc-enabled data services. In this architecture, it provides near-complete SQL Server compatibility with flexible deployment across Kubernetes or AKS on Azure Local.
+- [Azure Arc-enabled VMware vSphere](/azure/azure-arc/vmware-vsphere/overview) extends Azure management to VMware-based environments. In this architecture, it enables governance and monitoring of SQL Server instances hosted on vSphere.
+- [Azure Arc-enabled System Center Virtual Machine Manager (SCVMM)](/azure/azure-arc/system-center-virtual-machine-manager/overview) integrates SCVMM-managed infrastructure with Azure. In this architecture, it supports unified management of SQL Server workloads across SCVMM and Azure.
+- [Azure Resource Manager][azure-resource-manager-service-page] is a deployment and management framework for Azure resources. In this architecture, it serves as the control plane for managing hybrid SQL Server instances and related services. You can use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
+- [Azure Monitor][azure-monitor-service-page] is a monitoring service that collects and analyzes telemetry from Azure and hybrid resources. In this architecture, it monitors performance, availability, and compliance of SQL Server instances managed through Azure Arc.
+- [Log Analytics][azure-log-analytics-service-page] is a feature of Azure Monitor that enables querying and analysis of log data across environments. In this architecture, it supports SQL assessments and health checks for Azure Arc-enabled SQL Server.
+- [Microsoft Sentinel][azure-sentinel-service-page] is a cloud-native security information event management (SIEM) and security orchestration automated response (SOAR) solution for threat detection and response. In this architecture, it monitors security events and alerts for SQL Server instances that Azure Arc manages.
+- [Microsoft Defender for Cloud][azure-security-center-service-page] is a security platform that provides security management and threat protection. In this architecture, it strengthens the security posture of your data estate and enables advanced threat detection across hybrid workloads.
+- [Azure Backup][azure-backup-service-page] provides secure and scalable backup solutions for Azure and hybrid environments. In this architecture, it supports long-term backup retention for Azure Arc-enabled SQL Managed Instance deployed in Directly Connected mode.
 
 ## Scenario details
 
@@ -106,7 +106,7 @@ Reliability ensures your application can meet the commitments you make to your c
 
 - With Azure Arc enabled SQL Managed Instance, planning for storage is also critical from the data resiliency standpoint. If there's a hardware failure, an incorrect choice might introduce the risk of total data loss. To avoid such risk, you should consider a range of factors affecting storage configuration [kubernetes-storage-class-factors] for both [data controller][kubernetes-storage-data-controller] and [database instances][kubernetes-storage-database-instance].
 
-- With Azure Arc enabled SQL Managed Instance, you can deploy individual databases in either a single or multiple-pod pattern. For example, the developer or general-purpose pricing tier implements a single pod pattern, while a highly available business critical pricing tier implements a multiple-pod pattern. A highly available Azure SQL managed instance uses Always On Availability Groups to replicate the data from one instance to another either synchronously or asynchronously.
+- With Azure Arc enabled SQL Managed Instance, you can deploy individual databases in either a single or multiple-pod pattern. For example, the developer or general-purpose pricing tier implements a single pod pattern, while a highly available business critical pricing tier implements a multiple-pod pattern. A highly available SQL managed instance uses Always On Availability Groups to replicate the data from one instance to another either synchronously or asynchronously.
 
 - Azure Arc enabled SQL Managed Instance shares the code base with the latest stable version of SQL Server, providing support for a majority of its [high availability features][azure-arc-sql-mi-ha].
 
@@ -169,7 +169,7 @@ Performance Efficiency is the ability of your workload to meet the demands place
   - [What is on-premises Kubernetes with Azure Kubernetes Service on Azure Local and Windows Server?][azure-kubernetes-service-on-azs-hci]
   - [What is Azure Arc-enabled Kubernetes?][azure-arc-enabled-kubernetes]
   - [What are Azure Arc-enabled data services?][azure-arc-enabled-data-services]
-  - [What is Azure SQL Managed Instance?][sql-managed-instance]
+  - [What is SQL Managed Instance?][sql-managed-instance]
   - [Azure Arc-enabled SQL Managed Instance Overview][azure-arc-enabled-sql-managed-instance]
   - [What is Azure Resource Manager?][azure-resource-manager]
   - [Azure Monitor overview][azure-monitor]

docs/hybrid/azure-arc-sql-server.yml

@@ -11,6 +11,7 @@ metadata:
     - hybrid
     - databases
   ms.custom: arb-hybrid
+  ai-usage: ai-assisted
 name: Optimize administration of SQL Server instances in on-premises and multicloud environments using Azure Arc
 azureCategories:
   - hybrid

docs/hybrid/azure-file-share-content.md

@@ -6,29 +6,19 @@ This architecture shows how to include Azure file shares in your hybrid environm
 
 *Download a [Visio file][architectural-diagram-visio-source] of this architecture.*
 
-### Workflow
-
-The architecture consists of the following components:
-
-- **Microsoft Entra tenant**. This component is an instance of Microsoft Entra that's created by your organization. It acts as a directory service for cloud applications, by storing objects that are copied from the on-premises Active Directory. It also provides identity services when accessing Azure file shares.
-- **AD DS server**. This component is an on-premises directory and identity service. The AD DS directory is synchronized with Microsoft Entra ID to enable it to authenticate on-premises users.
-- **Microsoft Entra Connect Sync server**. This component is an on-premises server that runs the Microsoft Entra Connect Sync service. This service synchronizes information held in the on-premises Active Directory to Microsoft Entra ID.
-- **Virtual network gateway**. This optional component is used to send encrypted traffic between an Azure Virtual Network and an on-premises location over the internet.
-- **Azure file shares**. Azure file shares provide storage for files and folders that you can access over Server Message Block (SMB), Network File System (NFS), and Hypertext Transfer Protocol (HTTP) protocols. File shares are deployed into Azure storage accounts.
-- **Recovery Services Vault**. This optional component provides Azure file shares backup.
-- **Clients**. These components are AD DS member computers, from which users can access Azure file shares.
-
 ### Components
 
-Key technologies used to implement this architecture:
-
-- [Microsoft Entra ID](/entra/fundamentals/whatis) is an enterprise identity service that provides single sign-on, multifactor authentication, and other identity services to protect against cybersecurity threats.
-- [Azure Files](/azure/well-architected/service-guides/azure-files) offers fully managed file shares in the cloud that are accessible by using the industry standard protocols.
-- [VPN Gateway](/azure/vpn-gateway/vpn-gateway-about-vpngateways) VPN Gateway sends encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.
+The architecture consists of the following components:
 
-## Scenario details
+- [Microsoft Entra ID](/entra/fundamentals/whatis) is an enterprise identity service that provides features to protect against cybersecurity threats. In this architecture, it serves as the cloud-based directory that stores synchronized objects from on-premises AD DS and authenticates users that access Azure file shares.
+- [AD DS](/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview) is an on-premises identity and directory service. In this architecture, it authenticates domain-joined clients and integrates with Azure Files to enforce access controls by using Windows access control lists (ACLs). The AD DS directory synchronizes with Microsoft Entra ID to authenticate on-premises users.
+- [Microsoft Entra Connect Sync](/entra/identity/hybrid/connect/how-to-connect-sync-whatis) is a synchronization service that runs on an on-premises server. In this architecture, it ensures identity consistency by syncing AD DS objects to Microsoft Entra ID.
+- [Azure VPN Gateway](/azure/vpn-gateway/vpn-gateway-about-vpngateways) is a networking service that sends encrypted traffic between Azure and on-premises networks over the public internet. In this architecture, this optional component provides secure connectivity for accessing Azure file shares when Server Message Block (SMB) port 445 is blocked by internet service providers (ISPs) or firewalls.
+- [Azure Files](/azure/well-architected/service-guides/azure-files) provides managed cloud-based file shares that can be accessed via SMB, Network File System (NFS), and HTTP protocols. In this architecture, it replaces traditional file servers by providing scalable, secure, and highly available storage integrated with AD DS authentication. File shares are deployed into Azure storage accounts.
+- [Azure Recovery Services](/azure/backup/backup-azure-recovery-services-vault-overview) is a suite of services designed to support data protection, backup, and disaster recovery. In this architecture, an optional Recovery Services vault protects Azure file shares by enabling backup and recovery through incremental share snapshots.
+- **Clients** are user computing devices, such as desktops, laptops, or mobile devices, that access resources within the network. In this architecture, clients refer to AD DS domain-joined computers for users. These clients access Azure file shares by using their existing credentials, which maintains a familiar experience while taking advantage of cloud-based storage.
 
-### Potential use cases
+## Potential use cases
 
 Typical uses for this architecture include:
 

docs/hybrid/azure-file-share.yml

@@ -11,6 +11,7 @@ metadata:
     - hybrid
     - storage
   ms.custom: e2e-hybrid
+  ai-usage: ai-assisted
 name: Use Azure file shares in a hybrid environment
 azureCategories:
   - hybrid