mon check in

2020-03-02 16:46:36 -08:00 · 2020-03-02 16:46:36 -08:00 · 3558706e3c
--- a/AzureSQLWorkshop/azuresqlworkshop/02-DeployAndConfigure.md
+++ b/AzureSQLWorkshop/azuresqlworkshop/02-DeployAndConfigure.md
@ -73,7 +73,7 @@ Next, select **Single database** and click **Create**.

 **Step 2 - Database name**  

-Select the subscription and resource group you created in the prerequisites (or were provided to use), then enter a database name **AdventureWorksID** where ID is the unique identifier you used in the prerequisites, or the unique ID at the end of the resource group you were provided (e.g. TODO).  
+Select the subscription and resource group you created in the prerequisites (or were provided), then enter a database name **AdventureWorksID** where ID is the unique identifier you used in the prerequisites for your resource group, or the unique ID at the end of the Azure login you were provided (e.g. for `odl_user_160186@....com` the ID you will use for the entirety of the workshop is `160186`).  

 **Step 3 - Server**  

@ -351,4 +351,4 @@ In this module and throughout the activities, you learned how to deploy and conf

 <p><img style="float: left; margin: 0px 15px 15px 0px;" src="https://github.com/microsoft/sqlworkshops/blob/master/graphics/geopin.png?raw=true"><b >Next Steps</b></p>

-Next, Continue to <a href="https://github.com/microsoft/sqlworkshops/blob/master/azuresqlworkshop/azuresqlworkshop/03-Security.md" target="_blank"><i> 03 - Security</i></a>.
+Next, Continue to <a href="https://github.com/microsoft/sqlworkshops/blob/master/AzureSQLWorkshop/azuresqlworkshop/03-Security.md" target="_blank"><i> 03 - Security</i></a>.
--- a/AzureSQLWorkshop/azuresqlworkshop/03-Security.md
+++ b/AzureSQLWorkshop/azuresqlworkshop/03-Security.md
@ -144,7 +144,11 @@ Return to the Azure portal in your Azure VM. In the top bar, select the Azure Cl

 If this is your first time using the Azure Cloud Shell, you will be prompted to select a subscription to create a storage account and Microsoft Azure Files share. For this workshop, you can just use any of the storage accounts that are in your resource group already. More information about the Azure Cloud Shell can be found in the [documentation](https://docs.microsoft.com/en-us/azure/cloud-shell/overview).    

-Then, you can select Bash or PowerShell. Select **Bash**. You should see a view similar to below.  
+Then, you can select Bash or PowerShell. Select **Bash**.  
+
+You may be prompted to select a storage account. If you are, select **Show advanced settings**, and select an existing storage account in **your** existing resource group for the workshop. For "File share" select **Create new** and call it **fsID** where ID is your unique ID for the workshop. Finally, select **Create**.    
+
+You should now see a view similar to below.  

 ![](../graphics/acsbash.png)  

@ -174,7 +178,7 @@ In the Azure portal, navigate to your Azure SQL Database logical server (e.g. `a
 At the bottom, select **+ Add existing virtual network**. For the options, input the following:  
 * Name: **VmVnet**
 * Subscription: *Select the subscription you're using for this workshop*  
-* Virtual network: **azuresqlworkshop`ID`-vnet** (replacing `ID` with your ID for the workshop and other resources)  
+* Virtual network: Select the only virtual network that appears under **your resource group for the workshop**.   
 * Subnet name / Address prefix : *Default is fine*  
 * Note that the `Microsoft.Sql` endpoint has not yet been enabled. Once this service endpoint is enabled, all access to your Azure SQL Database will come through private IP addresses. To learn more about service endpoints, see the [documentation](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview).

@ -199,7 +203,7 @@ If no errors occur, you have successfully configured access to your Azure SQL Da

 <br>

-<p><img style="float: left; margin: 0px 15px 15px 0px;" src="../graphics/point1.png"><a name="2"><b>(Bonus) Activity 3</a>: Create and manage Private Link for Azure SQL Database</b></p>
+<p><img style="float: left; margin: 0px 15px 15px 0px;" src="../graphics/point1.png"><a name="3"><b>(Bonus) Activity 3</a>: Create and manage Private Link for Azure SQL Database</b></p>

 In this activity, you'll see how to configure the most secure connection with a new feature called Private Link.  

@ -292,7 +296,7 @@ Next, select **Next : Configuration**.

 In this step, you will configure your private endpoint to be created in the **same virtual network subnet as your Azure VM** for the workshop. This is the easiest way to ensure that you can connect to it from your virtual machine. There are other ways available (virtual network peering, VNet-to-VNet, VPN from on-premises), but you will not use those in this workshop.  

-Select your VM virtual network, it should be similar to **azuresqlworkshop<ID>-vnet** and the subnet should be **default**.  
+Select your VM virtual network, it should be similar to **azuresqlworkshop<ID>-vnet** or **win-vm-vnet** *under your resource group* and the subnet should be **default**.  

 In order to connect privately with the endpoint you create, you'll also need a DNS record. This won't be covered in this activity, but you can learn more [here](https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview#dns-configuration). You can just leave the defaults.  

@ -342,7 +346,7 @@ Aliases:    aw-server<ID>.database.windows.net
 ```
 The important things to look at are under the Non-authoritative answer, and let's examine the differences:  
 * **Name**: Note that you're no longer pointing to the public DNS hierarchy, only to the Private Link DNS. This means less information is revealed about your database server.    
-* **Addresses**: For VNet rules, the address returned was the public IP address of your VM, but it should now be various *private* IP addresses within the Private Link hierarchy (one is the private endpoint of your Azure SQL Database).
+* **Addresses**: For VNet rules, the address returned was the public IP address of your VM, but it should now be one or more *private* IP addresses within the Private Link hierarchy (one is the private endpoint of your Azure SQL Database).
 * **Aliases**: Similar to the Name field, you're not seeing anything related to the DNS hierarchy, except that you can still connect to the server name (e.g. `aw-server0406.database.windows.net`).  

 One thing you might be wondering, is if you are connecting to the private endpoint, **why are you still using the same server name?** In the backend, when you use solely the Private Link method of connecting (i.e. no firewall or virtual network rules), the information is processed as follows:  
@ -621,6 +625,8 @@ Your resulting view should be similar to below.

 Every security risk has a risk level (high, medium, or low) and additional information. Select the security check **VA2065** to get a detailed view, similar to below. Review the status and other available information.   

+> Note: If **VA2065** does not fail, you can perform a similar exercise below, depending on what failed tests do occur.   
+
 ![](../graphics/va20651.png)  
 ![](../graphics/va20652.png)  

--- a/AzureSQLWorkshop/azuresqlworkshop/05-Availability.md
+++ b/AzureSQLWorkshop/azuresqlworkshop/05-Availability.md
@ -30,7 +30,7 @@ In this module, you'll cover these topics:
 TODO: Explain how on prem you have to have a plan for DR and a BU/R strategy, but how it's built for you in Azure. Also talk about how it all works, ADR, LTR, etc.
 <br>

-<p><img style="float: left; margin: 0px 15px 15px 0px;" src="../graphics/point1.png"><a name="1"><b>Activity 1</a>: Undo errors to a point in time</b></p>
+<p><img style="float: left; margin: 0px 15px 15px 0px;" src="../graphics/point1.png"><a name="1"><b>(Bonus) Activity 1</a>: Undo errors to a point in time</b></p>

 In all organizations, big or small, accidents can happen. That's why you always have to have a plan for how you will restore to where you need to be. In SQL Server, ideally, you want choose to [restore to a point in time](https://docs.microsoft.com/en-us/sql/relational-databases/backup-restore/restore-a-sql-server-database-to-a-point-in-time-full-recovery-model?view=sql-server-ver15), but you can only do that if you are running in full recovery model. Under the bulk-logged recovery model, it's more likely that you'll have to recover the database to the end of the transaction log backup.  

--- a/AzureSQLWorkshop/azuresqlworkshop/05-Availability/pitr/pitr.ipynb
+++ b/AzureSQLWorkshop/azuresqlworkshop/05-Availability/pitr/pitr.ipynb
@ -200,7 +200,7 @@
                "\r\n",
                "You'll notice, in this example, the date/time is `2020-02-10 09:28:54.509`. The required format is slightly different. Update it using this example as a reference and to the definition of `$before_error_time`.  \r\n",
                "* Log Analytics format: `2020-02-10 09:28:54.509`\r\n",
-                "* Required format: `2020-02-10T09:28:54.509`  \r\n",
+                "* Required format: `2020-02-10T21:28:54.509`  \r\n",
                "\r\n",
                "\r\n",
                "\r\n",
@ -213,7 +213,7 @@
        {
            "cell_type": "code",
            "source": [
-                "$before_error_time =\"2020-02-10T09:28:54.509\""
+                "$before_error_time =\"2020-02-10T21:28:54.509\""
            ],
            "metadata": {
                "azdata_cell_guid": "e66b65ce-c896-4457-97c4-9554c94d2aef",