Merge pull request Azure#536 from Brunoga-MS/Documentation

AMBA - Update documentation with Elevated access for viewing Security Advisories

docs/content/patterns/alz/Getting-started/Policy-Initiatives.md

@@ -46,7 +46,7 @@ This initiative is intended for relevant policy assignment to networking compone
 | Deploy VNetG Tunnel Bandwidth Alert                        | ALZ_VnetGwTunnelBW                        | [deploy-vnetg_bandwidthutilization_alert.json](../../../../services/Network/virtualNetworkGateways/Deploy-VNETG-BandwidthUtilization-Alert.json)                | deployIfNotExists         |
 | Deploy VNetG Tunnel Egress Alert                           | ALZ_VnetGwTunnelEgress                    | [deploy-vnetg_egress_alert.json](../../../../services/Network/virtualNetworkGateways/Deploy-VNETG-Egress-Alert.json)                                            | disabled                  |
 | Deploy VNetG Tunnel Ingress Alert                          | ALZ_VnetGwTunnelIngress                   | [deploy-vnetg_ingress_alert.json](../../../../services/Network/virtualNetworkGateways/Deploy-VNETG-Ingress-Alert.json)                                          | disabled                  |
-| Deploy_VPNGw_BandwidthUtil_Alert                           | ALZ_VPNGWBandWidthUtil                    | [deploy-vpng_bandwidthutilization_alert.json](../../../../services/Network/vpnGateways/Deploy-VPNG-BandwidthUtilization-Alert.json)                             | deployIfNotExists         |
+| Deploy VPNGw BandwidthUtil Alert                           | ALZ_VPNGWBandWidthUtil                    | [deploy-vpng_bandwidthutilization_alert.json](../../../../services/Network/vpnGateways/Deploy-VPNG-BandwidthUtilization-Alert.json)                             | deployIfNotExists         |
 | Deploy VPNG Egress Alert                                   | ALZ_VPNGWEgress                           | [deploy-vpng_egress_alert.json](../../../../services/Network/vpnGateways/Deploy-VPNG-Egress-Alert.json)                                                         | disabled                  |
 | Deploy VPNG Egress Packet Drop Count Alert                 | ALZ_VPNGWTunnelEgressPacketDropCount      | [deploy-vpng_egresspacketdropcount_alert.json](../../../../services/Network/vpnGateways/Deploy-VPNG-EgressPacketDropCount-Alert.json)                           | deployIfNotExists         |
 | Deploy VPNG Egress Packet Drop Mismatch Alert              | ALZ_VPNGWTunnelEgressPacketDropMismatch   | [deploy-vpng_egresspacketdropmismatch_alert.json](../../../../services/Network/vpnGateways/Deploy-VPNG-EgressPacketDropMismatch-Alert.json)                     | deployIfNotExists         |

docs/content/patterns/alz/HowTo/UpdateToNewReleases/Moving-from-preview-to-GA.md

@@ -6,9 +6,12 @@ weight: 101
 
 ### In this page
 
+> [Prerequisites](../Moving-from-preview-to-GA#prerequisites) </br>
 > [Cleanup Script Execution](../Moving-from-preview-to-GA#cleanup-script-execution) </br>
 > [Next Steps](../Moving-from-preview-to-GA#next-steps) </br>
 
+## Prerequisites
+
 To transition from the preview version to the General Availability (GA) version of the ALZ Monitor solution, you must remove all previously deployed resources. Follow these instructions to execute a PowerShell script that deletes the following resources:
 
 - Metric Alerts

docs/content/patterns/alz/HowTo/UpdateToNewReleases/Update_to_release_2024-06-05.md

@@ -13,7 +13,7 @@ weight: 98
 ***The parameter file structure has changed to accommodate a new feature coming soon.***
 {{< /hint >}}
 
-# Pre update actions
+## Pre update actions
 
 The parameter file structure has been updated to support an upcoming feature. Therefore, when updating from release [2024-06-05](../../../Overview/Whats-New#2024-06-05), you must align your existing parameter file structure with the new format introduced in this release.
 In particular, the new parameter file includes the following changes:

docs/content/patterns/alz/HowTo/UpdateToNewReleases/Update_to_release_2025-02-05.md

@@ -9,9 +9,16 @@ weight: 93
 > [Pre update actions](../Update_to_release_2025-02-05#pre-update-actions) </br>
 > [Update](../Update_to_release_2025-02-05#update)
 
-# Pre update actions
+## Pre update actions
 
-In this release, we have resolved an issue where a missing role assignment was preventing the successful completion of the remediation task for the Web Initiative. However, addressing this problem introduces a breaking change that does not allow an in-place update of an existing environment because the additional role assignment also requires an update of an existing assignment, generating a conflict that makes the update unsuccessful. To resolve this issue and successfully update an existing deployment, you need to remove both the current policy and role assignment. This can be accomplished using the [Start-AMBA-ALZ-Maintenance.psi](patterns\alz\scripts\Start-AMBA-ALZ-Maintenance.ps1) script. For instructions on running the script, refer to the documentation available on the [Clean-up AMBA-ALZ Deployment](../../Cleaning-up-a-Deployment) page, ensuring that you enter **PolicyAssignments** as the value for the ***-cleanItems*** script parameter:
+In this release, we have resolved an issue where a missing role assignment was preventing the successful completion of the remediation task for the Web Initiative. </br>
+However, addressing this problem introduces a breaking change that does not allow an in-place update of an existing environment because the additional role assignment also requires an update of an existing assignment, generating a conflict that makes the update unsuccessful.</br>
+To resolve this issue and successfully update an existing deployment, you need to remove both the existing policy and role assignments. This can be accomplished using the [Start-AMBA-ALZ-Maintenance.psi](patterns\alz\scripts\Start-AMBA-ALZ-Maintenance.ps1) script.</br>
+For instructions on running the script, refer to the documentation available on the [Clean-up AMBA-ALZ Deployment](../../Cleaning-up-a-Deployment) page, ensuring that you enter **PolicyAssignments** as the value for the ***-cleanItems*** script parameter:
+
+```powershell
+.\patterns\alz\scripts\Start-AMBA-ALZ-Maintenance.ps1 -pseudoRootManagementGroup $pseudoRootManagementGroup -cleanItems PolicyAssignment
+```
 
   ![Remove policy and role assignments](../../../media/Remove-Policy-And-Role-Assignments.png)
 

docs/content/patterns/alz/HowTo/UpdateToNewReleases/_index.md

@@ -4,6 +4,11 @@ geekdocCollapseSection: true
 weight: 51
 ---
 
+### In this page
+
+> [What is included in the latest release](../_index#what-is-included-in-the-latest-release) </br>
+> [Steps to update to the latest release](../_index#steps-to-update-to-the-latest-release) </br>
+
 ## What is included in the latest release
 
 The list of enhancement, additions and fixed bugs contained in every release can be seen by navigating to corresponding page linked in the home page of the [azure-monitor-baseline-alerts](https://aka.ms/amba/repo) repository.

docs/content/patterns/alz/HowTo/deploy/Deploy-only-Service-Health-Alerts.md

@@ -4,6 +4,13 @@ geekdocCollapseSection: true
 weight: 80
 ---
 
+{{< hint type=Info >}}
+Accessing Security Advisories in Azure Service Health now requires elevated access across the Summary, Impacted Resources, and Issue Updates tabs. Users who have subscription reader access, or tenant roles at tenant scope, aren't able anymore to view security advisory details until they get the required roles. Complete details can be found at [Elevated access for viewing Security Advisories](https://learn.microsoft.com/en-us/azure/service-health/security-advisories-elevated-access?branch=pr-en-us-255499).
+</br>
+</br>
+***This is not impacting AMBA-ALZ configuration that will continue to work independently.***
+{{< /hint >}}
+
 ### In this page
 
 > [Quick deployment](../Deploy-only-Service-Health-Alerts#quick-deployment) </br>

docs/content/patterns/alz/Overview/ALZ-Pattern.md

@@ -4,6 +4,13 @@ geekdocCollapseSection: true
 weight: 10
 ---
 
+{{< hint type=Info >}}
+Accessing Security Advisories in Azure Service Health now requires elevated access across the Summary, Impacted Resources, and Issue Updates tabs. Users who have subscription reader access, or tenant roles at tenant scope, aren't able anymore to view security advisory details until they get the required roles. Complete details can be found at [Elevated access for viewing Security Advisories](https://learn.microsoft.com/en-us/azure/service-health/security-advisories-elevated-access?branch=pr-en-us-255499).
+</br>
+</br>
+***This is not impacting AMBA-ALZ configuration that will continue to work independently.***
+{{< /hint >}}
+
 ### In this page
 
 > [Overview](../ALZ-Pattern#overview) </br>