Update screenshots in the images/azure directory (github#34520)

Co-authored-by: github-actions <[email protected]>
Co-authored-by: Ben Ahmady <[email protected]>

Author: 3 people

assets/images/azure/azure-aad-app-storage-ids.png

@@ -27,12 +27,11 @@ You must have permission to perform the `/register/action` operation for the res
 The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.product_name %} account in your Azure resource group.
 
 1. Click one of the following two links to begin deployment of {% data variables.product.product_name %}. The link you should click depends on the Azure cloud where you plan to deploy {% data variables.product.product_name %}. For more information about Azure Government, see [What is Azure Government?](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) in the Microsoft documentation.
-   
+
    - [Deploy {% data variables.product.product_name %} to Azure Commercial](https://aka.ms/create-github-ae-instance)
    - [Deploy {% data variables.product.product_name %} to Azure Government](https://aka.ms/create-github-ae-instance-gov)
 1. To begin the process of adding a new {% data variables.product.product_name %} account, click **Create GitHub AE account**.
 1. Complete the "Project details" and "Instance details" fields.
-    ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png)
     - **Account name:** The hostname for your enterprise
     - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.product_name %}
     - **Administrator email:** The email address that will receive the login information
@@ -53,14 +52,13 @@ You can use the {% data variables.actions.azure_portal %} to navigate to your {%
 
 1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**.
 1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**:
-    ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png)
 
 ## Next steps
 
 - Once your deployment has been provisioned, the next step is to initialize {% data variables.product.product_name %}. For more information, see "[Initializing {% data variables.product.product_name %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)."
 - If you're trying {% data variables.product.product_name %}, you can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. If you need more time to evaluate {% data variables.product.product_name %}, contact {% data variables.contact.contact_enterprise_sales %} to request an extension.
 
-## Further reading 
+## Further reading
 
 - "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)"
-- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" 
+- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)"

assets/images/azure/azure-federated-credential.png

@@ -55,10 +55,10 @@ To configure {% data variables.product.prodname_ghe_server %} to use OIDC with a
 1. Register a new application in Azure Active Directory. For more information, see [Register an application](https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application) in the Azure documentation.
 1. In your Azure application, under "Essentials", take note of the values for "Application (client) ID" and "Directory (tenant) ID". These values are used later.
 
-   ![Azure portal showing the Active Directory app "Essentials" section](/assets/images/azure/azure-aad-app-storage-ids.png)
+   ![Screenshot of the "Overview" page in Azure. The first four items in the "Essentials" section are highlighted with an orange outline.](/assets/images/azure/azure-aad-app-storage-ids.png)
 1. In your Azure application, under "Manage", click **Certificates & secrets**, select the **Federated credentials** tab, then click **Add credential**.
 
-   ![Azure portal showing the Active Directory app "certificates & secrets" page](/assets/images/azure/azure-federated-credential.png)
+   ![Screenshot of the "Federated credentials" page in Azure. The "Certificates & secrets" tab, the "Federated credentials" tab, and the "Add credential" button are highlighted with orange outlines.](/assets/images/azure/azure-federated-credential.png)
 1. Enter the following details for the credential:
    1. For "Federated credential scenario", select **Other issuer**.
    1. For "Issuer", enter `https://HOSTNAME/_services/token`, where `HOSTNAME` is the public hostname for {% data variables.location.product_location_enterprise %}. For example, `https://my-ghes-host.example.com/_services/token`.

assets/images/azure/azure-resources-search.png

@@ -68,7 +68,7 @@ You can set up streaming to S3 with access keys or, to avoid storing long-lived
 #### Setting up streaming to S3 with access keys
 {% endif %}
 
-To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the AWS documentation. Make sure to block public access to the bucket to protect your audit log information. 
+To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the AWS documentation. Make sure to block public access to the bucket to protect your audit log information.
 
 To set up audit log streaming from {% data variables.product.prodname_dotcom %} you will need:
 * The name of your Amazon S3 bucket
@@ -117,7 +117,7 @@ For information on creating or accessing your access key ID and secret key, see
    ```
    For more information, see [Creating IAM policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the AWS documentation.
 1. Configure the role and trust policy for the {% data variables.product.prodname_dotcom %} IdP. For more information, see [Creating a role for web identity or OpenID Connect Federation (console)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html) in the AWS documentation.
-  
+
    - Add the permissions policy you created above to allow writes to the bucket.
    - Edit the trust relationship to add the `sub` field to the validation conditions, replacing `ENTERPRISE` with the name of your enterprise.
      ```
@@ -154,84 +154,73 @@ You can consolidate your audit logs from {% data variables.product.product_name
 
 ### Setting up streaming to Azure Blob Storage
 
-Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have created a storage account and a container in Microsoft Azure. For details, see the Microsoft documentation, "[Introduction to Azure Blob Storage](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction)." 
+Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have created a storage account and a container in Microsoft Azure. For details, see the Microsoft documentation, "[Introduction to Azure Blob Storage](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction)."
 
 To configure the stream in {% data variables.product.prodname_dotcom %} you need the URL of a SAS token.
 
 **On Microsoft Azure portal**:
 1. On the Home page, click **Storage Accounts**.
-2. Click the name of the storage account you want to use, then click **Containers**.
-   
-   ![The Containers link in Azure](/assets/images/azure/azure-storage-containers.png)
-
+1. Under "Name", click the name of the storage account you want to use.
+1. Under "Data storage", click **Containers**.
 1. Click the name of the container you want to use.
-1. Click **Shared access tokens**. 
-   
-   ![The shared access token link in Azure](/assets/images/azure/azure-storage-shared-access-tokens.png)
-
-1. In the **Permissions** drop-down menu, change the permissions to only allow `Create` and `Write`.
-   
-   ![The permissions drop-down menu](/assets/images/azure/azure-storage-permissions.png)
-
+1. In the left sidebar, under "Settings", click **Shared access tokens**.
+1. Select the **Permissions** dropdown menu, then select `Create` and `Write` and deselect all other options.
 1. Set an expiry date that complies with your secret rotation policy.
 1. Click **Generate SAS token and URL**.
 1. Copy the value of the **Blob SAS URL** field that's displayed. You will use this URL in {% data variables.product.prodname_dotcom %}.
 
 **On {% data variables.product.prodname_dotcom %}**:
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Configure stream** and select **Azure Blob Storage**.
-   
+
    ![Choose Azure Blob Storage from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-azureblob.png)
 
 1. On the configuration page, enter the blob SAS URL that you copied in Azure. The **Container** field is auto-filled based on the URL.
 
    ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-azureblob.png)
-  
+
 1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Azure Blob Storage endpoint.
-   
+
    ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png)
 
 {% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
 
 ### Setting up streaming to Azure Event Hubs
 
-Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have an event hub namespace in Microsoft Azure. Next, you must create an event hub instance within the namespace. You'll need the details of this event hub instance when you set up the stream. For details, see the Microsoft documentation, "[Quickstart: Create an event hub using Azure portal](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create)." 
+Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have an event hub namespace in Microsoft Azure. Next, you must create an event hub instance within the namespace. You'll need the details of this event hub instance when you set up the stream. For details, see the Microsoft documentation, "[Quickstart: Create an event hub using Azure portal](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create)."
 
-You need two pieces of information about your event hub: its instance name and the connection string. 
+You need two pieces of information about your event hub: its instance name and the connection string.
 
 **On Microsoft Azure portal**:
-1. Search for "Event Hubs".
-
-   ![The Azure portal search box](/assets/images/azure/azure-resources-search.png )
+1. At the top of the page, next to "Microsoft Azure", use the search box to search for "Event Hubs".
+1. Select **Event Hubs**. The names of your event hubs are listed.
 
-1. Select **Event Hubs**. The names of your event hubs are listed. 
-   
    ![A list of event hubs](/assets/images/help/enterprises/azure-event-hubs-list.png)
 
 1. Make a note of the name of the event hub you want to stream to.
 1. Click the required event hub. Then, in the left menu, select **Shared Access Policies**.
 1. Select a shared access policy in the list of policies, or create a new policy.
-   
+
    ![A list of shared access policies](/assets/images/help/enterprises/azure-shared-access-policies.png)
 
 1. Click the button to the right of the **Connection string-primary key** field to copy the connection string.
-   
+
    ![The event hub connection string](/assets/images/help/enterprises/azure-connection-string.png)
 
 **On {% data variables.product.prodname_dotcom %}**:
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Configure stream** and select **Azure Event Hubs**.
-   
+
    ![Choose Azure Events Hub from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-azure.png)
 
 1. On the configuration page, enter:
    * The name of the Azure Event Hubs instance.
    * The connection string.
-  
+
    ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-azure.png)
-   
+
 1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Azure Events Hub endpoint.
-   
+
    ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png)
 
 {% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
@@ -247,7 +236,7 @@ After you set up streaming to Datadog, you can see your audit log data by filter
 1. In Datadog, generate a client token or an API key, then click **Copy key**. For more information, see [API and Application Keys](https://docs.datadoghq.com/account_management/api-app-keys/) in Datadog Docs.
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Select the **Configure stream** dropdown menu and click **Datadog**.
-   
+
    ![Screenshot of the "Configure stream" dropdown menu with "Datadog" highlighted](/assets/images/help/enterprises/audit-stream-choice-datadog.png)
 1. Under "Token", paste the token  you copied earlier.
 
@@ -256,7 +245,7 @@ After you set up streaming to Datadog, you can see your audit log data by filter
 
    ![Screenshot of the "Site" dropdown menu](/assets/images/help/enterprises/audit-stream-datadog-site.png)
 1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Datadog endpoint, click **Check endpoint**.
-   
+
    ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png)
 {% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
 1. After a few minutes, confirm that audit log data is appearing on the **Logs** tab in Datadog. If audit log data is not appearing, confirm that your token and site are correct in {% data variables.product.prodname_dotcom %}.
@@ -283,7 +272,7 @@ To set up streaming to Google Cloud Storage, you must create a service account i
 
    ![Screenshot of the "JSON Credentials" text field](/assets/images/help/enterprises/audit-stream-json-credentials-google-cloud-storage.png)
 
-1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Google Cloud Storage bucket, click **Check endpoint**. 
+1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Google Cloud Storage bucket, click **Check endpoint**.
 
    ![Screenshot of the "Check endpoint" button](/assets/images/help/enterprises/audit-stream-check-endpoint-google-cloud-storage.png)
 
@@ -295,20 +284,20 @@ To stream audit logs to Splunk's HTTP Event Collector (HEC) endpoint you must ma
 
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Configure stream** and select **Splunk**.
-   
+
    ![Choose Splunk from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-splunk.png)
 
 1. On the configuration page, enter:
    * The domain on which the application you want to stream to is hosted.
-  
-     If you are using Splunk Cloud, `Domain` should be `http-inputs-<host>`, where `host` is the domain you use in Splunk Cloud. For example: `http-inputs-mycompany.splunkcloud.com`. 
+
+     If you are using Splunk Cloud, `Domain` should be `http-inputs-<host>`, where `host` is the domain you use in Splunk Cloud. For example: `http-inputs-mycompany.splunkcloud.com`.
 
    * The port on which the application accepts data.<br>
 
      If you are using Splunk Cloud, `Port` should be `443` if you haven't changed the port configuration. If you are using the free trial version of Splunk Cloud, `Port` should be `8088`.
 
    * A token that {% data variables.product.prodname_dotcom %} can use to authenticate to the third-party application.
-  
+
    ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-splunk.png)
 
 1. Leave the **Enable SSL verification** check box selected.
@@ -329,7 +318,7 @@ Datadog only accepts logs from up to 18 hours in the past. If you pause a stream
 
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Pause stream**.
-   
+
    ![Pause the stream](/assets/images/help/enterprises/audit-stream-pause.png)
 
 1. A confirmation message is displayed. Click **Pause stream** to confirm.
@@ -341,7 +330,7 @@ When the application is ready to receive audit logs again, click **Resume stream
 
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Delete stream**.
-   
+
    ![Delete the stream](/assets/images/help/enterprises/audit-stream-delete.png)
 
 1. A confirmation message is displayed. Click **Delete stream** to confirm.