Merge pull request #224881 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory/enterprise-users/groups-bulk-download.md

@@ -22,6 +22,9 @@ You can download a list of all the groups in your organization to a comma-separa
 
 ## To download a list of groups
 
+>[!NOTE]
+> The columns downloaded are pre-defined
+
 1. Sign in to [the Azure portal](https://portal.azure.com) with an account in your organization.
 1. In Azure AD, select **Groups** > **Download groups**.
 1. On the **Groups download** page, select **Start** to receive a CSV file listing your groups.

articles/active-directory/hybrid/how-to-connect-configure-ad-ds-connector-account.md

@@ -86,7 +86,7 @@ By default, all the set permissions cmdlets will try to set AD DS permissions on
 
 You can also set permissions on a specific OU or AD DS object by using the parameter `-ADobjectDN` followed by the DN of the target object where you want to set permissions. When using a target ADobjectDN, the cmdlet will set permissions on this object only and not on the domain root or AdminSDHolder container. This parameter can be useful when you have certain OUs or AD DS objects that have permission inheritance disabled (see Locate AD DS objects with permission inheritance disabled) 
 
-Exceptions to these common parameters are the `Set-ADSyncRestrictedPermissions` cmdlet which is used to set the permissions on the AD DS Connector Account itself, and the `Set-ADSyncPasswordHashSyncPermissions` cmdlet since the permissions required for Password Hash Sync are only set at the domain root, hence this cmdlet does not include the `-ObjectDN` or `-SkipAdminSdHolders` parameters.
+Exceptions to these common parameters are the `Set-ADSyncRestrictedPermissions` cmdlet which is used to set the permissions on the AD DS Connector Account itself, and the `Set-ADSyncPasswordHashSyncPermissions` cmdlet since the permissions required for Password Hash Sync are only set at the domain root, hence this cmdlet does not include the `-ObjectDN` or `-IncludeAdminSdHolders` parameters.
 
 ### Determine your AD DS Connector Account 
 In case Azure AD Connect is already installed and you want to check what is the AD DS Connector Account currently in use by Azure AD Connect, you can execute the cmdlet: 
@@ -119,7 +119,7 @@ Show-ADSyncADObjectPermissions -ADobjectDN '<DistinguishedName>'
 To set basic read-only permissions for the AD DS Connector account when not using any Azure AD Connect feature, run: 
 
 ``` powershell
-Set-ADSyncBasicReadPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncBasicReadPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 
 
@@ -149,7 +149,7 @@ This cmdlet will set the following permissions:
 To set permissions for the AD DS Connector account when using the ms-Ds-Consistency-Guid attribute as the source anchor (also known as “Let Azure manage the source anchor for me” option), run: 
 
 ``` powershell
-Set-ADSyncMsDsConsistencyGuidPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncMsDsConsistencyGuidPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 
 or; 
@@ -189,7 +189,7 @@ This cmdlet will set the following permissions:
 To set permissions for the AD DS Connector account when using Password Writeback, run: 
 
 ``` powershell
-Set-ADSyncPasswordWritebackPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncPasswordWritebackPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 
 
@@ -210,7 +210,7 @@ This cmdlet will set the following permissions:
 To set permissions for the AD DS Connector account when using Group Writeback, run: 
 
 ``` powershell
-Set-ADSyncUnifiedGroupWritebackPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncUnifiedGroupWritebackPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 or; 
 
@@ -230,7 +230,7 @@ This cmdlet will set the following permissions:
 To set permissions for the AD DS Connector account when using Exchange Hybrid deployment, run: 
 
 ``` powershell
-Set-ADSyncExchangeHybridPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncExchangeHybridPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 
 
@@ -254,7 +254,7 @@ This cmdlet will set the following permissions:
 To set permissions for the AD DS Connector account when using Exchange Mail Public Folders feature, run: 
 
 ``` powershell
-Set-ADSyncExchangeMailPublicFolderPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-SkipAdminSdHolders] [<CommonParameters>] 
+Set-ADSyncExchangeMailPublicFolderPermissions -ADConnectorAccountName <String> -ADConnectorAccountDomain <String> [-IncludeAdminSdHolders] [<CommonParameters>] 
 ```
 
 

articles/application-gateway/ingress-controller-install-existing.md

@@ -299,7 +299,7 @@ appgw:
 Apply the Helm changes:
   1. Ensure the `AzureIngressProhibitedTarget` CRD is installed with:
       ```bash
-      kubectl apply -f https://raw.githubusercontent.com/Azure/application-gateway-kubernetes-ingress/ae695ef9bd05c8b708cedf6ff545595d0b7022dc/crds/AzureIngressProhibitedTarget.yaml
+      kubectl apply -f https://raw.githubusercontent.com/Azure/application-gateway-kubernetes-ingress/7b55ad194e7582c47589eb9e78615042e00babf3/crds/AzureIngressProhibitedTarget-v1-CRD-v1.yaml
       ```
   2. Update Helm:
       ```bash

articles/attestation/overview.md

@@ -73,7 +73,7 @@ Azure Attestation is the preferred choice for attesting TEEs as it offers the fo
 
 - Unified framework for attesting multiple environments such as TPMs, SGX enclaves and VBS enclaves 
 - Allows creation of custom attestation providers and configuration of policies to restrict token generation
-- Protects its data while-in use with implementation in an SGX enclave
+- Protects its data while-in use with implementation in an SGX enclave or Confidential Virtual Macine based on AMD SEV-SNP
 - Highly available service 
 
 ## How to establish trust with Azure Attestation

articles/cognitive-services/Computer-vision/includes/image-analysis-curl-quickstart.md

@@ -42,7 +42,7 @@ To analyze an image for various visual features, do the following steps:
     1. Replace the value of `<subscriptionKey>` with your key.
     1. Replace the first part of the request URL (`westcentralus`) with the text in your own endpoint URL.
         [!INCLUDE [Custom subdomains notice](../../../../includes/cognitive-services-custom-subdomains-note.md)]
-    1. Optionally, change the image URL in the request body (`http://upload.wikimedia.org/wikipedia/commons/3/3c/Shaki_waterfall.jpg\`) to the URL of a different image to be analyzed.
+    1. Optionally, change the image URL in the request body (`https://upload.wikimedia.org/wikipedia/commons/thumb/3/3c/Salto_del_Angel-Canaima-Venezuela08.JPG/800px-Salto_del_Angel-Canaima-Venezuela08.JPG`) to the URL of a different image to be analyzed.
 1. Open a command prompt window.
 1. Paste the command from the text editor into the command prompt window, and then run the command.
 

articles/cognitive-services/Computer-vision/overview-ocr.md

@@ -58,7 +58,7 @@ The Read OCR model is available in Computer Vision and Form Recognizer with comm
 
 The cloud APIs are the preferred option for most customers because of their ease of integration and fast productivity out of the box. Azure and the Computer Vision service handle scale, performance, data security, and compliance needs while you focus on meeting your customers' needs.
 
-For on-premises deployment, the [Read Docker container (preview)](./computer-vision-how-to-install-containers.md) enables you to deploy the Computer Vision v3.2 generally available OCR capabilities in your own local environment. Containers are great for specific security and data governance requirements.
+For on-premises deployment, the [Read Docker container](./computer-vision-how-to-install-containers.md) enables you to deploy the Computer Vision v3.2 generally available OCR capabilities in your own local environment. Containers are great for specific security and data governance requirements.
 
 ## OCR data privacy and security
 

articles/confidential-computing/confidential-vm-overview.md

@@ -106,6 +106,7 @@ Confidential VMs *don't support*:
 - Ultra disks
 - Accelerated Networking
 - Live migration
+- Screenshots under boot diagnostics
 
 
 ## Next steps

articles/iot-edge/how-to-provision-devices-at-scale-linux-tpm.md

@@ -320,12 +320,14 @@ After the runtime is installed on your device, configure the device with the inf
 
 <!-- iotedge-1.4 -->
 :::moniker range=">=iotedge-1.4"
-1. Optionally, uncomment the `payload` parameter to specify the path to a local JSON file. The contents of the file will be [sent to DPS as additional data](../iot-dps/how-to-send-additional-data.md#iot-edge-support) when the device registers. This is useful for [custom allocation](../iot-dps/how-to-use-custom-allocation-policies.md). For example, if you want to allocate your devices based on an IoT Plug and Play model ID without human intervention.
+
+Optionally, uncomment the `payload` parameter to specify the path to a local JSON file. The contents of the file will be [sent to DPS as additional data](../iot-dps/how-to-send-additional-data.md#iot-edge-support) when the device registers. This is useful for [custom allocation](../iot-dps/how-to-use-custom-allocation-policies.md). For example, if you want to allocate your devices based on an IoT Plug and Play model ID without human intervention.
 :::moniker-end
 
 <!-- iotedge-2020-11 -->
 :::moniker range=">=iotedge-2020-11"
-1. Save and close the file.
+
+Save and close the file.
 
 :::moniker-end
 <!-- end iotedge-2020-11 -->

articles/machine-learning/how-to-datastore.md

@@ -123,18 +123,18 @@ ml_client.create_or_update(store)
 
 ```python
 from azure.ai.ml.entities import AzureBlobDatastore
-from azure.ai.ml.entities._datastore.credentials import AccountKeyCredentials
+from azure.ai.ml.entities import AccountKeyConfiguration
 from azure.ai.ml import MLClient
 
 ml_client = MLClient.from_config()
 
 store = AzureBlobDatastore(
     name="blob_protocol_example",
-    description="Datastore pointing to a blob container using wasbs protocol.",
+    description="Datastore pointing to a blob container using https protocol.",
     account_name="mytestblobstore",
     container_name="data-container",
-    protocol="wasbs",
-    credentials=AccountKeyCredentials(
+    protocol="https",
+    credentials=AccountKeyConfiguration(
         account_key="XXXxxxXXXxXXXXxxXXXXXxXXXXXxXxxXxXXXxXXXxXXxxxXXxxXXXxXxXXXxxXxxXXXXxxxxxXXxxxxxxXXXxXXX"
     ),
 )
@@ -146,7 +146,7 @@ ml_client.create_or_update(store)
 
 ```python
 from azure.ai.ml.entities import AzureBlobDatastore
-from azure.ai.ml.entities._datastore.credentials import SasTokenCredentials
+from azure.ai.ml.entities import SasTokenConfiguration 
 from azure.ai.ml import MLClient
 
 ml_client = MLClient.from_config()
@@ -156,7 +156,7 @@ store = AzureBlobDatastore(
     description="Datastore pointing to a blob container using SAS token.",
     account_name="mytestblobstore",
     container_name="data-container",
-    credentials=SasTokenCredentials(
+    credentials=SasTokenConfiguration(
         sas_token= "?xx=XXXX-XX-XX&xx=xxxx&xxx=xxx&xx=xxxxxxxxxxx&xx=XXXX-XX-XXXXX:XX:XXX&xx=XXXX-XX-XXXXX:XX:XXX&xxx=xxxxx&xxx=XXxXXXxxxxxXXXXXXXxXxxxXXXXXxxXXXXXxXXXXxXXXxXXxXX"
     ),
 )
@@ -301,7 +301,7 @@ az ml datastore create --file my_files_datastore.yml
 
 ```python
 from azure.ai.ml.entities import AzureFileDatastore
-from azure.ai.ml.entities._datastore.credentials import AccountKeyCredentials
+from azure.ai.ml.entities import AccountKeyConfiguration
 from azure.ai.ml import MLClient
 
 ml_client = MLClient.from_config()
@@ -311,7 +311,7 @@ store = AzureFileDatastore(
     description="Datastore pointing to an Azure File Share.",
     account_name="mytestfilestore",
     file_share_name="my-share",
-    credentials=AccountKeyCredentials(
+    credentials=AccountKeyConfiguration(
         account_key= "XXXxxxXXXxXXXXxxXXXXXxXXXXXxXxxXxXXXxXXXxXXxxxXXxxXXXxXxXXXxxXxxXXXXxxxxxXXxxxxxxXXXxXXX"
     ),
 )
@@ -323,7 +323,7 @@ ml_client.create_or_update(store)
 
 ```python
 from azure.ai.ml.entities import AzureFileDatastore
-from azure.ai.ml.entities._datastore.credentials import SasTokenCredentials
+from azure.ai.ml.entities import SasTokenConfiguration
 from azure.ai.ml import MLClient
 
 ml_client = MLClient.from_config()
@@ -333,7 +333,7 @@ store = AzureFileDatastore(
     description="Datastore pointing to an Azure File Share using SAS token.",
     account_name="mytestfilestore",
     file_share_name="my-share",
-    credentials=SasTokenCredentials(
+    credentials=SasTokenConfiguration(
         sas_token="?xx=XXXX-XX-XX&xx=xxxx&xxx=xxx&xx=xxxxxxxxxxx&xx=XXXX-XX-XXXXX:XX:XXX&xx=XXXX-XX-XXXXX:XX:XXX&xxx=xxxxx&xxx=XXxXXXxxxxxXXXXXXXxXxxxXXXXXxxXXXXXxXXXXxXXXxXXxXX"
     ),
 )

articles/static-web-apps/deploy-nuxtjs.md

@@ -186,7 +186,7 @@ If the page is a dynamic page, for example `_id.vue`, it won't have enough infor
 
 Make changes to the app by updating the code and pushing it to GitHub. GitHub Actions automatically builds and deploys the app.
 
-For more information, see the Azure Static Web Apps Nuxt 3 deployment preset [documentation](https://v3.nuxtjs.org/guide/deploy/providers/azure/).
+For more information, see the Azure Static Web Apps Nuxt 3 deployment preset [documentation](https://nitro.unjs.io/deploy/providers/azure).
 
 > [!div class="nextstepaction"]
 > [Set up a custom domain](custom-domain.md)