Merge pull request #105313 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)

Author: rmca14

articles/active-directory/develop/howto-create-service-principal-portal.md

@@ -36,9 +36,9 @@ Let's jump straight into creating the identity. If you run into a problem, check
 
 You've created your Azure AD application and service principal.
 
-## Assign the application to a role
+## Assign a role to the application
 
-To access resources in your subscription, you must assign the application to a role. Decide which role offers the right permissions for the application. To learn about the available roles, see [RBAC: Built in Roles](../../role-based-access-control/built-in-roles.md).
+To access resources in your subscription, you must assign a role to the application. Decide which role offers the right permissions for the application. To learn about the available roles, see [RBAC: Built in Roles](../../role-based-access-control/built-in-roles.md).
 
 You can set the scope at the level of the subscription, resource group, or resource. Permissions are inherited to lower levels of scope. For example, adding an application to the Reader role for a resource group means it can read the resource group and any resources it contains.
 
@@ -58,7 +58,7 @@ You can set the scope at the level of the subscription, resource group, or resou
 
    ![Select the role to assign to the application](./media/howto-create-service-principal-portal/select-role.png)
 
-1. Select **Save** to finish assigning the role. You see your application in the list of users assigned to a role for that scope.
+1. Select **Save** to finish assigning the role. You see your application in the list of users with a role for that scope.
 
 Your service principal is set up. You can start using it to run your scripts or apps. The next section shows how to get values that are needed when signing in programmatically.
 
@@ -108,7 +108,7 @@ If you choose not to use a certificate, you can create a new application secret.
 1. Select **Client secrets -> New client secret**.
 1. Provide a description of the secret, and a duration. When done, select **Add**.
 
-   After saving the client secret, the value of the client secret is displayed. Copy this value because you aren't able to retrieve the key later. You provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.
+   After saving the client secret, the value of the client secret is displayed. Copy this value because you won't be able to retrieve the key later. You will provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.
 
    ![Copy the secret value because you can't retrieve this later](./media/howto-create-service-principal-portal/copy-secret.png)
 
@@ -122,7 +122,7 @@ Keep in mind, you might need to configure addition permissions on resources that
 
 ## Required permissions
 
-You must have sufficient permissions to register an application with your Azure AD tenant, and assign the application to a role in your Azure subscription.
+You must have sufficient permissions to register an application with your Azure AD tenant, and assign to the application a role in your Azure subscription.
 
 ### Check Azure AD permissions
 
@@ -134,11 +134,11 @@ You must have sufficient permissions to register an application with your Azure
 1. In the left pane, select **User settings**.
 1. Check the **App registrations** setting. This value can only be set by an administrator. If set to **Yes**, any user in the Azure AD tenant can register an app.
 
-If the app registrations setting is set to **No**, only users with an administrator role may register these types of applications. See [available roles](../users-groups-roles/directory-assign-admin-roles.md#available-roles) and [role permissions](../users-groups-roles/directory-assign-admin-roles.md#role-permissions) to learn about available administrator roles and the specific permissions in Azure AD that are given to each role. If your account is assigned to the User role, but the app registration setting is limited to admin users, ask your administrator to either assign you to one of the administrator roles that can create and manage all aspects of app registrations, or to enable users to register apps.
+If the app registrations setting is set to **No**, only users with an administrator role may register these types of applications. See [available roles](../users-groups-roles/directory-assign-admin-roles.md#available-roles) and [role permissions](../users-groups-roles/directory-assign-admin-roles.md#role-permissions) to learn about available administrator roles and the specific permissions in Azure AD that are given to each role. If your account is assigned the User role, but the app registration setting is limited to admin users, ask your administrator to either assign you one of the administrator roles that can create and manage all aspects of app registrations, or to enable users to register apps.
 
 ### Check Azure subscription permissions
 
-In your Azure subscription, your account must have `Microsoft.Authorization/*/Write` access to assign an AD app to a role. This action is granted through the [Owner](../../role-based-access-control/built-in-roles.md#owner) role or [User Access Administrator](../../role-based-access-control/built-in-roles.md#user-access-administrator) role. If your account is assigned to the **Contributor** role, you don't have adequate permission. You receive an error when attempting to assign the service principal to a role.
+In your Azure subscription, your account must have `Microsoft.Authorization/*/Write` access to assign a role to an AD app. This action is granted through the [Owner](../../role-based-access-control/built-in-roles.md#owner) role or [User Access Administrator](../../role-based-access-control/built-in-roles.md#user-access-administrator) role. If your account is assigned the **Contributor** role, you don't have adequate permission. You will receive an error when attempting to assign the service principal a role.
 
 To check your subscription permissions:
 
@@ -150,9 +150,9 @@ To check your subscription permissions:
 
    ![Select the subscription you want to create the service principal in](./media/howto-create-service-principal-portal/view-details.png)
 
-1. Select **Role assignments** to view your assigned roles, and determine if you have adequate permissions to assign an AD app to a role. If not, ask your subscription administrator to add you to User Access Administrator role. In the following image, the user is assigned to the Owner role, which means that user has adequate permissions.
+1. Select **Role assignments** to view your assigned roles, and determine if you have adequate permissions to assign a role to an AD app. If not, ask your subscription administrator to add you to User Access Administrator role. In the following image, the user is assigned the Owner role, which means that user has adequate permissions.
 
-   ![This example shows the user is assigned to the Owner role](./media/howto-create-service-principal-portal/view-user-role.png)
+   ![This example shows the user is assigned the Owner role](./media/howto-create-service-principal-portal/view-user-role.png)
 
 ## Next steps
 

articles/active-directory/users-groups-roles/roles-delegate-by-task.md

@@ -42,14 +42,14 @@ Task | Least privileged role | Additional roles
 Create Azure AD B2C directories | All non-guest users ([see documentation](https://docs.microsoft.com/azure/active-directory/fundamentals/users-default-permissions)) | 
 Create B2C applications | Global Administrator | 
 Create enterprise applications | Cloud Application Administrator | Application Administrator
-Create, read, update, and delete B2C policies | Global Administrator | 
-Create, read, update, and delete identity providers | Global Administrator | 
-Create, read, update, and delete password reset user flows | Global Administrator | 
-Create, read, update, and delete profile editing user flows | Global Administrator | 
-Create, read, update, and delete sign-in user flows | Global Administrator | 
-Create, read, update, and delete sign-up user flow |Global Administrator | 
-Create, read, update, and delete user attributes | Global Administrator | 
-Create, read, update, and delete users | Global Administrator ([see documentation](https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-faqs))
+Create, read, update, and delete B2C policies | B2C IEF Policy Administrator | 
+Create, read, update, and delete identity providers | External Identity Provider Administrator | 
+Create, read, update, and delete password reset user flows | B2C User Flow Administrator | 
+Create, read, update, and delete profile editing user flows | B2C User Flow Administrator | 
+Create, read, update, and delete sign-in user flows | B2C User Flow Administrator | 
+Create, read, update, and delete sign-up user flow |B2C User Flow Administrator | 
+Create, read, update, and delete user attributes | B2C User Flow Attribute Administrator | 
+Create, read, update, and delete users | User Administrator
 Read all configuration | Global reader | 
 Read B2C audit logs | Global reader ([see documentation](https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-faqs)) | 
 
@@ -124,7 +124,7 @@ Task | Least privileged role | Additional roles
 ---- | --------------------- | ----------------
 Consent to any delegated permissions | Cloud application administrator | Application administrator
 Consent to application permissions not including Microsoft Graph | Cloud application administrator | Application administrator
-Consent to application permissions to Microsoft Graph | Global Administrator | 
+Consent to application permissions to Microsoft Graph | Privileged Role Administrator | 
 Consent to applications accessing own data | Default user role ([see documentation](https://docs.microsoft.com/azure/active-directory/fundamentals/users-default-permissions)) | 
 Create enterprise application | Cloud application administrator | Application administrator
 Manage Application Proxy | Application administrator | 
@@ -153,7 +153,7 @@ Assign license | User administrator |
 Create group | User administrator | 
 Create, update, or delete access review of a group or of an app | User administrator | 
 Manage group expiration | User administrator | 
-Manage group settings | Global Administrator | 
+Manage group settings | Groups Administrator | User Administrator | 
 Read all configuration (except hidden membership) | Directory readers | Default user role ([see documentation](https://docs.microsoft.com/azure/active-directory/fundamentals/users-default-permissions))
 Read hidden membership | Group member | Group owner, Password administrator, Exchange administrator, SharePoint administrator, Teams administrator, User administrator
 Read membership of groups with hidden membership | Helpdesk Administrator | User administrator, Teams administrator
@@ -231,7 +231,7 @@ Read server status | Global reader |
 
 Task | Least privileged role | Additional roles
 ---- | --------------------- | ----------------
-Manage identity providers | Global Administrator | 
+Manage identity providers | External Identity Provider Administrator | 
 Manage settings | Global Administrator | 
 Manage terms of use | Global Administrator | 
 Read all configuration | Global reader | 
@@ -327,11 +327,11 @@ Create user | User administrator |
 Delete users | User administrator | 
 Invalidate refresh tokens of limited admins (see documentation) | User administrator | 
 Invalidate refresh tokens of non-admins (see documentation) | Password administrator | User administrator
-Invalidate refresh tokens of privileged admins (see documentation) | Global Administrator | 
+Invalidate refresh tokens of privileged admins (see documentation) | Privileged Authentication Administrator | 
 Read basic configuration | Default User role ([see documentation](https://docs.microsoft.com/azure/active-directory/fundamentals/users-default-permissions) | 
 Reset password for limited admins (see documentation) | User administrator | 
 Reset password of non-admins (see documentation) | Password administrator | User administrator
-Reset password of privileged admins | Global Administrator | 
+Reset password of privileged admins | Privileged Authentication Administrator | 
 Revoke license | License administrator | User administrator
 Update all properties except User Principal Name | User administrator | 
 Update User Principal Name for limited admins (see documentation) | User administrator | 

articles/aks/azure-netapp-files.md

@@ -29,7 +29,8 @@ The following limitations apply when you use Azure NetApp Files:
 * Azure NetApp Files is only available [in selected Azure regions][anf-regions].
 * Before you can use Azure NetApp Files, you must be granted access to the Azure NetApp Files service. To apply for access, you can use the [Azure NetApp Files waitlist submission form][anf-waitlist]. You can't access the Azure NetApp Files service until you receive the official confirmation email from the Azure NetApp Files team.
 * Your Azure NetApp Files service must be created in the same virtual network as your AKS cluster.
-* Only static provisioning for Azure NetApp Files is supported on AKS.
+* After the initial deployment of an AKS cluster, only static provisioning for Azure NetApp Files is supported.
+* To use dynamic provisioning with Azure NetApp Files, install and configure [NetApp Trident](https://netapp-trident.readthedocs.io/) version 19.07 or later.
 
 ## Configure Azure NetApp Files
 

articles/app-service/webjobs-sdk-get-started.md

@@ -379,7 +379,7 @@ To take advantage of [Application Insights](../azure-monitor/app/app-insights-ov
                     string instrumentationKey = context.Configuration["APPINSIGHTS_INSTRUMENTATIONKEY"];
                     if (!string.IsNullOrEmpty(instrumentationKey))
                     {
-                        b.AddApplicationInsights(o => o.InstrumentationKey = instrumentationKey);
+                        b.AddApplicationInsightsWebJobs(o => o.InstrumentationKey = instrumentationKey);
                     }
                 });
         var host = builder.Build();

articles/data-factory/quickstart-create-data-factory-dot-net.md

@@ -43,7 +43,7 @@ From the sections in *How to: Use the portal to create an Azure AD application a
 1. In [Create an Azure Active Directory application](../active-directory/develop/howto-create-service-principal-portal.md#create-an-azure-active-directory-application), create an application that represents the .NET application you are creating in this tutorial. For the sign-on URL, you can provide a dummy URL as shown in the article (`https://contoso.org/exampleapp`).
 2. In [Get values for signing in](../active-directory/develop/howto-create-service-principal-portal.md#get-values-for-signing-in), get the **application ID** and **tenant ID**, and note down these values that you use later in this tutorial. 
 3. In [Certificates and secrets](../active-directory/develop/howto-create-service-principal-portal.md#certificates-and-secrets), get the **authentication key**, and note down this value that you use later in this tutorial.
-4. In [Assign the application to a role](../active-directory/develop/howto-create-service-principal-portal.md#assign-the-application-to-a-role), assign the application to the **Contributor** role at the subscription level so that the application can create data factories in the subscription.
+4. In [Assign the application to a role](../active-directory/develop/howto-create-service-principal-portal.md#assign-a-role-to-the-application), assign the application to the **Contributor** role at the subscription level so that the application can create data factories in the subscription.
 
 ## Create a Visual Studio project
 

articles/service-fabric/service-fabric-cluster-upgrade-windows-server.md

@@ -135,7 +135,7 @@ For usage details, see the [Start-ServiceFabricClusterConfigurationUpgrade](http
     Register-ServiceFabricClusterPackage -Code -CodePackagePath <name of the .cab file>
 
     ###### Here is a filled-out example
-    Register-ServiceFabricClusterPackage -Code -CodePackagePath .\MicrosoftAzureServiceFabric.5.3.301.9590.cab
+    Register-ServiceFabricClusterPackage -Code -CodePackagePath MicrosoftAzureServiceFabric.5.3.301.9590.cab
     ```
 6. Start a cluster upgrade to an available version.
 

articles/sql-database/troubleshoot-connectivity-issues-microsoft-azure-sql-database.md

@@ -225,8 +225,8 @@ The following steps can either help you work around the problem or provide you w
 
    ```sql
    SELECT o.name,
-    a.SUM(p.row_count) AS 'Row Count',
-    b.SUM(p.reserved_page_count) * 8.0 / 1024 AS 'Table Size (MB)'
+    SUM(p.row_count) AS 'Row Count',
+    SUM(p.reserved_page_count) * 8.0 / 1024 AS 'Table Size (MB)'
    FROM sys.objects o
    JOIN sys.dm_db_partition_stats p on p.object_id = o.object_id
    GROUP BY o.name

articles/virtual-machines/windows/sizes.md

@@ -20,7 +20,7 @@ ms.author: jonbeck
 
 # Sizes for Windows virtual machines in Azure
 
-This article describes the available sizes and options for the Azure virtual machines you can use to run your Windows apps and workloads. It also provides deployment considerations to be aware of when you're planning to use these resources.  This article is also available for [Linux virtual machines](/linux/sizes.md?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json).
+This article describes the available sizes and options for the Azure virtual machines you can use to run your Windows apps and workloads. It also provides deployment considerations to be aware of when you're planning to use these resources.  This article is also available for [Linux virtual machines](../linux/sizes.md).
 
 | Type | Sizes | Description |
 |------|-------|-------------|
@@ -62,4 +62,4 @@ Learn more about the different VM sizes that are available:
 - [Storage optimized](../sizes-storage.md)
 - [GPU optimized](../sizes-gpu.md)
 - [High performance compute](../sizes-hpc.md)
-- Check the [Previous generation](../sizes-previous-gen.md) page for A Standard, Dv1 (D1-4 and D11-14 v1), and A8-A11 series
+- Check the [Previous generation](../sizes-previous-gen.md) page for A Standard, Dv1 (D1-4 and D11-14 v1), and A8-A11 series

includes/cdn-app-dev-prep.md

@@ -35,7 +35,7 @@ Creating a service principal consists of several steps, including creating an Az
 >
 > When you get to the step named Configure multi-tenant application, select **No**.
 >
-> When you get to the step [Assign the application to a role](../articles/active-directory/develop/howto-create-service-principal-portal.md#assign-the-application-to-a-role), use the resource group created earlier,  *CdnConsoleTutorial*, but instead of the **Reader** role, assign the **CDN Profile Contributor** role.  After you assign the application the **CDN Profile Contributor** role on your resource group, return to this tutorial. 
+> When you get to the step [Assign the application to a role](../articles/active-directory/develop/howto-create-service-principal-portal.md#assign-a-role-to-the-application), use the resource group created earlier,  *CdnConsoleTutorial*, but instead of the **Reader** role, assign the **CDN Profile Contributor** role.  After you assign the application the **CDN Profile Contributor** role on your resource group, return to this tutorial. 
 >
 >