Merge pull request #203197 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/confidential-ledger/overview.md

@@ -13,7 +13,7 @@ ms.author: mbaldwin
 
 Microsoft Azure confidential ledger (ACL) is a new and highly secure service for managing sensitive data records. It runs exclusively on hardware-backed secure enclaves, a heavily monitored and isolated runtime environment which keeps potential attacks at bay. Furthermore, Azure confidential ledger runs on a minimalistic Trusted Computing Base (TCB), which ensures that no one⁠—not even Microsoft⁠—is "above" the ledger.
 
-As its name suggests, Azure confidential ledger utilizes the [Azure Confidential Computing platform](../confidential-computing/index.yml) and the [Confidential Consortium Framework](https://www.microsoft.com/research/project/confidential-consortium-framework) to provide a high integrity solution that is tamper-protected and evident. One ledger spans across three or more identical instances, each of which run in a dedicated, fully attested hardware-backed enclave. The ledger's integrity is maintained through a consensus-based blockchain.
+As its name suggests, Azure confidential ledger utilizes the [Azure Confidential Computing platform](../confidential-computing/index.yml) and the [Confidential Consortium Framework](https://ccf.dev) to provide a high integrity solution that is tamper-protected and evident. One ledger spans across three or more identical instances, each of which run in a dedicated, fully attested hardware-backed enclave. The ledger's integrity is maintained through a consensus-based blockchain.
 
 Azure confidential ledger offers unique data integrity advantages, including immutability, tamper-proofing, and append-only operations. These features, which ensure that all records are kept intact, are ideal when critical metadata records must not be modified, such as for regulatory compliance and archival purposes.
 
@@ -32,9 +32,9 @@ The confidential ledger is exposed through REST APIs which can be integrated int
 
 ## Ledger security
 
-This section defines the security protections for the ledger. The ledger APIs use client certificate-based authentication. Currently, the ledger supports certificate-based authentication process with owner roles. We will be adding support for Azure Active Directory (AAD) based authentication and also role-based access (for example, owner, reader, and contributor).
+The ledger APIs support certificate-based authentication process with owner roles as well as Azure Active Directory (AAD) based authentication and also role-based access (for example, owner, reader, and contributor).
 
-The data to the ledger is sent through TLS 1.2 connection and the TLS 1.2 connection terminates inside the hardware backed security enclaves (Intel® SGX enclaves). This ensures that no one can intercept the connection between a customer's client and the confidential ledger server nodes.
+The data to the ledger is sent through TLS 1.3 connection and the TLS 1.3 connection terminates inside the hardware backed security enclaves (Intel® SGX enclaves). This ensures that no one can intercept the connection between a customer's client and the confidential ledger server nodes.
 
 ### Ledger storage
 
@@ -46,8 +46,7 @@ The Functional APIs allow direct interaction with your instantiated confidential
 
 ## Constraints
 
-- Once a confidential ledger is created, you cannot change the ledger type.
-- Azure confidential ledger does not support standard Azure Disaster Recovery at this time. However, Azure confidential ledger offers built-in redundancy within the Azure region, as the confidential ledger runs on multiple independent nodes.
+- Once a confidential ledger is created, you cannot change the ledger type (private or public).
 - Azure confidential ledger deletion leads to a "hard delete", so your data will not be recoverable after deletion.
 - Azure confidential ledger names must be globally unique. Ledgers with the same name, irrespective of their type, are not allowed.
 
@@ -56,9 +55,8 @@ The Functional APIs allow direct interaction with your instantiated confidential
 | Term | Definition |
 |--|--|
 | ACL | Azure confidential ledger |
-| Ledger | An immutable append record of transactions (also known as a Blockchain) |
-| Commit | A confirmation that a transaction has been locally committed to a node. A local commit by itself does not guarantee that a transaction is part of the ledger. |
-| Global commit | A confirmation that transaction was globally committed and is part of the ledger. |
+| Ledger | An immutable append-only record of transactions (also known as a Blockchain) |
+| Commit | A confirmation that a transaction has been appended to the ledger. |
 | Receipt | Proof that the transaction was processed by the ledger. |
 
 ## Next steps

articles/dns/private-dns-scenarios.md

@@ -17,7 +17,7 @@ Azure DNS Private Zones provide name resolution within a virtual network and bet
 
 In this scenario, you have a virtual network in Azure that has many resources in it, including virtual machines. Your requirement is to resolve any resources in the virtual network using a specific domain name (DNS zone). You also need the naming resolution to be private and not accessible from the internet. Lastly, you need Azure to automatically register VMs into the DNS zone.
 
-This scenario is shown below. We have a virtual network named "A" containing two VMs (VNETA-VM1 and VNETA-VM2). Each VM has a private IP associated. Once you've create a private zone, for example `contoso.com` and link virtual network "A" as a registration virtual network. Azure DNS will automatically create two A records in the zone referencing the two VMs. DNS queries from VNETA-VM1 can now resolve `VNETA-VM2.contoso.com` and will receive a DNS response that contains the private IP address of VNETA-VM2.
+This scenario is shown below. We have a virtual network named "A" containing two VMs (VNETA-VM1 and VNETA-VM2). Each VM has a private IP associated. Once you've created a private zone, for example, `contoso.com`, and link virtual network "A" as a registration virtual network, Azure DNS will automatically create two A records in the zone referencing the two VMs. DNS queries from VNETA-VM1 can now resolve `VNETA-VM2.contoso.com` and will receive a DNS response that contains the private IP address of VNETA-VM2.
 You can also do a reverse DNS query (PTR) for the private IP of VNETA-VM1 (10.0.0.1) from VNETA-VM2. The DNS response will contain the name VNETA-VM1, as expected. 
 
 ![Single Virtual network resolution](./media/private-dns-scenarios/single-vnet-resolution.png)

articles/iot-hub-device-update/device-update-raspberry-pi.md

@@ -154,7 +154,7 @@ Here are two examples for the `du-config.json` and the `du-diagnostics-config.js
 	      ssh raspberrypi3 -l root
 	   ```
 
-   1. Create or open the `du-config.jso` file for editing by using:
+   1. Create or open the `du-config.json` file for editing by using:
 
 	   ```bash
 	      nano /adu/du-config.json

articles/service-bus-messaging/service-bus-faq.yml

@@ -60,9 +60,9 @@ sections:
           
           See the following table for the outbound TCP ports you need to open to use these protocols to communicate with Azure Service Bus:
           
-          | Protocol | Port | Details | 
+          | Protocol | Ports | Details | 
           | -------- | ----- | ------- | 
-          | AMQP | 5671 | AMQP with TLS. See [AMQP protocol guide](service-bus-amqp-protocol-guide.md) | 
+          | AMQP | 5671, 5672 | AMQP with TLS. See [AMQP protocol guide](service-bus-amqp-protocol-guide.md) | 
           | HTTPS | 443 | This port is used for the HTTP/REST API and for AMQP-over-WebSockets |
           
           The HTTPS port is generally required for outbound communication also when AMQP is used over port 5671, because several management operations performed by the client SDKs and the acquisition of tokens from Azure Active Directory (when used) run over HTTPS. 

articles/virtual-machines/windows/build-image-with-packer.md

@@ -56,7 +56,8 @@ $sp.AppId
 To authenticate to Azure, you also need to obtain your Azure tenant and subscription IDs with [Get-AzSubscription](/powershell/module/az.accounts/get-azsubscription):
 
 ```powershell
-Get-AzSubscription
+$subName = "mySubscriptionName"
+$sub = Get-AzSubscription -SubscriptionName $subName
 ```