MicrosoftDocs
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 1 addition & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 1 addition & 0 deletions
diff --git a/‎.openpublishing.redirection.azure-blob.json
Lines changed: 19 additions & 0 deletions b/‎.openpublishing.redirection.azure-blob.json
Lines changed: 19 additions & 0 deletions
diff --git a/‎articles/aks/TOC.yml
Lines changed: 8 additions & 8 deletions b/‎articles/aks/TOC.yml
Lines changed: 8 additions & 8 deletions
diff --git a/‎articles/application-gateway/application-gateway-faq.yml
Lines changed: 7 additions & 4 deletions b/‎articles/application-gateway/application-gateway-faq.yml
Lines changed: 7 additions & 4 deletions
diff --git a/‎articles/automanage/virtual-machines-custom-profile.md
Lines changed: 61 additions & 3 deletions b/‎articles/automanage/virtual-machines-custom-profile.md
Lines changed: 61 additions & 3 deletions
diff --git a/‎articles/automation/automation-services.md
Lines changed: 2 additions & 2 deletions b/‎articles/automation/automation-services.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/azure-monitor/alerts/action-groups-create-resource-manager-template.md
Lines changed: 2 additions & 2 deletions b/‎articles/azure-monitor/alerts/action-groups-create-resource-manager-template.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/azure-monitor/app/asp-net-core.md
Lines changed: 3 additions & 1 deletion b/‎articles/azure-monitor/app/asp-net-core.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/azure-monitor/essentials/activity-log-schema.md
Lines changed: 1 addition & 1 deletion b/‎articles/azure-monitor/essentials/activity-log-schema.md
Lines changed: 1 addition & 1 deletion
@@ -885,6 +885,7 @@
   "redirection_files": [
     ".openpublishing.redirection.json",
     ".openpublishing.redirection.active-directory.json",
+    ".openpublishing.redirection.azure-blob.json",
     ".openpublishing.redirection.azure-sql.json",
     "articles/data-factory/.openpublishing.redirection.data-factory.json",
     ".openpublishing.redirection.defender-for-cloud.json",
 
@@ -0,0 +1,19 @@
+{
+    "redirections": [
+        {
+            "source_path_from_root": "/articles/storage/blobs/storage-upload-process-images.md",
+            "redirect_url": "/azure/storage/blobs/blob-upload-function-trigger",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/storage/blobs/storage-secure-access-application.md",
+            "redirect_url": "/azure/storage/blobs/blob-upload-function-trigger",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/storage/blobs/storage-monitor-troubleshoot-storage-application.md",
+            "redirect_url": "/azure/storage/blobs/blob-upload-function-trigger",
+            "redirect_document_id": false
+        }
+    ]
+}
@@ -374,14 +374,14 @@
           href: azure-netapp-files.md
         - name: Use Azure Ultra Disks
           href: use-ultra-disks.md
-        - name: CSI Storage Drivers
-          items:
-            - name: Enable CSI Storage Drivers
-              href: csi-storage-drivers.md
-            - name: Azure Disk CSI drivers
-              href: azure-disk-csi.md
-            - name: Azure Files CSI drivers
-              href: azure-files-csi.md
+    - name: CSI Storage Drivers
+      items:
+        - name: Enable CSI Storage Drivers
+          href: csi-storage-drivers.md
+        - name: Azure Disk CSI drivers
+          href: azure-disk-csi.md
+        - name: Azure Files CSI drivers
+          href: azure-files-csi.md
     - name: Monitoring and logging
       items:
         - name: Monitor AKS
 
@@ -153,17 +153,20 @@ sections:
       - question: How do I achieve a DR scenario across datacenters by using Application Gateway?
         answer: Use Traffic Manager to distribute traffic across multiple application gateways in different datacenters.
 
+      - question: Does Application Gateway support connection draining?
+        answer: |
+          Yes. You can set up connection draining to change members within a backend pool without disruption. For more information, see [connection draining section of Application Gateway](features.md#connection-draining).
+          
       - question: Does Application Gateway support autoscaling?
         answer: |
           Yes, the Application Gateway v2 SKU supports autoscaling. For more information, see [Autoscaling and Zone-redundant Application Gateway](application-gateway-autoscaling-zone-redundant.md).
           
       - question: Does manual or automatic scale up or scale down cause downtime?
         answer: No. Instances are distributed across upgrade domains and fault domains.
+        
+      - question: Can I change from Standard to WAF sku without disruption?
+        answer: Yes.
 
-      - question: Does Application Gateway support connection draining?
-        answer: |
-          Yes. You can set up connection draining to change members within a backend pool without disruption. For more information, see [connection draining section of Application Gateway](features.md#connection-draining).
-          
       - question: Can I change instance size from medium to large without disruption?
         answer: Yes.
 
 
@@ -14,9 +14,15 @@ ms.author: jushiman
 
 Azure Automanage for machine best practices has default best practice profiles that cannot be edited. However, if you need more flexibility, you can pick and choose the set of services and settings by creating a custom profile.
 
-We support toggling services ON and OFF. We also currently support customizing settings on [Azure Backup](..\backup\backup-azure-arm-vms-prepare.md#create-a-custom-policy) and [Microsoft Antimalware](../security/fundamentals/antimalware.md#default-and-custom-antimalware-configuration). Also, for Windows machines only, you can modify the audit modes for the [Azure security baselines in Guest Configuration](../governance/policy/concepts/guest-configuration.md). Check out the [ARM template](#create-a-custom-profile-using-azure-resource-manager-templates) for modifying the **azureSecurityBaselineAssignmentType**.
+Automanage supports toggling services ON and OFF. It also currently supports customizing settings on [Azure Backup](..\backup\backup-azure-arm-vms-prepare.md#create-a-custom-policy) and [Microsoft Antimalware](../security/fundamentals/antimalware.md#default-and-custom-antimalware-configuration). You can also specify an existing log analytics workspace. Also, for Windows machines only, you can modify the audit modes for the [Azure security baselines in Guest Configuration](../governance/policy/concepts/guest-configuration.md). 
 
+Automanage allows you to tag the following resources in the custom profile: 
+* Resource Group
+* Automation Account
+* Log Analytics Workspace
+* Recovery Vault
 
+Check out the [ARM template](#create-a-custom-profile-using-azure-resource-manager-templates) for modifying these settings.
 
 ## Create a custom profile in the Azure portal
 
@@ -47,6 +53,10 @@ Sign in to the [Azure portal](https://portal.azure.com/).
 ## Create a custom profile using Azure Resource Manager Templates
 
 The following ARM template will create an Automanage custom profile. Details on the ARM template and steps on how to deploy are located in the ARM template deployment [section](#arm-template-deployment).
+
+> [!NOTE]
+> If you want to use a specific log analytics workspace, specify the ID of the workspace like this: "/subscriptions/**subscriptionId**/resourceGroups/**resourceGroupName**/providers/Microsoft.OperationalInsights/workspaces/**workspaceName**"
+
 ```json
 {
     "$schema": "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json",
@@ -65,7 +75,14 @@ The following ARM template will create an Automanage custom profile. Details on
           "ApplyAndMonitor",
           "Audit"
         ]
-      }
+      },
+        "logAnalyticsWorkspace": {
+            "type": "String"
+        },
+        "LogAnalyticsBehavior": {
+            "defaultValue": false,
+            "type": "Bool"
+        }
     },
     "resources": [
       {
@@ -102,8 +119,22 @@ The following ARM template will create an Automanage custom profile. Details on
               "BootDiagnostics/Enable": true,
               "ChangeTrackingAndInventory/Enable": true,
               "LogAnalytics/Enable": true,
+              "LogAnalytics/Reprovision": "[parameters('LogAnalyticsBehavior')]",
+              "LogAnalytics/Workspace": "[parameters('logAnalyticsWorkspace')]",
               "UpdateManagement/Enable": true,
-              "VMInsights/Enable": true
+              "VMInsights/Enable": true,
+              "Tags/ResourceGroup": {
+                "foo": "rg"
+              },
+              "Tags/AzureAutomation": {
+                "foo": "automationAccount"
+              },
+              "Tags/LogAnalyticsWorkspace": {
+                "foo": "workspace"
+              },
+              "Tags/RecoveryVault": {
+                "foo": "recoveryVault"
+              }
           }
         }
       }
@@ -124,6 +155,33 @@ The `azureSecurityBaselineAssignmentType` is the audit mode that you can choose
 * ApplyAndMonitor : This will apply the Azure security baseline through the Guest Configuration extention when you first assign this profile to each machine. After it is applied, the Guest Configuration service will monitor the sever baseline and report any drift from the desired state. However, it will not auto-remdiate.
 * Audit : This will install the Azure security baseline using the Guest Configuration extension. You will be able to see where your machine is out of compliance with the baseline, but noncompliance won't be automatically remediated.
 
+You can also specify an existing log analytics workspace by adding this setting to the configuration section of properties below: 
+* "LogAnalytics/Workspace": "/subscriptions/**subscriptionId**/resourceGroups/**resourceGroupName**/providers/Microsoft.OperationalInsights/workspaces/**workspaceName**"
+* "LogAnalytics/Reprovision": false
+Specify your existing workspace in the `LogAnalytics/Workspace` line. Set the `LogAnalytics/Reprovision` setting to true if you would like this log analytics workspace to be used in all cases. This means that any machine with this custom profile will use this workspace, even it is already connected to one. By default, the `LogAnalytics/Reprovision` is set to false. If your machine is already connected to a workspace, then that workspace will continue to be used. If it is not connected to a workspace, then the workspace specified in `LogAnalytics\Workspace` will be used. 
+
+Also, you can add tags to resources specified in the custom profile like below:
+
+```json
+"Tags/ResourceGroup": {
+    "foo": "rg"
+},
+"Tags/ResourceGroup/Behavior": "Preserve",
+"Tags/AzureAutomation": {
+  "foo": "automationAccount"
+},
+"Tags/AzureAutomation/Behavior": "Replace",
+"Tags/LogAnalyticsWorkspace": {
+  "foo": "workspace"
+},
+"Tags/LogAnalyticsWorkspace/Behavior": "Replace",
+"Tags/RecoveryVault": {
+  "foo": "recoveryVault"
+},
+"Tags/RecoveryVault/Behavior": "Preserve"
+```
+The `Tags/Behavior` can either be set to Preserve or Replace. If the resource you are tagging already has the same tag key in the key/value pair, you can choose if you would like to replace that key with the specified value in the configuration profile by using the *Replace* behavior. By default, the behavior is set to *Preserve*, meaning that the tag key that is already associated with that resource will be kept and not overwritten by the key/value pair specified in the configuration profile. 
+
 Follow these steps to deploy the ARM template:
 1. Save this ARM template as `azuredeploy.json`
 1. Run this ARM template deployment with `az deployment group create --resource-group myResourceGroup --template-file azuredeploy.json`
 
@@ -149,7 +149,7 @@ Provides a serverless event-driven compute platform for automation that allows y
 
   - You can use a variety of languages to write functions in a language of your choice such as C#, Java, JavaScript, PowerShell, or Python and focus on specific pieces of code. Functions runtime is an open source.
   - You can choose the hosting plan according to your function app scaling requirements, functionality, and resources required.
-  - You can orchestrate complex workflows through [durable functions](/azure-functions/durable/durable-functions-overview?tabs=csharp).
+  - You can orchestrate complex workflows through [durable functions](/azure/azure-functions/durable/durable-functions-overview?tabs=csharp).
   - You should avoid large, and long-running functions that can cause unexpected timeout issues. [Learn more](/azure/azure-functions/functions-best-practices?tabs=csharp#write-robust-functions).
   - When you write Powershell scripts within the Function Apps, you must tweak the scripts to define how the function behaves such as - how it's triggered, its input and output parameters. [Learn more](/azure/azure-functions/functions-reference-powershell?tabs=portal). 
 
@@ -191,7 +191,7 @@ Provides a serverless event-driven compute platform for automation that allows y
 
   - You can use a variety of languages to write functions in a language of your choice such as C#, Java, JavaScript, PowerShell, or Python and focus on specific pieces of code. Functions runtime is an open source.
   - You can choose the hosting plan according to your function app scaling requirements, functionality, and resources required.
-  - You can orchestrate complex workflows through [durable functions](/azure-functions/durable/durable-functions-overview?tabs=csharp).
+  - You can orchestrate complex workflows through [durable functions](/azure/azure-functions/durable/durable-functions-overview?tabs=csharp).
   - You should avoid large, and long-running functions that can cause unexpected timeout issues. [Learn more](/azure/azure-functions/functions-best-practices?tabs=csharp#write-robust-functions).
   - When you write Powershell scripts within the Function Apps, you must tweak the scripts to define how the function behaves such as - how it's triggered, its input and output parameters. [Learn more](/azure/azure-functions/functions-reference-powershell?tabs=portal).
 
 
@@ -26,7 +26,7 @@ First template, describes how to create a Resource Manager template for an actio
 
 ```json
 {
-  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
   "contentVersion": "1.0.0.0",
   "parameters": {
     "actionGroupName": {
@@ -123,7 +123,7 @@ First template, describes how to create a Resource Manager template for an actio
 
 ```json
 {
-  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
   "contentVersion": "1.0.0.0",
   "parameters": {
     "actionGroupName": {
 
@@ -129,6 +129,8 @@ For Visual Studio for Mac, use the [manual guidance](#enable-application-insight
 If you want to store the connection string in ASP.NET Core user secrets or retrieve it from another configuration provider, you can use the overload with a `Microsoft.Extensions.Configuration.IConfiguration` parameter. For example, `services.AddApplicationInsightsTelemetry(Configuration);`.
 In Microsoft.ApplicationInsights.AspNetCore version [2.15.0](https://www.nuget.org/packages/Microsoft.ApplicationInsights.AspNetCore) and later, calling `services.AddApplicationInsightsTelemetry()` automatically reads the connection string from `Microsoft.Extensions.Configuration.IConfiguration` of the application. There's no need to explicitly provide the `IConfiguration`.
 
+If `IConfiguration` has loaded configuration from multiple providers, then `services.AddApplicationInsightsTelemetry` prioritizes configuration from `appsettings.json`, irrespective of the order in which providers are added. Use the `services.AddApplicationInsightsTelemetry(IConfiguration)` method to read configuration from IConfiguration without this preferential treatment for `appsettings.json`.
+
 ## Run your application
 
 Run your application and make requests to it. Telemetry should now flow to Application Insights. The Application Insights SDK automatically collects incoming web requests to your application, along with the following telemetry.
@@ -536,4 +538,4 @@ For the latest updates and bug fixes, see the [release notes](./release-notes.md
 * [Configure a snapshot collection](./snapshot-debugger.md) to see the state of source code and variables at the moment an exception is thrown.
 * [Use the API](./api-custom-events-metrics.md) to send your own events and metrics for a detailed view of your app's performance and usage.
 * Use [availability tests](./monitor-web-app-availability.md) to check your app constantly from around the world.
-* [Dependency Injection in ASP.NET Core](/aspnet/core/fundamentals/dependency-injection)
+* [Dependency Injection in ASP.NET Core](/aspnet/core/fundamentals/dependency-injection)
@@ -290,7 +290,7 @@ This category contains the record of any resource health events that have occurr
 | eventDataId |Unique identifier of the alert event. |
 | category | Always "ResourceHealth" |
 | eventTimestamp |Timestamp when the event was generated by the Azure service processing the request corresponding the event. |
-| level |Level of the event. One of the following values: “Critical”, “Error”, “Warning”, “Informational”, and “Verbose” |
+| level |Level of the event. One of the following values: “Critical”, or “Informational” (other levels are not supported) |
 | operationId |A GUID shared among the events that correspond to a single operation. |
 | operationName |Name of the operation. |
 | resourceGroupName |Name of the resource group that contains the resource. |