Merge pull request #252376 from niklarin/aad2

prmerger-automator[bot] · web-flow · commit 151083b7d09a · 2023-10-03T18:10:26.000Z
AAD public preview update
diff --git a/articles/cosmos-db/postgresql/concepts-authentication.md b/articles/cosmos-db/postgresql/concepts-authentication.md
@@ -6,7 +6,7 @@ ms.author: nlarin
 ms.service: cosmos-db
 ms.subservice: postgresql
 ms.topic: conceptual
-ms.date: 08/02/2023
+ms.date: 09/19/2023
 ---
 
 # Azure Active Directory and PostgreSQL authentication with Azure Cosmos DB for PostgreSQL
@@ -19,9 +19,6 @@ ms.date: 08/02/2023
 > for production workloads. Certain features might not be supported or might have constrained 
 > capabilities.
 >
-> [Contact us](mailto:askcosmosdb4postgres@microsoft.com) if you're interested in participating in Azure Active Directory authentication 
-> for Azure Cosmos DB for PostgreSQL preview.
->
 > You can see a complete list of other new features in [preview features](product-updates.md#features-in-preview).
 
 Azure Cosmos DB for PostgreSQL supports PostgreSQL authentication and integration with Azure Active Directory (Azure AD). Each Azure Cosmos DB for PostgreSQL cluster is created with native PostgreSQL authentication enabled and one built-in PostgreSQL role named `citus`. You can add more native PostgreSQL roles after cluster provisioning is completed.
@@ -106,6 +103,7 @@ Once you've authenticated against the Active Directory, you then retrieve a toke
 
 ## Next steps
 
-- To learn how to configure authentication for Azure Cosmos DB for PostgreSQL clusters, see [Use Azure Active Directory and native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL](./how-to-configure-authentication.md).
-- To set up private network access to the cluster nodes, see [Manage private access](./howto-private-access.md).
-- To set up public network access to the cluster nodes, see [Manage public access](./howto-manage-firewall-using-portal.md). 
+- Check out [Azure AD limits and limitations in Azure Cosmos DB for PostgreSQL](./reference-limits.md#azure-active-directory-authentication)
+- [Learn how to configure authentication for Azure Cosmos DB for PostgreSQL clusters](./how-to-configure-authentication.md)
+- Set up private network access to the cluster nodes, see [Manage private access](./howto-private-access.md)
+- Set up public network access to the cluster nodes, see [Manage public access](./howto-manage-firewall-using-portal.md)
diff --git a/articles/cosmos-db/postgresql/concepts-row-level-security.md b/articles/cosmos-db/postgresql/concepts-row-level-security.md
@@ -6,7 +6,7 @@ author: jonels-msft
 ms.service: cosmos-db
 ms.subservice: postgresql
 ms.topic: conceptual
-ms.date: 01/30/2023
+ms.date: 10/02/2023
 ---
 
 # Row-level security in Azure Cosmos DB for PostgreSQL
@@ -30,7 +30,7 @@ security policies can compare the role name to values in the `tenant_id`
 distribution column to decide whether to allow access.
 
 Here's how to apply the approach on a simplified events table distributed by
-`tenant_id`. First [create the roles](howto-create-users.md) `tenant1` and
+`tenant_id`. First [create the roles](./how-to-configure-authentication.md#configure-native-postgresql-authentication) `tenant1` and
 `tenant2`. Then run the following SQL commands as the `citus` administrator
 user:
 
@@ -113,5 +113,5 @@ ERROR:  new row violates row-level security policy for table "events_102055"
 
 ## Next steps
 
-Learn how to [create roles](howto-create-users.md) in a
-cluster.
+- Learn how to [create roles](./how-to-configure-authentication.md#configure-native-postgresql-authentication) in a cluster.
+- Check out [security concepts in Azure Cosmos DB for PostgreSQL](./concepts-security-overview.md)
diff --git a/articles/cosmos-db/postgresql/how-to-configure-authentication.md b/articles/cosmos-db/postgresql/how-to-configure-authentication.md
@@ -1,12 +1,12 @@
 ---
 title: Use Azure Active Directory and native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL
-description: Learn how to set up Azure Active Directory (Azure AD) and add native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL.
+description: Learn how to set up Azure Active Directory (Azure AD) and add native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL
 author: niklarin
 ms.author: nlarin
 ms.service: cosmos-db
 ms.subservice: postgresql
 ms.topic: how-to
-ms.date: 08/01/2023
+ms.date: 09/19/2023
 ---
 
 # Use Azure Active Directory and native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL
@@ -19,9 +19,6 @@ ms.date: 08/01/2023
 > for production workloads. Certain features might not be supported or might have constrained 
 > capabilities.
 >
-> [Contact us](mailto:askcosmosdb4postgres@microsoft.com) if you're interested in participating in Azure Active Directory authentication 
-> for Azure Cosmos DB for PostgreSQL preview.
->
 > You can see a complete list of other new features in [preview features](product-updates.md#features-in-preview).
 
 In this article, you configure authentication methods for Azure Cosmos DB for PostgreSQL. You manage Azure Active Directory (Azure AD) admin users and native PostgreSQL roles for authentication with Azure Cosmos DB for PostgreSQL. You also learn how to use an Azure AD token with Azure Cosmos DB for PostgreSQL.
@@ -213,6 +210,7 @@ GRANT SELECT ON ALL TABLES IN SCHEMA public TO "user@tenant.onmicrosoft.com";
 
 ## Next steps
 
-- Learn about [authentication in Azure Cosmos DB for PostgreSQL](./concepts-authentication.md).
-- Review [Azure Active Directory fundamentals](./../../active-directory/fundamentals/active-directory-whatis.md).
-- [Learn more about SQL GRANT in PostgreSQL](https://www.postgresql.org/docs/current/sql-grant.html).
+- Learn about [authentication in Azure Cosmos DB for PostgreSQL](./concepts-authentication.md)
+- Check out [Azure AD limits and limitations in Azure Cosmos DB for PostgreSQL](./reference-limits.md#azure-active-directory-authentication)
+- Review [Azure Active Directory fundamentals](./../../active-directory/fundamentals/active-directory-whatis.md)
+- [Learn more about SQL GRANT in PostgreSQL](https://www.postgresql.org/docs/current/sql-grant.html)
diff --git a/articles/cosmos-db/postgresql/howto-restore-portal.md b/articles/cosmos-db/postgresql/howto-restore-portal.md
@@ -7,7 +7,7 @@ ms.service: cosmos-db
 ms.subservice: postgresql
 ms.custom: ignite-2022, references_regions
 ms.topic: how-to
-ms.date: 09/17/2023
+ms.date: 10/02/2023
 ---
 
 # Backup and point-in-time restore of a cluster in Azure Cosmos DB for PostgreSQL
@@ -96,7 +96,7 @@ back up and running:
   and client applications to the new cluster.
 * Ensure appropriate [networking settings for private or public access](./concepts-security-overview.md#network-security) are in place for
   users to connect. These settings aren't copied from the original cluster.
-* Ensure appropriate [logins](./howto-create-users.md) and database level permissions are in place.
+* Ensure appropriate [logins](./how-to-configure-authentication.md#configure-native-postgresql-authentication) and database level permissions are in place.
 * Configure [alerts](./howto-alert-on-metric.md#suggested-alerts), as appropriate.
 
 ## Next steps
diff --git a/articles/cosmos-db/postgresql/quickstart-connect-psql.md b/articles/cosmos-db/postgresql/quickstart-connect-psql.md
@@ -8,7 +8,7 @@ ms.service: cosmos-db
 ms.subservice: postgresql
 ms.custom: mvc, mode-ui, ignite-2022
 ms.topic: quickstart
-ms.date: 06/07/2023
+ms.date: 10/02/2023
 ---
 
 # Connect to a cluster with psql - Azure Cosmos DB for PostgreSQL
@@ -30,7 +30,7 @@ Your cluster has a default database named `citus`. To connect to the database, y
 
    :::image type="content" source="media/quickstart-connect-psql/get-connection-string.png" alt-text="Screenshot that shows copying the psql connection string.":::
 
-   The **psql** string is of the form `psql "host=c-<cluster>.<uniqueID>.postgres.cosmos.azure.com port=5432 dbname=citus user=citus password={your_password} sslmode=require"`. Notice that the host name starts with a `c.`, for example `c-mycluster.12345678901234.postgres.cosmos.azure.com`. This prefix indicates the coordinator node of the cluster. The default `dbname` is `citus` and can be changed only at cluster provisioning time. The `user` can be any valid [Postgres role](./howto-create-users.md) on your cluster.
+   The **psql** string is of the form `psql "host=c-<cluster>.<uniqueID>.postgres.cosmos.azure.com port=5432 dbname=citus user=citus password={your_password} sslmode=require"`. Notice that the host name starts with a `c.`, for example `c-mycluster.12345678901234.postgres.cosmos.azure.com`. This prefix indicates the coordinator node of the cluster. The default `dbname` is `citus` and can be changed only at cluster provisioning time. The `user` can be any valid [Postgres role](./how-to-configure-authentication.md#configure-native-postgresql-authentication) on your cluster.
 
 1. Open Azure Cloud Shell by selecting the **Cloud Shell** icon on the top menu bar.
 
