Merge pull request #253425 from MicrosoftDocs/main

Publish to live, Monday 4 AM PST, 10/2

Author: ttorble

articles/active-directory-b2c/openid-connect-technical-profile.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 08/22/2023
+ms.date: 09/12/2023
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -88,7 +88,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
 | DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT token.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
-|token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic` (public preview), `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |
+|token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic`, `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |
 |token_signing_algorithm| No | Specifies the signing algorithm to use when `token_endpoint_auth_method` is set to `private_key_jwt`. Possible values: `RS256` (default) or `RS512`.|
 | SingleLogoutEnabled | No | Indicates whether during sign-in the technical profile attempts to sign out from federated identity providers. For more information, see [Azure AD B2C session sign-out](./session-behavior.md#sign-out).  Possible values: `true` (default), or `false`. |
 |ReadBodyClaimsOnIdpRedirect| No| Set to `true` to read claims from response body on identity provider redirect. This metadata is used with [Apple ID](identity-provider-apple-id.md), where claims return in the response payload.|

articles/databox-online/azure-stack-edge-gpu-2309-release-notes.md

@@ -7,7 +7,7 @@ author: alkohli
 ms.service: databox
 ms.subservice: edge
 ms.topic: article
-ms.date: 09/25/2023
+ms.date: 10/01/2023
 ms.author: alkohli
 ---
 
@@ -19,7 +19,7 @@ The following release notes identify the critical open issues and the resolved i
 
 The release notes are continuously updated, and as critical issues requiring a workaround are discovered, they're added. Before you deploy your device, carefully review the information contained in the release notes.
 
-This article applies to the **Azure Stack Edge 2309** release, which maps to software version **3.2.2380.1652**.
+This article applies to the **Azure Stack Edge 2309** release, which maps to software version **3.2.2380.1632**.
 
 > [!Warning] 
 > In this release, you must update the packet core version to AP5GC 2308 before you update to Azure Stack Edge 2309. For detailed steps, see [Azure Private 5G Core 2308 release notes](../private-5g-core/azure-private-5g-core-release-notes-2308.md).
@@ -49,15 +49,27 @@ You can update to the latest version using the following update paths:
 
 The 2309 release has the following new features and enhancements:
 
-- Beginning this release, you have the option of selecting Kubernetes profiles based on your workloads. You can also configure Maximum Transmission Unit (MTU) for the network interfaces on your device.
-- Starting March 2023, Azure Stack Edge devices are required to be on the 2301 release or later to create a Kubernetes cluster. In preparation for this requirement, it is highly recommended that you update to the latest version as soon as possible.
+- Beginning this release, you have the option of selecting Kubernetes profiles based on your workloads. You can select the Kubernetes workload profiles via the [local UI](azure-stack-edge-gpu-deploy-configure-network-compute-web-proxy.md?pivots=two-node#configure-compute-ips-1) or via the [PowerShell interface](azure-stack-edge-gpu-connect-powershell-interface.md#change-kubernetes-workload-profiles) of your device.
+- In this release, you can configure Maximum Transmission Unit (MTU) for the network interfaces on your device. For more information, see [Configure MTU via the local UI](azure-stack-edge-gpu-deploy-configure-network-compute-web-proxy.md?pivots=single-node#configure-virtual-switches).
+- In this release, new VM sizes have been added. For more information, see the [Supported VM sizes for Azure Stack Edge](azure-stack-edge-gpu-virtual-machine-sizes.md).
+- Starting this release, you can created  a VM image with custom sizes and use that to create your VMs. For more information, see [Create a VM image with custom size](azure-stack-edge-create-vm-with-custom-size.md).
+- Beginning this release, you can create VM images starting from an image from Azure Marketplace or an image in your Storage account. For more information, see [Create a VM image from Azure Marketplace or Azure storage account](azure-stack-edge-create-a-vm-from-azure-marketplace.md).
+- Several security, supportability, diagnostics, resiliency, and performance improvements were made in this release.
 - You can deploy Azure Kubernetes service (AKS) on an Azure Stack Edge cluster. This feature is supported only for SAP and PMEC customers. For more information, see [Deploy AKS on Azure Stack Edge](azure-stack-edge-deploy-aks-on-azure-stack-edge.md).
+- In this release, a precheck that verifies if the Azure Resource Manager certificate has expired, was added to the Azure Kubernetes Service (AKS) update.
+- The `Set-HcsKubernetesAzureMonitorConfiguration` PowerShell cmdlet that enables the Azure Monitor is fixed in this release. Though the cmdlet is available to use, we recommend that you configure Azure Monitor for Azure Stack Edge via the Azure Arc portal. 
+- Starting March 2023, Azure Stack Edge devices are required to be on the 2301 release or later to create a Kubernetes cluster. In preparation for this requirement, it is highly recommended that you update to the latest version as soon as possible.
+
 
 ## Issues fixed in this release
 
 | No. | Feature | Issue |
 | --- | --- | --- |
 |**1.**|Core Azure Stack Edge platform and Azure Kubernetes Service (AKS) on Azure Stack Edge   |Critical bug fixes to improve workload availability during two-node Azure Stack Edge update of core Azure Stack Edge platform and AKS on Azure Stack Edge.   |
+|**2.**|Virtual machines and virtual network    |In previous releases, there were VM provisioning timeouts when virtual network was created on a port that supported accelerated networking and the primary network interface associated with the VM was also attached to the same virtual network. <br><br>A fix was incorporated in this release that always turned off accelerated networking on the primary network interface for the VM. |
+|**3.**|Virtual machines and virtual network    |In the earlier releases, the primary network interface on the VM was not validated to have a reachable gateway IP. <br><br>In this release, this issue is fixed. The validation of the gateway IP helps identify  any potential network configuration issues before the VM provision timeout occurs.  |
+|**4.**|Virtual machines and virtual network    |In the earlier releases, the MAC address allocation algorithm only considered the last two octets whereas the MAC address range actually spanned last three octets. This discrepancy led to allocation conflicts in certain corner cases, resulting in overlapping MAC addresses. <br><br>The MAC address allocation is revised in this release to fix the above issue.|
+|**5.**|Azure Kubernetes Service (AKS)    |In previous releases, if there was a host power failure, the pod with SRIOV capable CNIs also failed with the following error: <br><br>`Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "<GUID>": plugin type="multus" name="multus-cni-network" failed (add): [core/core-upf-pp-0:n3-dpdk]: error adding container to network "n3-dpdk": failed to rename netvsc link: failed to rename link "001dd81c9dd4_VF" to "001dd81c9dd4": file exists.`<br><br>This failure of pod with SRIOV capable CNIs is fixed in this release. For AKS SRIOV CNI plugin, the driver name returned from ethtool is used to determine device is VF or netvsc. |
 
 <!--## Known issues in this release
 

articles/databox-online/azure-stack-edge-gpu-connect-powershell-interface.md

@@ -7,7 +7,7 @@ author: alkohli
 ms.service: databox
 ms.subservice: edge
 ms.topic: how-to
-ms.date: 09/28/2023
+ms.date: 10/01/2023
 ms.author: alkohli
 ---
 # Manage an Azure Stack Edge Pro GPU device via Windows PowerShell
@@ -100,21 +100,25 @@ After virtual switches are created, you can enable the switches for Kubernetes c
 
 1. [Connect to the PowerShell interface](#connect-to-the-powershell-interface).
 2. Use the `Get-HcsApplianceInfo` cmdlet to get current `KubernetesPlatform` and `KubernetesWorkloadProfile` settings for your device.
+3. Use the `Get-HcsKubernetesWorkloadProfiles` cmdlet to identify the profiles available on your Azure Stack Edge device.
 
-    The following example shows the usage of this cmdlet:
-
-    ```powershell
-    Get-HcsApplianceInfo    
-    ```
-
-3. Use the `Set-HcsKubernetesWorkloadProfile` cmdlet to set the workload profile for AP5GC an Azure Private MEC solution.
+   ```powershell
+   [Device-IP]: PS>Get-HcsKubernetesWorkloadProfiles 
+   Type  Description    
+   ----  -----------   
+   AP5GC an Azure Private MEC solution   
+   SAP   a SAP Digital Manufacturing for Edge Computing or another Microsoft partner solution   
+   NONE  other workloads
+   [Device-IP]: PS>
+   ```
+    
+4. Use the `Set-HcsKubernetesWorkloadProfile` cmdlet to set the workload profile for AP5GC, an Azure Private MEC solution.
 
     The following example shows the usage of this cmdlet:
 
     ```powershell
     Set-HcsKubernetesWorkloadProfile -Type "AP5GC"
     ```
-
     Here is sample output for this cmdlet:
 
     ```powershell

articles/private-5g-core/complete-private-mobile-network-prerequisites.md

@@ -243,7 +243,7 @@ To use Azure Private 5G Core, you need to register some additional resource prov
 1. If your account has multiple subscriptions, make sure you are in the correct one:
 
     ```azurecli
-    az account set –-subscription <subscription_id>
+    az account set --subscription <subscription_id>
     ```
 
 1. Check the Azure CLI version:

articles/private-5g-core/ue-usage-event-hub.md

@@ -48,7 +48,7 @@ When configured, AP5GC will send data usage reports per QoS flow level for all P
 |**IP Address** |String |The UE's IP address.|
 |**Packet Core Control Plane ARM ID** |String |The identifier of the packet core control plane ARM associated with the UE.|
 |**Packet Core Data Plane ARM ID** |String |The identifier of the packet core data plane ARM associated with the UE.|
-|**ARP**|String|The address resolution protocol, including the: priority level, preemption capability and preemption vulnerability. See [5G quality of service (QoS) and QoS flows](policy-control.md#5g-quality-of-service-qos-and-qos-flows) for more information. |
+|**ARP**|Object|The Allocation and Retention Policy, including the: priority level, preemption capability and preemption vulnerability. See [5G quality of service (QoS) and QoS flows](policy-control.md#5g-quality-of-service-qos-and-qos-flows) for more information. |
 |- **ArpPriorityLevel**|Int (1-15) |See **ARP** above.|
 |- **Preemption Capability**|String |See **ARP** above.|
 |- **Preemption Vulnerability**|String |See **ARP** above.|

articles/virtual-machines/includes/dedicated-hosts-resize.md

@@ -6,7 +6,7 @@ author: mattmcinnes
 ms.topic: include
 ms.service: virtual-machines
 ms.subservice: azure-dedicated-host
-ms.date: 07/12/2023
+ms.date: 09/11/2023
 ms.author: mattmcinnes
 ms.reviewer: vamckMS
 ms.custom: include file
@@ -22,7 +22,7 @@ Resize limitations:
 - Host can only be resized to an ADH within the same VM family. A Dsv3-Type3 host can be resized to Dsv3-Type4 but **not** to an **E**sv3-Type4.
 - You can only resize to newer generation of hardware. A Dsv3-Type3 host can be resized to Dsv3-Type4 but **not** Dsv3-Type2.
 - Resizing changes the 'Host Asset ID'. The 'Host ID' remains the same.
-- The host and all associated VMs becomes unavailable during the resize operation.
+- The host and all associated VMs become unavailable during the resize operation.
 
 > [!Warning]
 > The resize operation causes the loss of any non-persistent data such as temp disk data. Save all your work to persistent data storage before triggering resize.
@@ -45,7 +45,7 @@ Resize limitations:
 
 ### [CLI](#tab/cli)
 
-First list the sizes that you can resize in case you are unsure which to resize to.
+First list the sizes that you can resize in case you're unsure which to resize to.
 
 Use [az vm host list-resize-options](/cli/azure/vm#az-vm-host-list-resize-options) [Preview]
 
@@ -68,6 +68,22 @@ az vm host resize \
 
 ### [PowerShell](#tab/powershell)
 
-PowerShell support for host resize is coming soon.
+When using PowerShell, the resize feature is referred to as a host 'Update'. Use the following commands to update the host:
+
+```azurepowershell-interactive
+Update-AzHost
+      [-ResourceGroupName] <String>
+      [-HostGroupName] <String>
+      [-Name] <String>
+      [-Sku <String>]
+      [-AutoReplaceOnFailure <Boolean>]
+      [-LicenseType <DedicatedHostLicenseTypes>]
+      [-DefaultProfile <IAzureContextContainer>]
+      [-WhatIf]
+      [-Confirm]
+      [<CommonParameters>]
+```
+
+For more info on Update-AzHost, check out the [Update-AzHost reference docs](https://learn.microsoft.com/powershell/module/az.compute/update-azhost).
 
----
+---