Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into servicenow-new-integrations

Author: yoninalmsft

.openpublishing.redirection.defender-for-iot.json

@@ -1,5 +1,10 @@
 {
     "redirections": [
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/resources-frequently-asked-questions.md",
+            "redirect_url": "/azure/defender-for-iot/organizations/faqs-general",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md",
             "redirect_url": "/azure/defender-for-iot/organizations/appliance-catalog/index",

articles/active-directory/privileged-identity-management/groups-features.md

@@ -4,15 +4,14 @@ description: How to manage members and owners of privileged access groups in Pri
 services: active-directory
 documentationcenter: ''
 author: amsliu
-manager: karenhoran
-
+manager: amycolannino
 ms.assetid: 
 ms.service: active-directory
 ms.subservice: pim
 ms.topic: overview
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 06/24/2022
+ms.date: 08/15/2022
 ms.author: amsliu
 ms.custom: pim 
 ms.collection: M365-identity-device-management
@@ -26,7 +25,7 @@ ms.collection: M365-identity-device-management
 In Privileged Identity Management (PIM), you can now assign eligibility for membership or ownership of privileged access groups. Starting with this preview, you can assign built-in roles in Azure Active Directory (Azure AD), part of Microsoft Entra, to cloud groups and use PIM to manage group member and owner eligibility and activation. For more information about role-assignable groups in Azure AD, see [Use Azure AD groups to manage role assignments](../roles/groups-concept.md).
 
 > [!IMPORTANT]
-> To provide a group of users with just-in-time access to roles with permissions in SharePoint, Exchange, or Security & Compliance Center, be sure to make permanent assignments of users to the group, and then assign the group to a role as eligible for activation. If instead you  assign a role permanently to a group and and assign users to be eligible to group membership, it might take significant time to have all permissions of the role activated and ready to use.
+> To provide a group of users with just-in-time access to Azure AD directory roles with permissions in SharePoint, Exchange, or Security & Compliance Center (for example, Exchange Administrator role), be sure to make active assignments of users to the group, and then assign the group to a role as eligible for activation. If instead you make active assignment of a role to a group and assign users to be eligible to group membership, it might take significant time to have all permissions of the role activated and ready to use.
 
 > [!NOTE]
 > For privileged access groups that are used to elevate into Azure AD roles, we recommend that you require an approval process for eligible member assignments. Assignments that can be activated without approval might create a security risk from administrators who have a lower level of permissions. For example, the Helpdesk Administrator has permissions to reset an eligible user's password.

articles/azure-functions/functions-bindings-cosmosdb-v2-trigger.md

@@ -377,10 +377,13 @@ The trigger requires a second collection that it uses to store _leases_ over the
 
 ::: zone pivot="programming-language-csharp"  
 >[!IMPORTANT]
-> If multiple functions are configured to use a Cosmos DB trigger for the same collection, each of the functions should use a dedicated lease collection or specify a different `LeaseCollectionPrefix` for each function. Otherwise, only one of the functions will be triggered. For information about the prefix, see the [Configuration section](#configuration).
+> If multiple functions are configured to use a Cosmos DB trigger for the same collection, each of the functions should use a dedicated lease collection or specify a different `LeaseCollectionPrefix` for each function. Otherwise, only one of the functions is triggered. For information about the prefix, see the [Attributes section](#attributes).
 ::: zone-end
-::: zone pivot="programming-language-java,programming-language-javascript,programming-language-powershell,programming-language-python"  
-  
+::: zone pivot="programming-language-java"  
+>[!IMPORTANT]
+> If multiple functions are configured to use a Cosmos DB trigger for the same collection, each of the functions should use a dedicated lease collection or specify a different `leaseCollectionPrefix` for each function. Otherwise, only one of the functions is triggered. For information about the prefix, see the [Annotations section](#annotations).
+::: zone-end
+::: zone pivot="programming-language-javascript,programming-language-powershell,programming-language-python"  
 >[!IMPORTANT]
 > If multiple functions are configured to use a Cosmos DB trigger for the same collection, each of the functions should use a dedicated lease collection or specify a different `leaseCollectionPrefix` for each function. Otherwise, only one of the functions will be triggered. For information about the prefix, see the [Configuration section](#configuration).
 ::: zone-end

articles/azure-monitor/app/overview-dashboard.md

@@ -50,6 +50,8 @@ To navigate back to the overview experience just select:
 
 There is currently a limit of 30 days of data for data displayed in a dashboard.If you select a time filter beyond 30 days, or if you select **Configure tile settings** and set a custom time range in excess of 30 days your dashboard will not display beyond 30 days of data, even with the default data retention of 90 days. There is currently no workaround for this behavior.
 
+The default Application Dashboard is created during Application Insights resource creation. If you move or rename your Application Insights instance, then queries on the dashboard will fail with Resource not found errors as the dashboard queries rely on the original resource URI. Delete the default dashboard, then from the Application Insights Overview resource menu select Application Dashboard again and the default dashboard will be re-created with the new resource name. Make other custom edits to the dashboard as needed.
+
 ## Next steps
 
 - [Funnels](./usage-funnels.md)

articles/azure-monitor/change/change-analysis-enable.md

@@ -5,7 +5,7 @@ ms.topic: conceptual
 ms.author: hannahhunter
 author: hhunter-ms
 ms.contributor: cawa
-ms.date: 07/29/2022 
+ms.date: 08/10/2022 
 ms.subservice: change-analysis
 ms.custom: devx-track-azurepowershell
 ---
@@ -26,6 +26,9 @@ In this guide, you'll learn the two ways to enable Change Analysis for web app i
 - For one or a few web apps, enable Change Analysis via the UI.
 - For a large number of web apps (for example, 50+ web apps), enable Change Analysis using the provided PowerShell script.
 
+> [!NOTE]
+> Slot-level enablement for web app is not supported at the moment.
+
 ## Enable web app in-guest change collection via Azure Portal
 
 For web app in-guest changes, separate enablement is required for scanning code files within a web app. For more information, see [Change Analysis in the Diagnose and solve problems tool](change-analysis-visualizations.md#diagnose-and-solve-problems-tool) section.

articles/azure-monitor/change/tutorial-outages.md

@@ -6,7 +6,7 @@ ms.author: hannahhunter
 author: hhunter-ms
 ms.contributor: cawa
 ms.reviewer: cawa
-ms.date: 05/12/2022
+ms.date: 08/04/2022
 ms.subservice: change-analysis
 ms.custom: devx-track-azurepowershell
 ---
@@ -15,21 +15,72 @@ ms.custom: devx-track-azurepowershell
 
 When issues happen, one of the first things to check is what changed in application, configuration and resources to triage and root cause issues. Change Analysis provides a centralized view of the changes in your subscriptions for up to the past 14 days to provide the history of changes for troubleshooting issues.  
 
-In this tutorial, you learn how to: 
+In this tutorial, you will: 
 
 > [!div class="checklist"]
-> * Enable Change Analysis to track changes for Azure resources and for Azure Web App configurations
-> * Troubleshoot a Web App issue using Change Analysis
+> - Clone, create, and deploy a [sample web application](https://github.com/Azure-Samples/changeanalysis-webapp-storage-sample) with a storage account.
+> - Enable Change Analysis to track changes for Azure resources and for Azure Web App configurations
+> - Troubleshoot a Web App issue using Change Analysis
 
 ## Pre-requisites
 
-An Azure Web App with a Storage account dependency. Follow instructions at [ChangeAnalysis-webapp-storage-sample](https://github.com/Azure-Samples/changeanalysis-webapp-storage-sample) if you haven't already deployed one. 
+- Install [.NET 5.0 or above](https://dotnet.microsoft.com/download). 
+- Install [the Azure CLI](https://docs.microsoft.com/cli/azure/install-azure-cli). 
 
-## Enable Change Analysis
+## Set up the test application
+
+### Clone
 
-In the Azure portal, navigate to theChange Analysis service home page.  
+1. In your preferred terminal, log in to your Azure subscription.
+
+```bash
+az login
+az account set --s {azure-subscription-id}
+```
+
+1. Clone the [sample web application with storage to test Change Analysis](https://github.com/Azure-Samples/changeanalysis-webapp-storage-sample).
+
+```bash
+git clone https://github.com/Azure-Samples/changeanalysis-webapp-storage-sample.git
+```
+
+1. Change the working directory to the project folder.
+
+```bash
+cd changeanalysis-webapp-storage-sample
+``` 
+
+### Create and deploy
+
+1. Create and deploy the web application.
+
+```bash
+az webapp up --name {webapp_name} --sku S2 --location eastus
+```
+
+1. Make a note of the resource group created, if you'd like to deploy your storage account in the same resource group.
+
+1. Create the storage account.
+
+```bash
+az storage account create --name {storage_name} --resource-group {resourcegroup_name} --sku Standard_RAGRS --https-only
+```
+
+1. Show your new storage account connection string.
+
+```bash
+az storage account show-connection-string -g {resourcegroup_name} -n {storage_name}
+```
+
+1. Connect the web application to the storage account through **App Settings**.
+
+```bash
+az webapp config appsettings set -g {resourcegroup_name} -n {webapp_name} --settings AzureStorageConnection={storage_connectionstring_from_previous_step}
+```
+
+## Enable Change Analysis
 
-If this is your first time using Change Analysis service, the page may take up to a few minutes to register the `Microsoft.ChangeAnalysis` resource provider in your selected subscriptions.
+In the Azure portal, [navigate to the Change Analysis standalone UI](./change-analysis-visualizations.md). This may take a few minutes as the `Microsoft.ChangeAnalysis` resource provider is registered. 
 
 :::image type="content" source="./media/change-analysis/change-analysis-blade.png" alt-text="Screenshot of Change Analysis in Azure portal.":::
 

articles/cdn/cdn-overview.md

@@ -46,7 +46,9 @@ For a list of current CDN node locations, see [Azure CDN POP locations](cdn-pop-
 6. If the TTL for the file hasn't expired, the POP edge server returns the file directly from the cache. This process results in a faster, more responsive user experience.
 
 ## Requirements
-To use Azure CDN, you must own at least one Azure subscription. You also need to create at least one CDN profile, which is a collection of CDN endpoints. Every CDN endpoint represents a specific configuration of content deliver behavior and access. To organize your CDN endpoints by internet domain, web application, or some other criteria, you can use multiple profiles. Because [Azure CDN pricing](https://azure.microsoft.com/pricing/details/cdn/) is applied at the CDN profile level, you must create multiple CDN profiles if you want to use a mix of pricing tiers. For information about the Azure CDN billing structure, see [Understanding Azure CDN billing](cdn-billing.md).
+* To use Azure CDN, you must own at least one Azure subscription. 
+* You also need to create a CDN profile, which is a collection of CDN endpoints. Every CDN endpoint is a specific configuration which users can customize with required content delivery behavior and access. To organize your CDN endpoints by internet domain, web application, or some other criteria, you can use multiple profiles. 
+* Since [Azure CDN pricing](https://azure.microsoft.com/pricing/details/cdn/) is applied at the CDN profile level, you must create multiple CDN profiles if you want to use a mix of pricing tiers. For information about the Azure CDN billing structure, see [Understanding Azure CDN billing](cdn-billing.md).
 
 ### Limitations
 Each Azure subscription has default limits for the following resources:

articles/defender-for-cloud/defender-for-resource-manager-introduction.md

@@ -37,7 +37,7 @@ Microsoft Defender for Resource Manager automatically monitors the resource mana
 
 Microsoft Defender for Resource Manager protects against issues including:
 
-- **Suspicious resource management operations**, such as operations from malicious IP addresses, disabling antimalware and suspicious scripts running in VM extensions
+- **Suspicious resource management operations**, such as operations from malicious IP addresses, disabling antimalware, and suspicious scripts running in VM extensions
 - **Use of exploitation toolkits** like Microburst or PowerZure
 - **Lateral movement** from the Azure management layer to the Azure resources data plane
 

articles/defender-for-cloud/defender-for-sql-introduction.md

@@ -8,7 +8,7 @@ ms.custom: references_regions
 
 # Overview of Microsoft Defender for Azure SQL
 
-Microsoft Defender for Azure SQL includes two Microsoft Defender plans that extend Microsoft Defender for Cloud's [data security package](/azure/azure-sql/database/azure-defender-for-sql) to protect your SQL estate regardless of where it is located (Azure, multicloud or hybrid environments). Microsoft Defender for Azure SQL includes functions that can be used to discover and mitigate potential database vulnerabilities. Defender for Azure SQL can also detect anomalous activities that may be an indication of a threat to your databases.
+Microsoft Defender for Azure SQL includes two Microsoft Defender plans that extend Microsoft Defender for Cloud's [data security package](/azure/azure-sql/database/azure-defender-for-sql) to protect your SQL estate regardless of where it is located (Azure, multicloud, or hybrid environments). Microsoft Defender for Azure SQL includes functions that can be used to discover and mitigate potential database vulnerabilities. Defender for Azure SQL can also detect anomalous activities that may be an indication of a threat to your databases.
 
 ## Availability
 

articles/defender-for-cloud/integration-defender-for-endpoint.md

@@ -20,7 +20,7 @@ With Microsoft Defender for Servers, you can deploy [Microsoft Defender for Endp
 
 You can learn about Defender for Cloud's integration with Microsoft Defender for Endpoint by watching this video from the Defender for Cloud in the Field video series: [Defender for Servers integration with Microsoft Defender for Endpoint](episode-sixteen.md)
 
-For more information about migrating servers from Defender for Endpoint to Defender for Cloud, see the [Microsoft Defender for Endpoint to Microsoft Defender for Cloud Migration Guide](/microsoft-365/security/defender-endpoint/migrating-mde-server-to-cloud&preserve-view=true).
+For more information about migrating servers from Defender for Endpoint to Defender for Cloud, see the [Microsoft Defender for Endpoint to Microsoft Defender for Cloud Migration Guide](/microsoft-365/security/defender-endpoint/migrating-mde-server-to-cloud).
 
 ## Availability