Merge pull request #254147 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: Taojunshen

articles/active-directory/develop/msal-android-single-sign-on.md

@@ -218,17 +218,15 @@ The following browsers have been tested to see if they correctly redirect to the
 | ------------------- | :--------------: | -------------------------: | -------------: | -------------: | -------------: | -------------: |
 | Nexus 4 (API 17)    |       pass       |                       pass | not applicable | not applicable | not applicable | not applicable |
 | Samsung S7 (API 25) | pass<sup>1</sup> |                       pass |           pass |           pass |           fail |           pass |
-| Huawei (API 26)     | pass<sup>2</sup> |                       pass |           fail |           pass |           pass |           pass |
 | Vivo (API 26)       |       pass       |                       pass |           pass |           pass |           pass |           fail |
 | Pixel 2 (API 26)    |       pass       |                       pass |           pass |           pass |           fail |           pass |
-| Oppo                |       pass       | not applicable<sup>3</sup> | not applicable | not applicable | not applicable | not applicable |
+| Oppo                |       pass       | not applicable<sup>2</sup> | not applicable | not applicable | not applicable | not applicable |
 | OnePlus (API 25)    |       pass       |                       pass |           pass |           pass |           fail |           pass |
 | Nexus (API 28)      |       pass       |                       pass |           pass |           pass |           fail |           pass |
 | MI                  |       pass       |                       pass |           pass |           pass |           fail |           pass |
 
 <sup>1</sup>Samsung's built-in browser is Samsung Internet.<br/>
-<sup>2</sup>Huawei's built-in browser is Huawei Browser.<br/>
-<sup>3</sup>The default browser can't be changed inside the Oppo device setting.
+<sup>2</sup>The default browser can't be changed inside the Oppo device setting.
 
 ## Next steps
 

articles/active-directory/roles/best-practices.md

@@ -79,7 +79,7 @@ Some roles include privileged permissions, such as the ability to update credent
 
 :::image type="content" source="./media/best-practices/privileged-role-assignments-warning.png" alt-text="Screenshot of the Microsoft Entra roles and administrators page that shows the privileged role assignments warning." lightbox="./media/best-practices/privileged-role-assignments-warning.png":::
 
- You can identity roles, permissions, and role assignments that are privileged by looking for the **PRIVILEGED** label. For more information, see [Privileged roles and permissions in Microsoft Entra ID](privileged-roles-permissions.md).
+ You can identify roles, permissions, and role assignments that are privileged by looking for the **PRIVILEGED** label. For more information, see [Privileged roles and permissions in Microsoft Entra ID](privileged-roles-permissions.md).
 
 <a name='7-use-groups-for-azure-ad-role-assignments-and-delegate-the-role-assignment'></a>
 

articles/active-directory/saas-apps/amazon-business-provisioning-tutorial.md

@@ -107,6 +107,21 @@ This section guides you through the steps to configure the Microsoft Entra provi
 
  	![Screenshot of Token.](media/amazon-business-provisioning-tutorial/test-connection.png)
 
+   For **Tenant URL** and **Authorization endpoint** values please use the table below
+
+   |Country|Tenant URL|Authorization endpoint
+   |---|---|---|
+   |Canada|https://na.business-api.amazon.com/scim/v2/|https://www.amazon.ca/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |Germany|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.de/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |Spain|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.es/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |France|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.fr/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |GB/UK|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.co.uk/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |India|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.in/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |Italy|https://eu.business-api.amazon.com/scim/v2/|https://www.amazon.it/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |Japan|https://jp.business-api.amazon.com/scim/v2/|https://www.amazon.co.jp/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |Mexico|https://na.business-api.amazon.com/scim/v2/|https://www.amazon.com.mx/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+   |US|https://na.business-api.amazon.com/scim/v2/|https://www.amazon.com/b2b/abws/oauth?state=1&redirect_uri=https://portal.azure.com/TokenAuthorize&applicationId=amzn1.sp.solution.ee27ec8c-1ee9-4c6b-9e68-26bdc37479d3|
+
 1. In the **Notification Email** field, enter the email address of a person or group who should receive the provisioning error notifications and select the **Send an email notification when a failure occurs** check box.
 
 	![Screenshot of Notification Email.](common/provisioning-notification-email.png)
@@ -123,9 +138,9 @@ This section guides you through the steps to configure the Microsoft Entra provi
    |active|Boolean||
    |emails[type eq "work"].value|String||
    |name.givenName|String||
-   |name.givenName|String||
-   |externalId|String||
+   |name.familyName|String||
    |externalId|String||
+   |roles|List of appRoleAssignments [appRoleAssignments]||
 
 1. Under the **Mappings** section, select **Synchronize Microsoft Entra groups to Amazon Business**.
 

articles/ai-services/Anomaly-Detector/includes/quickstarts/anomaly-detector-client-library-python.md

@@ -185,6 +185,7 @@ To visualize the anomalies and change points in relation to the sample data seri
     import pandas as pd
     import matplotlib.pyplot as plt
     import matplotlib.dates as mdates
+    import os
 
     API_KEY = os.environ['ANOMALY_DETECTOR_API_KEY']
     ENDPOINT = os.environ['ANOMALY_DETECTOR_ENDPOINT']

articles/ai-services/openai/how-to/managed-identity.md

@@ -21,7 +21,7 @@ In the following sections, you'll use  the Azure CLI to assign roles, and obtain
 
 - An Azure subscription - <a href="https://azure.microsoft.com/free/cognitive-services" target="_blank">Create one for free</a>
 - Access granted to the Azure OpenAI Service in the desired Azure subscription
--   Currently, access to this service is granted only by application. You can apply for access to Azure OpenAI by completing the form at [https://aka.ms/oai/access</a>. Open an issue on this repo to contact us if you have an issue.
+-   Currently, access to this service is granted only by application. You can apply for access to Azure OpenAI by completing the [Request Access to Azure OpenAI Service form](https://aka.ms/oai/access). Open an issue on this repo to contact us if you have an issue.
 
 - [Custom subdomain names are required to enable features like Azure Active Directory (Azure AD) for authentication.](
 ../../cognitive-services-custom-subdomains.md)

articles/ai-services/openai/how-to/role-based-access-control.md

@@ -14,7 +14,7 @@ recommendations: false
 
 # Role-based access control for Azure OpenAI Service
 
-Azure OpenAI Service supports Azure role-based access control (Azure RBAC), an authorization system for managing individual access to Azure resources. Using Azure RBAC, you assign different team members different levels of permissions based on their needs for a given project. For more information, see the [Azure RBAC documentation](../../../role-based-access-control/index.yml) for more information.
+Azure OpenAI Service supports Azure role-based access control (Azure RBAC), an authorization system for managing individual access to Azure resources. Using Azure RBAC, you assign different team members different levels of permissions based on their needs for a given project. For more information, see the [Azure RBAC documentation](../../../role-based-access-control/index.yml).
 
 ## Add role assignment to an Azure OpenAI resource
 

articles/data-factory/how-to-create-custom-event-trigger.md

@@ -74,7 +74,7 @@ Data Factory expects events to follow the [Event Grid event schema](../event-gri
 1. Select your custom topic from the Azure subscription dropdown or manually enter the event topic scope.
 
    > [!NOTE]
-   > To create or modify a custom event trigger in Data Factory, you need to use an Azure account with appropriate role-based access control (Azure RBAC). No additional permission is required. The Data Factory service principle does *not* require special permission to your Event Grid. For more information about access control, see the [Role-based access control](#role-based-access-control) section.
+   > To create or modify a custom event trigger in Data Factory, you need to use an Azure account with appropriate role-based access control (Azure RBAC). No additional permission is required. The Data Factory service principal does *not* require special permission to your Event Grid. For more information about access control, see the [Role-based access control](#role-based-access-control) section.
 
 1. The **Subject begins with** and **Subject ends with** properties allow you to filter for trigger events. Both properties are optional.
 

articles/defender-for-cloud/defender-for-containers-vulnerability-assessment-azure.md

@@ -30,7 +30,7 @@ Container vulnerability assessment powered by Qualys has the following capabilit
     | Recommendation | Description | Assessment Key
     |--|--|--|
     | [Container registry images should have vulnerability findings resolved (powered by Qualys)](https://ms.portal.azure.com/#view/Microsoft_Azure_Security_CloudNativeCompute/ContainerRegistryRecommendationDetailsBlade/assessmentKey/dbd0cb49-b563-45e7-9724-889e799fa648)| Container image vulnerability assessment scans your registry for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. | dbd0cb49-b563-45e7-9724-889e799fa648 |
-    | [Running container images should have vulnerability findings resolved (powered by Qualys)](https://ms.portal.azure.com/#view/Microsoft_Azure_Security_CloudNativeCompute/KubernetesRuntimeVisibilityRecommendationDetailsBlade/assessmentKey/41503391-efa5-47ee-9282-4eff6131462c) | Container image vulnerability assessment scans container images running on your Kubernetes clusters for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. | 41503391-efa5-47ee-9282-4eff6131462c/ |
+    | [Running container images should have vulnerability findings resolved (powered by Qualys)](https://ms.portal.azure.com/#view/Microsoft_Azure_Security_CloudNativeCompute/KubernetesRuntimeVisibilityRecommendationDetailsBlade/assessmentKey/41503391-efa5-47ee-9282-4eff6131462c) | Container image vulnerability assessment scans container images running on your Kubernetes clusters for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. | 41503391-efa5-47ee-9282-4eff6131462c |
 
 - **Query vulnerability information via the Azure Resource Graph** - Ability to query vulnerability information via the [Azure Resource Graph](/azure/governance/resource-graph/overview#how-resource-graph-complements-azure-resource-manager). Learn how to [query recommendations via the ARG](review-security-recommendations.md#review-recommendation-data-in-azure-resource-graph-arg).
 

articles/machine-learning/prompt-flow/how-to-deploy-for-real-time-inference.md

@@ -281,6 +281,16 @@ Select **Metrics** tab in the left navigation. Select **promptflow standard metr
 
 ## Troubleshoot endpoints deployed from prompt flow
 
+### Model response taking too long
+
+Sometimes you may notice that the deployment is taking too long to respond. There are several potential factors for this to occur. 
+
+- Model is not powerful enough (ex. use gpt over text-ada)
+- Index query is not optimized and taking too long
+- Flow has many steps to process
+
+Consider optimizing the endpoint with above considerations to improve the performance of the model.
+
 ### Unable to fetch deployment schema
 
 After you deploy the endpoint and want to test it in the **Test tab** in the endpoint detail page, if the **Test tab** shows **Unable to fetch deployment schema** like following, you can try the following 2 methods to mitigate this issue: