Merge pull request #301119 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: TimShererWithAquent

articles/api-management/send-one-way-request-policy.md

@@ -89,6 +89,6 @@ This example uses the `send-one-way-request` policy to send a message to a Slack
 
 ## Related policies
 
-* [Intergration and external communication](api-management-policies.md#integration-and-external-communication)
+* [Integration and external communication](api-management-policies.md#integration-and-external-communication)
 
 [!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]

articles/confidential-computing/create-confidential-vm-from-compute-gallery.md

@@ -30,7 +30,7 @@ The resulting image version can be used only to create confidential VMs.
 This image version can be replicated within the source region **but cannot be replicated to a different region** or across subscriptions currently.
 
 > [!NOTE]
-> If you want to create an image from a Windows confidential VM that has confidential compute disk encryption enabled with a platform-managed key or a customer-managed key, you can only create a specialized image. This limitation exists because the generalization tool (**sysprep**), might not be able to generalized the encrypted image source. This limitation applies to the OS disk, which is implicitly created along with the Windows confidential VM, and the snapshot created from this OS disk.
+> If you want to create an image from a Windows confidential VM that has confidential compute disk encryption enabled with a platform-managed key or a customer-managed key, you can create a specialized or generalized image.
 
 ### Create a Confidential VM type image using Confidential VM capture
 

articles/container-apps/includes/java-get-started-introduction-and-prerequisites-and-install-azure-container-apps-cli-extension.md

@@ -19,7 +19,7 @@ By the end of this tutorial, you deploy a web application that you can manage th
 
 ## Prerequisites
 
-- An Azure subscription. [Create one for free.](https://azure.microsoft.com/free/).
+- An Azure subscription. [Create one for free](https://azure.microsoft.com/free/).
 - The `Contributor` or `Owner` permission on the Azure subscription. For more information, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.yml?tabs=current).
 - [A GitHub account](https://github.com/join).
 - [Git](https://git-scm.com/downloads)

articles/nat-gateway/nat-availability-zones.md

@@ -58,7 +58,7 @@ A zonal promise for zone isolation scenarios exists when a virtual machine insta
 *Figure 3: Zonal isolation by creating zonal stacks with the same zone NAT gateway, public IPs, and virtual machines provide the best method of ensuring zone resiliency against outages.*
 
 > [!NOTE]
-> Creating zonal stacks for each availability zone within a region is the most effective method for building zone-resiliency against outages for NAT gateway. However, ths configuration only safeguards the remaining availability zones where the outage did **not** take place. With this configuration, failure of outbound connectivity from a zone outage is isolated to the specific zone affected. The outage won't affect the other zonal stacks where other NAT gateways are deployed with their own subnets and zonal public IPs. 
+> Creating zonal stacks for each availability zone within a region is the most effective method for building zone-resiliency against outages for NAT gateway. However, this configuration only safeguards the remaining availability zones where the outage did **not** take place. With this configuration, failure of outbound connectivity from a zone outage is isolated to the specific zone affected. The outage won't affect the other zonal stacks where other NAT gateways are deployed with their own subnets and zonal public IPs. 
 
 ### Integration of inbound with a standard load balancer  
 

articles/oracle/oracle-db/oracle-database-network-plan.md

@@ -92,6 +92,7 @@ The following table describes required configurations of supported network featu
 When routing traffic to Oracle Database@Azure through a Network Virtual Appliance (NVA)/firewall, the User-Defined Route (UDR) prefix **must be at least as specific as the subnet delegated to the Oracle Database@Azure instance**. Broader prefixes may cause traffic to be dropped.
 
  If the delegated subnet for your instance is x.x.x.x/27, configure the UDR on the Gateway Subnet as:  
+
  | Route Prefix | Routing Outcome |
  |--------------|-----------------|
  |x.x.x.x/27 | (same as the subnet) ✅ | 

articles/role-based-access-control/permissions/analytics.md

@@ -706,8 +706,8 @@ Azure service: [Azure Synapse Analytics](/azure/synapse-analytics/)
 > | Microsoft.Synapse/workspaces/integrationRuntimes/removeLinks/action | Remove any Integration Runtime link |
 > | Microsoft.Synapse/workspaces/integrationRuntimes/enableInteractiveQuery/action | Enable Interactive query on any Integration Runtime |
 > | Microsoft.Synapse/workspaces/integrationRuntimes/disableInteractiveQuery/action | Disable Interactive query on any Integration Runtime |
-> | Microsoft.Synapse/workspaces/integrationRuntimes/refreshObjectMetadata/action | Refresh Object metadata on any Intergration Runtime |
-> | Microsoft.Synapse/workspaces/integrationRuntimes/getObjectMetadata/action | Get Object metadata on any Intergration Runtime |
+> | Microsoft.Synapse/workspaces/integrationRuntimes/refreshObjectMetadata/action | Refresh Object metadata on any Integration Runtime |
+> | Microsoft.Synapse/workspaces/integrationRuntimes/getObjectMetadata/action | Get Object metadata on any Integration Runtime |
 > | Microsoft.Synapse/workspaces/integrationRuntimes/nodes/read | Get any Integration Runtime Node. |
 > | Microsoft.Synapse/workspaces/integrationRuntimes/nodes/delete | Delete any Integration Runtime Node. |
 > | Microsoft.Synapse/workspaces/integrationRuntimes/nodes/write | Patch any Integration Runtime Node. |

articles/sentinel/includes/connector-details.md

@@ -127,7 +127,7 @@ ms.date: 06/10/2025
 |<a name="google-security-command-center"></a><details><summary>**Google Security Command Center** </summary> <br> The Google Cloud Platform (GCP) Security Command Center is a comprehensive security and risk management platform for Google Cloud, ingested from Sentinel's connector. It offers features such as asset inventory and discovery, vulnerability and threat detection, and risk mitigation and remediation to help you gain insight into your organization's security and data attack surface. This integration enables you to perform tasks related to findings and assets more effectively.<p> **Log Analytics table(s):** <br> - `GoogleCloudSCC`<p>**Data collection rule support:** <br>Not currently supported</details> | [Microsoft Corporation](https://support.microsoft.com/) | 
 |<a name="google-workspace-g-suite-using-azure-functions"></a><details><summary>**Google Workspace (G Suite) (using Azure Functions)** </summary> <br> The [Google Workspace](https://workspace.google.com/) data connector provides the capability to ingest Google Workspace Activity events into Microsoft Sentinel through the REST API. The connector provides ability to get [events](https://developers.google.com/admin-sdk/reports/v1/reference/activities) which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems, track who signs in and when, analyze administrator activity, understand how users create and share content, and more review events in your org.<p> **Log Analytics table(s):** <br> - `GWorkspace_ReportsAPI_admin_CL`<br>- `GWorkspace_ReportsAPI_calendar_CL`<br>- `GWorkspace_ReportsAPI_drive_CL`<br>- `GWorkspace_ReportsAPI_login_CL`<br>- `GWorkspace_ReportsAPI_mobile_CL`<br>- `GWorkspace_ReportsAPI_token_CL`<br>- `GWorkspace_ReportsAPI_user_accounts_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **REST API Credentials/permissions**: **GooglePickleString** is required for REST API. For more information, see [API](https://developers.google.com/admin-sdk/reports/v1/reference/activities). Instructions to obtain the credentials are shown during the installation process. You can check all [requirements and follow the instructions](https://developers.google.com/admin-sdk/reports/v1/quickstart/python) from here as well.</details> | [Microsoft Corporation](https://support.microsoft.com/) | 
 |<a name="greynoise-threat-intelligence-using-azure-functions"></a><details><summary>**GreyNoise Threat Intelligence (using Azure Functions)** </summary> <br> This Data Connector installs an Azure Function app to download GreyNoise indicators once per day and inserts them into the ThreatIntelligenceIndicator table in Microsoft Sentinel.<p> **Log Analytics table(s):** <br> - `ThreatIntelligenceIndicator`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **GreyNoise API Key**: Retrieve your GreyNoise API Key [here](https://viz.greynoise.io/account/api-key).</details> | [GreyNoise](https://docs.greynoise.io/) | 
-|<a name="hackerview-intergration-using-azure-functions"></a><details><summary>**HackerView Intergration (using Azure Functions)** </summary> <br> Through the API integration, you have the capability to retrieve all the issues related to your HackerView organizations via a RESTful interface.<p> **Log Analytics table(s):** <br> - `HackerViewLog_Azure_1_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).</details> | [Cyber Threat Management 360](https://www.ctm360.com/contact-us/) | 
+|<a name="hackerview-intergration-using-azure-functions"></a><details><summary>**HackerView Integration (using Azure Functions)** </summary> <br> Through the API integration, you have the capability to retrieve all the issues related to your HackerView organizations via a RESTful interface.<p> **Log Analytics table(s):** <br> - `HackerViewLog_Azure_1_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).</details> | [Cyber Threat Management 360](https://www.ctm360.com/contact-us/) | 
 |<a name="holm-security-asset-data-using-azure-functions"></a><details><summary>**Holm Security Asset Data (using Azure Functions)** </summary> <br> The connector provides the capability to poll data from Holm Security Center into Microsoft Sentinel.<p> **Log Analytics table(s):** <br> - `net_assets_CL`<br>- `web_assets_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **Holm Security API Token**: Holm Security API Token is required. [Holm Security API Token](https://support.holmsecurity.com/)</details> | [Holm Security](https://support.holmsecurity.com/) | 
 |<a name="iis-logs-of-microsoft-exchange-servers"></a><details><summary>**IIS Logs of Microsoft Exchange Servers** </summary> <br> [Option 5] - Using Azure Monitor Agent - You can stream all IIS Logs from the Windows machines connected to your Microsoft Sentinel workspace using the Windows agent. This connection enables you to create custom alerts, and improve investigation.<p> **Log Analytics table(s):** <br> - `W3CIISLog`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - Azure Log Analytics will be deprecated, to collect data from non-Azure VMs, Azure Arc is recommended. [Learn more](/azure/azure-monitor/agents/azure-monitor-agent-install?tabs=ARMAgentPowerShell,PowerShellWindows,PowerShellWindowsArc,CLIWindows,CLIWindowsArc)<p> - **Detailled documentation**: >**NOTE:** Detailled documentation on Installation procedure and usage can be found [here](https://aka.ms/MicrosoftExchangeSecurityGithub)</details> | [Community](https://github.com/Azure/Azure-Sentinel/issues) | 
 |<a name="illumio-saas-using-azure-functions"></a><details><summary>**Illumio SaaS (using Azure Functions)** </summary> <br> [Illumio](https://www.illumio.com/) connector provides the capability to ingest events into Microsoft Sentinel. The connector provides ability to ingest auditable and flow events from AWS S3 bucket.<p> **Log Analytics table(s):** <br> - `Illumio_Auditable_Events_CL`<br>- `Illumio_Flow_Events_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **SQS and AWS S3 account credentials/permissions**: **AWS_SECRET**, **AWS_REGION_NAME**, **AWS_KEY**, **QUEUE_URL** is required.   If you are using s3 bucket provided by Illumio, contact Illumio support. At your request they will provide you with the AWS S3 bucket name, AWS SQS url and AWS credentials to access them.<p> - **Illumio API key and secret**: **ILLUMIO_API_KEY**, **ILLUMIO_API_SECRET** is required for a workbook to make connection to SaaS PCE and fetch api responses.</details> | [Illumio](https://www.illumio.com/) |