Skip to content

Commit 34279a9

Browse files
authored
Merge pull request #103699 from MicrosoftDocs/repo_sync_working_branch
Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)
2 parents 7820fac + b03d88b commit 34279a9

File tree

9 files changed

+17
-15
lines changed

9 files changed

+17
-15
lines changed

articles/active-directory/develop/quickstart-v2-windows-desktop.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ In this quickstart, you'll learn how to write a Windows desktop .NET (WPF) appli
4646
> - In the **Supported account types** section, select **Accounts in any organizational directory and personal Microsoft accounts (for example, Skype, Xbox, Outlook.com)**.
4747
> - Select **Register** to create the application.
4848
> 1. In the list of pages for the app, select **Authentication**.
49-
> 1. In the **Redirect URIs** | **Suggested Redirect URIs for public clients (mobile, desktop)** section, check **https://login.microsoftonline.com/common/oauth2/nativeclient**.
49+
> 1. In the **Redirect URIs** | **Suggested Redirect URIs for public clients (mobile, desktop)** section, use **https://login.microsoftonline.com/common/oauth2/nativeclient**.
5050
> 1. Select **Save**.
5151
5252
> [!div class="sxs-lookup" renderon="portal"]
@@ -110,6 +110,7 @@ Then, initialize MSAL using the following code:
110110
```csharp
111111
public static IPublicClientApplication PublicClientApp;
112112
PublicClientApplicationBuilder.Create(ClientId)
113+
.WithRedirectUri("https://login.microsoftonline.com/common/oauth2/nativeclient")
113114
.WithAuthority(AzureCloudInstance.AzurePublic, Tenant)
114115
.Build();
115116
```

articles/aks/use-managed-identity.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ You must have the following resources installed:
4040
To install the aks-preview 0.4.14 extension or later, use the following Azure CLI commands:
4141

4242
```azurecli
43-
az extension update --name aks-preview
43+
az extension add --name aks-preview
4444
az extension list
4545
```
4646

articles/azure-government/compliance/azure-services-in-fedramp-auditscope.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -272,5 +272,5 @@ This article provides a detailed list of in-scope cloud services across Azure Pu
272272
| [VPN Gateway](https://azure.microsoft.com/services/vpn-gateway/) | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
273273
| [Web Apps (App Service)](https://azure.microsoft.com/services/app-service/web/) | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
274274

275-
***** Some services such as the Azure portal and Azure Resource Manager do not store or process DoD CC SRG IIL 5 content, however still inherit the IIL5 control set.
275+
***** Some services such as the Azure portal and Azure Resource Manager do not store or process DoD CC SRG IL 5 content, however still inherit the IL5 control set.
276276

articles/azure-monitor/platform/autoscale-best-practices.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ Similarly, when autoscale switches back to the default profile, it first checks
107107

108108
### Considerations for scaling when multiple rules are configured in a profile
109109

110-
There are cases where you may have to set multiple rules in a profile. The following autoscale rules are used by services when multiple rules are set.
110+
There are cases where you may have to set multiple rules in a profile. The following autoscale rules are used by the autoscale engine when multiple rules are set.
111111

112112
On *scale-out*, autoscale runs if any rule is met.
113113
On *scale-in*, autoscale require all rules to be met.
@@ -127,13 +127,13 @@ Then the follow occurs:
127127
On the other hand, if CPU is 25% and memory is 51% autoscale does **not** scale-in. In order to scale-in, CPU must be 29% and Memory 49%.
128128

129129
### Always select a safe default instance count
130-
The default instance count is important autoscale scales your service to that count when metrics are not available. Therefore, select a default instance count that's safe for your workloads.
130+
The default instance count is important because autoscale scales your service to that count when metrics are not available. Therefore, select a default instance count that's safe for your workloads.
131131

132132
### Configure autoscale notifications
133133
Autoscale will post to the Activity Log if any of the following conditions occur:
134134

135-
* Autoscale issues a scale operation
136-
* Autoscale service successfully completes a scale action
135+
* Autoscale issues a scale operation.
136+
* Autoscale service successfully completes a scale action.
137137
* Autoscale service fails to take a scale action.
138138
* Metrics are not available for autoscale service to make a scale decision.
139139
* Metrics are available (recovery) again to make a scale decision.

articles/azure-monitor/platform/autoscale-webhook-email.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,8 @@ Webhooks allow you to route the Azure alert notifications to other systems for p
1414
## Email
1515
Email can be sent to any valid email address. Administrators and co-administrators of the subscription where the rule is running will also be notified.
1616

17-
## Cloud Services and Web Apps
18-
You can opt-in from the Azure portal for Cloud Services and Server Farms (Web Apps).
17+
## Cloud Services and App Services
18+
You can opt-in from the Azure portal for Cloud Services and Server Farms (App Services).
1919

2020
* Choose the **scale by** metric.
2121

articles/cognitive-services/LUIS/developer-reference-resource.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@ Bot framework provides [several tools](https://github.com/microsoft/botbuilder-t
7171
* [LUIS CLI](https://github.com/microsoft/botbuilder-tools/blob/master/packages/LUIS) - Create and manage your LUIS.ai applications
7272
* [Dispatch](https://github.com/microsoft/botbuilder-tools/blob/master/packages/Dispatch)- manage parent and child apps
7373
* [LUISGen](https://github.com/microsoft/botbuilder-tools/blob/master/packages/LUISGen) - Auto generate backing C#/Typescript classes for your LUIS intents and entities.
74-
* [Bot emulator](https://github.com/Microsoft/BotFramework-Emulator/releases) - a desktop application that allows bot developers to test and debug bots built using the Bot Framework SDK
74+
* [Bot Framework emulator](https://github.com/Microsoft/BotFramework-Emulator/releases) - a desktop application that allows bot developers to test and debug bots built using the Bot Framework SDK
7575

7676

7777
## Next steps
@@ -80,4 +80,4 @@ Bot framework provides [several tools](https://github.com/microsoft/botbuilder-t
8080
* [Reference documentation](https://docs.microsoft.com/azure/index#pivot=sdkstools) for all APIs and SDKs
8181
* [Bot framework](https://github.com/Microsoft/botbuilder-dotnet) and [Azure Bot Service](https://dev.botframework.com/)
8282
* [LUDown](https://github.com/microsoft/botbuilder-tools/blob/master/packages/Ludown)
83-
* [Cognitive Containers](../cognitive-services-container-support.md)
83+
* [Cognitive Containers](../cognitive-services-container-support.md)

articles/machine-learning/how-to-deploy-functions.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ When `show_output=True`, the output of the Docker build process is shown. Once t
115115
116116
## Deploy image as a web app
117117
118-
1. Use the following command to get the login credentials for the Azure Container Registry that contains the image. Replace `<acrinstance>` with the value returned previously from `package.location`:
118+
1. Use the following command to get the login credentials for the Azure Container Registry that contains the image. Replace `<myacr>` with the value returned previously from `package.location`:
119119
120120
```azurecli-interactive
121121
az acr credential show --name <myacr>
@@ -174,7 +174,7 @@ When `show_output=True`, the output of the Docker build process is shown. Once t
174174
1. Create the storage account to use for the blob trigger storage and get it's connection string. Replace `<triggerStorage>` with the name you want to use.
175175
176176
```azurecli-interactive
177-
az storage account create --name triggerStorage --location westeurope --resource-group myresourcegroup --sku Standard_LRS
177+
az storage account create --name <triggerStorage> --location westeurope --resource-group myresourcegroup --sku Standard_LRS
178178
```
179179
```azurecli-interactive
180180
az storage account show-connection-string --resource-group myresourcegroup --name <triggerStorage> --query connectionString --output tsv
@@ -250,4 +250,4 @@ At this point, the function app begins loading the image.
250250
* Learn more about Blob storage triggers [Azure Blob storage bindings](https://docs.microsoft.com/azure/azure-functions/functions-bindings-storage-blob).
251251
* [Deploy your model to Azure App Service](how-to-deploy-app-service.md).
252252
* [Consume a ML Model deployed as a web service](how-to-consume-web-service.md)
253-
* [API Reference](https://docs.microsoft.com/python/api/azureml-contrib-functions/azureml.contrib.functions?view=azure-ml-py)
253+
* [API Reference](https://docs.microsoft.com/python/api/azureml-contrib-functions/azureml.contrib.functions?view=azure-ml-py)

articles/search/cognitive-search-custom-skill-python.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ The Azure Functions project template in Visual Studio Code creates a project tha
5353

5454
Visual Studio Code creates the function app project in a new workspace. This project contains the [host.json](../azure-functions/functions-host-json.md) and [local.settings.json](../azure-functions/functions-run-local.md#local-settings-file) configuration files, plus any language-specific project files.
5555

56-
A new HTTP triggered function is also created in the **Concatenator** folder of the function app project. Inside it there will be a file called "\__init__.py", with this content:
56+
A new HTTP triggered function is also created in the **Concatenator** folder of the function app project. Inside it there will be a file called "\_\_init__.py", with this content:
5757

5858
```py
5959
import logging

articles/storage/common/storage-sas-overview.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,7 @@ The following recommendations for using shared access signatures can help mitiga
106106
- **Use near-term expiration times on an ad hoc SAS service SAS or account SAS.** In this way, even if a SAS is compromised, it's valid only for a short time. This practice is especially important if you cannot reference a stored access policy. Near-term expiration times also limit the amount of data that can be written to a blob by limiting the time available to upload to it.
107107
- **Have clients automatically renew the SAS if necessary.** Clients should renew the SAS well before the expiration, in order to allow time for retries if the service providing the SAS is unavailable. If your SAS is meant to be used for a small number of immediate, short-lived operations that are expected to be completed within the expiration period, then this may be unnecessary as the SAS is not expected to be renewed. However, if you have client that is routinely making requests via SAS, then the possibility of expiration comes into play. The key consideration is to balance the need for the SAS to be short-lived (as previously stated) with the need to ensure that the client is requesting renewal early enough (to avoid disruption due to the SAS expiring prior to successful renewal).
108108
- **Be careful with SAS start time.** If you set the start time for a SAS to **now**, then due to clock skew (differences in current time according to different machines), failures may be observed intermittently for the first few minutes. In general, set the start time to be at least 15 minutes in the past. Or, don't set it at all, which will make it valid immediately in all cases. The same generally applies to expiry time as well--remember that you may observe up to 15 minutes of clock skew in either direction on any request. For clients using a REST version prior to 2012-02-12, the maximum duration for a SAS that does not reference a stored access policy is 1 hour, and any policies specifying longer term than that will fail.
109+
- **Be careful with SAS datetime format.** If you set the start time and/or expiry for a SAS, for some utilities (for example for the command-line utility AzCopy) you need the datetime format to be '+%Y-%m-%dT%H:%M:%SZ', specifically including the seconds in order for it to work using the SAS token.
109110
- **Be specific with the resource to be accessed.** A security best practice is to provide a user with the minimum required privileges. If a user only needs read access to a single entity, then grant them read access to that single entity, and not read/write/delete access to all entities. This also helps lessen the damage if a SAS is compromised because the SAS has less power in the hands of an attacker.
110111
- **Understand that your account will be billed for any usage, including via a SAS.** If you provide write access to a blob, a user may choose to upload a 200 GB blob. If you've given them read access as well, they may choose to download it 10 times, incurring 2 TB in egress costs for you. Again, provide limited permissions to help mitigate the potential actions of malicious users. Use short-lived SAS to reduce this threat (but be mindful of clock skew on the end time).
111112
- **Validate data written using a SAS.** When a client application writes data to your storage account, keep in mind that there can be problems with that data. If your application requires that data be validated or authorized before it is ready to use, you should perform this validation after the data is written and before it is used by your application. This practice also protects against corrupt or malicious data being written to your account, either by a user who properly acquired the SAS, or by a user exploiting a leaked SAS.

0 commit comments

Comments
 (0)