Merge branch 'main' into release-cogsvcs-orchestration

Author: v-alje

.openpublishing.publish.config.json

@@ -899,6 +899,7 @@
     "articles/virtual-machine-scale-sets/.openpublishing.redirection.virtual-machine-scale-sets.json",
     "articles/mysql/.openpublishing.redirection.mysql.json",
     "articles/container-apps/.openpublishing.redirection.container-apps.json",
-    "articles/spring-cloud/.openpublishing.redirection.spring-cloud.json"
+    "articles/spring-cloud/.openpublishing.redirection.spring-cloud.json",
+    "articles/load-testing/.openpublishing.redirection.azure-load-testing.json"
   ]
 }

.openpublishing.redirection.azure-monitor.json

@@ -24,6 +24,22 @@
             "source_path_from_root": "/articles/azure-monitor/agents/data-collection-rule-overview.md",
             "redirect_url": "/azure/azure-monitor/essentials/data-collection-rule-overview",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis-visualizations.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis-visualizations",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis-troubleshoot.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis-troubleshoot",
+            "redirect_document_id": false
         }
+
     ]
 }

.openpublishing.redirection.json

@@ -5982,7 +5982,7 @@
       "source_path_from_root": "/articles/azure-functions/functions-test-a-function.md",
       "redirect_url": "/azure/azure-functions/supported-languages",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/azure-app-configuration/quickstart-azure-function-csharp.md",
       "redirect_url": "/azure/azure-app-configuration/quickstart-azure-functions-csharp",
@@ -7787,7 +7787,7 @@
       "source_path_from_root": "/articles/cognitive-services/LUIS/luis-tutorial-review-endpoint-utterances.md",
       "redirect_url": "/azure/cognitive-services/LUIS/how-to/improve-application",
       "redirect_document_id": false
-    }, 
+    },
     {
       "source_path_from_root": "/articles/cognitive-services/LUIS/luis-concept-enterprise.md",
       "redirect_url": "/azure/cognitive-services/LUIS/how-to/improve-application",
@@ -12088,7 +12088,6 @@
       "redirect_url": "/azure/azure-signalr/signalr-tutorial-authenticate-azure-functions",
       "redirect_document_id": true
     },
-
     {
       "source_path_from_root": "/articles/cognitive-services/form-recognizer/build-training-data-set.md",
       "redirect_url": "/azure/applied-ai-services/form-recognizer/build-training-data-set",
@@ -14669,7 +14668,7 @@
       "redirect_url": "/azure/data-explorer/manage-cluster-vertical-scaling",
       "redirect_document_id": false
     },
-        {
+    {
       "source_path_from_root": "/articles/postgresql/howto-manage-firewall-using-cli.md",
       "redirect_url": "/azure/postgresql/quickstart-create-server-database-azure-cli#configure-a-server-based-firewall-rule",
       "redirect_document_id": true
@@ -15188,7 +15187,7 @@
       "source_path_from_root": "/articles/defender-for-iot/device-builders/quickstart-azure-rtos-security-module.md",
       "redirect_url": "/azure/defender-for-iot/device-builders/how-to-quickstart-azure-rtos-security-module",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/defender-for-iot/organizations/integration-cisco-ise-pxgrid.md",
       "redirect_url": "/azure/defender-for-iot/organizations/integration-forescout",
@@ -17733,7 +17732,7 @@
       "source_path_from_root": "/articles/lab-services/class-type-ethical-hacking-virtualbox.md",
       "redirect_url": "/azure/lab-services/class-types",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/lab-services/classroom-labs/class-type-jupyter-notebook.md",
       "redirect_url": "/azure/lab-services/class-type-jupyter-notebook",
@@ -26038,12 +26037,12 @@
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-javascript-client-libraries-legacy.md",
       "redirect_url": "/azure/storage/blobs/quickstart-blobs-javascript-browser",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-nodejs-legacy.md",
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs",
       "redirect_document_id": false
-    },        
+    },
     {
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-nodejs-v10.md",
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs",
@@ -33299,7 +33298,7 @@
       "redirect_url": "https://azure.microsoft.com/services/cognitive-services/",
       "redirect_document_id": false
     },
-        {
+    {
       "source_path_from_root": "/articles/machine-learning/studio/whats-new.md",
       "redirect_url": "https://azure.microsoft.com/updates/?product=machine-learning-studio",
       "redirect_document_id": false
@@ -43955,34 +43954,94 @@
       "redirect_document_id": false
     },
     {
-    "source_path_from_root": "/articles/azure/virtual-desktop/azure-advisor.md",
-    "redirect_url": "/azure/advisor/advisor-overview",
-    "redirect_document_id": false
+      "source_path_from_root": "/articles/azure/virtual-desktop/azure-advisor.md",
+      "redirect_url": "/azure/advisor/advisor-overview",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-wpf-translation-csharp.md",
       "redirect_url": "/ai-builder/flow-text-translation?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
       "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-build-flask-app-translation-synthesis.md",
-        "redirect_url": "/learn/modules/translate-text-with-translator-service?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
-        "redirect_document_id": false
-      },
-      {
-        "source_path": "articles/machine-learning/classic/deploy-with-resource-manager-template.md",
-        "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-with-resource-manager-template",
-        "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/governance/policy/how-to/guest-configuration-create-group-policy.md",
-        "redirect_url": "/azure/governance/policy/how-to/guest-configuration-create",
-        "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/virtual-desktop/compare-virtual-desktop-windows-365.md",
-        "redirect_url": "/azure/virtual-desktop/overview",
-        "redirect_document_id": false
-      }
+    },
+    {
+      "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-build-flask-app-translation-synthesis.md",
+      "redirect_url": "/learn/modules/translate-text-with-translator-service?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/machine-learning/classic/deploy-with-resource-manager-template.md",
+      "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-with-resource-manager-template",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/policy/how-to/guest-configuration-create-group-policy.md",
+      "redirect_url": "/azure/governance/policy/how-to/guest-configuration-create",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/virtual-desktop/compare-virtual-desktop-windows-365.md",
+      "redirect_url": "/azure/virtual-desktop/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cis-azure-1-1-0.md",
+      "redirect_url": "/azure/governance/policy/samples/cis-azure-1-1-0",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cis-azure-1-3-0.md",
+      "redirect_url": "/azure/governance/policy/samples/cis-azure-1-3-0",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cmmc-l3.md",
+      "redirect_url": "/azure/governance/policy/samples/cmmc-l3",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/hipaa-hitrust-9-2.md",
+      "redirect_url": "/azure/governance/policy/samples/hipaa-hitrust-9-2",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/irs-1075-sept2016",
+      "redirect_url": "/azure/governance/policy/samples/irs-1075-sept2016",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/nist-sp-800-171-r2",
+      "redirect_url": "/azure/governance/policy/samples/nist-sp-800-171-r2",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/control-mapping.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/deploy.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/index.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/control-mapping.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/deploy.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/index.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    }
   ]
-}
+}

articles/active-directory/app-proxy/application-proxy-faq.yml

@@ -4,7 +4,7 @@ metadata:
   description: Learn answers to frequently asked questions (FAQ) about using Azure AD Application Proxy to publish internal, on-premises applications to remote users.  
   services: active-directory
   author: kenwith
-  manager: karenhoran
+  manager: 
   ms.service: active-directory
   ms.subservice: app-proxy
   ms.workload: identity
@@ -19,6 +19,16 @@ summary: This page answers frequently asked questions about Azure Active Directo
 sections:
   - name: General
     questions:
+
+      - question: |
+         Can I modify an App Proxy app from the **App registrations** page in the Azure portal?
+        answer: |
+            No, the following configuration items are being used by app proxy and should not be altered or deleted:
+            -	Enable/Disable “Allow public clients flows”.
+            -	CWAP_AuthSecret (Client secrets).
+            -	API Permissions.
+            Modifying any of the above configuration items on the App registration page will break pre-authentication for Azure AD Application Proxy. 
+
       - question: |
          Can I delete an App Proxy app from the App registrations page in the Azure portal? 
         answer: |
@@ -125,6 +135,12 @@ sections:
           
   - name: Application configuration
     questions:
+      - question: |
+         Can I use the domain suffixes [tenantname].onmicrosoft.com or [tenantname].mail.onmicrosoft.com in the external URL?
+        answer: |
+            Although these suffixes appear in the suffix list, you should not use them. These domain suffixes are not meant to be used with Azure AD Application Proxy. If you use these domain suffixes, the created Azure AD Application Proxy application won't work.
+            You can use either the standard domain suffix `msappproxy.net` or a [custom domain](application-proxy-configure-custom-domain.md).
+
       - question: |
          I am receiving an error about an invalid certificate or possible wrong password
         answer: |
@@ -182,6 +198,53 @@ sections:
         answer: |
               Application Proxy does not automatically add the HTTP Strict-Transport-Security header to HTTPS responses, but it will maintain the header if it is in the original response sent by the published application. Proving a setting to enable this functionality is on the roadmap.
 
+      - question: |
+         Can I use a custom port number in the external URL?
+        answer: |
+              No, if the protocol `http` is configured in the external URL then the Azure AD Application Proxy endpoint accepts incoming request on the port TCP 80, if the protocol `https` then on the port TCP 443.
+
+      - question: |
+         Can I use a custom port number in the internal URL?
+        answer: |
+              Yes, some examples for internal URLs including ports: `http://app.contoso.local:8888/`, `https://app.contoso.local:8080/`, `https://app.contoso.local:8081/test/`.
+
+      - question: |
+         What are the challenges, if the external and the internal URLs are different?
+        answer: |
+              Some responses sent by the published web applications might contain hard-coded URLs.
+              In this case it must be ensured by using a link translation solution that the client always uses the correct URL.
+              Link translation solutions might be complex and might not work in all the scenarios. You can find [here](application-proxy-configure-hard-coded-link-translation.md) our documented solutions for link translation.
+              
+              As best practice it is advised to use identical external and internal URLs. External and internal URLs are considered to be identical, if the `protocol://hostname:port/path/` in both URLs are identical.
+              
+              This can be achieved by using the [Custom Domains](application-proxy-configure-custom-domain.md) feature.
+              
+              Examples:
+              
+              Identical:
+              ```
+              External URL: https://app1.contoso.com/test/
+              Internal URL: https://app1.contoso.com/test/
+              ```
+              
+              Not identical:
+              
+              ```
+              External URL: https://app1.contoso.com/test/
+              Internal URL: http://app1.contoso.com/test/
+              
+              External URL: https://app1.contoso.com/test/
+              Internal URL: https://app1.contoso.com:8080/test/
+              
+              External URL: https://app1.msappproxy.net/test/
+              Internal URL: https://app1.contoso.com:/test/
+              ```
+              
+              Making the external and internal URLs identical is not possible. Different ports or using http and https must be used in the internal and external URLs.
+              
+              In some scenarios changes must be done in the configuration of the web app.
+
+
   - name: Integrated Windows authentication
     questions:
       - question: |

articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-onboard-aws.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: ciem
 ms.workload: identity
 ms.topic: how-to
-ms.date: 03/09/2022
+ms.date: 03/10/2022
 ms.author: v-ydequadros
 ---
 
@@ -18,18 +18,12 @@ ms.author: v-ydequadros
 > CloudKnox Permissions Management (CloudKnox) is currently in PREVIEW.
 > Some information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-> [!Note]
-> Sign up for the CloudKnox Permissions Management public preview by filling [this form](https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR9AT7gfYe2NPtdIbYxQQX45UNEpIVjY4WUJNSUhMVjcyNzdYOFY2NFhISi4u).
 
 This article describes how to onboard an Amazon Web Services (AWS) account on CloudKnox Permissions Management (CloudKnox).
 
 > [!NOTE] 
 > A *global administrator* or *super admin* (an admin for all authorization system types) can perform the tasks in this article after the global administrator has initially completed the steps provided in [Enable CloudKnox on your Azure Active Directory tenant](cloudknox-onboard-enable-tenant.md).
 
-## Prerequisites
-
-- To enable the CloudKnox **Feature highlights** tile in the Azure AD portal, [select this link to run the script in your browser](https://aka.ms/ciem-prod).
-- To use the CloudKnox public preview, we encourage you to fill out a consent form that provides other terms and conditions for the public preview product. To open the form, select [CloudKnox Permissions Management Public Preview: Terms and Conditions](https://aka.ms/ciem-terms).
 
 ## View a training video on configuring and onboarding an AWS account
 

articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-onboard-azure.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: ciem
 ms.workload: identity
 ms.topic: how-to
-ms.date: 03/09/2022
+ms.date: 03/10/2022
 ms.author: v-ydequadros
 ---
 
@@ -18,9 +18,6 @@ ms.author: v-ydequadros
 > CloudKnox Permissions Management (CloudKnox) is currently in PREVIEW.
 > Some information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-> [!Note]
-> Sign up for the CloudKnox Permissions Management public preview by filling [this form](https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR9AT7gfYe2NPtdIbYxQQX45UNEpIVjY4WUJNSUhMVjcyNzdYOFY2NFhISi4u).
-
 This article describes how to onboard a Microsoft Azure subscription or subscriptions on CloudKnox Permissions Management (CloudKnox). Onboarding a subscription creates a new authorization system to represent the Azure subscription in CloudKnox. 
 
 > [!NOTE] 
@@ -31,8 +28,7 @@ This article describes how to onboard a Microsoft Azure subscription or subscrip
 To add CloudKnox to your Azure AD tenant:
 - You must have an Azure AD user account and an Azure command-line interface (Azure CLI) on your system, or an Azure subscription. If you don't already have one, [create a free account](https://azure.microsoft.com/free/).
 - You must have **Microsoft.Authorization/roleAssignments/write** permission at the subscription or management group scope to perform these tasks. If you don't have this permission, you can ask someone who has this permission to perform these tasks for you.
-- To enable the CloudKnox **Feature highlights** tile in the Azure AD portal, [select this link to run the script in your browser](https://aka.ms/ciem-prod).
-- To use the CloudKnox public preview, we encourage you to fill out a consent form that provides other terms and conditions for the public preview product. To open the form, select [CloudKnox Permissions Management Public Preview: Terms and Conditions](https://aka.ms/ciem-terms).
+
 
 ## View a training video on enabling CloudKnox in your Azure AD tenant