Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into dns-upd

Author: greg-lindsay

.openpublishing.publish.config.json

@@ -374,12 +374,6 @@
       "branch": "master",
       "branch_mapping": {}
     },
-    {
-      "path_to_root": "media-services-v3-dotnet-quickstarts",
-      "url": "https://github.com/Azure-Samples/media-services-v3-dotnet-quickstarts",
-      "branch": "master",
-      "branch_mapping": {}
-    },
     {
       "path_to_root": "media-services-v3-dotnet-tutorials",
       "url": "https://github.com/Azure-Samples/media-services-v3-dotnet-tutorials",

articles/active-directory/develop/howto-create-self-signed-certificate.md

@@ -23,7 +23,7 @@ Azure Active Directory (Azure AD) supports two types of authentication for servi
 For testing, you can use a self-signed public certificate instead of a Certificate Authority (CA)-signed certificate. This article shows you how to use Windows PowerShell to create and export a self-signed certificate.
 
 > [!CAUTION]
-> Using a self-signed certificate is only recommended for development, not production.
+> Self-signed certificates are not trusted by default and they can be difficult to maintain. Also, they may use outdated hash and cipher suites that may not be strong. For better security, purchase a certificate signed by a well-known certificate authority.
 
 You configure various parameters for the certificate. For example, the cryptographic and hash algorithms, the certificate validity period, and your domain name. Then export the certificate with or without its private key depending on your application needs. 
 

articles/active-directory/privileged-identity-management/groups-approval-workflow.md

@@ -68,6 +68,15 @@ Here's some information about workflow notifications:
 >[!Note]
 >An administrator who believes that an approved user should not be active can remove the active group assignment in Privileged Identity Management. Although resource administrators are not notified of pending requests unless they are an approver, they can view and cancel pending requests for all users by viewing pending requests in Privileged Identity Management.
 
+## Troubleshoot
+
+### Permissions are not granted after activating a role
+
+When you activate a role in Privileged Identity Management, the activation may not instantly propagate to all portals that require the privileged role. Sometimes, even if the change is propagated, web caching in a portal may result in the change not taking effect immediately. If your activation is delayed, here is what you should do.
+
+1. Sign out of the Azure portal and then sign back in.
+1. In Privileged Identity Management, verify that you are listed as the member of the role.
+
 ## Next steps
 
 - [Extend or renew group assignments in Privileged Identity Management](pim-resource-roles-renew-extend.md)

articles/aks/azure-netapp-files.md

@@ -47,21 +47,12 @@ az provider register --namespace Microsoft.NetApp --wait
 > [!NOTE]
 > This can take some time to complete.
 
-When you create an Azure NetApp account for use with AKS, you need to create the account in the **node** resource group. First, get the resource group name with the [az aks show][az-aks-show] command and add the `--query nodeResourceGroup` query parameter. The following example gets the node resource group for the AKS cluster named *myAKSCluster* in the resource group name *myResourceGroup*:
-
-```azurecli-interactive
-az aks show --resource-group myResourceGroup --name myAKSCluster --query nodeResourceGroup -o tsv
-```
-
-```output
-MC_myResourceGroup_myAKSCluster_eastus
-```
-
-Create an Azure NetApp Files account in the **node** resource group and same region as your AKS cluster using [az netappfiles account create][az-netappfiles-account-create]. The following example creates an account named *myaccount1* in the *MC_myResourceGroup_myAKSCluster_eastus* resource group and *eastus* region:
+When you create an Azure NetApp account for use with AKS, you can create the account in an existing resource group or create a new one in the same region as the AKS cluster.
+The following example creates an account named *myaccount1* in the *myResourceGroup* resource group and *eastus* region:
 
 ```azurecli
 az netappfiles account create \
-    --resource-group MC_myResourceGroup_myAKSCluster_eastus \
+    --resource-group myResourceGroup \
     --location eastus \
     --account-name myaccount1
 ```
@@ -70,7 +61,7 @@ Create a new capacity pool by using [az netappfiles pool create][az-netappfiles-
 
 ```azurecli
 az netappfiles pool create \
-    --resource-group MC_myResourceGroup_myAKSCluster_eastus \
+    --resource-group myResourceGroup \
     --location eastus \
     --account-name myaccount1 \
     --pool-name mypool1 \
@@ -81,7 +72,7 @@ az netappfiles pool create \
 Create a subnet to [delegate to Azure NetApp Files][anf-delegate-subnet] using [az network vnet subnet create][az-network-vnet-subnet-create]. *This subnet must be in the same virtual network as your AKS cluster.*
 
 ```azurecli
-RESOURCE_GROUP=MC_myResourceGroup_myAKSCluster_eastus
+RESOURCE_GROUP=myResourceGroup
 VNET_NAME=$(az network vnet list --resource-group $RESOURCE_GROUP --query [].name -o tsv)
 VNET_ID=$(az network vnet show --resource-group $RESOURCE_GROUP --name $VNET_NAME --query "id" -o tsv)
 SUBNET_NAME=MyNetAppSubnet
@@ -100,7 +91,7 @@ Volumes can either be provisioned statically or dynamically. Both options are co
 Create a volume by using [az netappfiles volume create][az-netappfiles-volume-create].
 
 ```azurecli
-RESOURCE_GROUP=MC_myResourceGroup_myAKSCluster_eastus
+RESOURCE_GROUP=myResourceGroup
 LOCATION=eastus
 ANF_ACCOUNT_NAME=myaccount1
 POOL_NAME=mypool1
@@ -131,7 +122,11 @@ az netappfiles volume create \
 List the details of your volume using [az netappfiles volume show][az-netappfiles-volume-show]
 
 ```azurecli
-az netappfiles volume show --resource-group $RESOURCE_GROUP --account-name $ANF_ACCOUNT_NAME --pool-name $POOL_NAME --volume-name "myvol1"
+az netappfiles volume show \
+    --resource-group $RESOURCE_GROUP \
+    --account-name $ANF_ACCOUNT_NAME \
+    --pool-name $POOL_NAME \
+    --volume-name "myvol1" -o JSON
 ```
 
 ```output

articles/automation/automation-solution-vm-management.md

@@ -10,6 +10,11 @@ ms.custom: devx-track-azurepowershell
 
 # Start/Stop VMs during off-hours overview
 
+> [!NOTE]
+> Start/Stop VM during off-hours, version 1 is currently being deprecated and will be unavailable from the marketplace soon. We recommend that you start using version 2, which is now generally available.
+The new version offers all existing capabilities and provides new features, such as multi-subscription support from a single Start/Stop instance. If you have the version 1 solution already deployed, you can still use the feature, and we will provide support until further announcement.
+
+
 The Start/Stop VMs during off-hours feature start or stops enabled Azure VMs. It starts or stops machines on user-defined schedules, provides insights through Azure Monitor logs, and sends optional emails by using [action groups](../azure-monitor/alerts/action-groups.md). The feature can be enabled on both Azure Resource Manager and classic VMs for most scenarios.
 
 > [!NOTE]

articles/availability-zones/az-region.md

@@ -70,7 +70,7 @@ In the Product Catalog, always-available services are listed as "non-regional" s
 | [Azure Storage: Azure Data Lake Storage](migrate-storage.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg)  |
 | [Azure Storage: Disk Storage](migrate-storage.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) |
 | [Azure Storage: Blob Storage](migrate-storage.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg)  |
-| [Azure Storage: Managed Disks](migrate-storage.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) ![An icon that signifies this service is zonal](media/icon-zonal.svg) |
+| [Azure Storage: Managed Disks](migrate-vm.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) ![An icon that signifies this service is zonal](media/icon-zonal.svg) |
 | [Azure Virtual Machine Scale Sets](migrate-vm.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) ![An icon that signifies this service is zonal.](media/icon-zonal.svg) |
 | [Azure Virtual Machines](migrate-vm.md) | ![An icon that signifies this service is zonal.](media/icon-zonal.svg)  |
 | Virtual Machines: [Av2-Series](migrate-vm.md) | ![An icon that signifies this service is zonal.](media/icon-zonal.svg) |

articles/availability-zones/migrate-vm.md

@@ -38,31 +38,90 @@ Because zonal VMs are created across the availability zones, all migration optio
 
 ### When to use redeployment
 
-Use the redeployment option if you have good Infrastructure as Code (IaC) practices setup to manage infrastructure. The redeployment option gives you more control, and the ability to automate various processes within your deployment pipelines.
+Use the redeployment option if you have set up good Infrastructure as Code (IaC) practices to manage infrastructure. This redeployment option gives you more control and the ability to automate various processes within your deployment pipelines. 
 
 ### Redeployment considerations
 
 - When you redeploy your VM and VMSS resources, the underlying resources such as managed disk and IP address for the VM are created in the same availability zone. You must use a Standard SKU public IP address and load balancer to create zone-redundant network resources.  
 
+- Existing managed disks without availability zone support can't be attached to a VM with availability zone support. To attach existing managed disks to a VM with availability zone support, you'll need to take a snapshot of the current disks, and then create your VM with the new managed disks attached.
+
 - For zonal deployments that require reasonably low network latency and good performance between application tier and data tier, use [proximity placement groups](../virtual-machines/co-location.md). Proximity groups can force grouping of different VM resources under a single network spine. For an example of an SAP workload that uses proximity placement groups, see [Azure proximity placement groups for optimal network latency with SAP applications](../virtual-machines/workloads/sap/sap-proximity-placement-scenarios.md)
 
+
 ### How to redeploy
 
-To redeploy, you'll need to recreate your VM and VMSS resources. To ensure high-availability of your compute resources, it's recommended that you select multiple zones for your new VMs and VMSS.
+If you want to migrate the data on your current managed disks when creating a new VM, follow the directions in [Migrate your managed disks](#migrate-your-managed-disks).
 
-To learn how create VMs in an availability zone, see:
+If you only want to create new VM with new managed disks in an availability zone, see:
 
 - [Create VM using Azure CLI](../virtual-machines/linux/create-cli-availability-zone.md)
 - [Create VM using Azure PowerShell](../virtual-machines/windows/create-PowerShell-availability-zone.md)
 - [Create VM using Azure portal](../virtual-machines/create-portal-availability-zone.md?tabs=standard)
 
 To learn how to create VMSS in an availability zone, see [Create a virtual machine scale set that uses Availability Zones](../virtual-machine-scale-sets/virtual-machine-scale-sets-use-availability-zones.md).
 
+### Migrate your managed disks
+
+In this section, you'll migrate the data from your current managed disks to either zone-redundant storage (ZRS) managed disks or zonal managed disks.
+
+#### Step 1: Create your snapshot
+
+The easiest and cleanest way to create a snapshot is to do so while the VM is offline. See [Create snapshots while the VM is offline](../virtual-machines/backup-and-disaster-recovery-for-azure-iaas-disks.md#create-snapshots-while-the-vm-is-offline). If you choose this approach, some downtime should be expected. To create a snapshot of your VM using the Azure portal, PowerShell, or Azure CLI, see [Create a snapshot of a virtual hard disk](../virtual-machines/snapshot-copy-managed-disk.md)
+
+If you'll be taking a snapshot of a disk that's attached to a running VM, read the guidance in [Create snapshots while the VM is running](../virtual-machines/backup-and-disaster-recovery-for-azure-iaas-disks.md#create-snapshots-while-the-vm-is-running) before proceeding.
+
+>[!NOTE]
+> The source managed disks remain intact with their current configurations and you'll continue to be billed for them. To avoid this, you must manually delete the disks once you've finished your migration and confirmed the new disks are working. For more information, see [Find and delete unattached Azure managed and unmanaged disks](../virtual-machines/windows/find-unattached-disks.md).
+
+
+#### Step 2: Migrate the data on your managed disks
+
+Now that you have snapshots of your original disks, you can use them to create either ZRS managed disks or zonal managed disks.
+##### Migrate your data to zonal managed disks
+
+To migrate a non-zonal managed disk to zonal:
+
+1. Create a zonal managed disk from the source disk snapshot. The zone parameter should match your zonal VM.  To create a zonal managed disk from the snapshot, you can use [Azure CLI](../virtual-machines/scripts/create-managed-disk-from-snapshot.md)(example below), [PowerShell](../virtual-machines/scripts/virtual-machines-powershell-sample-create-managed-disk-from-snapshot.md), or the Azure Portal.
+
+    ```azurecli
+        az disk create --resource-group $resourceGroupName --name $diskName --location $location --zone $zone --sku $storageType --size-gb $diskSize --source $snapshotId
+    ```
+
+
+
+##### Migrate your data to ZRS managed disks
+
+>[!IMPORTANT]
+> Zone-redundant storage (ZRS) for managed disks has some restrictions. For more information see [Limitations](../virtual-machines/disks-deploy-zrs.md?tabs=portal#limitations). 
+
+1. Create a ZRS managed disk from the source disk snapshot by using the following Azure CLI snippet: 
+
+    ```azurecli
+    # Create a new ZRS Managed Disks using the snapshot Id and the SKU supported   
+    storageType=Premium_ZRS 
+    location=westus2 
+
+    az disk create --resource-group $resourceGroupName --name $diskName --sku $storageType --size-gb $diskSize --source $snapshotId 
+    
+    ```
+
+#### Step 3: Create a new VM with your new disks
+
+Now that you have migrated your data to ZRS managed disks or zonal managed disks, create a new VM with these new disks set as the OS and data disks:
+
+```azurecli
+
+    az vm create -g MyResourceGroup -n MyVm --attach-os-disk newZonalOSDiskCopy --attach-data-disks newZonalDataDiskCopy --os-type linux
+
+```
+
+
 ## Migration Option 2: Azure Resource Mover
 
 ### When to use Azure Resource Mover
 
-Use Azure Resource Mover for an easy way to move VMs or encrypted VMs from one region without availability zones to another with availability zones. If you want to learn more about the benefits of using Azure Resource Mover, see [Why use Azure Resource Mover?](../resource-mover/overview.md#why-use-resource-mover).
+Use Azure Resource Mover for an easy way to move VMs or encrypted VMs from one region without availability zones to another with availability zone support. If you want to learn more about the benefits of using Azure Resource Mover, see [Why use Azure Resource Mover?](../resource-mover/overview.md#why-use-resource-mover).
 
 ### Azure Resource Mover considerations
 

articles/azure-arc/data/includes/azure-arc-data-preview-release.md

@@ -10,11 +10,11 @@ At this time, a test or preview build is not available for the next release.
 -->
 
 
-The current test release published on September 13, 2022.
+The current preview release published on September 6, 2022.
 
 |Component|Value|
 |-----------|-----------|
-|Container images registry/repository |`mcr.microsoft.com/arcdata/test`|
+|Container images registry/repository |`mcr.microsoft.com/arcdata/preview`|
 |Container images tag |`v1.11.0_2022-09-13`|
 |CRD names and version|`datacontrollers.arcdata.microsoft.com`: v1beta1, v1 through v6<br/>`exporttasks.tasks.arcdata.microsoft.com`: v1beta1, v1, v2<br/>`kafkas.arcdata.microsoft.com`: v1beta1<br/>`monitors.arcdata.microsoft.com`: v1beta1, v1, v2<br/>`sqlmanagedinstances.sql.arcdata.microsoft.com`: v1beta1, v1 through v6<br/>`postgresqls.arcdata.microsoft.com`: v1beta1, v1beta2, v1beta3<br/>`sqlmanagedinstancerestoretasks.tasks.sql.arcdata.microsoft.com`: v1beta1, v1<br/>`failovergroups.sql.arcdata.microsoft.com`: v1beta1, v1beta2, v1<br/>`activedirectoryconnectors.arcdata.microsoft.com`: v1beta1, v1beta2<br/>`sqlmanagedinstancereprovisionreplicatask.tasks.sql.arcdata.microsoft.com`: v1beta1<br/>|
 |Azure Resource Manager (ARM) API version|2022-03-01-preview (No change)|

articles/azure-arc/data/preview-testing.md

@@ -7,7 +7,7 @@ ms.reviewer: mikeray
 services: azure-arc
 ms.service: azure-arc
 ms.subservice: azure-arc-data
-ms.date: 06/28/2022
+ms.date: 09/07/2022
 ms.topic: conceptual
 ms.custom: references_regions, devx-track-azurecli, event-tier1-build-2022
 #Customer intent: As a data professional, I want to validate upcoming releases.