sync with main

Author: mattbriggs

articles/aks/howto-deploy-java-liberty-app.md

@@ -230,7 +230,7 @@ In the *aks* directory, there are five deployment files:
 * *db-secret.xml*: Use this file to create [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) with database connection credentials.
 * *openlibertyapplication-agic.yaml*: Use this file to deploy the Open Liberty application with AGIC. This article assumes that you use this file.
 * *openlibertyapplication.yaml*: Use this file if you want to deploy the Open Liberty application without AGIC.
-* *webspherelibertyapplication-agic.yaml*: Use this file to deploy the WebSphere Liberty application with AGIC if you deployed WebSphere Liberty Operator [earlier in this article](#create-a-deployment-of-liberty-on-aks-by-using-the-portal).
+* *webspherelibertyapplication-agic.yaml*: Use this file to deploy the WebSphere Liberty application with AGIC if you deployed WebSphere Liberty Operator [earlier in this article](#create-a-liberty-on-aks-deployment-using-the-portal).
 * *webspherelibertyapplication.yaml*: Use this file to deploy the WebSphere Liberty application without AGIC if you deployed WebSphere Liberty Operator earlier in this article.
 
 In the *docker* directory, there are two files to create the application image:

articles/cosmos-db/mongodb/reimagined.md

@@ -67,4 +67,4 @@ You point your app to the connection string of this fully managed database, whic
 ## How to connect a MongoDB application
 
 - [Connect to vCore-based model](vcore/migration-options.md) and [FAQ](vcore/faq.yml)
-- [Connect to RU-based model](connect-account.md) and [FAQ](faq.yml)
+- [Get answers to frequently asked questions about Azure Cosmos DB for MongoDB RU](faq.yml)

articles/cosmos-db/nosql/best-practice-python.md

@@ -19,7 +19,7 @@ This guide includes best practices for solutions built using the latest version
 
 ## Account configuration
 
-- Make sure to run your application in the same [Azure region](../distribute-data-globally.md) as your Azure Cosmos DB account, whenever possible to reduce latency. Enable replication in 2+ regions in your accounts for [best availability](../distribute-data-globally.md). For production workloads, enable [service-managed failover](../how-to-manage-database-account.md#configure-multiple-write-regions). In the absence of this configuration, the account experiences loss of write availability for all the duration of the write region outage, as manual failover can't succeed due to lack of region connectivity. For more information on how to add multiple regions using the Python SDK, see the [global distribution tutorial](tutorial-global-distribution.md).
+- Make sure to run your application in the same [Azure region](../distribute-data-globally.md) as your Azure Cosmos DB account, whenever possible to reduce latency. Enable replication in 2+ regions in your accounts for [best availability](../distribute-data-globally.md). For production workloads, enable [service-managed failover](../how-to-manage-database-account.yml). In the absence of this configuration, the account experiences loss of write availability for all the duration of the write region outage, as manual failover can't succeed due to lack of region connectivity. For more information on how to add multiple regions using the Python SDK, see the [global distribution tutorial](tutorial-global-distribution.md).
 
 ## SDK usage
 

articles/defender-for-cloud/quickstart-onboard-github.md

@@ -90,7 +90,7 @@ The Defender for Cloud service automatically discovers the organizations where y
 > [!NOTE]
 > To ensure proper functionality of advanced DevOps posture capabilities in Defender for Cloud, only one instance of a GitHub organization can be onboarded to the Azure Tenant you are creating a connector in.
 
-Upon successful onboarding, DevOps resources (e.g., repositories, builds) will be present within the Inventory and DevOps security pages. It may take up to 8 hours for resources to appear. Security scanning recommendations may require [an additional step to configure your pipelines](azure-devops-extension.md). Refresh intervals for security findings vary by recommendation and details can be found on the Recommendations page.
+Upon successful onboarding, DevOps resources (e.g., repositories, builds) will be present within the Inventory and DevOps security pages. It may take up to 8 hours for resources to appear. Security scanning recommendations may require [an additional step to configure your pipelines](azure-devops-extension.yml). Refresh intervals for security findings vary by recommendation and details can be found on the Recommendations page.
 
 ## Next steps
 

articles/guides/developer/azure-developer-guide.md

@@ -130,7 +130,7 @@ Before you proceed with this tutorial, make sure that you cover these prerequisi
       1. You'll see the list of feature stores that you have access to. Select the feature store that you created above
       1. Select the storage account link under **Account name** on the **Offline materialization store** card, to navigate to the ADLS Gen2 storage account for the offline store
          :::image type="content" source="./media/tutorial-feature-store-domain-specific-language/offline-store-link.png" lightbox="./media/tutorial-feature-store-domain-specific-language/offline-store-link.png" alt-text="This screenshot shows the storage account link for the offline materialization store on the feature store UI.":::
-      1. Visit [this resource](../role-based-access-control/role-assignments-portal.md) for more information about how to assign the **Storage Blob Data Reader** role to your user identity on the ADLS Gen2 storage account for offline store. Allow some time for permissions to propagate.
+      1. Visit [this resource](../role-based-access-control/role-assignments-portal.yml) for more information about how to assign the **Storage Blob Data Reader** role to your user identity on the ADLS Gen2 storage account for offline store. Allow some time for permissions to propagate.
 
 ## Available DSL expressions and benchmarks
 

articles/guides/operations/azure-operations-guide.md

@@ -31,12 +31,7 @@ Complete the following steps to assign roles in Trusted Signing.
 1.	Navigate to your Trusted Signing account on the Azure portal and select the **Access Control (IAM)** tab in the left menu. 
 2.	Select on the **Roles** tab and search "Trusted Signing". You can see in the screenshot below the two custom roles.
 ![Screenshot of Azure portal UI with the Trusted Signing custom RBAC roles.](./media/trusted-signing-rbac-roles.png)
-<<<<<<< HEAD
 3. To assign these roles, select on the **Add** drop down and select **Add role assignment**. Follow the [Assign roles in Azure](../role-based-access-control/role-assignments-portal.yml) guide to assign the relevant roles to your identities. _You'll need at least a Contributor role to create a Trusted Signing account and certificate profile._
-=======
-
-3. To assign these roles, select on the **Add** drop down and select **Add role assignment**. Follow the [Assign roles in Azure](/azure/role-based-access-control/role-assignments-portal?tabs=current) guide to assign the relevant roles to your identities. _You'll need at least a Contributor role to create a Trusted Signing account and certificate profile._
->>>>>>> 39b384bcf8888990b0f233c9fca7f588cf33a573
 4. For more granular access control on the certificate profile level, you can use the Azure CLI to assign roles. The following commands can be used to assign the _Code Signing Certificate Profile Signer_ role to users/service principles to sign files. 
 ```
 az role assignment create --assignee <objectId of user/service principle>