Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into natpatch

Author: asudbring

articles/active-directory/manage-apps/howto-saml-token-encryption.md

@@ -13,12 +13,12 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: conceptual
-ms.date: 02/06/2019
+ms.date: 03/13/2020
 ms.author: mimart
 ms.reviewer: paulgarn
 ms.collection: M365-identity-device-management
 ---
-# How to: Configure Azure AD SAML token encryption (Preview)
+# How to: Configure Azure AD SAML token encryption
 
 > [!NOTE]
 > Token encryption is an Azure Active Directory (Azure AD) premium feature. To learn more about Azure AD editions, features, and pricing, see [Azure AD pricing](https://azure.microsoft.com/pricing/details/active-directory/).
@@ -118,9 +118,6 @@ When you configure a keyCredential using Graph, PowerShell, or in the applicatio
 
 ### To configure token encryption using PowerShell
 
-This functionality is coming soon. 
-
-<!--
 1. Use the latest Azure AD PowerShell module to connect to your tenant.
 
 1. Set the token encryption settings using the **[Set-AzureApplication](https://docs.microsoft.com/powershell/module/azuread/set-azureadapplication?view=azureadps-2.0-preview)** command.
@@ -137,8 +134,6 @@ This functionality is coming soon.
     $app.TokenEncryptionKeyId
     ```
 
--->
-
 ### To configure token encryption using the application manifest
 
 1. From the Azure portal, go to **Azure Active Directory > App registrations**.

articles/active-directory/manage-apps/toc.yml

@@ -68,7 +68,7 @@
           href: manage-certificates-for-federated-single-sign-on.md
         - name: Tenant restrictions
           href: tenant-restrictions.md
-        - name: Configure SAML token encryption (Preview)
+        - name: Configure SAML token encryption
           href: howto-saml-token-encryption.md
         - name: End-user portals
           href: end-user-experiences.md

articles/automation/TOC.yml

@@ -305,11 +305,11 @@
 - name: Manage Shared Resources
   items:
     - name: Certificates
-      href: automation-certificates.md
+      href: shared-resources/certificates.md
     - name: Connections
       href: automation-connections.md
     - name: Credentials
-      href: automation-credentials.md
+      href: shared-resources/credentials.md
     - name: PowerShell modules
       items: 
       - name: Modules
@@ -319,9 +319,9 @@
       - name: Update Azure PowerShell modules
         href: automation-update-azure-modules.md
     - name: Schedules
-      href: automation-schedules.md
+      href: shared-resources/schedules.md
     - name: Variables
-      href: automation-variables.md
+      href: shared-resources/variables.md
     - name: Manage Python 2 packages
       href: python-packages.md
     - name: Troubleshoot Shared Resources

articles/automation/manage-runas-account.md

@@ -27,7 +27,7 @@ You can create a new runbook in Azure Automation using one of the Azure portals
 
 ### Create a runbook with PowerShell
 
-You can use the [New-AzAutomationRunbook](https://docs.microsoft.com/powershell/module/az.automation/new-azautomationrunbook?view=azps-3.5.0) cmdlet to create an empty [PowerShell Workflow runbook](automation-runbook-types.md#powershell-workflow-runbooks). Use the *Type* parameter to specify one of the runbook types defined for **New-AzAutomationRunbook**.
+You can use the [New-AzAutomationRunbook](https://docs.microsoft.com/powershell/module/az.automation/new-azautomationrunbook?view=azps-3.5.0) cmdlet to create an empty [PowerShell Workflow runbook](automation-runbook-types.md#powershell-workflow-runbooks). Use the `Type` parameter to specify one of the runbook types defined for `New-AzAutomationRunbook`.
 
 The following example shows how to create a new empty runbook.
 
@@ -69,7 +69,7 @@ You can use the following procedure to import a script file into Azure Automatio
 
 ### Import a runbook from a script file with Windows PowerShell
 
-Use the [Import-AzAutomationRunbook](https://docs.microsoft.com/powershell/module/az.automation/import-azautomationrunbook?view=azps-3.5.0) cmdlet to import a script file as a draft PowerShell Workflow runbook. If the runbook already exists, the import fails unless you use the *Force* parameter with the cmdlet.
+Use the [Import-AzAutomationRunbook](https://docs.microsoft.com/powershell/module/az.automation/import-azautomationrunbook?view=azps-3.5.0) cmdlet to import a script file as a draft PowerShell Workflow runbook. If the runbook already exists, the import fails unless you use the `Force` parameter with the cmdlet.
 
 The following example shows how to import a script file into a runbook.
 
@@ -86,7 +86,7 @@ Import-AzAutomationRunbook -Name $runbookName -Path $scriptPath `
 
 ## Test a runbook
 
-When you test a runbook, the [Draft version](#publish-a-runbook) is executed and any actions that it performs are completed. No job history is created, but the [Output](automation-runbook-output-and-messages.md#output-stream) and [Warning and Error](automation-runbook-output-and-messages.md#message-streams) streams are displayed in the Test output pane. Messages to the [Verbose stream](automation-runbook-output-and-messages.md#message-streams) are displayed in the Output pane only if the *VerbosePreference* variable](automation-runbook-output-and-messages.md#preference-variables) is set to **Continue**.
+When you test a runbook, the [Draft version](#publish-a-runbook) is executed and any actions that it performs are completed. No job history is created, but the [Output](automation-runbook-output-and-messages.md#output-stream) and [Warning and Error](automation-runbook-output-and-messages.md#message-streams) streams are displayed in the Test output pane. Messages to the [Verbose stream](automation-runbook-output-and-messages.md#message-streams) are displayed in the Output pane only if the `VerbosePreference` variable](automation-runbook-output-and-messages.md#preference-variables) is set to Continue.
 
 Even though the draft version is being run, the runbook still executes normally and performs any actions against resources in the environment. For this reason, you should only test runbooks on non-production resources.
 

articles/automation/manage-runbooks.md

@@ -27,10 +27,10 @@ Azure Automation supports three types of source control:
 
 * A source control repository (GitHub or Azure Repos)
 * A [Run As account](manage-runas-account.md)
-* The [latest Azure modules](automation-update-azure-modules.md) in your Automation account, including the **Az.Accounts** module (Az module equivalent of AzureRM.Profile)
+* The [latest Azure modules](automation-update-azure-modules.md) in your Automation account, including the `Az.Accounts` module (Az module equivalent of `AzureRM.Profile`)
 
 > [!NOTE]
-> Source control synchronization jobs run under the user's Automation account and are billed at the same rate as other Automation jobs.
+> Source control synchronization jobs are run under the user's Automation account and are billed at the same rate as other Automation jobs.
 
 ## Configuring source control
 
@@ -48,15 +48,15 @@ Use this procedure to configure source control using the Azure portal.
 
 3. A browser window opens and prompts you to sign in. Follow the prompts to complete authentication.
 
-4. On the **Source Control Summary** page, use the fields to fill in the source control properties defined below. Click **Save** when finished. 
+4. On the Source Control Summary page, use the fields to fill in the source control properties defined below. Click **Save** when finished. 
 
     |Property  |Description  |
     |---------|---------|
     |Source control name     | A friendly name for the source control. This name must contain only letters and numbers.        |
-    |Source control type     | Type of source control mechanism. Available options are:</br> GitHub</br>Azure Repos (Git)</br> Azure Repos (TFVC)        |
+    |Source control type     | Type of source control mechanism. Available options are:</br> * GitHub</br>* Azure Repos (Git)</br> * Azure Repos (TFVC)        |
     |Repository     | Name of the repository or project. The first 200 repositories are retrieved. To search for a repository, type the name in the field and click **Search on GitHub**.|
     |Branch     | Branch from which to pull the source files. Branch targeting isn't available for the TFVC source control type.          |
-    |Folder path     | Folder that contains the runbooks to synchronize, for example, /Runbooks. Only runbooks in the specified folder are synchronized. Recursion isn't supported.        |
+    |Folder path     | Folder that contains the runbooks to synchronize, for example, **/Runbooks**. Only runbooks in the specified folder are synchronized. Recursion isn't supported.        |
     |Auto Sync<sup>1</sup>     | Setting that turns on or off automatic synchronization when a commit is made in the source control repository.        |
     |Publish Runbook     | Setting of On if runbooks are automatically published after synchronization from source control, and Off otherwise.           |
     |Description     | Text specifying additional details about the source control.        |
@@ -66,7 +66,7 @@ Use this procedure to configure source control using the Azure portal.
    ![Source control summary](./media/source-control-integration/source-control-summary.png)
 
 > [!NOTE]
-> Your login for your source control repository might be different from your login for the Azure portal. Ensure that you are logged in with the correct account for your source control repository when configuring source control. If there is a doubt, open a new tab in your browser, log out from visualstudio.com or github.com, and try connecting to source control again.
+> The login for your source control repository might be different from your login for the Azure portal. Ensure that you are logged in with the correct account for your source control repository when configuring source control. If there is a doubt, open a new tab in your browser, log out from **visualstudio.com** or **github.com**, and try connecting to source control again.
 
 ### Configure source control -- PowerShell
 
@@ -103,13 +103,13 @@ The following table defines the minimum PAT permissions required for GitHub. For
 
 |Scope  |Description  |
 |---------|---------|
-|**repo**     |         |
-|repo:status     | Access commit status         |
-|repo_deployment      | Access deployment status         |
-|public_repo     | Access public repositories         |
-|**admin:repo_hook**     |         |
-|write:repo_hook     | Write repository hooks         |
-|read:repo_hook|Read repository hooks|
+|**`repo`**     |         |
+|`repo:status`     | Access commit status         |
+|`repo_deployment`      | Access deployment status         |
+|`public_repo`     | Access public repositories         |
+|**`admin:repo_hook`**     |         |
+|`write:repo_hook`     | Write repository hooks         |
+|`read:repo_hook`|Read repository hooks|
 
 ##### Minimum PAT permissions for Azure Repos
 
@@ -122,15 +122,15 @@ The following list defines the minimum PAT permissions required for Azure Repos.
 | Identity | Read     |
 | User profile | Read     |
 | Work items | Read    |
-| Service Connections | Read, query, manage<sup>1</sup>    |
+| Service connections | Read, query, manage<sup>1</sup>    |
 
-<sup>1</sup> The Service Connections permission is only required if you have enabled autosync.
+<sup>1</sup> The Service connections permission is only required if you have enabled autosync.
 
 ## Synchronizing
 
-Do the following to synchronize with source control. 
+Follow these steps to synchronize with source control. 
 
-1. Select the source from the table on the **Source control** page. 
+1. Select the source from the table on the Source control page. 
 
 2. Click **Start Sync** to start the sync process. 
 
@@ -172,7 +172,7 @@ Do the following to synchronize with source control.
 
     ```
 
-6. Additional logging is available by selecting **All Logs** on the **Source Control Sync Job Summary** page. These additional log entries can help you troubleshoot issues that might arise when using source control.
+6. Additional logging is available by selecting **All Logs** on the Source Control Sync Job Summary page. These additional log entries can help you troubleshoot issues that might arise when using source control.
 
 ## Disconnecting source control
 
@@ -182,11 +182,11 @@ To disconnect from a source control repository:
 
 2. Select the source control mechanism to remove. 
 
-3. On the **Source Control Summary** page, click **Delete**.
+3. On the Source Control Summary page, click **Delete**.
 
 ## Handling encoding issues
 
-If multiple people are editing runbooks in your source control repository using different editors, encoding issues can occur. To learn more about this situation, see [Common causes of encoding issues](/powershell/scripting/components/vscode/understanding-file-encoding#common-causes-of-encoding-issues)
+If multiple people are editing runbooks in your source control repository using different editors, encoding issues can occur. To learn more about this situation, see [Common causes of encoding issues](/powershell/scripting/components/vscode/understanding-file-encoding#common-causes-of-encoding-issues).
 
 ## Updating the PAT
 

articles/automation/source-control-integration.md

@@ -14,10 +14,6 @@ This topic shows you how to use Azure Functions to create a function app in the
 
 [!INCLUDE [functions-create-function-app-portal](../../includes/functions-create-function-app-portal.md)]
 
-When you create a function app, supply a valid **App name**, which can contain only letters, numbers, and hyphens. Underscore (**_**) is not an allowed character.
-
-Storage account names must be between 3 and 24 characters in length and may contain numbers and lowercase letters only. Your storage account name must be unique within Azure. 
-
 After the function app is created, you can create individual functions in one or more different languages. Create functions [by using the portal](functions-create-first-azure-function.md#create-function), [continuous deployment](functions-continuous-deployment.md), or by [uploading with FTP](https://github.com/projectkudu/kudu/wiki/Accessing-files-via-ftp).
 
 ## Service plans

articles/azure-functions/functions-create-function-app-portal.md

@@ -1,6 +1,6 @@
 ---
-title: 'Create an Azure Bastion host  | Microsoft Docs'
-description: In this article, learn how to create an Azure Bastion host
+title: 'Create an Azure Bastion host: portal'
+description: In this article, learn how to create an Azure Bastion host using the portal
 services: bastion
 author: cherylmc
 
@@ -12,19 +12,19 @@ ms.author: cherylmc
 
 ---
 
-# Create an Azure Bastion host
+# Create an Azure Bastion host using the portal
 
 This article shows you how to create an Azure Bastion host using the Azure portal. Once you provision the Azure Bastion service in your virtual network, the seamless RDP/SSH experience is available to all of the VMs in the same virtual network. Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine.
 
-You can create a new bastion host resource in the portal either by specifying all of the settings manually, or by using the settings that correspond to an existing VM. Optionally, you can use [Azure Powershell](bastion-create-host-powershell.md) to create an Azure Bastion host.
+You can create a new bastion host resource in the portal either by specifying all of the settings manually, or by using the settings that correspond to an existing VM. To create a bastion host by using VM settings, see the [quickstart](quickstart-host-portal.md) article. Optionally, you can use [Azure PowerShell](bastion-create-host-powershell.md) to create an Azure Bastion host.
 
 ## Before you begin
 
 Bastion is available in the following Azure public regions:
 
 [!INCLUDE [available regions](../../includes/bastion-regions-include.md)]
 
-## <a name="createhost"></a>Create a bastion host - specify settings
+## <a name="createhost"></a>Create a bastion host
 
 This section helps you create a new Azure Bastion resource from the Azure portal.
 
@@ -41,7 +41,7 @@ This section helps you create a new Azure Bastion resource from the Azure portal
     ![create a bastion](./media/bastion-create-host-portal/settings.png)
 
     * **Subscription**: The Azure subscription you want to use to create a new Bastion resource.
-    * **Resource Group**: The Azure resource group in which the new Bastion resource will be created in. If you don’t have an existing resource group, you can create a new one.
+    * **Resource Group**: The Azure resource group in which the new Bastion resource will be created in. If you don't have an existing resource group, you can create a new one.
     * **Name**: The name of the new Bastion resource
     * **Region**: The Azure public region that the resource will be created in.
     * **Virtual network**: The virtual network in which the Bastion resource will be created in. You can create a new virtual network in the portal during this process, or use an existing virtual network. If you are using an existing virtual network, make sure the existing virtual network has enough free address space to accommodate the Bastion subnet requirements.
@@ -57,26 +57,6 @@ This section helps you create a new Azure Bastion resource from the Azure portal
 1. On the **Create a bastion** page, click **Create**.
 1. You will see a message letting you know that your deployment is underway. Status will display on this page as the resources are created. It takes about 5 minutes for the Bastion resource to be created and deployed.
 
-## <a name="createvmset"></a>Create a bastion host - use VM settings
-
-If you create a bastion host in the portal by using an existing VM, various settings will automatically default to correspond to your virtual machine and/or virtual network.
-
-1. Open the [Azure portal](https://portal.azure.com). Go to your virtual machine, then click **Connect**.
-
-   ![VM Connect](./media/bastion-create-host-portal/vmsettings.png)
-1. On the right sidebar, click **Bastion**, then **Use Bastion**.
-
-   ![Bastion](./media/bastion-create-host-portal/vmbastion.png)
-1. On the Bastion page, fill out the following settings fields:
-
-   * **Name**: The name of the bastion host you want to create.
-   * **Subnet**: The subnet inside your virtual network to which Bastion resource will be deployed. The subnet must be created with the name **AzureBastionSubnet**. This lets Azure know which subnet to deploy the Bastion resource to. This is different than a Gateway subnet. You must use a subnet of at least /27 or larger (/27, /26, and so on). Create the subnet without any Network Security Groups, route tables, or delegations. If you later choose to use Network Security Groups on the **AzureBastionSubnet**, see [Work with NSGs](bastion-nsg.md).
-   
-     Click **Manage subnet configuration** to create the **AzureBastionSubnet**.  Click **Create** to create the subnet, then proceed with the next settings.
-   * **Public IP address**: The public IP of the Bastion resource on which RDP/SSH will be accessed (over port 443). Create a new public IP, or use an existing one. The public IP address must be in the same region as the Bastion resource you are creating.
-   * **Public IP address name**: The name of the public IP address resource.
-1. On the validation screen, click **Create**. Wait for about 5 minutes for the Bastion resource create and deploy.
-
 ## Next steps
 
 * Read the [Bastion FAQ](bastion-faq.md) for additional information.

articles/bastion/bastion-create-host-portal.md

@@ -11,7 +11,7 @@ ms.service: dms
 ms.workload: data-services
 ms.custom: "seo-lt-2019"
 ms.topic: quickstart
-ms.date: 01/21/2019
+ms.date: 03/13/2020
 ---
 
 # Quickstart: Create a hybrid mode instance with Azure portal & Azure Database Migration Service
@@ -141,7 +141,7 @@ You need to create an Azure App registration ID that the on-premises hybrid work
 7. Install the Azure Database Migration Service hybrid worker on your on-premises server by running the following command:
 
     ```
-    <drive>:\<folder>\Install>DMSWorkerBootstrap.exe -a Install -IAcceptDMSLicenseTerms
+    <drive>:\<folder>\Install>DMSWorkerBootstrap.exe -a Install -IAcceptDMSLicenseTerms -d
     ```
 
     > [!NOTE]