Merge pull request #284775 from MicrosoftDocs/main

8/15/2024 AM Publish

Author: Taojunshen

articles/ai-services/openai/how-to/provisioned-get-started.md

@@ -158,7 +158,7 @@ When you deploy a specified number of provisioned throughput units (PTUs), a set
 
 PTU deployment utilization = (PTUs consumed in the time period) / (PTUs deployed in the time period)
 
-You can find the utilization measure in the Azure-Monitor section for your resource. To access the monitoring dashboards sign-in to [https://portal.azure.com](https://portal.azure.com), go to your Azure OpenAI resource and select the Metrics page from the left nav. On the metrics page, select the 'Provisioned-managed utilization' measure. If you have more than one deployment in the resource, you should also split the values by each deployment by clicking the 'Apply Splitting' button.
+You can find the utilization measure in the Azure-Monitor section for your resource. To access the monitoring dashboards sign-in to [https://portal.azure.com](https://portal.azure.com), go to your Azure OpenAI resource and select the Metrics page from the left nav. On the metrics page, select the 'Provisioned-managed utilization V2' metric. If you have more than one deployment in the resource, you should also split the values by each deployment by clicking the 'Apply Splitting' button.
 
 :::image type="content" source="../media/provisioned/azure-monitor-utilization.jpg" alt-text="Screenshot of the provisioned managed utilization on the resource's metrics blade in the Azure portal." lightbox="../media/provisioned/azure-monitor-utilization.jpg":::
 

articles/ai-services/openai/includes/api-versions/latest-inference.md

@@ -164,7 +164,7 @@ Get a vector representation of a given input that can be easily consumed by mach
 
 | Name | Type | Description | Required | Default |
 |------|------|-------------|----------|---------|
-| input | string or array | Input text to get embeddings for, encoded as a string. To get embeddings for multiple inputs in a single request, pass an array of strings. Each input must not exceed 2048 tokens in length.<br>Unless you're embedding code, we suggest replacing newlines (\n) in your input with a single space, as we have observed inferior results when newlines are present. | Yes |  |
+| input | string or array | Input text to get embeddings for, encoded as a string. To get embeddings for multiple inputs in a single request, pass an array of strings. Each array must not exceed 2048 inputs in length.<br>Unless you're embedding code, we suggest replacing newlines (\n) in your input with a single space, as we have observed inferior results when newlines are present. | Yes |  |
 | user | string | A unique identifier representing your end-user, which can help monitoring and detecting abuse. | No |  |
 | input_type | string | input type of embedding search to use | No |  |
 | encoding_format | string | The format to return the embeddings in. Can be either `float` or `base64`. Defaults to `float`. | No |  |

articles/api-management/validate-azure-ad-token-policy.md

@@ -17,7 +17,7 @@ ms.author: danlep
 The `validate-azure-ad-token` policy enforces the existence and validity of a JSON web token (JWT) that was provided by the Microsoft Entra (formerly called Azure Active Directory) service for a specified set of principals in the directory. The JWT can be extracted from a specified HTTP header, query parameter, or value provided using a policy expression or context variable.
 
 > [!NOTE]
-> To validate a JWT that was provided by another identity provider, API Management also provides the generic [`validate-jwt`](validate-jwt-policy.md) policy. 
+> To validate a JWT that was provided by an identity provider other than Microsoft Entra, API Management also provides the generic [`validate-jwt`](validate-jwt-policy.md) policy. 
 
 [!INCLUDE [api-management-policy-generic-alert](../../includes/api-management-policy-generic-alert.md)]
 
@@ -26,19 +26,19 @@ The `validate-azure-ad-token` policy enforces the existence and validity of a JS
 
 ```xml
 <validate-azure-ad-token
-    tenant-id="tenant ID or URL (for example, "contoso.onmicrosoft.com") of the Azure Active Directory service"
+    tenant-id="tenant ID or URL (for example, "https://contoso.onmicrosoft.com") of the Microsoft Entra ID tenant"
     header-name="name of HTTP header containing the token (alternatively, use query-parameter-name or token-value attribute to specify token)"
     query-parameter-name="name of query parameter used to pass the token (alternative, use header-name or token-value attribute to specify token)"
     token-value="expression returning the token as a string (alternatively, use header-name or query-parameter attribute to specify token)"
     failed-validation-httpcode="HTTP status code to return on failure"
     failed-validation-error-message="error message to return on failure"
     output-token-variable-name="name of a variable to receive a JWT object representing successfully validated token">
     <client-application-ids>
-        <application-id>Client application ID from Azure Active Directory</application-id>
+        <application-id>Client application ID from Microsoft Entra</application-id>
         <!-- If there are multiple client application IDs, then add additional application-id elements -->
     </client-application-ids>
     <backend-application-ids>
-        <application-id>Backend application ID from Azure Active Directory</application-id>
+        <application-id>Backend application ID from Microsoft Entra</application-id>
         <!-- If there are multiple backend application IDs, then add additional application-id elements -->
     </backend-application-ids>
     <audiences>
@@ -63,7 +63,7 @@ The `validate-azure-ad-token` policy enforces the existence and validity of a JS
 
 | Attribute                            | Description                                                                                                                                                                                                                                                                                                                                                                                                                                            | Required                                                                         | Default                                                                           |
 | ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- |
-| tenant-id | Tenant ID or URL  of the Microsoft Entra service. Policy expressions are allowed.| Yes | N/A |
+| tenant-id | Tenant ID or URL of the Microsoft Entra ID tenant, or one of the following well-known tenants:<br/><br/> - `organizations` or `https://login.microsoftonline.com/organizations` - to allow tokens from accounts in any organizational directory (any Microsoft Entra directory)<br/>- `common` or `https://login.microsoftonline.com/common` - to allow tokens from accounts in any organizational directory (any Microsoft Entra directory) and from personal Microsoft accounts (for example, Skype, XBox)<br/><br/>Policy expressions are allowed.| Yes | N/A |
 | header-name                     | The name of the HTTP header holding the token. Policy expressions are allowed.                                                                                                                                                                                                                                                                                                                                                                                                       | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | `Authorization`                                                                               |
 | query-parameter-name            | The name of the query parameter holding the token. Policy expressions are allowed.                                                                                                                                                                                                                                                                                                                                                                                                | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | N/A                                                                               |
 | token-value                     | Expression returning a string containing the token. You must not return `Bearer` as part of the token value. Policy expressions are allowed.                                                                                                                                                                                                                                                                                                                                          | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | N/A                                                                               |
@@ -121,12 +121,12 @@ The following policy is the minimal form of the `validate-azure-ad-token` policy
 
 ### Validate that audience and claim are correct
 
-The following policy checks that the audience is the hostname of the API Management instance and that the `ctry` claim is `US`. The hostname is provided using a policy expression, and the Microsoft Entra tenant ID and client application ID are provided using named values. The decoded JWT is provided in the `jwt` variable after validation.
+The following policy checks that the audience is the hostname of the API Management instance and that the `ctry` claim is `US`. The Microsoft tenant ID is the well-known `organizations` tenant, which allows tokens from accounts in any organizational directory. The hostname is provided using a policy expression, and the client application ID is provided using a named value. The decoded JWT is provided in the `jwt` variable after validation.
 
 For more details on optional claims, read [Provide optional claims to your app](../active-directory/develop/active-directory-optional-claims.md).  
 
 ```xml
-<validate-azure-ad-token tenant-id="{{aad-tenant-id}}" output-token-variable-name="jwt">
+<validate-azure-ad-token tenant-id="organizations" output-token-variable-name="jwt">
     <client-application-ids>
         <application-id>{{aad-client-application-id}}</application-id>
     </client-application-ids>

articles/app-service/environment/overview.md

@@ -141,12 +141,15 @@ App Service Environment v3 is available in the following regions:
 | France South         | ✅                           |                             | ✅                           | 
 | Germany North        | ✅                           |                             | ✅                           | 
 | Germany West Central | ✅                           | ✅                          | ✅                           | 
+| Israel Central       | ✅                           | ✅                          |                              | 
 | Italy North          | ✅                           | ✅**                        |                              | 
 | Japan East           | ✅                           | ✅                          | ✅                           | 
 | Japan West           | ✅                           |                             | ✅                           | 
-| Jio India West       |                              |                             | ✅                           | 
+| Jio India Central    | ✅**                         |                             |                               | 
+| Jio India West       | ✅**                         |                             | ✅                           | 
 | Korea Central        | ✅                           | ✅                          | ✅                           | 
-| Korea South          | ✅                           |                             | ✅                           | 
+| Korea South          | ✅                           |                             | ✅                           |
+| Mexico Central       | ✅                           | ✅**                        |                              | 
 | North Central US     | ✅                           |                             | ✅                           | 
 | North Europe         | ✅                           | ✅                          | ✅                           |
 | Norway East          | ✅                           | ✅                          | ✅                           | 
@@ -158,6 +161,7 @@ App Service Environment v3 is available in the following regions:
 | South Central US     | ✅                           | ✅                          | ✅                           |
 | South India          | ✅                           |                             | ✅                           | 
 | Southeast Asia       | ✅                           | ✅                          | ✅                           |
+| Spain Central        | ✅                           | ✅**                        |                              | 
 | Sweden Central       | ✅                           | ✅                          |                              |
 | Switzerland North    | ✅                           | ✅                          | ✅                           |
 | Switzerland West     | ✅                           |                             | ✅                           | 

articles/app-service/samples-bicep.md

@@ -31,4 +31,4 @@ To learn about the Bicep syntax and properties for App Services resources, see [
 | [App with a database, managed identity, and monitoring](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-managed-identity-sql-db)| Deploys an App Service App with a database, managed identity, and monitoring. |
 | [Two apps in separate regions with Azure Front Door](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/webapp-multi-region-front-door) | Deploys two identical web apps in separate regions with Azure Front Door to direct traffic. |
 |**App Service Environment**| **Description** |
-| [Create an App Service environment v2](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-asev2-create) | Creates an App Service environment v2 in your virtual network. |
+| [Create an App Service environment v3](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-asp-app-on-asev3-create) | Creates an App Service environment v3, App Service plan, App Service, and all associated networking resources. |

articles/app-service/samples-cli.md

@@ -42,4 +42,3 @@ The following table includes links to bash scripts built using the Azure CLI.
 | [Backup and restore app](./scripts/cli-backup-schedule-restore.md) | Creates an App Service app and creates a one-time backup for it, creates a backup schedule for it, and then restores an App Service app from a backup. |
 |**Monitor app**||
 | [Monitor an app with web server logs](./scripts/cli-monitor.md) | Creates an App Service app, enables logging for it, and downloads the logs to your local machine. |
-| | |

articles/app-service/samples-powershell.md

@@ -39,5 +39,4 @@ The following table includes links to PowerShell scripts built using the Azure P
 | [Restore an app from backup](./scripts/powershell-backup-restore.md?toc=%2fpowershell%2fmodule%2ftoc.json) | Restores an app from a previously completed backup. |
 | [Restore a backup across subscriptions](./scripts/powershell-backup-restore-diff-sub.md?toc=%2fpowershell%2fmodule%2ftoc.json) | Restores a web app from a backup in another subscription. |
 |**Monitor app**||
-| [Monitor an app with web server logs](./scripts/powershell-monitor.md?toc=%2fpowershell%2fmodule%2ftoc.json) | Creates an App Service app, enables logging for it, and downloads the logs to your local machine. |
-| | |
+| [Monitor an app with web server logs](./scripts/powershell-monitor.md?toc=%2fpowershell%2fmodule%2ftoc.json) | Creates an App Service app, enables logging for it, and downloads the logs to your local machine. |

articles/app-service/samples-resource-manager-templates.md

@@ -43,7 +43,4 @@ To learn about the JSON syntax and properties for App Services resources, see [M
 | [App connected to a backend webapp with staging slots](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/webapp-secure-ntier)| Deploys two web apps (frontend and backend) with staging slots securely connected together with VNet injection and Private Endpoint. |
 | [Two apps in separate regions with Azure Front Door](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/webapp-multi-region-front-door) | Deploys two identical web apps in separate regions with Azure Front Door to direct traffic. |
 |**App Service Environment**| **Description** |
-| [Create an App Service environment v2](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-asev2-create) | Creates an App Service environment v2 in your virtual network. |
-| [Create an App Service environment v2 with an ILB address](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-asev2-ilb-create) | Creates an App Service environment v2 in your virtual network with a private internal load balancer address. |
-| [Configure the default SSL certificate for an ILB App Service environment or an ILB App Service environment v2](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-ase-ilb-configure-default-ssl) | Configures the default TLS/SSL certificate for an ILB App Service environment or an ILB App Service environment v2. |
-| | |
+| [Create an App Service environment v3](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.web/web-app-asp-app-on-asev3-create) | Creates an App Service environment v3, App Service plan, App Service, and all associated networking resources. |

articles/app-service/samples-terraform.md

@@ -20,5 +20,4 @@ The following table includes links to Terraform scripts.
 |**Create app**||
 | [Create two apps and connect securely with Private Endpoint and VNet integration](./scripts/terraform-secure-backend-frontend.md)| Creates two App Service apps and connect apps together with Private Endpoint and VNet integration. |
 | [Provision App Service and use slot swap to deploy](/azure/developer/terraform/provision-infrastructure-using-azure-deployment-slots)| Provision App Service infrastructure with Azure deployment slots. |
-| [Create an Azure Windows web app with a backup](./scripts/terraform-backup.md)| Create an Azure Windows web app with a backup schedule. |
-| | |
+| [Create an Azure Windows web app with a backup](./scripts/terraform-backup.md)| Create an Azure Windows web app with a backup schedule. |