MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory/saas-apps/jostle-provisioning-tutorial.md
Lines changed: 7 additions & 4 deletions b/‎articles/active-directory/saas-apps/jostle-provisioning-tutorial.md
Lines changed: 7 additions & 4 deletions
diff --git a/‎articles/active-directory/saas-apps/purecloud-by-genesys-provisioning-tutorial.md
Lines changed: 22 additions & 12 deletions b/‎articles/active-directory/saas-apps/purecloud-by-genesys-provisioning-tutorial.md
Lines changed: 22 additions & 12 deletions
diff --git a/‎articles/aks/availability-zones.md
Lines changed: 7 additions & 0 deletions b/‎articles/aks/availability-zones.md
Lines changed: 7 additions & 0 deletions
diff --git a/‎articles/aks/enable-host-encryption.md
Lines changed: 6 additions & 3 deletions b/‎articles/aks/enable-host-encryption.md
Lines changed: 6 additions & 3 deletions
@@ -5028,6 +5028,11 @@
       "redirect_url": "/azure/architecture/reference-architectures/dmz/secure-vnet-hybrid",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/logic-apps/parameterize-workflow-app.md",
+      "redirect_url": "/azure/logic-apps/",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/logic-apps/logic-apps-architectures-simple-enterprise-integration.md",
       "redirect_url": "/azure/architecture/reference-architectures/enterprise-integration/basic-enterprise-integration",
 
@@ -92,6 +92,9 @@ The Azure AD provisioning service allows you to scope who will be provisioned ba
 
 This section guides you through the steps to configure the Azure AD provisioning service to create, update, and disable users and groups in Jostle app based on user and group assignments in Azure AD.
 
+> [!NOTE]
+> For more information on automatic user provisioning to Jostle, see [User-Provisioning-Azure-Integration](https://forum.jostle.us/hc/en-us/articles/360056368534-User-Provisioning-Azure-Integration).
+
 ### To configure automatic user provisioning for Jostle in Azure AD:
 
 1. Sign in to the [Azure portal](https://portal.azure.com). Select **Enterprise Applications**, then select **All applications**.
@@ -102,7 +105,7 @@ This section guides you through the steps to configure the Azure AD provisioning
 
 	![The Jostle link in the Applications list](common/all-applications.png)
 
-1. Select the **Provisioning** tab.
+1. Select the **Provisioning** tab and click **Get Started**.
 
 	![Provisioning tab](common/provisioning.png)
 
@@ -114,13 +117,13 @@ This section guides you through the steps to configure the Azure AD provisioning
 
  	![Token](common/provisioning-testconnection-tenanturltoken.png)
 
-1. In the **Notification Email** field, enter the email address of a person or group who should receive the provisioning error notifications. Select the **Send an email notification when a failure occurs** check box.
+1. In the **Notification Email** field, enter the email address of a person or group who should receive the provisioning error notifications. Select the **Send an email notification when a failure occurs** check box. But to be noted, Jostle will also send provisioning failure notifications, so this is optional.
 
 	![Notification Email](common/provisioning-notification-email.png)
 
 1. Select **Save**.
 
-1. In the **Mappings** section, select **Synchronize Azure Active Directory Users to Jostle**.
+1. In the **Mappings** section, select **Provision Azure Active Directory Users to Jostle**.
 
 1. Review the user attributes that are synchronized from Azure AD to Jostle in the **Attribute Mapping** section. The attributes selected as **Matching** properties are used to match the user accounts in Jostle for update operations. If you change the [matching target attribute](../app-provisioning/customize-application-attributes.md), you'll need to ensure that the Jostle API supports filtering users based on that attribute. Select **Save** to commit any changes.
 
@@ -143,7 +146,7 @@ This section guides you through the steps to configure the Azure AD provisioning
 
 	![Provisioning Status Toggled On](common/provisioning-toggle-on.png)
 
-1. Define the users or groups that you want to provision to Jostle by selecting the desired values in **Scope** in the **Settings** section.
+1. Define the users or groups that you want to provision to Jostle by selecting the desired values in **Scope** in the **Settings** section.For Jostle, the **Scope** should be set to "Sync only assigned users and groups".
 
 	![Provisioning Scope](common/provisioning-scope.png)
 
 
@@ -31,7 +31,7 @@ This tutorial describes the steps you need to perform in both PureCloud by Genes
 The scenario outlined in this tutorial assumes that you already have the following prerequisites:
 
 * [An Azure AD tenant](../develop/quickstart-create-new-tenant.md) 
-* A user account in Azure AD with [permission](../roles/permissions-reference.md) to configure provisioning (e.g. Application Administrator, Cloud Application administrator, Application Owner, or Global Administrator). 
+* A user account in Azure AD with [permission](../roles/permissions-reference.md) to configure provisioning (for example, Application Administrator, Cloud Application administrator, Application Owner, or Global Administrator). 
 * A PureCloud [organization](https://help.mypurecloud.com/?p=81984).
 * A User with [permissions](https://help.mypurecloud.com/?p=24360) to create an Oauth Client.
 
@@ -48,7 +48,7 @@ The scenario outlined in this tutorial assumes that you already have the followi
 
 ## Step 3. Add PureCloud by Genesys from the Azure AD application gallery
 
-Add PureCloud by Genesys from the Azure AD application gallery to start managing provisioning to PureCloud by Genesys. If you have previously setup PureCloud by Genesys for SSO you can use the same application. However it is recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md). 
+Add PureCloud by Genesys from the Azure AD application gallery to start managing provisioning to PureCloud by Genesys. If you have previously setup PureCloud by Genesys for SSO, you can use the same application. However it is recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md). 
 
 ## Step 4. Define who will be in scope for provisioning 
 
@@ -81,7 +81,7 @@ This section guides you through the steps to configure the Azure AD provisioning
 
 	![Screenshot of the Provisioning Mode dropdown list with the Automatic option called out.](common/provisioning-automatic.png)
 
-5. Under the **Admin Credentials** section, input your PureCloud by Genesys API URL and Oauth Token in the **Tenant URL** and **Secret Token** fields respectively. The API URL will be be structured as `{{API Url}}/api/v2/scim/v2`, using the API URL for your PureCloud region from the [PureCloud Developer Center](https://developer.mypurecloud.com/api/rest/index.html). Click **Test Connection** to ensure Azure AD can connect to PureCloud by Genesys. If the connection fails, ensure your PureCloud by Genesys account has Admin permissions and try again.
+5. Under the **Admin Credentials** section, input your PureCloud by Genesys API URL and Oauth Token in the **Tenant URL** and **Secret Token** fields respectively. The API URL will be structured as `{{API Url}}/api/v2/scim/v2`, using the API URL for your PureCloud region from the [PureCloud Developer Center](https://developer.mypurecloud.com/api/rest/index.html). Click **Test Connection** to ensure Azure AD can connect to PureCloud by Genesys. If the connection fails, ensure your PureCloud by Genesys account has Admin permissions and try again.
 
  	![Screenshot shows the Admin Credentials dialog box, where you can enter your Tenant U R L and Secret Token.](./media/purecloud-by-genesys-provisioning-tutorial/provisioning.png)
 
@@ -95,27 +95,36 @@ This section guides you through the steps to configure the Azure AD provisioning
 
 9. Review the user attributes that are synchronized from Azure AD to PureCloud by Genesys in the **Attribute-Mapping** section. The attributes selected as **Matching** properties are used to match the user accounts in PureCloud by Genesys for update operations. If you choose to change the [matching target attribute](../app-provisioning/customize-application-attributes.md), you will need to ensure that the PureCloud by Genesys API supports filtering users based on that attribute. Select the **Save** button to commit any changes.
 
-     |Attribute|Type|
-     |---|---|
-     |userName|String|
+     |Attribute|Type|Supported for filtering|
+     |---|---|---|
+     |userName|String|&check;|
 	 |active|Boolean|
 	 |displayName|String|
 	 |emails[type eq "work"].value|String|
 	 |title|String|
 	 |phoneNumbers[type eq "mobile"].value|String|
 	 |phoneNumbers[type eq "work"].value|String|
+	 |phoneNumbers[type eq "work2"].value|String|
+	 |phoneNumberss[type eq "work3"].value|String|
+	 |phoneNumbers[type eq "work4"].value|String|
+	 |phoneNumbers[type eq "home"].value|String|
+	 |phoneNumbers[type eq "microsoftteams"].value|String|
+	 |roles|String|
 	 |urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department|String|
      |urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager|Reference|
 	 |urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber|String|
-	 
+	 |urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division|String|
+	 |urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘microsoftteams’].value|String|	 
+	 |urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘ringcentral’].value|String|	 
+	 |urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘zoomphone].value|String|
 
 10. Under the **Mappings** section, select **Synchronize Azure Active Directory Groups to PureCloud by Genesys**.
 
 11. Review the group attributes that are synchronized from Azure AD to PureCloud by Genesys in the **Attribute-Mapping** section. The attributes selected as **Matching** properties are used to match the groups in PureCloud by Genesys for update operations. Select the **Save** button to commit any changes. PureCloud by Genesys does not support group creation or deletion and only supports updating of groups.
 
-      |Attribute|Type|
-      |---|---|
-      |displayName|String|
+      |Attribute|Type|Supported for filtering|
+      |---|---|---|
+      |displayName|String|&check;|
       |externalId|String|
       |members|Reference|
 
@@ -144,9 +153,10 @@ Once you've configured provisioning, use the following resources to monitor your
 
 ## Change log
 
-09/10 - Added support for enterprise attribute "employeeNumber".
+* 09/10/2020 - Added support for extension enterprise attribute **employeeNumber**.
+* 05/18/2021 - Added support for core attributes **phoneNumbers[type eq "work2"]**, **phoneNumbers[type eq "work3"]**, **phoneNumbers[type eq "work4"]**, **phoneNumbers[type eq "home"]**, **phoneNumbers[type eq "microsoftteams"]** and roles. And also added support for custom extension attributes **urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘microsoftteams’]**, **urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘zoomphone]** and **urn:ietf:params:scim:schemas:extension:genesys:purecloud:2.0:User:externalIds[authority eq ‘ringcentral’]**.
 
-## Additional resources
+## More resources
 
 * [Managing user account provisioning for Enterprise Apps](../app-provisioning/configure-automatic-user-provisioning-portal.md)
 * [What is application access and single sign-on with Azure Active Directory?](../manage-apps/what-is-single-sign-on.md)
 
@@ -54,6 +54,12 @@ Volumes that use Azure managed disks are currently not zone-redundant resources.
 
 Kubernetes is aware of Azure availability zones since version 1.12. You can deploy a PersistentVolumeClaim object referencing an Azure Managed Disk in a multi-zone AKS cluster and [Kubernetes will take care of scheduling](https://kubernetes.io/docs/setup/best-practices/multiple-zones/#storage-access-for-zones) any pod that claims this PVC in the correct availability zone.
 
+### Azure Resource Manager templates and availability zones
+
+When *creating* an AKS cluster, if you explicitly define a [null value in a template][arm-template-null] with syntax such as `"availabilityZones": null`, the Resource Manager template treats the property as if it doesn't exist, which means your cluster won’t have availability zones enabled. Also, if you create a cluster with a Resource Manager template that omits the availability zones property, availability zones are disabled.
+
+You can't update settings for availability zones on an existing cluster, so the behavior is different when updating am AKS cluster with Resource Manager templates.  If you explicitly set a null value in your template for availability zones and *update* your cluster, there are no changes made to your cluster for availability zones. However, if you omit the availability zones property with syntax such as `"availabilityZones": []`, the deployment attempts to disable availability zones on your existing AKS cluster and **fails**.
+
 ## Overview of availability zones for AKS clusters
 
 Availability zones are a high-availability offering that protects your applications and data from datacenter failures. Zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking. To ensure resiliency, there's always more than one zone in all zone enabled regions. The physical separation of availability zones within a region protects applications and data from datacenter failures.
@@ -201,6 +207,7 @@ This article detailed how to create an AKS cluster that uses availability zones.
 [az-aks-nodepool-add]: /cli/azure/aks/nodepool#az_aks_nodepool_add
 [az-aks-get-credentials]: /cli/azure/aks#az_aks_get_credentials
 [vmss-zone-balancing]: ../virtual-machine-scale-sets/virtual-machine-scale-sets-use-availability-zones.md#zone-balancing
+[arm-template-null]: ../azure-resource-manager/templates/template-expressions.md#null-values
 
 <!-- LINKS - external -->
 [kubectl-describe]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#describe
 
@@ -3,8 +3,9 @@ title: Enable host-based encryption on Azure Kubernetes Service (AKS)
 description: Learn how to configure a host-based encryption in an Azure Kubernetes Service (AKS) cluster
 services: container-service
 ms.topic: article
-ms.date: 03/03/2021 
-ms.custom: devx-track-azurepowershell, devx-track-azurecli
+ms.date: 04/26/2021 
+ms.custom: devx-track-azurepowershell
+
 
 ---
 
@@ -22,7 +23,9 @@ This feature can only be set at cluster creation or node pool creation time.
 
 ### Prerequisites
 
-- The Azure CLI version 2.23.0 or later
+
+- Ensure you have the CLI extension v2.23 or higher version installed.
+
 
 ### Limitations