Merge pull request #289558 from MicrosoftDocs/main

10/31 11:00 AM IST Publish

Author: PhilKang0704

articles/azure-functions/functions-triggers-bindings.md

@@ -2,9 +2,10 @@
 title: Triggers and bindings in Azure Functions
 description: Learn to use triggers and bindings to connect your Azure Function to online events and cloud-based services.
 ms.topic: conceptual
-ms.date: 09/06/2024
+ms.date: 10/28/2024
 ms.custom: devdivchpfy22, devx-track-extended-java, devx-track-js, devx-track-python, devx-track-ts
 zone_pivot_groups: programming-languages-set-functions
+ai-usage: ai-assisted
 ---
 
 # Azure Functions triggers and bindings concepts
@@ -36,9 +37,9 @@ These examples aren't meant to be exhaustive, but are provided to illustrate how
 
 ##  Trigger and binding definitions
 
-Triggers and bindings are defined differently depending on the development language. Make sure to select your language at the [top](#top) of the article.
+A function has a single trigger and one or more bindings. The type of binding is either input or output. Not all services support both input and output bindings. See your specific binding extension for [specific bindings code examples](#bindings-code-examples).
 
-Bindings can be either input or output bindings. Not all services support both input and output bindings. See your specific binding extension for [specific bindings code examples](#bindings-code-examples).
+Triggers and bindings are defined differently depending on the development language. Make sure to select your language at the [top](#top) of the article.
 
 This example shows an HTTP triggered function with an output binding that writes a message to an Azure Storage queue.
 
@@ -194,10 +195,13 @@ In Python for Functions version 1, this example `function.json` file defines an
 ---
 
 ::: zone-end  
+
 ## Add bindings to a function
 
 You can connect your function to other services by using input or output bindings. Add a binding by adding its specific definitions to your function. To learn how, see [Add bindings to an existing function in Azure Functions](add-bindings-existing-function.md).  
 
+Azure Functions supports multiple bindings, which must be configured correctly. For example, a function can read data from a queue (input binding) and write data to a database (output binding) simultaneously. 
+
 ## Supported bindings
 
 [!INCLUDE [Full bindings table](../../includes/functions-bindings.md)]

articles/dns/dns-faq.yml

@@ -77,11 +77,9 @@ sections:
           The feature to buy domain names is tracked in the Azure backlog. Use the feedback site to [register your support for this feature](https://feedback.azure.com/d365community/idea/9e9f97ea-8526-ec11-b6e6-000d3a4f0789).
           
       - question: |
-          Does Azure DNS support DNSSEC?
+          Does Azure DNS support Domain Name System Security Extensions (DNSSEC)?
         answer: |
-          No. Azure DNS doesn't currently support the Domain Name System Security Extensions (DNSSEC).
-          
-          The DNSSEC feature is tracked in the Azure DNS backlog. Use the feedback site to [register your support for this feature](https://feedback.azure.com/d365community/idea/d403899e-8526-ec11-b6e6-000d3a4f0789).
+          Yes. See [DNSSEC overview](dnssec.md).
           
       - question: |
           Does Azure DNS support zone transfers (AXFR/IXFR)?

articles/dns/dnssec.md

@@ -79,7 +79,7 @@ Before you sign a zone with DNSSEC, be sure to understand [how DNSSEC works](#ho
 
 If a DNS server is DNSSEC-aware, it can set the DNSSEC OK (DO) flag in a DNS query to a value of `1`. This value tells the responding DNS server to include DNSSEC-related resource records with the response. These DNSSEC records are Resource Record Signature (RRSIG) records that are used to validate that the DNS response is genuine. 
 
-A recursive (non-authoritative) DNS server performs DNSSEC validation on RRSIG records using a trust anchor (DNSKEY). The server uses a DNSKEY to decrypt digital signatures in RRSIG records (and other DNSSEC-related records), and then computes and compares hash values. If hash values are the same, it provides a reply to the DNS client with the DNS data that it requested, such as a host address (A) record. See the following diagram:
+A recursive (non-authoritative) DNS server performs DNSSEC validation on RRSIG records using a [trust anchor](#trust-anchors-and-dnssec-validation) (DNSKEY). The server uses a DNSKEY to decrypt digital signatures in RRSIG records (and other DNSSEC-related records), and then computes and compares hash values. If hash values are the same, it provides a reply to the DNS client with the DNS data that it requested, such as a host address (A) record. See the following diagram:
 
   ![A diagram showing how DNSSEC validation works.](media/dnssec/dnssec-validation.png)
 
@@ -92,7 +92,7 @@ Windows 10 and Windows 11 client devices are [nonvalidating security-aware stub
 > [!NOTE] 
 > DNSSEC response validation is not performed by the default Azure-provided resolver. The information in this section is helpful if you are setting up your own recursive DNS servers for DNSSEC validation or troubleshooting validation issues.
 
-Trust anchors operate based on the DNS namespace hierarchy. A recursive DNS server can have any number of trust anchors, or no trust anchors. Trust anchors can be added for a single child DNS zone, or any parent zone. If a recursive DNS server has a root (.) trust anchor, then it can perform DNSSEC validation on any DNS zone. 
+Trust anchors operate based on the DNS namespace hierarchy. A recursive DNS server can have any number of trust anchors, or no trust anchors. Trust anchors can be added for a single child DNS zone, or any parent zone. If a recursive DNS server has a root (.) trust anchor, then it can perform DNSSEC validation on any DNS zone. For more information, see [Root Zone Operator Information](https://www.iana.org/dnssec).
 
 The DNSSEC validation process works with trust anchors as follows:
   - If a recursive DNS server doesn't have a DNSSEC trust anchor for a zone or the zone's parent hierarchical namespace, it will not perform DNSSEC validation on that zone.

articles/dns/public-dns-overview.md

@@ -33,7 +33,7 @@ For more information, see [How to protect DNS zones and records](dns-protect-zon
 
 ## DNSSEC
 
-Azure Public DNS doesn't currently support DNSSEC. In most cases, you can reduce the need for DNSSEC by consistently using HTTPS/TLS in your applications. If DNSSEC is a critical requirement for your DNS zones, you can host these zones with third-party DNS hosting providers.
+Azure Public DNS supports DNSSEC. For more information, see [DNSSEC overview](dnssec.md).
 
 ## Ease of use
 

articles/frontdoor/migrate-cdn-to-front-door.md

@@ -20,7 +20,7 @@ We recommend that your plan this migration well in advance and test the function
 
 ## Prerequisites
 
-- Review the [feature differences](front-door-cdn-comparison.md) between Azure CDN and Azure Front Door to determine if there are any compability gaps.
+- Review the [feature differences](front-door-cdn-comparison.md) between Azure CDN and Azure Front Door to determine if there are any compatibility gaps.
 - You need access to a VM connected to the internet that can run Wget on Linux or Invoke-WebRequest on Windows using PowerShell.
 - You need access to a monitoring tool such as CatchPoint or ThousandEyes to verify the availability of your URLs before and after the migration. These tools are the most ideal because they can monitor the availability of your URLs from different locations around the world. `webpagetest.org` is another option, but it only provides a limited view of your URLs from a few locations.
 
@@ -193,4 +193,4 @@ At this stage you have fully migrated all traffic from Azure CDN from Edgio to A
 
 ## Next steps
 
-Learn about [best practices](best-practices.md) for Azure Front Door.
+Learn about [best practices](best-practices.md) for Azure Front Door.

articles/iot-operations/manage-mqtt-broker/howto-test-connection.md

@@ -7,7 +7,7 @@ ms.subservice: azure-mqtt-broker
 ms.topic: how-to
 ms.custom:
   - ignite-2023
-ms.date: 07/08/2024
+ms.date: 10/30/2024
 
 #CustomerIntent: As an operator or developer, I want to test MQTT connectivity with tools that I'm already familiar with to know that I set up my MQTT broker correctly.
 ms.service: azure-iot-operations
@@ -305,13 +305,13 @@ For Azure Kubernetes Services Edge Essentials, you need to perform a few additio
 
 1. Set up port forwarding to the `broker-loadbalancer` service on the external IP address `192.168.0.4` and port `1883`:
 
-    ```bash
+    ```cmd
     netsh interface portproxy add v4tov4 listenport=1883 connectport=1883 connectaddress=192.168.0.4
     ```
 
 1. Open the port on the firewall to allow traffic to the broker's service:
 
-    ```bash
+    ```powershell
     New-NetFirewallRule -DisplayName "AIO MQTT Broker" -Direction Inbound -Protocol TCP -LocalPort 1883 -Action Allow
     ```
 

articles/network-watcher/diagnose-network-security-rules.md

@@ -6,15 +6,13 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: azure-network-watcher
 ms.topic: how-to
-ms.date: 10/29/2024
+ms.date: 10/30/2024
 ms.custom: devx-track-azurepowershell, devx-track-azurecli
 ---
 
 # Diagnose network security rules
 
-You can use [network security groups](../virtual-network/network-security-groups-overview.md) to filter and control inbound and outbound network traffic to and from your Azure resources. You can also use [Azure Virtual Network Manager](../virtual-network-manager/overview.md) to apply admin security rules to your Azure resources to control network traffic.
-
-In this article, you learn how to use Azure Network Watcher [NSG diagnostics](nsg-diagnostics-overview.md) to check and troubleshoot security rules applied to your Azure traffic. NSG diagnostics checks if the traffic is allowed or denied by applied security rules.
+In this article, you learn how to use Azure Network Watcher [NSG diagnostics](nsg-diagnostics-overview.md) to check and troubleshoot security rules applied to your Azure traffic through [network security groups](../virtual-network/network-security-groups-overview.md?toc=/azure/network-watcher/toc.json) and [Azure Virtual Network Manager](../virtual-network-manager/overview.md?toc=/azure/network-watcher/toc.json). NSG diagnostics checks if the traffic is allowed or denied by applied security rules.
 
 The example in this article shows you how a misconfigured network security group can prevent you from using Azure Bastion to connect to a virtual machine.
 

articles/operator-nexus/troubleshoot-accepted-cluster-hydration.md

@@ -12,7 +12,7 @@ ms.date: 10/30/2024
 
 # Troubleshoot accepted Cluster resources
 
-Operator Nexus relies on mirroring, or hydrating, resources from the on-premises cluster to Azure. When this process is interrupted, the Cluster resource can move to `Accepted`state. 
+Operator Nexus relies on mirroring, or hydrating, resources from the on-premises cluster to Azure. When this process is interrupted, the Cluster resource can move to `Accepted` state. 
 
 ## Diagnosis
 
@@ -44,7 +44,7 @@ After the tag is applied, the Cluster moves to `Running` state.
 az networkcloud cluster show --resource-group <RESOURCE_GROUP> --name <CLUSTER_NAME>
 ```
 
-If the Cluster resource maintains the state after a period of time, less than 5 minutes, contact Microsoft support. 
+If the Cluster resource maintains the state after a period of time, more than 5 minutes, contact Microsoft support. 
 
 ## Further information
 

articles/storage/file-sync/TOC.yml

@@ -69,8 +69,10 @@
       href: ../files/files-manage-namespaces.md?toc=/azure/storage/file-sync/toc.json
     - name: Enable threat protection with Microsoft Defender for Storage
       href: ../common/azure-defender-storage-configure.md?toc=/azure/storage/file-sync/toc.json
-  - name: Encryption
+  - name: Security
     items:
+    - name: Configure managed identities
+      href: file-sync-managed-identities.md
     - name: Encryption at rest
       href: ../common/storage-service-encryption.md?toc=/azure/storage/file-sync/toc.json
     - name: Encryption at rest with customer-managed keys