Merge pull request #273089 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: Taojunshen

articles/aks/configure-kubenet.md

@@ -115,7 +115,8 @@ For more information to help you decide which network model to use, see [Compare
         --name myAKSVnet \
         --address-prefixes 192.168.0.0/16 \
         --subnet-name myAKSSubnet \
-        --subnet-prefix 192.168.1.0/24
+        --subnet-prefix 192.168.1.0/24 \
+        --location eastus
     ```
 
 3. Get the subnet resource ID using the [`az network vnet subnet show`][az-network-vnet-subnet-show] command and store it as a variable named `SUBNET_ID` for later use.

articles/aks/csi-secrets-store-identity-access.md

@@ -288,13 +288,13 @@ After the pod starts, the mounted content at the volume path specified in your d
 1. Show secrets held in the secrets store using the following command.
 
     ```bash
-    kubectl exec busybox-secrets-store-inline -- ls /mnt/secrets-store/
+    kubectl exec busybox-secrets-store-inline-user-msi -- ls /mnt/secrets-store/
     ```
 
 2. Display a secret in the store using the following command. This example command shows the test secret `ExampleSecret`.
 
     ```bash
-    kubectl exec busybox-secrets-store-inline -- cat /mnt/secrets-store/ExampleSecret
+    kubectl exec busybox-secrets-store-inline-user-msi -- cat /mnt/secrets-store/ExampleSecret
     ```
 
 ## Obtain certificates and keys

articles/aks/use-trusted-launch.md

@@ -142,7 +142,10 @@ Update a node pool with trusted launch enabled using the [az aks nodepool update
    * **--enable-vtpm**: Enables vTPM and performs attestation by measuring the entire boot chain of your VM.
 
 > [!NOTE]
-> The existing nodepool must be using a trusted launch image in order to enable on an existing node pool. By default, creating a node pool with a TL-compatible configuration and the feature flag registered results in a trusted launch image. Without specifying `--enable-vtpm` or `--enable-secure-boot` parameters, they are disabled by default and you can enable later using `az aks nodepool update` command.
+> The existing nodepool must be using a trusted launch image in order to enable on an existing node pool. Hence, for the nodepools created before registering the `TrustedLaunchPreview` feature, you cannot update them with trusted launch enabled.
+> 
+> By default, creating a node pool with a TL-compatible configuration and the feature flag registered results in a trusted launch image. Without specifying `--enable-vtpm` or `--enable-secure-boot` parameters, they are disabled by default and you can enable later using `az aks nodepool update` command.
+
 
 > [!NOTE]
 > Secure Boot requires signed boot loaders, OS kernels, and drivers. If after enabling Secure Boot your nodes don't start, you can verify which boot components are responsible for Secure Boot failures within an Azure Linux Virtual Machine. See [verify Secure Boot failures][verify-secure-boot-failures].

articles/cloud-services-extended-support/deploy-sdk.md

@@ -295,7 +295,7 @@ If you are using a Static IP you need to reference it as a Reserved IP in Servic
                     {
                         Publisher = "Microsoft.Windows.Azure.Extensions",
                         Type = "RDP",
-                        TypeHandlerVersion = "1.2.1",,
+                        TypeHandlerVersion = "1.2.1",
                         AutoUpgradeMinorVersion = true,
                         Settings = rdpExtensionPublicConfig,
                         ProtectedSettings = rdpExtensionPrivateConfig,

articles/container-instances/container-instances-managed-identity.md

@@ -327,7 +327,7 @@ On a container group, you can enable both a system-assigned identity and one or
 
 ```json
 "identity": {
-    "type": "System Assigned, UserAssigned",
+    "type": "SystemAssigned, UserAssigned",
     "userAssignedIdentities": {
         "myResourceID1": {
             }

articles/defender-for-iot/device-builders/how-to-send-security-messages.md

@@ -3,7 +3,6 @@ title: Send Defender for IoT device security messages
 description: Learn how to send your security messages using Defender for IoT.
 ms.topic: how-to
 ms.date: 03/28/2022
-ms.custom:
 ---
 
 # Send security messages SDK
@@ -76,7 +75,7 @@ Once set as a security message and sent, this message will be processed by Defen
 
 ## Send security messages
 
-Send security messages *without* using Defender for IoT agent, by using the [Azure IoT C device SDK](https://github.com/Azure/azure-iot-sdk-c/tree/public-preview), [Azure IoT C# device SDK](https://github.com/Azure/azure-iot-sdk-csharp/tree/preview), , [Azure IoT Node.js SDK](https://github.com/Azure/azure-iot-sdk-node), [Azure IoT Python SDK](https://github.com/Azure/azure-iot-sdk-python), or [Azure IoT Java SDK](https://github.com/Azure/azure-iot-sdk-java).
+Send security messages *without* using Defender for IoT agent, by using the [Azure IoT C device SDK](https://github.com/Azure/azure-iot-sdk-c/tree/public-preview), [Azure IoT C# device SDK](https://github.com/Azure/azure-iot-sdk-csharp/tree/preview), [Azure IoT Node.js SDK](https://github.com/Azure/azure-iot-sdk-node), [Azure IoT Python SDK](https://github.com/Azure/azure-iot-sdk-python), or [Azure IoT Java SDK](https://github.com/Azure/azure-iot-sdk-java).
 
 To send the device data from your devices for processing by Defender for IoT, use one of the following APIs to mark messages for correct routing to Defender for IoT processing pipeline.
 

articles/reliability/reliability-traffic-manager.md

@@ -138,10 +138,21 @@ This scenario is ideal for the use of Azure Traffic Manager that has inbuilt pro
 
 1. Set up health check and failover configuration
 
-    In this step, you set the DNS TTL to 10 seconds, which is honored by most internet-facing recursive resolvers. This configuration means that no DNS resolver will cache the information for more than 10 seconds. For the endpoint monitor settings, the path is current set at / or root, but you can customize the endpoint settings to evaluate a path, for example, prod.contoso.com/index. The example below shows the **https** as the probing protocol. However, you can choose **http** or **tcp** as well. The choice of protocol depends upon the end application. The probing interval is set to 10 seconds, which enables fast probing, and the retry is set to 3. As a result, Traffic Manager will fail over to the second endpoint if three consecutive intervals register a failure. The following formula defines the total time for an automated failover:
-    Time for failover = TTL + Retry * Probing interval 
+    In this step, you set the DNS TTL to 10 seconds, which is honored by most internet-facing recursive resolvers. This configuration means that no DNS resolver will cache the information for more than 10 seconds.
+
+    For the endpoint monitor settings, the path is current set at / or root, but you can customize the endpoint settings to evaluate a path, for example, prod.contoso.com/index.
+   
+    The example below shows the **https** as the probing protocol. However, you can choose **http** or **tcp** as well. The choice of protocol depends upon the end application. The probing interval is set to 10 seconds, which enables fast probing, and the retry is set to 3. As a result, Traffic Manager will fail over to the second endpoint if three consecutive intervals register a failure.
+
+    The following formula defines the total time for an automated failover:
+   
+    `Time for failover = TTL + Retry * Probing interval`
+   
     And in this case, the value is 10 + 3 * 10 = 40 seconds (Max).
-    If the Retry is set to 1 and TTL is set to 10 secs, then the time for failover 10 + 1 * 10 = 20 seconds. Set the Retry to a value greater than **1** to eliminate chances of failovers due to false positives or any minor network blips. 
+   
+    If the Retry is set to 1 and TTL is set to 10 secs, then the time for failover 10 + 1 * 10 = 20 seconds.
+
+    Set the Retry to a value greater than **1** to eliminate chances of failovers due to false positives or any minor network blips. 
 
 
     ![Screenshot of setting up health check.](../networking/media/disaster-recovery-dns-traffic-manager/set-up-health-check.png)

articles/search/search-pagination-page-layout.md

@@ -280,12 +280,12 @@ Within a highlighted field, formatting is applied to whole terms. For example, o
 
 ### Phrase search highlighting
 
-Whole-term formatting applies even on a phrase search, where multiple terms are enclosed in double quotation marks. The following example is the same query, except that "divine secrets" is submitted as a quotation-enclosed  phrase (some REST clients require that you escape the interior quotation marks with a backslash `\"`):
+Whole-term formatting applies even on a phrase search, where multiple terms are enclosed in double quotation marks. The following example is the same query, except that "divine secrets" is submitted as a quotation-enclosed phrase (some REST clients require that you escape the interior quotation marks with a backslash `\"`):
 
 ```http
 POST /indexes/good-books/docs/search?api-version=2020-06-30 
     {  
-      "search": "\"divine secrets\"",,
+      "search": "\"divine secrets\"",
       "select": "title,original_title",
       "highlight": "title",
       "highlightPreTag": "<b>",

articles/search/vector-search-how-to-create-index.md

@@ -628,7 +628,7 @@ api-key: {{admin-api-key}}
                 . . .
             ],
             "contentVector": [
-                -0.02780858241021633,,
+                -0.02780858241021633,
                  . . .
             ],
             "@search.action": "upload"

articles/time-series-insights/how-to-tsi-gen2-migration.md

@@ -188,7 +188,7 @@ You can use the ‘Ingestion (preview)’ section with the below settings to mon
 
 :::image type="content" source="media/gen2-migration/adx-ingest-monitoring-results.png" alt-text="Screenshot of the Azure Data Explorer ingestion for Monitoring results" lightbox="media/gen2-migration/adx-ingest-lightingest-command.png":::
 
-You’ll know that the ingestion is complete once you see the metrics go to 0 for your table. If you want to see more details,, you can use Log Analytics. On the Azure Data Explorer cluster section select on the ‘Log’ tab:
+You’ll know that the ingestion is complete once you see the metrics go to 0 for your table. If you want to see more details, you can use Log Analytics. On the Azure Data Explorer cluster section select on the ‘Log’ tab:
 
 :::image type="content" source="media/gen2-migration/adx-ingest-monitoring-logs.png" alt-text="Screenshot of the Azure Data Explorer ingestion for Monitoring logs" lightbox="media/gen2-migration/adx-ingest-monitoring-logs.png":::