Merge pull request #190693 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory-b2c/protocols-overview.md

@@ -34,6 +34,8 @@ https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/oauth2/v2.0/authorize
 https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token
 ```
 
+If you're using a [custom domain](custom-domain.md), replace `{tenant}.b2clogin.com` with the custom domain, such as `contoso.com`, in the endpoints.  
+
 In nearly all OAuth and OpenID Connect flows, four parties are involved in the exchange:
 
 

articles/active-directory/develop/msal-net-web-browsers.md

@@ -110,7 +110,7 @@ MSAL.NET is able to respond with an HTTP message when a token is received or in
 ```csharp
 var options = new SystemWebViewOptions() 
 {
-    HtmlMessageError = "<p> An error occured: {0}. Details {1}</p>",
+    HtmlMessageError = "<p> An error occurred: {0}. Details {1}</p>",
     BrowserRedirectSuccess = new Uri("https://www.microsoft.com");
 }
 

articles/applied-ai-services/immersive-reader/includes/quickstarts/immersive-reader-client-library-swift.md

@@ -205,7 +205,7 @@ class LaunchViewController: UIViewController {
                 })
             }
         }, onFailure: { error in
-            print("an error occured: \(error)")
+            print("an error occurred: \(error)")
         })
     }
 
@@ -569,4 +569,4 @@ When you click on the **Immersive Reader** button, you'll see the Immersive Read
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Create a resource and configure AAD](../../how-to-create-immersive-reader.md)
+> [Create a resource and configure AAD](../../how-to-create-immersive-reader.md)

articles/azure-arc/kubernetes/custom-locations.md

@@ -128,7 +128,7 @@ If you are logged into Azure CLI using a service principal, to enable this featu
 | `--resource-group, --g` | Resource group of the custom location  | 
 | `--namespace` | Namespace in the cluster bound to the custom location being created |
 | `--host-resource-id` | Azure Resource Manager identifier of the Azure Arc-enabled Kubernetes cluster (connected cluster) |
-| `--cluster-extension-ids` | Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-seperated list of the cluster extension IDs  |
+| `--cluster-extension-ids` | Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-separated list of the cluster extension IDs  |
 
 **Optional parameters**
 
@@ -189,7 +189,7 @@ az customlocation update -n <customLocationName> -g <resourceGroupName> --namesp
 
 | Parameter name | Description |
 |--------------|------------|
-| `--cluster-extension-ids` | Associate new cluster extensions to this custom location by providing Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-seperated list of the cluster extension IDs |
+| `--cluster-extension-ids` | Associate new cluster extensions to this custom location by providing Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-separated list of the cluster extension IDs |
 | `--tags` | Add new tags in addition to existing tags. Space-separated list of tags: key[=value] [key[=value] ...]. |
 
 ## Patch a custom location
@@ -211,7 +211,7 @@ az customlocation patch -n <customLocationName> -g <resourceGroupName> --namespa
 
 | Parameter name | Description |
 |--------------|------------|
-| `--cluster-extension-ids` | Associate new cluster extensions to this custom location by providing Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-seperated list of the cluster extension IDs |
+| `--cluster-extension-ids` | Associate new cluster extensions to this custom location by providing Azure Resource Manager identifiers of the cluster extension instances installed on the connected cluster. Provide a space-separated list of the cluster extension IDs |
 | `--tags` | Add new tags in addition to existing tags. Space-separated list of tags: key[=value] [key[=value] ...]. |
 
 ## Delete a custom location

articles/azure-monitor/essentials/metrics-supported.md

@@ -496,7 +496,7 @@ This latest update adds a new column and reorders the metrics to be alphabetical
 |connectedclients7|Yes|Connected Clients (Shard 7)|Count|Maximum|The number of client connections to the cache. For more details, see https://aka.ms/redis/metrics.|No Dimensions|
 |connectedclients8|Yes|Connected Clients (Shard 8)|Count|Maximum|The number of client connections to the cache. For more details, see https://aka.ms/redis/metrics.|No Dimensions|
 |connectedclients9|Yes|Connected Clients (Shard 9)|Count|Maximum|The number of client connections to the cache. For more details, see https://aka.ms/redis/metrics.|No Dimensions|
-|errors|Yes|Errors|Count|Maximum|The number errors that occured on the cache. For more details, see https://aka.ms/redis/metrics.|ShardId, ErrorType|
+|errors|Yes|Errors|Count|Maximum|The number errors that occurred on the cache. For more details, see https://aka.ms/redis/metrics.|ShardId, ErrorType|
 |evictedkeys|Yes|Evicted Keys|Count|Total|The number of items evicted from the cache. For more details, see https://aka.ms/redis/metrics.|ShardId|
 |evictedkeys0|Yes|Evicted Keys (Shard 0)|Count|Total|The number of items evicted from the cache. For more details, see https://aka.ms/redis/metrics.|No Dimensions|
 |evictedkeys1|Yes|Evicted Keys (Shard 1)|Count|Total|The number of items evicted from the cache. For more details, see https://aka.ms/redis/metrics.|No Dimensions|

articles/batch/batch-js-get-started.md

@@ -309,7 +309,7 @@ containerList.forEach(function (val, index) {
 
     const task = batchClient.task.add(jobId, taskConfig, function (error, result) {
         if (error !== null) {
-            console.log("Error occured while creating task for container " + containerName + ". Details : " + error.response);
+            console.log("Error occurred while creating task for container " + containerName + ". Details : " + error.response);
         }
         else {
             console.log("Task for container : " + containerName + " submitted successfully");

articles/cosmos-db/cassandra/cassandra-support.md

@@ -262,7 +262,7 @@ curl https://cacert.omniroot.com/bc2025.crt > bc2025.crt
 keytool -importcert -alias bc2025ca -file bc2025.crt
 
 # Install the Cassandra libraries in order to get CQLSH:
-echo "deb http://www.apache.org/dist/cassandra/debian 311x main" | sudo tee -a /etc/apt/sources.list.d/cassandra.sources.list
+echo "deb https://downloads.apache.org/cassandra/debian 311x main" | sudo tee -a /etc/apt/sources.list.d/cassandra.sources.list
 curl https://downloads.apache.org/cassandra/KEYS | sudo apt-key add -
 sudo apt-get update
 sudo apt-get install cassandra

articles/defender-for-cloud/alerts-reference.md

@@ -369,7 +369,7 @@ Microsoft Defender for Containers provides security alerts on the cluster level
 | **Potential crypto coin miner started (Preview)**<br>(K8S.NODE_CryptoCoinMinerExecution) | Analysis of processes running within a container detected a process being started in a way normally associated with digital currency mining. | Execution | Medium |
 | **Suspicious password access (Preview)**<br>(K8S.NODE_SuspectPasswordFileAccess) | Analysis of processes running within a container detected suspicious access to encrypted user passwords. | Persistence | Informational |
 | **Suspicious use of DNS over HTTPS (Preview)**<br>(K8S.NODE_SuspiciousDNSOverHttps) | Analysis of processes running within a container indicates the use of a DNS call over HTTPS in an uncommon fashion. This technique is used by attackers to hide calls out to suspect or malicious sites. | DefenseEvasion, Exfiltration | Medium |
-| **A possible connection to malicious location has been detected. (Preview)**<br>(K8S.NODE_ThreatIntelCommandLineSuspectDomain) | Analysis of processes running within a container detected a connection to a location that has been reported to be malicious or unusual. This is an indicator that a compromise may have occured. | InitialAccess | Medium |
+| **A possible connection to malicious location has been detected. (Preview)**<br>(K8S.NODE_ThreatIntelCommandLineSuspectDomain) | Analysis of processes running within a container detected a connection to a location that has been reported to be malicious or unusual. This is an indicator that a compromise may have occurred. | InitialAccess | Medium |
 |  |  |  |  |
 
 <sup><a name="footnote1"></a>1</sup>: **Limitations on GKE clusters**: GKE uses a Kuberenetes audit policy that doesn't support all alert types. As a result, this security alert, which is based on Kubernetes audit events, are not supported for GKE clusters.

articles/industrial-iot/reference-command-line-arguments.md

@@ -262,19 +262,19 @@ There are a couple of environment variables, which can be used to control the ap
       --tb, --addtrustedcertbase64=VALUE
                                        adds the certificate to the applications trusted
                                        cert store passed in as base64 string (multiple
-                                       comma-seperated strings supported)
+                                       comma-separated strings supported)
       --tf, --addtrustedcertfile=VALUE
                                        adds the certificate file(s) to the applications
                                        trusted cert store passed in as base64 string (
-                                       multiple comma-seperated filenames supported)
+                                       multiple comma-separated filenames supported)
       --ib, --addissuercertbase64=VALUE
                                        adds the specified issuer certificate to the
                                        applications trusted issuer cert store passed in
-                                       as base64 string (multiple comma-seperated strings supported)
+                                       as base64 string (multiple comma-separated strings supported)
       --if, --addissuercertfile=VALUE
                                        adds the specified issuer certificate file(s) to
                                        the applications trusted issuer cert store (
-                                       multiple comma-seperated filenames supported)
+                                       multiple comma-separated filenames supported)
       --rb, --updatecrlbase64=VALUE
                                        update the CRL passed in as base64 string to the
                                        corresponding cert store (trusted or trusted
@@ -285,7 +285,7 @@ There are a couple of environment variables, which can be used to control the ap
                                        issuer)
       --rc, --removecert=VALUE
                                        remove cert(s) with the given thumbprint(s) (
-                                       multiple comma-seperated thumbprints supported)
+                                       multiple comma-separated thumbprints supported)
       --dt, --devicecertstoretype=VALUE
                                        the iothub device cert store type.
                                        (allowed values: Directory, X509Store)
@@ -395,4 +395,4 @@ Further resources can be found in the GitHub repositories:
 > [OPC Publisher GitHub repository](https://github.com/Azure/Industrial-IoT)
 
 > [!div class="nextstepaction"]
-> [IIoT Platform GitHub repository](https://github.com/Azure/iot-edge-opc-publisher)
+> [IIoT Platform GitHub repository](https://github.com/Azure/iot-edge-opc-publisher)

articles/machine-learning/how-to-secure-training-vnet.md

@@ -262,7 +262,7 @@ For steps on how to create a compute instance deployed in a virtual network, see
 
 When you enable **No public IP**, your compute instance doesn't use a public IP for communication with any dependencies. Instead, it communicates solely within the virtual network using Azure Private Link ecosystem and service/private endpoints, eliminating the need for a public IP entirely. No public IP removes access and discoverability of compute instance node from the internet thus eliminating a significant threat vector. Compute instances will also do packet filtering to reject any traffic from outside virtual network. **No public IP** instances are dependent on [Azure Private Link](how-to-configure-private-link.md) for Azure Machine Learning workspace. 
 
-For **outbound connections** to work, you need to set up an egress firewall such as Azure firewall with user defined routes. For instance, you can use a firewall set up with [invound/outbound configuration](how-to-access-azureml-behind-firewall.md) and route traffic there by defining a route table on the subnet in which the compute instance is deployed. The route table entry can set up the next hop of the private IP address of the firewall with the address prefix of 0.0.0.0/0.
+For **outbound connections** to work, you need to set up an egress firewall such as Azure firewall with user defined routes. For instance, you can use a firewall set up with [inbound/outbound configuration](how-to-access-azureml-behind-firewall.md) and route traffic there by defining a route table on the subnet in which the compute instance is deployed. The route table entry can set up the next hop of the private IP address of the firewall with the address prefix of 0.0.0.0/0.
 
 A compute instance with **No public IP** enabled has **no inbound communication requirements** from public internet. Specifically, neither inbound NSG rule (`BatchNodeManagement`, `AzureMachineLearning`) is required. You still need to allow inbound from source of **VirtualNetwork**, any port source, destination of **VirtualNetwork**, and destination port of **29876, 29877, 44224**.