Skip to content

Commit 5552f8f

Browse files
authored
Merge pull request #185978 from MicrosoftDocs/master
1/24 AM Publish
2 parents 1ea0228 + 0de0387 commit 5552f8f

File tree

57 files changed

+905
-478
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

57 files changed

+905
-478
lines changed

articles/active-directory/conditional-access/concept-conditional-access-cloud-apps.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,7 @@ Administrators can add any Azure AD registered application to Conditional Access
126126
- Applications that use [password based single sign-on](../manage-apps/configure-password-single-sign-on-non-gallery-applications.md)
127127

128128
> [!NOTE]
129-
> Since Conditional Access policy sets the requirements for accessing a service you are not able to apply it to a client (public/native) application. Other words the policy is not set directly on a client (public/native) application, but is applied when a client calls a service. For example, a policy set on SharePoint service applies to the clients calling SharePoint. A policy set on Exchange applies to the attempt to access the email using Outlook client. That is why client (public/native) applications are not available for selection in the Cloud Apps picker and Conditional Access option is not available in the application settings for the client (public/native) application registered in your tenant.
129+
> Since Conditional Access policy sets the requirements for accessing a service you are not able to apply it to a client (public/native) application. In other words, the policy is not set directly on a client (public/native) application, but is applied when a client calls a service. For example, a policy set on SharePoint service applies to the clients calling SharePoint. A policy set on Exchange applies to the attempt to access the email using Outlook client. That is why client (public/native) applications are not available for selection in the Cloud Apps picker and Conditional Access option is not available in the application settings for the client (public/native) application registered in your tenant.
130130
131131
Some applications do not appear in the picker at all. The only way to include these applications in a Conditional Access policy is to include **All apps**.
132132

articles/active-directory/fundamentals/azure-active-directory-b2c-deployment-plans.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -223,6 +223,10 @@ Consider the sample checklist to define the user experience (UX) requirements:
223223

224224
- If you expect high UX customization such as pixel to pixel, you may need a front-end developer to help you.
225225

226+
- Azure AD B2C provides capabilities for customizing HTML and CSS, however, it has additional requirements for [JavaScript](../../active-directory-b2c/javascript-and-page-layout.md?pivots=b2c-custom-policy#guidelines-for-using-javascript).
227+
228+
- An embedded experience can be implemented [using iframe support](../../active-directory-b2c/embedded-login.md?pivots=b2c-custom-policy). For a single-page application, you'll also need a second "sign-in" HTML page that loads into the `<iframe>` element.
229+
226230
## Monitor an Azure AD B2C solution
227231

228232
This phase includes the following capabilities:

articles/aks/limit-egress-traffic.md

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -153,6 +153,18 @@ The following FQDN / application rules are required for using Windows Server bas
153153

154154
## AKS addons and integrations
155155

156+
### Microsoft Defender for Containers
157+
158+
#### Required FQDN / application rules
159+
160+
The following FQDN / application rules are required for AKS clusters that have Microsoft Defender for Containers enabled.
161+
162+
| FQDN | Port | Use |
163+
|-----------------------------------------------|-----------|----------|
164+
| **`login.microsoftonline.com`** | **`HTTPS:443`** | Required for Active Directory Authentication. |
165+
| **`*.ods.opinsights.azure.com`** | **`HTTPS:443`** | Required for Microsoft Defender to upload security events to the cloud.|
166+
| **`*.oms.opinsights.azure.com`** | **`HTTPS:443`** | Required to Authenticate with LogAnalytics workspaces.|
167+
156168
### Azure Monitor for containers
157169

158170
There are two options to provide access to Azure Monitor for containers, you may allow the Azure Monitor [ServiceTag](../virtual-network/service-tags-overview.md#available-service-tags) **or** provide access to the required FQDN/Application Rules.
@@ -171,10 +183,10 @@ The following FQDN / application rules are required for AKS clusters that have t
171183

172184
| FQDN | Port | Use |
173185
|-----------------------------------------|-----------|----------|
174-
| dc.services.visualstudio.com | **`HTTPS:443`** | This endpoint is used for metrics and monitoring telemetry using Azure Monitor. |
175-
| *.ods.opinsights.azure.com | **`HTTPS:443`** | This endpoint is used by Azure Monitor for ingesting log analytics data. |
176-
| *.oms.opinsights.azure.com | **`HTTPS:443`** | This endpoint is used by omsagent, which is used to authenticate the log analytics service. |
177-
| *.monitoring.azure.com | **`HTTPS:443`** | This endpoint is used to send metrics data to Azure Monitor. |
186+
| **`dc.services.visualstudio.com`** | **`HTTPS:443`** | This endpoint is used for metrics and monitoring telemetry using Azure Monitor. |
187+
| **`*.ods.opinsights.azure.com`** | **`HTTPS:443`** | This endpoint is used by Azure Monitor for ingesting log analytics data. |
188+
| **`*.oms.opinsights.azure.com`** | **`HTTPS:443`** | This endpoint is used by omsagent, which is used to authenticate the log analytics service. |
189+
| **`*.monitoring.azure.com`** | **`HTTPS:443`** | This endpoint is used to send metrics data to Azure Monitor. |
178190

179191
### Azure Policy
180192

articles/api-management/configure-custom-domain.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ Choose the steps according to the [domain certificate](#domain-certificate-optio
141141
1. Select **+Add**, or select an existing [endpoint](#endpoints-for-custom-domains) that you want to update.
142142
1. In the window on the right, select the **Type** of endpoint for the custom domain.
143143
1. In the **Hostname** field, specify the name you want to use. For example, `api.contoso.com`.
144-
1. Under **Certificate**, select **Managed** to enable a free certificate managed by API Management. Te managed certificate is available in preview for the Gateway endpoint only.
144+
1. Under **Certificate**, select **Managed** to enable a free certificate managed by API Management. The managed certificate is available in preview for the Gateway endpoint only.
145145
1. Copy the following values and use them to [configure DNS](#dns-configuration):
146146
* **TXT record**
147147
* **CNAME record**
@@ -181,4 +181,4 @@ You can also get a domain ownership identifier by calling the [Get Domain Owners
181181

182182
## Next steps
183183

184-
[Upgrade and scale your service](upgrade-and-scale.md)
184+
[Upgrade and scale your service](upgrade-and-scale.md)

articles/azure-arc/data/postgresql-hyperscale-server-group-placement-on-kubernetes-cluster-nodes.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -240,7 +240,7 @@ The architecture looks like:
240240

241241
:::image type="content" source="media/migrate-postgresql-data-into-postgresql-hyperscale-server-group/5_full_list_of_pods.png" alt-text="All pods in namespace on various nodes":::
242242

243-
As described above, the coordinator nodes (Pod 1) of the Azure Arc-enabled Postgres Hyperscale server group shares the same physical resources as the third worker node (Pod 4) of the server group. That is acceptable because the coordinator node typically uses very few resources in comparison to what a worker node may be using. For this reason, carefully chose:
243+
As described above, the coordinator nodes (Pod 1) of the Azure Arc-enabled PostgreSQL Hyperscale server group shares the same physical resources as the third worker node (Pod 4) of the server group. That is acceptable because the coordinator node typically uses very few resources in comparison to what a worker node may be using. For this reason, carefully chose:
244244
- the size of the Kubernetes cluster and the characteristics of each of its physical nodes (memory, vCore)
245245
- the number of physical nodes inside the Kubernetes cluster
246246
- the applications or workloads you host on the Kubernetes cluster.
@@ -374,8 +374,8 @@ To benefit the most from the scalability and the performance of scaling Azure Ar
374374
- between all the PostgreSQL instances that constitute the Azure Arc-enabled PostgreSQL Hyperscale server group
375375

376376
You can achieve this in several ways:
377-
- Scale out both Kubernetes and Azure Arc-enabled Postgres Hyperscale: consider scaling horizontally the Kubernetes cluster the same way you are scaling the Azure Arc-enabled PostgreSQL Hyperscale server group. Add a physical node to the cluster for each worker you add to the server group.
378-
- Scale out Azure Arc-enabled Postgres Hyperscale without scaling out Kubernetes: by setting the right resource constraints (request and limits on memory and vCore) on the workloads hosted in Kubernetes (Azure Arc-enabled PostgreSQL Hyperscale included), you will enable the colocation of workloads on Kubernetes and reduce the risk of resource contention. You need to make sure that the physical characteristics of the physical nodes of the Kubernetes cluster can honor the resources constraints you define. You should also ensure that equilibrium remains as the workloads evolve over time or as more workloads are added in the Kubernetes cluster.
377+
- Scale out both Kubernetes and Azure Arc-enabled PostgreSQL Hyperscale: consider scaling horizontally the Kubernetes cluster the same way you are scaling the Azure Arc-enabled PostgreSQL Hyperscale server group. Add a physical node to the cluster for each worker you add to the server group.
378+
- Scale out Azure Arc-enabled PostgreSQL Hyperscale without scaling out Kubernetes: by setting the right resource constraints (request and limits on memory and vCore) on the workloads hosted in Kubernetes (Azure Arc-enabled PostgreSQL Hyperscale included), you will enable the colocation of workloads on Kubernetes and reduce the risk of resource contention. You need to make sure that the physical characteristics of the physical nodes of the Kubernetes cluster can honor the resources constraints you define. You should also ensure that equilibrium remains as the workloads evolve over time or as more workloads are added in the Kubernetes cluster.
379379
- Use the Kubernetes mechanisms (pod selector, affinity, anti-affinity) to influence the placement of the pods.
380380

381381
## Next steps

articles/azure-arc/data/upgrade-sql-managed-instance-indirect-kubernetes-tools.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ Before you can proceed with the tasks in this article you need:
2424
- To connect and authenticate to a Kubernetes cluster
2525
- An existing Kubernetes context selected
2626

27-
You need an an indirectly connected data controller with the `imageTag v1.0.0_2021-07-30` or greater.
27+
You need an indirectly connected data controller with the `imageTag v1.0.0_2021-07-30` or greater.
2828

2929
## Limitations
3030

articles/azure-monitor/app/availability-overview.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ There are four types of availability tests:
2222
* [Custom TrackAvailability test](availability-azure-functions.md): If you decide to create a custom application to run availability tests, you can use the [TrackAvailability()](/dotnet/api/microsoft.applicationinsights.telemetryclient.trackavailability) method to send the results to Application Insights.
2323

2424
> [!IMPORTANT]
25-
> Both the [URL ping test](monitor-web-app-availability.md) and the [multi-step web test](availability-multistep.md) rely on the DNS infrastructure of the public internet to resolve the domain names of the tested endpoints. If you're using private DNS, you must ensure that the public domain name servers can remove every domain name of your test. When that's not possible, you can use [custom TrackAvailability tests](/dotnet/api/microsoft.applicationinsights.telemetryclient.trackavailability) instead.
25+
> Both the [URL ping test](monitor-web-app-availability.md) and the [multi-step web test](availability-multistep.md) rely on the DNS infrastructure of the public internet to resolve the domain names of the tested endpoints. If you're using private DNS, you must ensure that the public domain name servers can resolve every domain name of your test. When that's not possible, you can use [custom TrackAvailability tests](/dotnet/api/microsoft.applicationinsights.telemetryclient.trackavailability) instead.
2626
2727
You can create up to 100 availability tests per Application Insights resource.
2828

@@ -36,4 +36,4 @@ See the dedicated [troubleshooting article](troubleshoot-availability.md).
3636
* [Multi-step web tests](availability-multistep.md)
3737
* [URL tests](monitor-web-app-availability.md)
3838
* [Create and run custom availability tests using Azure Functions](availability-azure-functions.md)
39-
* [Web Tests Azure Resource Manager template](/azure/templates/microsoft.insights/webtests?tabs=json)
39+
* [Web Tests Azure Resource Manager template](/azure/templates/microsoft.insights/webtests?tabs=json)

articles/azure-sql/virtual-machines/windows/frequently-asked-questions-faq.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -199,7 +199,7 @@ sections:
199199
- question: |
200200
Can I use the Azure portal to manage multiple instances on the same VM?
201201
answer: |
202-
No. Portal management is provided by the SQL IaaS Agent extension, which relies on the SQL Server IaaS Agent extension. As such, the same limitations apply to the extension as the extension. The portal can either only manage one default instance, or one named instance as long as its configured correctly. For more information, see [SQL Server IaaS Agent extension](sql-server-iaas-agent-extension-automate-management.md)
202+
No. Portal management is provided by the SQL IaaS Agent extension, which relies on the SQL Server IaaS Agent extension. As such, the same limitations apply to the portal as the extension. The portal can either only manage one default instance, or one named instance as long as its configured correctly. For more information, see [SQL Server IaaS Agent extension](sql-server-iaas-agent-extension-automate-management.md)
203203
204204
205205
- name: Updating and patching
@@ -413,4 +413,4 @@ additionalContent: |
413413
* [Overview of SQL Server on a Linux VM](../linux/sql-server-on-linux-vm-what-is-iaas-overview.md)
414414
* [Provision SQL Server on a Linux VM](../linux/sql-vm-create-portal-quickstart.md)
415415
* [FAQ (Linux)](../linux/frequently-asked-questions-faq.yml)
416-
* [SQL Server on Linux documentation](/sql/linux/sql-server-linux-overview)
416+
* [SQL Server on Linux documentation](/sql/linux/sql-server-linux-overview)

articles/cloud-services-extended-support/in-place-migration-overview.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ To perform this migration, you must be added as a coadministrator for the subscr
8080
5. Check the status of your registration. Registration can take a few minutes to complete.
8181
8282
```powershell
83-
Get-AzProviderFeature -FeatureName CloudServices -ProviderNamespace Microsoft.Compute
83+
Get-AzResourceProvider -ProviderNamespace Microsoft.ClassicInfrastructureMigrate
8484
```
8585
8686
## How is migration for Cloud Services (classic) different from Virtual Machines (classic)?

articles/cognitive-services/Speech-Service/includes/get-speech-sdk-android.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ms.author: eur
88

99
:::row:::
1010
:::column span="3":::
11-
When developing for Android, there are two Speech SDKs available. The Java Speech SDK is available natively as an Android package, or the .NET Speech SDK could be used with **Xamarin.Android** as it implements .NET Standard 2.0.
11+
When you develop for Android, two Speech SDKs are available. The Java Speech SDK is available natively as an Android package, or the .NET Speech SDK could be used with **Xamarin.Android** as it implements .NET Standard 2.0.
1212
:::column-end:::
1313
:::column:::
1414
<br>
@@ -26,7 +26,7 @@ ms.author: eur
2626

2727
:::row:::
2828
:::column span="3":::
29-
Xamarin.Android exposes the complete Android SDK for .NET developers. Build fully native Android apps using C# or F# in Visual Studio. For more information, see <a href="/xamarin/android/" target="_blank">Xamarin.Android </a>
29+
Xamarin.Android exposes the complete Android SDK for .NET developers. Build fully native Android apps by using C# or F# in Visual Studio. For more information, see <a href="/xamarin/android/" target="_blank">Xamarin.Android.</a>
3030
:::column-end:::
3131
:::column:::
3232
<br>

0 commit comments

Comments
 (0)