Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into rolyon-reliability-az-region-poland-central

rolyon · rolyon · commit 576f8228773b · 2023-01-09T13:01:25.000-08:00
diff --git a/articles/aks/http-proxy.md b/articles/aks/http-proxy.md
@@ -19,6 +19,7 @@ Some more complex solutions may require creating a chain of trust to establish s
 ## Limitations and other details
 
 The following scenarios are **not** supported:
+
 - Different proxy configurations per node pool
 - Updating proxy settings post cluster creation
 - User/Password authentication
@@ -31,10 +32,9 @@ By default, *httpProxy*, *httpsProxy*, and *trustedCa* have no value.
 
 ## Prerequisites
 
-* An Azure subscription. If you don't have an Azure subscription, you can create a [free account](https://azure.microsoft.com/free).
-* Latest version of [Azure CLI installed](/cli/azure/install-azure-cli).
+The latest version of the Azure CLI. Run `az --version` to find the version, and run `az upgrade` to upgrade the version. If you need to install or upgrade, see [Install Azure CLI][install-azure-cli].
 
-## Configuring an HTTP proxy using Azure CLI 
+## Configuring an HTTP proxy using the Azure CLI
 
 Using AKS with an HTTP proxy is done at cluster creation, using the [az aks create][az-aks-create] command and passing in configuration as a JSON file.
 
@@ -51,13 +51,18 @@ The schema for the config file looks like this:
 }
 ```
 
-`httpProxy`: A proxy URL to use for creating HTTP connections outside the cluster. The URL scheme must be `http`.
-`httpsProxy`: A proxy URL to use for creating HTTPS connections outside the cluster. If this is not specified, then `httpProxy` is used for both HTTP and HTTPS connections.
-`noProxy`: A list of destination domain names, domains, IP addresses or other network CIDRs to exclude proxying. 
-`trustedCa`: A string containing the `base64 encoded` alternative CA certificate content. For now we only support `PEM` format. Another thing to note is that, for compatibility with Go-based components that are part of the Kubernetes system, the certificate MUST support `Subject Alternative Names(SANs)` instead of the deprecated Common Name certs.
+* `httpProxy`: A proxy URL to use for creating HTTP connections outside the cluster. The URL scheme must be `http`.
+* `httpsProxy`: A proxy URL to use for creating HTTPS connections outside the cluster. If this isn't specified, then `httpProxy` is used for both HTTP and HTTPS connections.
+* `noProxy`: A list of destination domain names, domains, IP addresses or other network CIDRs to exclude proxying.
+* `trustedCa`: A string containing the `base64 encoded` alternative CA certificate content. Currently only the `PEM` format is supported.
+
+> [!IMPORTANT]
+> For compatibility with Go-based components that are part of the Kubernetes system, the certificate **must** support `Subject Alternative Names(SANs)` instead of the deprecated Common Name certs.
 
 Example input:
-Note the CA cert should be the base64 encoded string of the PEM format cert content.
+
+> [!NOTE]
+> The CA certificate should be the base64 encoded string of the PEM format cert content.
 
 ```json
 {
@@ -71,7 +76,7 @@ Note the CA cert should be the base64 encoded string of the PEM format cert cont
 }
 ```
 
-Create a file and provide values for *httpProxy*, *httpsProxy*, and *noProxy*. If your environment requires it, also provide a *trustedCa* value. Next, deploy a cluster, passing in your filename via the `http-proxy-config` flag.
+Create a file and provide values for *httpProxy*, *httpsProxy*, and *noProxy*. If your environment requires it, provide a value for *trustedCa*. Next, deploy a cluster, passing in your filename using the `http-proxy-config` flag.
 
 ```azurecli
 az aks create -n $clusterName -g $resourceGroup --http-proxy-config aks-proxy-config.json
@@ -81,7 +86,7 @@ Your cluster will initialize with the HTTP proxy configured on the nodes.
 
 ## Configuring an HTTP proxy using Azure Resource Manager (ARM) templates
 
-Deploying an AKS cluster with an HTTP proxy configured via ARM template is straightforward. The same schema used for CLI deployment exists in the `Microsoft.ContainerService/managedClusters` definition under properties:
+Deploying an AKS cluster with an HTTP proxy configured using an ARM template is straightforward. The same schema used for CLI deployment exists in the `Microsoft.ContainerService/managedClusters` definition under properties:
 
 ```json
 "properties": {
@@ -97,34 +102,34 @@ Deploying an AKS cluster with an HTTP proxy configured via ARM template is strai
 }
 ```
 
-In your template, provide values for *httpProxy*, *httpsProxy*, and *noProxy*. If necessary, also provide a value for `*trustedCa*. Deploy the template, and your cluster should initialize with your HTTP proxy configured on the nodes.
+In your template, provide values for *httpProxy*, *httpsProxy*, and *noProxy*. If necessary, provide a value for *trustedCa*. Deploy the template, and your cluster should initialize with your HTTP proxy configured on the nodes.
 
 ## Handling CA rollover
 
-Values for *httpProxy*, *httpsProxy*, and *noProxy* cannot be changed after cluster creation. However, to support rolling CA certs, the value for *trustedCa* can be changed and applied to the cluster with the [az aks update][az-aks-update] command.
+Values for *httpProxy*, *httpsProxy*, and *noProxy* can't be changed after cluster creation. However, to support rolling CA certs, the value for *trustedCa* can be changed and applied to the cluster with the [az aks update][az-aks-update] command.
 
-For example, assuming a new file has been created with the base64 encoded string of the new CA cert called *aks-proxy-config-2.json*, the following action will update the cluster:
+For example, assuming a new file has been created with the base64 encoded string of the new CA cert called *aks-proxy-config-2.json*, the following action updates the cluster:
 
 ```azurecli
 az aks update -n $clusterName -g $resourceGroup --http-proxy-config aks-proxy-config-2.json
 ```
 
 ## Monitoring add-on configuration
 
-When using the HTTP proxy with the Monitoring add-on, the following configurations are supported:
+The HTTP proxy with the Monitoring add-on supports the following configurations:
 
   - Outbound proxy without authentication
   - Outbound proxy with username & password authentication
   - Outbound proxy with trusted cert for Log Analytics endpoint
 
-The following configurations are not supported:
+The following configurations aren't supported:
 
-  - The Custom Metrics and Recommended Alerts features are not supported when using proxy with trusted cert
-  - Outbound proxy is not supported with Azure Monitor Private Link Scope (AMPLS)
+  - The Custom Metrics and Recommended Alerts features aren't supported when you use a proxy with trusted certificates
+  - Outbound proxy isn't supported with Azure Monitor Private Link Scope (AMPLS)
 
 ## Next steps
-- For more on the network requirements of AKS clusters, see [control egress traffic for cluster nodes in AKS][aks-egress].
 
+For more information regarding the network requirements of AKS clusters, see [control egress traffic for cluster nodes in AKS][aks-egress].
 
 <!-- LINKS - internal -->
 [aks-egress]: ./limit-egress-traffic.md
@@ -135,3 +140,4 @@ The following configurations are not supported:
 [az-provider-register]: /cli/azure/provider#az_provider_register
 [az-extension-add]: /cli/azure/extension#az_extension_add
 [az-extension-update]: /cli/azure/extension#az-extension-update
+[install-azure-cli]: /cli/azure/install-azure-cli
diff --git a/articles/azure-video-indexer/language-support.md b/articles/azure-video-indexer/language-support.md
@@ -13,8 +13,8 @@ ms.date: 01/06/2023
 
 This article provides a comprehensive list of language support by service features in Azure Video Indexer. For the list and definitions of all the features, see [Overview](video-indexer-overview.md).
 
-Some languages are supported only through the API (see [Get Supported Languages](https://api-portal.videoindexer.ai/api-details#api=Operations&operation=Get-Supported-Languages)) and not through the Video Indexer website or widgets. To make sure a language is supported for search, transcription, or translation by the Azure Video Indexer website and widgets, see the [frontend language 
-support table](#language-support-in-frontend-experiences) further below.
+Some languages are supported only through the API (see [Get Supported Languages](https://api-portal.videoindexer.ai/api-details#api=Operations&operation=Get-Supported-Languages)) and not through the Video Indexer website or widgets. To make sure a language is supported for search, transcription, or translation by the Azure Video Indexer website and widgets, see the [front end language 
+support table](#language-support-in-front-end-experiences) further below.
 
 ## API language support
 
@@ -140,9 +140,9 @@ When [uploading a video](https://api-portal.videoindexer.ai/api-details#api=Oper
 > Language identification (LID) and Multi-language identification (MLID) compares speech at the language level, such as English and German. 
 > Do not include multiple locales of the same language in the custom languages list.
 
-## Language support in frontend experiences
+## Language support in front end experiences
 
-The following table describes language support in the Azure Video Indexer frontend experiences.
+The following table describes language support in the Azure Video Indexer front end experiences.
 
 * website - the website column lists supported languages for the [Azure Video Indexer website](https://aka.ms/vi-portal-link). For for more information, see [Get started](video-indexer-get-started.md).
 * widgets - the [widgets](video-indexer-embed-widgets.md) column lists supported languages for translating the index file. For for more information, see [Get started](video-indexer-embed-widgets.md).
diff --git a/articles/confidential-computing/index.yml b/articles/confidential-computing/index.yml
@@ -43,6 +43,8 @@ landingContent:
             url: ../attestation/overview.md
           - text: Azure Confidential Ledger
             url: ../confidential-ledger/overview.md
+          - text: Trusted Hardware Identity Management
+            url: ../security/fundamentals/trusted-hardware-identity-management.md
           - text: Trusted launch
             url: ../virtual-machines/trusted-launch.md
           - text: Azure Key Vault Managed HSM
diff --git a/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-concept-recommendations.md b/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-concept-recommendations.md
@@ -56,7 +56,7 @@ The following section describes workload-based heuristics you may find in the Az
 Currently Advisor will only show at most four replicated table candidates at once with clustered columnstore indexes prioritizing the highest activity.
 
 > [!IMPORTANT]
-> The replicated table recommendation is not full proof and does not take into account data movement operations. We are working on adding this as a heuristic but in the meantime, you should always validate your workload after applying the recommendation. To learn more about replicated tables, visit the following [documentation](design-guidance-for-replicated-tables.md#what-is-a-replicated-table).
+> The replicated table recommendation is not fool proof and does not take into account data movement operations. We are working on adding this as a heuristic but in the meantime, you should always validate your workload after applying the recommendation. To learn more about replicated tables, visit the following [documentation](design-guidance-for-replicated-tables.md#what-is-a-replicated-table).
 
 
 ## Adaptive (Gen2) cache utilization
@@ -68,4 +68,4 @@ Query performance can degrade when there is high tempdb contention.  Tempdb cont
 
 ## Data loading misconfiguration
 
-You should always load data from a storage account in the same region as your dedicated SQL pool to minimize latency. Use the [COPY statement for high throughput data ingestion](/sql/t-sql/statements/copy-into-transact-sql?view=azure-sqldw-latest&preserve-view=true) and split your staged files in your storage account to maximize throughput. If you can't use the COPY statement, you can use the SqlBulkCopy API or bcp with a high batch size for better throughput. See [Best practices for data loading](../sql/data-loading-best-practices.md) for additional data loading guidance.
+You should always load data from a storage account in the same region as your dedicated SQL pool to minimize latency. Use the [COPY statement for high throughput data ingestion](/sql/t-sql/statements/copy-into-transact-sql?view=azure-sqldw-latest&preserve-view=true) and split your staged files in your storage account to maximize throughput. If you can't use the COPY statement, you can use the SqlBulkCopy API or bcp with a high batch size for better throughput. See [Best practices for data loading](../sql/data-loading-best-practices.md) for additional data loading guidance.
