Merge branch 'master' of https://github.com/microsoftdocs/azure-docs-pr

Author: mumian

.openpublishing.redirection.json

@@ -26850,6 +26850,11 @@
       "redirect_url": "/azure/logic-apps/quickstart-create-logic-apps-visual-studio-code",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/logic-apps/logic-apps-overview-preview.md",
+      "redirect_url": "/azure/logic-apps/single-tenant-overview-compare",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/machine-learning/service/index.yml",
       "redirect_url": "/azure/machine-learning/",
@@ -51413,7 +51418,7 @@
     {
       "source_path_from_root": "/articles/active-directory/active-directory-conditional-access-locations.md",
       "redirect_url": "/azure/active-directory/conditional-access/location-condition",
-      "redirect_document_id": true
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-conditional-access-azure-portal.md",
@@ -53560,6 +53565,11 @@
       "redirect_url": "/azure/active-directory/fundamentals/concept-fundamentals-security-defaults",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/reports-monitoring/quickstart-configure-named-locations.md",
+      "redirect_url": "/azure/active-directory/conditional-access/location-condition",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/active-directory/customize-branding.md",
       "redirect_url": "/azure/active-directory/fundamentals/customize-branding",
@@ -56360,11 +56370,6 @@
       "redirect_url": "/azure/active-directory/reports-monitoring/quickstart-azure-monitor-stream-logs-to-event-hub",
       "redirect_document_id": false
     },
-    {
-      "source_path_from_root": "/articles/active-directory/active-directory-named-locations.md",
-      "redirect_url": "/azure/active-directory/reports-monitoring/quickstart-configure-named-locations",
-      "redirect_document_id": true
-    },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-reporting-activity-audit-reference.md",
       "redirect_url": "/azure/active-directory/reports-monitoring/reference-audit-activities",
@@ -66119,11 +66124,6 @@
       "redirect_url": "/azure/iot-develop/quickstart-send-telemetry-central",
       "redirect_document_id": false
     },
-    {
-      "source_path_from_root": "/articles/active-directory/reports-monitoring/quickstart-configure-named-locations.md",
-      "redirect_url": "/azure/active-directory/conditional-access/location-condition",
-      "redirect_document_id": false
-    },
     {
       "source_path_from_root": "/articles/active-directory/reports-monitoring/reference-azure-monitor-audit-log-schema.md",
       "redirect_url": "/azure/active-directory/reports-monitoring/overview-reports",
@@ -66138,6 +66138,21 @@
       "source_path_from_root": "/articles/iot-develop/quickstart-send-telemetry-cli-node.md",
       "redirect_url": "/azure/iot-develop/quickstart-send-telemetry-iot-hub",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/communication-services/quickstarts/ui-framework/create-your-own-components.md",
+      "redirect_url": "https://azure.github.io/communication-ui-sdk",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/communication-services/quickstarts/ui-framework/get-started-with-components.md",
+      "redirect_url": "https://azure.github.io/communication-ui-sdk",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/communication-services/quickstarts/ui-framework/get-started-with-composites.md",
+      "redirect_url": "https://azure.github.io/communication-ui-sdk",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory/conditional-access/location-condition.md

@@ -11,7 +11,7 @@ ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
-ms.date: 10/23/2020
+ms.date: 05/11/2020
 ms.author: curtand
 ms.custom: pim
 ms.collection: M365-identity-device-management
@@ -30,6 +30,10 @@ Azure Active Directory (Azure AD) Privileged Identity Management (PIM) can manag
 > [!NOTE]
 > Users or members of a group assigned to the Owner or User Access Administrator subscription roles, and Azure AD Global administrators that enable subscription management in Azure AD have Resource administrator permissions by default. These administrators can assign roles, configure role settings, and review access using Privileged Identity Management for Azure resources. A user can't manage Privileged Identity Management for Resources without Resource administrator permissions. View the list of [Azure built-in roles](../../role-based-access-control/built-in-roles.md).
 
+## Role assignment conditions
+
+You can use the Azure attribute-based access control (Azure ABAC) preview to place resource conditions on eligible role assignments using Privileged Identity Management (PIM). With PIM, your end users must activate an eligible role assignment to get permission to perform certain actions. Using Azure ABAC conditions in PIM enables you not only to limit a user’s role permissions to a resource using fine-grained conditions, but also to use PIM to secure the role assignment with a time-bound setting, approval workflow, audit trail, and so on. For more information, see [Azure attribute-based access control public preview](../../role-based-access-control/conditions-overview.md).
+
 ## Assign a role
 
 Follow these steps to make a user eligible for an Azure resource role.
@@ -104,6 +108,10 @@ Follow these steps to update or remove an existing role assignment.
 
     ![Update or remove role assignment](./media/pim-resource-roles-assign-roles/resources-update-remove.png)
 
+1. To add or update a condition to refine Azure resource access, select **Add** or **View/Edit** in the **Condition** column for the role assignment. Currently, the Storage Blob Data Owner, Storage Blob Data Reader, and the Blob Storage Blob Data Contributor roles in Privileged Identity Management are the only two roles supported as part of the [Azure attribute-based access control public preview](../../role-based-access-control/conditions-overview.md).
+
+    ![Update or remove attributes for access control](./media/pim-resource-roles-assign-roles/resources-abac-update-remove.png)
+
 1. Select **Update** or **Remove** to update or remove the role assignment.
 
     For information about extending a role assignment, see [Extend or renew Azure resource roles in Privileged Identity Management](pim-resource-roles-renew-extend.md).

articles/active-directory/conditional-access/media/location-condition/new-named-location-country-region.png

@@ -75,7 +75,7 @@ After data is displayed in the event hub, you can access and read the data in tw
 
 * **Configure a supported SIEM tool**. To read data from the event hub, most tools require the event hub connection string and certain permissions to your Azure subscription. Third-party tools with Azure Monitor integration include, but are not limited to:
 
-    * **ArcSight**: For more information about integrating Azure AD logs with Splunk, see [Integrate Azure Active Directory logs with ArcSight using Azure Monitor](howto-integrate-activity-logs-with-arcsight.md).
+    * **ArcSight**: For more information about integrating Azure AD logs with ArcSight, see [Integrate Azure Active Directory logs with ArcSight using Azure Monitor](howto-integrate-activity-logs-with-arcsight.md).
 
     * **Splunk**: For more information about integrating Azure AD logs with Splunk, see [Integrate Azure AD logs with Splunk by using Azure Monitor](./howto-integrate-activity-logs-with-splunk.md).
 

articles/active-directory/conditional-access/media/location-condition/new-named-location.png

@@ -282,7 +282,7 @@
               href: managed-aad.md
             - name: Azure AD integration (legacy)
               href: azure-ad-integration-cli.md
-        - name: Use Azure RBAC for Kubernetes Authorization (preview)
+        - name: Use Azure RBAC for Kubernetes Authorization
           href: manage-azure-rbac.md
         - name: Use Kubernetes RBAC with Azure AD integration
           href: azure-ad-rbac.md