Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into tamram-0409

Author: tamram

.openpublishing.redirection.json

@@ -325,6 +325,11 @@
       "redirect_url": "/articles/active-directory/users-groups-roles/groups-create-rule",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/frontdoor/front-door-whats-new.md",
+      "redirect_url": "https://azure.microsoft.com/updates/?category=networking&query=Azure%20Front%20Door",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/load-balancer/azure-media-player/components-limitations.md",
       "redirect_url": "/articles/load-balancer/concepts",

articles/active-directory/develop/scenario-desktop-acquire-token.md

@@ -1009,7 +1009,7 @@ This flow isn't supported on MSAL for macOS.
 
 # [Node.js](#tab/nodejs)
 
-This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/standalone-samples/username-password). In the code snippet below, the username and password are hardcoded for illustration purposes only. This should be avoided in production. Instead, a basic UI prompting the user to enter her username/password would be recommended. 
+This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/username-password). In the code snippet below, the username and password are hardcoded for illustration purposes only. This should be avoided in production. Instead, a basic UI prompting the user to enter her username/password would be recommended. 
 
 ```JavaScript
 const msal = require("@azure/msal-node");
@@ -1252,7 +1252,7 @@ This flow doesn't apply to macOS.
 
 # [Node.js](#tab/nodejs)
 
-This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/standalone-samples/device-code).
+This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/device-code).
 
 ```JavaScript
 const msal = require('@azure/msal-node');

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-ua-arm.md

@@ -1,5 +1,5 @@
 ---
-title: Tutorial`:` Use a managed identity to access Azure Resource Manager - Windows - Azure AD
+title: "Tutorial: Use a managed identity to access Azure Resource Manager - Windows - Azure AD"
 description: A tutorial that walks you through the process of using a user-assigned managed identity on a Windows VM, to access Azure Resource Manager.
 services: active-directory
 documentationcenter: ''

articles/aks/concepts-scale.md

@@ -21,7 +21,7 @@ This article introduces the core concepts that help you scale applications in AK
 
 You can manually scale replicas (pods) and nodes to test how your application responds to a change in available resources and state. Manually scaling resources also lets you define a set amount of resources to use to maintain a fixed cost, such as the number of nodes. To manually scale, you define the replica or node count. The Kubernetes API then schedules creating additional pods or draining nodes based on that replica or node count.
 
-When scaling down nodes, the Kubernetes API calls the relevant Azure Compute API tied to the compute type used by your cluster. For example, for clusters built on VM Scale Sets the logic for selecting which nodes to remove is determined by the VM Scale Sets API. To learn more about how nodes are selected for removal on scale down, see the [VMSS FAQ](../virtual-machine-scale-sets/virtual-machine-scale-sets-faq.md#if-i-reduce-my-scale-set-capacity-from-20-to-15-which-vms-are-removed).
+When scaling down nodes, the Kubernetes API calls the relevant Azure Compute API tied to the compute type used by your cluster. For example, for clusters built on VM Scale Sets the logic for selecting which nodes to remove is determined by the VM Scale Sets API. To learn more about how nodes are selected for removal on scale down, see the [VMSS FAQ](../virtual-machine-scale-sets/virtual-machine-scale-sets-faq.yml#if-i-reduce-my-scale-set-capacity-from-20-to-15--which-vms-are-removed-).
 
 To get started with manually scaling pods and nodes see [Scale applications in AKS][aks-scale].
 

articles/aks/csi-storage-drivers.md

@@ -82,7 +82,7 @@ Create the AKS cluster with support for CSI storage drivers:
 
 ```azurecli-interactive
 # Create an AKS-managed Azure AD cluster
-az aks create -g MyResourceGroup -n MyManagedCluster --network-plugin azure -k 1.17.9 --aks-custom-headers EnableAzureDiskFileCSIDriver=true
+az aks create -g MyResourceGroup -n MyManagedCluster --network-plugin azure  --aks-custom-headers EnableAzureDiskFileCSIDriver=true
 ```
 
 If you want to create clusters in tree storage drivers instead of CSI storage drivers, you can do so by omitting the custom `--aks-custom-headers` parameter.

articles/azure-arc/data/release-notes.md

@@ -7,7 +7,7 @@ ms.reviewer: mikeray
 services: azure-arc
 ms.service: azure-arc
 ms.subservice: azure-arc-data
-ms.date: 04/06/2021
+ms.date: 04/09/2021
 ms.topic: conceptual
 # Customer intent: As a data professional, I want to understand why my solutions would benefit from running with Azure Arc enabled data services so that I can leverage the capability of the feature.
 ---
@@ -20,7 +20,7 @@ This article highlights capabilities, features, and enhancements recently releas
 
 ## March 2021
 
-The March 2021 release is introduced on April 6, 2021.
+The March 2021 release was initially introduced on April 5th 2021, and the final stages of release were completed April 9th 2021.
 
 Review limitations of this release in [Known issues - Azure Arc enabled data services (Preview)](known-issues.md).
 
@@ -41,7 +41,9 @@ Both custom resource definitions (CRD) for PostgreSQL have been consolidated int
 
 You will delete the previous CRDs as you cleanup past installations. See [Cleanup from past installations](create-data-controller-using-kubernetes-native-tools.md#cleanup-from-past-installations).
 
-### Azure Arc enabled managed instance
+### Azure Arc enabled SQL Managed Instance
+
+- You can now create a SQL managed instance from the Azure portal in the direct connected mode.
 
 - You can now restore a database to SQL Managed Instance with 3 replicas and it will be automatically added to the availability group. 
 

articles/azure-resource-manager/managed-applications/microsoft-solutions-armapicontrol.md

@@ -9,7 +9,7 @@ ms.author: tomfitz
 
 ---
 
-# Microsoft.Common.ArmApiControl UI element
+# Microsoft.Solutions.ArmApiControl UI element
 
 ArmApiControl lets you get results from an Azure Resource Manager API operation. Use the results to populate dynamic content in other controls.
 

articles/azure-resource-manager/managed-applications/tutorial-create-managed-app-with-custom-provider.md

@@ -344,7 +344,7 @@ You can go to managed application instance and perform **custom action** in "Ove
 
 ## Looking for help
 
-If you have questions about Azure Managed Applications, try asking on [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-managedapps). A similar question may have already been asked and answered, so check first before posting. Add the tag `azure-managedapps` to get a fast response!
+If you have questions about Azure Managed Applications, you can try asking on [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-managed-app) with tag azure-managed-app or [Microsoft Q&A] (https://docs.microsoft.com/answers/topics/azure-managed-applications.html) with tag azure-managed-application. A similar question may have already been asked and answered, so check first before posting. Please use respective tags for faster response. 
 
 ## Next steps
 

articles/azure-sql/database/sql-vulnerability-assessment.md

@@ -11,7 +11,7 @@ ms.topic: how-to
 author: davidtrigano
 ms.author: datrigan
 ms.reviewer: vanto
-ms.date: 02/11/2021
+ms.date: 04/09/2021
 tags: azure-synapse
 ---
 # SQL vulnerability assessment helps you identify database vulnerabilities
@@ -120,6 +120,44 @@ Select **Export Scan Results** to create a downloadable Excel report of your sca
 
 Select **Scan History** in the vulnerability assessment pane to view a history of all scans previously run on this database. Select a particular scan in the list to view the detailed results of that scan.
 
+### Disable specific findings from Azure Security Center (preview)
+
+If you have an organizational need to ignore a finding, rather than remediate it, you can optionally disable it. Disabled findings don't impact your secure score or generate unwanted noise.
+
+When a finding matches the criteria you've defined in your disable rules, it won't appear in the list of findings. Typical scenarios include:
+
+- Disable findings with severity below medium
+- Disable findings that are non-patchable
+- Disable findings from benchmarks that aren't of interest for a defined scope
+
+> [!IMPORTANT]
+> To disable specific findings, you need permissions to edit a policy in Azure Policy. Learn more in [Azure RBAC permissions in Azure Policy](../../governance/policy/overview.md#azure-rbac-permissions-in-azure-policy).
+
+To create a rule:
+
+1. From the recommendations detail page for **Vulnerability assessment findings on your SQL servers on machines should be remediated**, select **Disable rule**.
+
+1. Select the relevant scope.
+
+1. Define your criteria. You can use any of the following criteria: 
+    - Finding ID 
+    - Severity 
+    - Benchmarks 
+
+    :::image type="content" source="../../security-center/media/defender-for-sql-on-machines-vulnerability-assessment/disable-rule-vulnerability-findings-sql.png" alt-text="Create a disable rule for VA findings on SQL servers on machines":::
+
+1. Select **Apply rule**. Changes might take up to 24hrs to take effect.
+
+1. To view, override, or delete a rule: 
+
+    1. Select **Disable rule**.
+
+    1. From the scope list, subscriptions with active rules show as **Rule applied**.
+
+        :::image type="content" source="../../security-center/media/remediate-vulnerability-findings-vm/modify-rule.png" alt-text="Modify or delete an existing rule":::
+
+    1. To view or delete the rule, select the ellipsis menu ("...").
+
 ## Manage vulnerability assessments programmatically
 
 ### Using Azure PowerShell
@@ -241,4 +279,4 @@ To handle Boolean types as true/false, set the baseline result with binary input
 
 - Learn more about [Azure Defender for SQL](azure-defender-for-sql.md).
 - Learn more about [data discovery and classification](data-discovery-and-classification-overview.md).
-- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](sql-database-vulnerability-assessment-storage.md).
+- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](sql-database-vulnerability-assessment-storage.md).