Skip to content

Commit 5d9da61

Browse files
authored
Merge pull request #262064 from MicrosoftDocs/main
Merge main to live, 4 AM
2 parents 682e09e + feac716 commit 5d9da61

File tree

8 files changed

+58
-294
lines changed

8 files changed

+58
-294
lines changed

.openpublishing.redirection.sql-database.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2560,6 +2560,11 @@
25602560
"source_path_from_root": "/articles/sql-database/sql-database-customer-implementations.md",
25612561
"redirect_url": "https://customers.microsoft.com",
25622562
"redirect_document_id": false
2563+
},
2564+
{
2565+
"source_path_from_root": "/articles/sql-database/scripts/sql-database-import-purview-labels.md",
2566+
"redirect_url": "/purview/register-scan-azure-sql-database",
2567+
"redirect_document_id": false
25632568
}
25642569
]
25652570
}

articles/aks/tutorial-kubernetes-scale.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ This tutorial requires Azure PowerShell version 5.9.0 or later. Run `Get-Install
7676

7777
## Autoscale pods
7878

79-
To use the horizontal pod autoscaler, all containers and pods must have defined CPU requests and limits. In the `aks-store-quickstart` deployment, the *front-end* container requests 1m CPU with a limit of 1000m CPU.
79+
To use the horizontal pod autoscaler, All containers must have defined CPU requests and limits, and pads have specified requests. In the `aks-store-quickstart` deployment, the *front-end* container requests 1m CPU with a limit of 1000m CPU.
8080

8181
These resource requests and limits are defined for each container, as shown in the following condensed example YAML:
8282

@@ -114,7 +114,7 @@ These resource requests and limits are defined for each container, as shown in t
114114
apiVersion: apps/v1
115115
kind: Deployment
116116
name: store-front
117-
targetCPUUtilizationPercentage: 50 # target CPU utilization
117+
metrics: 50 # target CPU utilization
118118
```
119119
120120
2. Apply the autoscaler manifest file using the `kubectl apply` command.
@@ -234,4 +234,4 @@ In the next tutorial, you learn how to upgrade Kubernetes in your AKS cluster.
234234
[get-azakscluster]: /powershell/module/az.aks/get-azakscluster
235235
[set-azakscluster]: /powershell/module/az.aks/set-azakscluster
236236
[aks-tutorial-upgrade-kubernetes]: ./tutorial-kubernetes-upgrade-cluster.md
237-
[keda-addon]: ./keda-about.md
237+
[keda-addon]: ./keda-about.md

articles/azure-arc/vmware-vsphere/enable-virtual-hardware.md

Lines changed: 5 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
title: Enable virtual hardware and VM CRUD capabilities in a machine with Arc agent installed
33
description: Enable virtual hardware and VM CRUD capabilities in a machine with Arc agent installed
44
ms.topic: how-to
5-
ms.date: 12/27/2023
5+
ms.date: 12/29/2023
66
ms.service: azure-arc
77
ms.subservice: azure-arc-vmware-vsphere
88
author: Farha-Bano
@@ -27,29 +27,25 @@ In this article, you learn how to enable virtual hardware management and VM CRUD
2727

2828
1. From your browser, go to [Azure portal](https://portal.azure.com/).
2929

30-
1. Navigate to the Virtual machines inventory page of your vCenter. <br>
31-
The virtual machines that have Arc agent installed via the Arc-enabled Servers route will have **Link to vCenter** status under virtual hardware management.
30+
1. Navigate to the Virtual machines inventory page of your vCenter. The virtual machines that have Arc agent installed via the Arc-enabled Servers route will have **Link to vCenter** status under virtual hardware management.
3231

3332
1. Select **Link to vCenter** to view the pane with the list of all the machines under vCenter with Arc agent installed but not linked to the vCenter in Azure Arc.
3433

3534
1. Choose all the machines that need to be enabled in Azure, and select **Link** to link the machines to vCenter.
3635

37-
1. After you link to vCenter, the virtual hardware status will reflect as **Enabled for all the VMs**, and you can perform [virtual hardware operations](perform-vm-ops-through-azure.md).
36+
1. After you link to vCenter, the virtual hardware status will reflect as **Enabled** for all the VMs, and you can perform [virtual hardware operations](perform-vm-ops-through-azure.md).
3837

3938
### Known issue
4039

4140
During the first scan of the vCenter inventory after onboarding to Azure Arc-enabled VMware vSphere, Arc-enabled Servers machines will be discovered under vCenter inventory. If the Arc-enabled Server machines aren't discovered and you try to perform the **Enable in Azure** operation, you'll encounter the following error:<br>
4241

43-
44-
```
45-
A machine '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXX/resourceGroups/rg-contoso/providers/Microsoft.HybridCompute/machines/testVM1' already exists with the specified virtual machine MoRefId: 'vm-4441'. The existing machine resource can be extended with private cloud capabilities by creating the VirtualMachineInstance resource under it.
46-
```
42+
*A machine '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXX/resourceGroups/rg-contoso/providers/Microsoft.HybridCompute/machines/testVM1' already exists with the specified virtual machine MoRefId: 'vm-4441'. The existing machine resource can be extended with private cloud capabilities by creating the VirtualMachineInstance resource under it.*
4743

4844
When you encounter this error message, try performing the **Link to vCenter** operation again after a few minutes (5-10 minutes). Alternatively, you can use the following Azure CLI command to link an existing Arc-enabled Server machine to vCenter:<br>
4945

5046

5147
```azurecli-interactive
52-
az connectedvmware vm create --subscription XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXX --location eastus --resource-group rg-contoso --custom-location /providers/microsoft.extendedlocation/customlocations/contoso-cl --name contoso-hcrp-machine-name --inventory-item /subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXX/resourceGroups/contoso-rg/providers/Microsoft.ConnectedVMwarevSphere/VCenters/contoso-vcenter/InventoryItems/vm-142359
48+
az connectedvmware vm create --subscription <subscription-id> --location <Azure region of the machine> --resource-group <resource-group-name> --custom-location /providers/microsoft.extendedlocation/customlocations/<custom-location-name> --name <machine-name> --inventory-item /subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.ConnectedVMwarevSphere/<vcenter-name>/contoso-vcenter/InventoryItems/<machine-name>
5349
```
5450

5551
## Next steps

articles/azure-vmware/index.yml

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -20,28 +20,29 @@ highlightedContent:
2020
# Card
2121
- title: What's Azure VMware Solution?
2222
itemType: concept
23-
url: toc.yml#overview
23+
url: /azure/azure-vmware/introduction
2424
- title: Plan and get started
2525
itemType: concept
26-
url: toc.yml#get-started
26+
url: /azure/azure-vmware/plan-private-cloud-deployment
27+
2728
- title: Tutorials
2829
itemType: tutorial
29-
url: toc.yml#tutorials
30+
url: /azure/azure-vmware/tutorial-network-checklist
3031
- title: Azure VMware Solution concepts
3132
itemType: concept
32-
url: toc.yml#concepts
33+
url: /azure/azure-vmware/concepts-identity
3334
- title: Azure native integration
3435
itemType: how-to-guide
35-
url: toc.yml#how-to-guides
36+
url: /azure/azure-vmware/integrate-azure-native-services
3637
- title: Azure VMware Solution network configuration
3738
itemType: how-to-guide
38-
url: toc.yml#vmware-solutions
39+
url: /azure/azure-vmware/integrate-azure-native-services
3940
- title: Partner solution ecosystem
4041
itemType: how-to-guide
41-
url: toc.yml#partner-solution-ecosystem
42+
url: /azure/azure-vmware/ecosystem-os-vms
4243
- title: videos
4344
itemType: video
44-
url: toc.yml#videos
45+
url: https://www.youtube.com/playlist?list=PL1NLwHeM6ewbZu0dC0guj-OSpIoZnnJin
4546

4647

4748
# additionalContent section (optional)
@@ -278,4 +279,4 @@ additionalContent:
278279
url: fix-deployment-failures.md
279280
- text: VMware tools vix error code = 21009
280281
url: https://kb.vmware.com/s/article/2129927
281-
282+

articles/defender-for-cloud/alerts-reference.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -198,6 +198,20 @@ Microsoft Defender for Servers Plan 2 provides unique detections and alerts, in
198198

199199
## Alerts for Azure VM extensions
200200

201+
These alerts focuses on detecting suspicious activities of Azure virtual machine extensions and provides insights into attackers' attempts to compromise and perform malicious activities on your virtual machines.
202+
203+
Azure virtual machine extensions are small applications that run post-deployment on virtual machines and provide capabilities such as configuration, automation, monitoring, security, and more. While extensions are a powerful tool, they can be used by threat actors for various malicious intents, for example:
204+
205+
- Data collection and monitoring
206+
207+
- Code execution and configuration deployment with high privileges
208+
209+
- Resetting credentials and creating administrative users
210+
211+
- Encrypting disks
212+
213+
Learn more about [Defender for Cloud latest protections against the abuse of Azure VM extensions](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/microsoft-defender-for-cloud-latest-protection-against/ba-p/3970121).
214+
201215
| Alert (alert type) | Description | MITRE tactics<br>([Learn more](#intentions)) | Severity |
202216
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------:|----------|
203217
| **Suspicious failure installing GPU extension in your subscription (Preview)**<br>(VM_GPUExtensionSuspiciousFailure) | Suspicious intent of installing a GPU extension on unsupported VMs. This extension should be installed on virtual machines equipped with a graphic processor, and in this case the virtual machines are not equipped with such. These failures can be seen when malicious adversaries execute multiple installations of such extension for crypto-mining purposes. | Impact | Medium |
@@ -742,3 +756,4 @@ VM_Webshell | Possible malicious web shell detected | Medium
742756
- [Security alerts in Microsoft Defender for Cloud](alerts-overview.md)
743757
- [Manage and respond to security alerts in Microsoft Defender for Cloud](managing-and-responding-alerts.md)
744758
- [Continuously export Defender for Cloud data](continuous-export.md)
759+

articles/defender-for-cloud/includes/defender-for-containers-enable-plan-aks.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -53,9 +53,9 @@ The following table provides detailed information on enablement method for each
5353
| Vulnerability assessment | Agentless registry scan (powered by Microsoft Defender Vulnerability Management) | Vulnerability assessment for images in ACR | Enable **Agentless container vulnerability assessment** toggle | Agentless | Commercial clouds |
5454
| Vulnerability assessment | Agentless/agent-based runtime (powered by Microsoft Defender Vulnerability Management)| Vulnerability assessment for running images in AKS | Enable **Agentless container vulnerability assessment** toggle | Agentless **OR** install Defender agent for shorter refresh rate | Commercial clouds |
5555
| Runtime threat protection | Control plane threat detection | Detection of suspicious activity for Kubernetes based on Kubernetes audit trail | Enabled with plan | Agentless | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
56-
| Runtime threat protection | Workload threat detection | Detection of suspicious activity for Kubernetes for cluster level, node level, and workload level | Enable **Defender DaemonSet** toggle **OR** deploy Defender agent on individual clusters | Defender agent | Commercial clouds |
56+
| Runtime threat protection | Workload threat detection | Detection of suspicious activity for Kubernetes for cluster level, node level, and workload level | Enable **Defender Agent in Azure** toggle **OR** deploy Defender agent on individual clusters | Defender agent | Commercial clouds |
5757
| Deployment & monitoring | Discovery of unprotected clusters | Discovering Kubernetes clusters missing Defender agents| Enabled with plan | Agentless | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
58-
| Deployment & monitoring | Defender agent auto provisioning | Automatic deployment of Defender agent | Enable **Defender Daemonset** toggle | Agentless | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
58+
| Deployment & monitoring | Defender agent auto provisioning | Automatic deployment of Defender agent | Enable **Defender Agent in Azure** toggle | Agentless | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
5959
| Deployment & monitoring | Azure Policy for Kubernetes auto provisioning | Automatic deployment of Azure policy agent for Kubernetes | Enable **Azure policy for Kubernetes** toggle | Agentless | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
6060

6161
### Roles and permissions

articles/machine-learning/how-to-troubleshoot-auto-ml.md

Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,11 @@ titleSuffix: Azure Machine Learning
44
description: Learn how to troubleshoot and resolve issues in your automated machine learning experiments.
55
author: PhaniShekhar
66
ms.author: phmantri
7+
ms.reviewer: ssalgado
78
services: machine-learning
89
ms.service: machine-learning
910
ms.subservice: automl
10-
ms.date: 10/21/2021
11+
ms.date: 12/21/2023
1112
ms.topic: troubleshooting
1213
ms.custom: automl, sdkv2
1314
---
@@ -20,23 +21,23 @@ In this guide, learn how to identify and resolve issues in your automated machin
2021

2122
## Troubleshoot automated ML for Images and NLP in Studio
2223

23-
In case of failures in runs for Automated ML for Images and NLP, you can use the following steps to understand the error.
24-
1. In the studio UI, the AutoML run should have a failure message indicating the reason for failure.
25-
2. For more details, go to the child run of this AutoML run. This child run is a HyperDrive run.
26-
3. In the "Trials" tab, you can check all the trials done for this HyperDrive run.
27-
4. Go to the failed trial runs.
28-
5. These runs should have an error message in the "Status" section of the "Overview" tab indicating the reason for failure.
29-
Please click on "See more details" to get more details about the failure.
30-
6. You can look at "std_log.txt" in the "Outputs + Logs" tab to look at detailed logs and exception traces.
31-
32-
If your Automated ML runs uses pipeline runs for trials, you can follow the following steps to understand the error.
33-
1. Please follow the steps 1-4 above to identify the failed trial run.
24+
If there is a job failure for Automated ML for Images and NLP, you can use the following steps to understand the error.
25+
1. In the studio UI, the AutoML job should have a failure message indicating the reason for failure.
26+
2. For more details, go to the child job of this AutoML job. This child run is a HyperDrive job.
27+
3. In the **Trials** tab, you can check all the trials done for this HyperDrive run.
28+
4. Go to the failed trial job.
29+
5. These jobs should have an error message in the **Status** section of the **Overview** tab indicating the reason for failure.
30+
Select **See more details** to get more details about the failure.
31+
6. Additionally you can view **std_log.txt** in the **Outputs + Logs** tab to look at detailed logs and exception traces.
32+
33+
If your Automated ML runs uses pipeline runs for trials, follow these steps to understand the error.
34+
1. Follow the steps 1-4 above to identify the failed trial job.
3435
2. This run should show you the pipeline run and the failed nodes in the pipeline are marked with Red color.
35-
:::image type="content" source="./media/how-to-troubleshoot-auto-ml/pipeline-graph-sample.jpg" alt-text="Diagram that shows a failed pipeline run." lightbox="./media/how-to-troubleshoot-auto-ml/pipeline-graph-sample.jpg":::
36-
3. Double click the failed node in the pipeline.
37-
4. These runs should have an error message in the "Status" section of the "Overview" tab indicating the reason for failure.
38-
Please click on "See more details" to get more details about the failure.
39-
5. You can look at "std_log.txt" in the "Outputs + Logs" tab to look at detailed logs and exception traces.
36+
:::image type="content" source="./media/how-to-troubleshoot-auto-ml/pipeline-graph-sample.jpg" alt-text="Diagram that shows a failed pipeline job." lightbox="./media/how-to-troubleshoot-auto-ml/pipeline-graph-sample.jpg":::
37+
3. Select the failed node in the pipeline.
38+
4. These jobs should have an error message in the **Status** section of the **Overview** tab indicating the reason for failure.
39+
Select **See more details** to get more details about the failure.
40+
5. You can look at **std_log.txt** in the **Outputs + Logs** tab to look at detailed logs and exception traces.
4041

4142
## Next steps
4243

0 commit comments

Comments
 (0)