Merge pull request #254104 from MicrosoftDocs/main

Publish to live, Sunday 4 AM PST, 10/8

Author: ttorble

.openpublishing.redirection.azure-monitor.json

@@ -6338,6 +6338,21 @@
             "source_path_from_root": "/articles/azure-monitor/app/remove-application-insights.md",
             "redirect_url": "/azure/azure-monitor/app/asp-net-core#how-can-i-uninstall-the-sdk",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/continuous-monitoring.md",
+            "redirect_url": "/azure/azure-monitor/app/release-and-work-item-insights?tabs=continuous-monitoring",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/annotations.md",
+            "redirect_url": "/azure/azure-monitor/app/release-and-work-item-insights?tabs=release-annotations",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/work-item-integration.md",
+            "redirect_url": "/azure/azure-monitor/app/release-and-work-item-insights?tabs=work-item-integration",
+            "redirect_document_id": false
         }
     ]
 }

articles/active-directory/conditional-access/howto-conditional-access-session-lifetime.md

@@ -16,6 +16,7 @@ ms.reviewer: calebb, ripull, inbarc
 
 ms.collection: M365-identity-device-management
 ---
+
 # Configure authentication session management with Conditional Access
 
 In complex deployments, organizations might have a need to restrict authentication sessions. Some scenarios might include:
@@ -35,7 +36,7 @@ Sign-in frequency defines the time period before a user is asked to sign in agai
 
 The Microsoft Entra ID default configuration for user sign-in frequency is a rolling window of 90 days. Asking users for credentials often seems like a sensible thing to do, but it can backfire: users that are trained to enter their credentials without thinking can unintentionally supply them to a malicious credential prompt.
 
-It might sound alarming to not ask for a user to sign back in, in reality any violation of IT policies will revoke the session. Some examples include (but aren't limited to) a password change, an incompliant device, or account disable. You can also explicitly [revoke users’ sessions using PowerShell](/powershell/module/azuread/revoke-azureaduserallrefreshtoken). The Microsoft Entra ID default configuration comes down to “don’t ask users to provide their credentials if security posture of their sessions hasn't changed”.
+It might sound alarming to not ask for a user to sign back in, in reality any violation of IT policies will revoke the session. Some examples include (but aren't limited to) a password change, an incompliant device, or account disable. You can also explicitly [revoke users’ sessions using Microsoft Graph PowerShell](/powershell/module/microsoft.graph.users.actions/revoke-mgusersigninsession). The Microsoft Entra ID default configuration comes down to “don’t ask users to provide their credentials if security posture of their sessions hasn't changed”.
 
 The sign-in frequency setting works with apps that have implemented OAuth2 or OIDC protocols according to the standards. Most Microsoft native apps for Windows, Mac, and Mobile including the following web applications comply with the setting.
 
@@ -200,3 +201,4 @@ We factor for five minutes of clock skew, so that we don’t prompt users more o
 ## Next steps
 
 * If you're ready to configure Conditional Access policies for your environment, see the article [Plan a Conditional Access deployment](plan-conditional-access.md).
+

articles/active-directory/governance/entitlement-management-access-package-first.md

@@ -165,7 +165,7 @@ An *access package* is a bundle of resources that a team or project needs and is
 
     ![Screenshot of the access package lifecycle tab](./media/entitlement-management-access-package-first/new-access-package-lifecycle.png)
 
-1. Skip the **Custom extensions (Preview)** step.
+1. Skip the **Custom extensions** step.
 
 1. Select **Next** to open the **Review + Create** tab. 
 

articles/active-directory/governance/entitlement-management-custom-teams-extension.md

@@ -45,7 +45,7 @@ To create a Logic App and custom extension in a catalog, you'd follow these step
 
 1. In the left menu, select **Catalogs**. 
 
-1. Select the catalog for which you want to add a custom extension and then in the left menu, select **Custom Extensions (Preview)**.
+1. Select the catalog for which you want to add a custom extension and then in the left menu, select **Custom Extensions**.
 
 1. In the header navigation bar, select **Add a Custom Extension**.
 
@@ -68,7 +68,7 @@ This custom extension to the linked Logic App now appears in your Custom Extensi
 
 ## Configuring the Logic App
 
-1. The custom extension created will show under the **Custom Extensions (Preview)** tab. Select the “*Logic app*” in the custom extension that will redirect you to a page to configure the logic app.
+1. The custom extension created will show under the **Custom Extensions** tab. Select the “*Logic app*” in the custom extension that will redirect you to a page to configure the logic app.
     :::image type="content" source="media/entitlement-management-servicenow-integration/entitlement-management-configure-logic-app.png" alt-text="Screenshot of the configure logic apps screen." lightbox="media/entitlement-management-servicenow-integration/entitlement-management-configure-logic-app.png":::
 1. On the left menu, select **Logic app designer**.
     :::image type="content" source="media/entitlement-management-servicenow-integration/entitlement-management-logic-app-designer.png" alt-text="Screenshot of the logic apps designer screen." lightbox="media/entitlement-management-servicenow-integration/entitlement-management-logic-app-designer.png":::
@@ -105,7 +105,7 @@ After setting up custom extensibility in the catalog, administrators can create
 
 1. Change to the Policies tab, select the policy, and select **Edit**. 
 
-1. In the policy settings, go to the **Custom Extensions (Preview)** tab.
+1. In the policy settings, go to the **Custom Extensions** tab.
 
 1. In the menu below Stage, select the access package event you wish to use as trigger for this custom extension (Logic App). For our scenario, to trigger the custom extension Logic App workflow when an access package is requested, approved, granted, or removed, select **Request is created**, **Request is approved**, **Assignment is Granted**, and **Assignment is removed**.
     :::image type="content" source="media/entitlement-management-servicenow-integration/entitlement-management-custom-extension-policy.png" alt-text="Screenshot of custom extension policies for an access package.":::
@@ -125,7 +125,7 @@ After setting up custom extensibility in the catalog, administrators can create
 
 1. Add **Lifecycle** details.
 
-1. Under the Custom Extensions (Preview) tab, in the menu below Stage, select the access package event you wish to use as trigger for this custom extension (Logic App). For our scenario, to trigger the custom extension Logic App workflow when an access package is requested, approved, granted, or removed, select **Request is created**, **Request is approved**, **Assignment is Granted**, and **Assignment is removed**.
+1. Under the Custom Extensions tab, in the menu below Stage, select the access package event you wish to use as trigger for this custom extension (Logic App). For our scenario, to trigger the custom extension Logic App workflow when an access package is requested, approved, granted, or removed, select **Request is created**, **Request is approved**, **Assignment is Granted**, and **Assignment is removed**.
     :::image type="content" source="media/entitlement-management-servicenow-integration/entitlement-management-access-package-policy.png" alt-text="Screenshot of access package policy selection.":::
 1. In **Review and Create**, review the summary of your access package, and make sure the details are correct, then select **Create**. 
 

articles/active-directory/governance/entitlement-management-delegate-catalog.md

@@ -71,7 +71,7 @@ To allow delegated roles, such as catalog creators and access package managers,
 
     ![Microsoft Entra user settings - Administration portal](./media/entitlement-management-delegate-catalog/user-settings.png)
 
-## Manage role assignments programmatically (preview)
+## Manage role assignments programmatically
 
 You can also view and update catalog creators and entitlement management catalog-specific role assignments using Microsoft Graph.  A user in an appropriate role with an application that has the delegated `EntitlementManagement.ReadWrite.All` permission can call the Graph API to [list the role definitions](/graph/api/rbacapplication-list-roledefinitions) of entitlement management, and [list role assignments](/graph/api/rbacapplication-list-roleassignments) to those role definitions.
 

articles/active-directory/governance/entitlement-management-delegate.md

@@ -179,7 +179,7 @@ You can view the list of catalogs currently enabled for external users in the Mi
 1. If any of those catalogs have a non-zero number of access packages, those access packages may have a policy for users not in directory.
 
 
-## Manage role assignments to entitlement management roles programmatically (preview)
+## Manage role assignments to entitlement management roles programmatically
 
 You can also view and update catalog creators and entitlement management catalog-specific role assignments using Microsoft Graph.  A user in an appropriate role with an application that has the delegated `EntitlementManagement.ReadWrite.All` permission can call the Graph API to [list the role definitions](/graph/api/rbacapplication-list-roledefinitions) of entitlement management, and [list role assignments](/graph/api/rbacapplication-list-roleassignments) to those role definitions.
 

articles/active-directory/governance/entitlement-management-overview.md

@@ -50,7 +50,7 @@ Entitlement management can help address these challenges.  To learn more about h
 Here are some of capabilities of entitlement management:
 
 - Control who can get access to applications, groups, Teams and SharePoint sites, with multi-stage approval, and ensure users don't retain access indefinitely through time-limited assignments and recurring access reviews.
-- Give users access automatically to those resources, based on the user's properties like department or cost center, and remove a user's access when those properties change (preview).
+- Give users access automatically to those resources, based on the user's properties like department or cost center, and remove a user's access when those properties change.
 - Delegate to non-administrators the ability to create access packages. These access packages contain resources that users can request, and the delegated access package managers can define policies with rules for which users can request, who must approve their access, and when access expires.
 - Select connected organizations whose users can request access.  When a user who isn't yet in your directory requests access, and is approved, they're automatically invited into your directory and assigned access.  When their access expires, if they have no other access package assignments, their B2B account in your directory can be automatically removed.
 

articles/active-directory/governance/entitlement-management-ticketed-provisioning.md

@@ -51,7 +51,7 @@ Provide the Azure subscription, resource group details, along with the Logic App
 
 1. In the left menu, select **Catalogs**. 
 
-1. Select the catalog for which you want to add a custom extension and then in the left menu, select **Custom Extensions (Preview)**.
+1. Select the catalog for which you want to add a custom extension and then in the left menu, select **Custom Extensions**.
 
 1. In the header navigation bar, select **Add a Custom Extension**.
 
@@ -82,7 +82,7 @@ After setting up custom extensibility in the catalog, administrators can create
 
 1. Change to the policy tab, select the policy, and select **Edit**.
 
-1. In the policy settings, go to the **Custom Extensions (Preview)** tab.
+1. In the policy settings, go to the **Custom Extensions** tab.
 
 1. In the menu below **Stage**, select the access package event you wish to use as trigger for this custom extension (Logic App). For our scenario, to trigger the custom extension Logic App workflow when access package has been approved, select **Request is approved**.
 > [!NOTE]
@@ -252,4 +252,4 @@ The IT Support team works on the ticket create above to do necessary provisions
 
 Advance to the next article to learn how to create...
 > [!div class="nextstepaction"]
-> [Trigger Logic Apps with custom extensions in entitlement management (Preview)](entitlement-management-logic-apps-integration.md)
+> [Trigger Logic Apps with custom extensions in entitlement management](entitlement-management-logic-apps-integration.md)

articles/active-directory/governance/identity-governance-overview.md

@@ -119,9 +119,9 @@ Once you've started using these identity governance features, you can easily aut
 | Creating, updating and deleting AD and Microsoft Entra user accounts automatically for employees |[Plan cloud HR to Microsoft Entra user provisioning](../app-provisioning/plan-cloud-hr-provision.md)|
 | Updating the membership of a group, based on changes to the member user's attributes | [Create a dynamic group](../enterprise-users/groups-create-rule.md)|
 | Assigning licenses | [group-based licensing](../enterprise-users/licensing-groups-assign.md) |
-| Adding and removing a user's group memberships, application roles, and SharePoint site roles, based on changes to the user's attributes | [Configure an automatic assignment policy for an access package in entitlement management](entitlement-management-access-package-auto-assignment-policy.md) (preview)|
+| Adding and removing a user's group memberships, application roles, and SharePoint site roles, based on changes to the user's attributes | [Configure an automatic assignment policy for an access package in entitlement management](entitlement-management-access-package-auto-assignment-policy.md)|
 | Adding and removing a user's group memberships, application roles, and SharePoint site roles, on a specific date | [Configure lifecycle settings for an access package in entitlement management](entitlement-management-access-package-lifecycle-policy.md)|
-| Running custom workflows when a user requests or receives access, or access is removed | [Trigger Logic Apps in entitlement management](entitlement-management-logic-apps-integration.md) (preview) |
+| Running custom workflows when a user requests or receives access, or access is removed | [Trigger Logic Apps in entitlement management](entitlement-management-logic-apps-integration.md) |
 | Regularly having memberships of guests in Microsoft groups and Teams reviewed, and removing guest memberships that are denied |[Create an access review](create-access-review.md) |
 | Removing guest accounts that were denied by a reviewer |[Review and remove external users who no longer have resource access](access-reviews-external-users.md) |
 | Removing guest accounts that have no access package assignments |[Manage the lifecycle of external users](entitlement-management-external-users.md#manage-the-lifecycle-of-external-users) |

articles/active-directory/governance/sap.md

@@ -73,11 +73,11 @@ When a new employee is hired in your organization, you might need to trigger a w
 
 ## Check for separation of duties
 
-With separation-of-duties checks now available in preview in Microsoft Entra ID [entitlement management](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/ensure-compliance-using-separation-of-duties-checks-in-access/ba-p/2466939), customers can ensure that users don't take on excessive access rights:
+With separation-of-duties checks in Microsoft Entra ID [entitlement management](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/ensure-compliance-using-separation-of-duties-checks-in-access/ba-p/2466939), customers can ensure that users don't take on excessive access rights:
 
 * Admins and access managers can prevent users from requesting additional access packages if they're already assigned to other access packages or are a member of other groups that are incompatible with the requested access.
 * Enterprises with critical regulatory requirements for SAP apps have a single consistent view of access controls. They can then enforce separation-of-duties checks across their financial and other business-critical applications, along with Microsoft Entra integrated applications.
-* With [Pathlock](https://pathlock.com/), integration customers can take advantage of fine-grained separation-of-duties checks with access packages in Microsoft Entra ID. Over time, this ability will help customers address Sarbanes-Oxley and other compliance requirements.
+* With integration with [Pathlock](https://pathlock.com/) and other partner products, customers can take advantage of fine-grained separation-of-duties checks with access packages in Microsoft Entra ID. Over time, this ability will help customers address Sarbanes-Oxley and other compliance requirements.
 
 ## Next steps