Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into ade-rbac

Author: RoseHJM

articles/active-directory-b2c/TOC.yml

@@ -378,12 +378,12 @@
       - name: SwissID
         href:  identity-provider-swissid.md
         displayName: Swiss ID      
-      - name: Twitter
-        href: identity-provider-twitter.md
       - name: WeChat
         href: identity-provider-wechat.md
       - name: Weibo
         href: identity-provider-weibo.md
+      - name: X
+        href: identity-provider-twitter.md
       - name: Pass through identity provider token
         href: idp-pass-through-user-flow.md
     - name: Manage tokens and session 

articles/active-directory-b2c/add-ropc-policy.md

@@ -43,7 +43,7 @@ The following flows aren't supported:
 When using the ROPC flow, consider the following limitations:
 
 - ROPC doesn’t work when there's any interruption to the authentication flow that needs user interaction. For example, when a password expires or needs to be changed, [multifactor authentication](multi-factor-authentication.md) is required, or when more information needs to be collected during sign-in (for example, user consent).
-- ROPC supports local accounts only. Users can’t sign in with [federated identity providers](add-identity-provider.md) like Microsoft, Google+, Twitter, AD-FS, or Facebook.
+- ROPC supports local accounts only. Users can’t sign in with [federated identity providers](add-identity-provider.md) like Microsoft, Google+, X, AD-FS, or Facebook.
 - [Session Management](session-behavior.md), including [keep me signed-in (KMSI)](session-behavior.md#enable-keep-me-signed-in-kmsi), isn't applicable.
 
 

articles/active-directory-b2c/faq.yml

@@ -63,7 +63,7 @@ sections:
       - question: |
           Which social identity providers do you support now? Which ones do you plan to support in the future?
         answer: |
-          We currently support several social identity providers including Amazon, Facebook, GitHub (preview), Google, LinkedIn, Microsoft Account (MSA), QQ (preview), Twitter, WeChat (preview), and Weibo (preview). We evaluate adding support for other popular social identity providers based on customer demand.
+          We currently support several social identity providers including Amazon, Facebook, GitHub (preview), Google, LinkedIn, Microsoft Account (MSA), QQ (preview), X, WeChat (preview), and Weibo (preview). We evaluate adding support for other popular social identity providers based on customer demand.
           
           Azure AD B2C also supports [custom policies](custom-policy-overview.md). Custom policies allow you to create your own policy for any identity provider that supports [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) or SAML. Get started with custom policies by checking out our [custom policy starter pack](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack).
           

articles/active-directory-b2c/sign-in-options.md

@@ -15,7 +15,7 @@ ms.subservice: B2C
 ---
 # Sign-in options in Azure AD B2C
 
-Azure AD B2C offers several sign-up and sign-in methods for users of your applications. When users sign up for your application, you determine whether they'll use a username, email address, or phone number to create local accounts in your Azure AD B2C tenant. You can also federate with social identity providers (like Facebook, LinkedIn, and Twitter) and standard identity protocols (like OAuth 2.0, OpenID Connect, and more).
+Azure AD B2C offers several sign-up and sign-in methods for users of your applications. When users sign up for your application, you determine whether they'll use a username, email address, or phone number to create local accounts in your Azure AD B2C tenant. You can also federate with social identity providers (like Facebook, LinkedIn, and X) and standard identity protocols (like OAuth 2.0, OpenID Connect, and more).
 
 This article gives an overview of Azure AD B2C sign-in options.
 

articles/active-directory-b2c/solution-articles.md

@@ -22,7 +22,7 @@ Azure Active Directory B2C (Azure AD B2C) enables organizations to implement bus
 
 | Title | Medium | Description |
 | ----- | ------ |----------- |
-| [Customer Identity Management with Azure AD B2C](/Shows/On-NET/Customer-Identity-Management-with-Azure-AD-B2C) | Video (20 minutes) | In this overview of the service, Parakh Jain ([@jainparakh](https://twitter.com/jainparakh)) from the Azure AD B2C team provides us an overview of how the service works, and also show how we can quickly connect B2C to an ASP.NET Core application. |
+| [Customer Identity Management with Azure AD B2C](/Shows/On-NET/Customer-Identity-Management-with-Azure-AD-B2C) | Video (20 minutes) | In this overview of the service, Parakh Jain ([@jainparakh](https://x.com/jainparakh)) from the Azure AD B2C team provides us an overview of how the service works, and also show how we can quickly connect B2C to an ASP.NET Core application. |
 | [Benefits of using Azure AD B2C](https://aka.ms/b2coverview) | PDF | Understand the benefits and common scenarios of Azure AD B2C, and how your application(s) can leverage this CIAM service. |
 | [Gaining Expertise in Azure AD B2C: A Course for Developers](https://aka.ms/learnAADB2C) | PDF | This end-to-end course takes developers through a complete journey on developing applications with Azure AD B2C as the authentication mechanism. Ten in-depth modules with labs cover everything from setting up an Azure subscription to creating custom policies that define the journeys that engage your customers. |
 | [Enabling partners, Suppliers, and Customers to Access Applications with Microsoft Entra ID](https://aka.ms/aadexternalidentities) | PDF | Every organization’s success, regardless of its size, industry, or compliance and security posture, relies on organizational ability to collaborate with other organizations and connect with customers.<br><br>Bringing together Microsoft Entra ID, Azure AD B2C, and Microsoft Entra B2B Collaboration, this guide details the business value and the mechanics of building an application or web experience that provides a consolidated authentication experience tailored to the contexts of your employees, business partners and suppliers, and customers. |

articles/active-directory-b2c/technical-overview.md

@@ -30,7 +30,7 @@ The primary resources you work with in an Azure AD B2C tenant are:
   * **Custom policies** let you build complex identity workflows unique to your organization, customers, employees, partners, and citizens.
 * **Sign-in options** - Azure AD B2C offers various [sign-up and sign-in options](sign-in-options.md) for users of your applications:
   * **Username, email, and phone sign-in** - You can configure your Azure AD B2C local accounts to allow sign up and sign in with a username, email address, phone number, or a combination of methods.
-  * **Social identity providers** - You can federate with social providers like Facebook, LinkedIn, or Twitter.
+  * **Social identity providers** - You can federate with social providers like Facebook, LinkedIn, or X.
   * **External identity providers** - You can also federate with standard identity protocols like OAuth 2.0, OpenID Connect, and more.
 * **Keys** - Add and manage encryption keys for signing and validating tokens, client secrets, certificates, and passwords.
 
@@ -81,7 +81,7 @@ You can also extend the underlying Microsoft Entra ID schema to store additional
 
 ## Sign-in with external identity providers
 
-You can configure Azure AD B2C to allow users to sign in to your application with credentials from social and enterprise identity providers. Azure AD B2C can federate with identity providers that support OAuth 1.0, OAuth 2.0, OpenID Connect, and SAML protocols. For example, Facebook, Microsoft account, Google, Twitter, and Active Directory Federation Service (AD FS).
+You can configure Azure AD B2C to allow users to sign in to your application with credentials from social and enterprise identity providers. Azure AD B2C can federate with identity providers that support OAuth 1.0, OAuth 2.0, OpenID Connect, and SAML protocols. For example, Facebook, Microsoft account, Google, X, and Active Directory Federation Service (AD FS).
 
 :::image type="content" source="media/technical-overview/external-idps.png" alt-text="Diagram showing company logos for a sample of external identity providers.":::
 

articles/active-directory-b2c/user-overview.md

@@ -69,7 +69,7 @@ You can also use the [Microsoft Graph API](/graph/api/invitation-post) to invite
 
 ## Consumer user
 
-The consumer user can sign in to applications secured by Azure AD B2C, but cannot access Azure resources such as the Azure portal. The consumer user can use a local account or federated accounts, such as Facebook or Twitter. A consumer account is created by using a [sign-up or sign-in user flow](user-flow-overview.md), using the Microsoft Graph API, or by using the Azure portal.
+The consumer user can sign in to applications secured by Azure AD B2C, but cannot access Azure resources such as the Azure portal. The consumer user can use a local account or federated accounts, such as Facebook or X. A consumer account is created by using a [sign-up or sign-in user flow](user-flow-overview.md), using the Microsoft Graph API, or by using the Azure portal.
 
 You can specify the data that is collected when a consumer user account is created. For more information, see [Add user attributes and customize user input](configure-user-input.md).
 

articles/ai-services/speech-service/embedded-speech.md

@@ -288,8 +288,8 @@ For embedded voices, it's essential to note that certain SSML tags might not be
 |-----------------|-----------|-------------------------------------------------------|--------------------------|
 | audio           | src       |                                                       | No                       |
 | bookmark        |           |                                                       | Yes                      |
-| break           | strength  |                                                       | No                       |
-|                 | time      |                                                       | No                       |
+| break           | strength  |                                                       | Yes                       |
+|                 | time      |                                                       | Yes                       |
 | silence         | type      | Leading, Tailing, Comma-exact, etc.                   | No                       |
 |                 | value     |                                                       | No                       |
 | emphasis        | level     |                                                       | No                       |

articles/ai-studio/how-to/configure-managed-network.md

@@ -48,7 +48,7 @@ There are three different configuration modes for outbound traffic from the mana
     > While you can create a private endpoint for Azure AI Search, the connected services must allow public networking. For more information, see [Connectivity to other services](#connectivity-to-other-services).
 
 * You must add rules for each outbound connection you need to allow.
-* Adding FQDN outbound rules __increase your costs__ as this rule type uses Azure Firewall.
+* Adding FQDN outbound rules __increase your costs__ as this rule type uses Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are included in your billing. For more information, see [Pricing](#pricing).
 * The default rules for _allow only approved outbound_ are designed to minimize the risk of data exfiltration. Any outbound rules you add might increase your risk.
 
 The managed virtual network is preconfigured with [required default rules](#list-of-required-rules). It's also configured for private endpoint connections to your hub, the hub's default storage, container registry, and key vault if they're configured as private or the hub isolation mode is set to allow only approved outbound. After choosing the isolation mode, you only need to consider other outbound requirements you might need to add.
@@ -380,9 +380,6 @@ To configure a managed virtual network that allows internet outbound communicati
 
         If the destination type is __FQDN__, provide the following information:
 
-        > [!WARNING]
-        > FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are included in your billing. For more information, see [Pricing](#pricing).
-
         * __FQDN destination__: The fully qualified domain name to add to the approved outbound rules.
 
         Select __Save__ to save the rule. You can continue using __Add user-defined outbound rules__ to add rules.
@@ -415,9 +412,6 @@ You can also define _outbound rules_ to define approved outbound communication.
 > * Adding an outbound for a service tag or FQDN is only valid when the managed VNet is configured to `allow_only_approved_outbound`.
 > * If you add outbound rules, Microsoft can't guarantee data exfiltration.
 
-> [!WARNING]
-> FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are added to your billing. For more information, see [Pricing](#pricing).
-
 ```yaml
 managed_network:
   isolation_mode: allow_only_approved_outbound
@@ -476,9 +470,6 @@ You can configure a managed virtual network using either the `az ml workspace cr
 
     The following YAML file defines a managed virtual network for the hub. It also demonstrates how to add an approved outbound to the managed virtual network. In this example, an outbound rule is added for both a service tag:
 
-    > [!WARNING]
-    > FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are added to your billing. For more information, see [Pricing](#pricing).
-
     ```yaml
     name: myhub_dep
     managed_network:
@@ -522,9 +513,6 @@ To configure a managed virtual network that allows only approved outbound commun
     > * Adding an outbound for a service tag or FQDN is only valid when the managed VNet is configured to `IsolationMode.ALLOW_ONLY_APPROVED_OUTBOUND`.
     > * If you add outbound rules, Microsoft can't guarantee data exfiltration.
 
-    > [!WARNING]
-    > FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are added to your billing. For more information, see [Pricing](#pricing).
-
     ```python
     # Basic managed VNet configuration
     network = ManagedNetwork(isolation_mode=IsolationMode.ALLOW_ONLY_APPROVED_OUTBOUND)
@@ -587,9 +575,6 @@ To configure a managed virtual network that allows only approved outbound commun
 
     > [!TIP]
     > Adding an outbound for a service tag or FQDN is only valid when the managed VNet is configured to `IsolationMode.ALLOW_ONLY_APPROVED_OUTBOUND`.
-
-    > [!WARNING]
-    > FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are added to your billing. For more information, see [Pricing](#pricing).
 
     ```python
     # Get the existing hub
@@ -728,9 +713,6 @@ __Inbound__ service tag rules:
 
 To allow installation of __Python packages for training and deployment__, add outbound _FQDN_ rules to allow traffic to the following host names:
 
-> [!WARNING]
-> FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are included in your billing. For more information, see [Pricing](#pricing).
-
 > [!NOTE]
 > This is not a complete list of the hosts required for all Python resources on the internet, only the most commonly used. For example, if you need access to a GitHub repository or other host, you must identify and add the required hosts for that scenario.
 
@@ -748,9 +730,6 @@ Visual Studio Code relies on specific hosts and ports to establish a remote conn
 #### Hosts
 If you plan to use __Visual Studio Code__ with the hub, add outbound _FQDN_ rules to allow traffic to the following hosts:
 
-> [!WARNING]
-> FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are included in your billing. For more information, see [Pricing](#pricing).
-
 * `*.vscode.dev`
 * `vscode.blob.core.windows.net`
 * `*.gallerycdn.vsassets.io`
@@ -773,9 +752,6 @@ You must allow network traffic to ports 8704 to 8710. The VS Code server dynamic
 
 If you plan to use __HuggingFace models__ with the hub, add outbound _FQDN_ rules to allow traffic to the following hosts:
 
-> [!WARNING]
-> FQDN outbound rules are implemented using Azure Firewall. If you use outbound FQDN rules, charges for Azure Firewall are included in your billing. For more information, see [Pricing](#pricing).
-
 * docker.io
 * *.docker.io
 * *.docker.com

articles/aks/long-term-support.md

@@ -128,7 +128,6 @@ To carry out an in-place upgrade to the latest LTS version, you need to specify
 az aks upgrade --resource-group myResourceGroup --name myAKSCluster --kubernetes-version 1.32.2
 ```
 > [!NOTE]
-
 > 1.30 is the next LTS version after 1.27. Customers will be able to upgrade from 1.27 LTS to 1.30 LTS starting August, 2024. 1.27 LTS goes End of Life by July 2025.  
 > Kubernetes 1.32.2 is used as an example version in this article. Check the [AKS release tracker](release-tracker.md) for available Kubernetes releases.