Merge pull request #206817 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory/managed-identities-azure-resources/tutorial-linux-vm-access-nonaad.md

@@ -103,6 +103,7 @@ To complete these steps, you need an SSH client.  If you are using Windows, you
 2. **Connect** to the VM with the SSH client of your choice. 
 3. In the terminal window, use CURL to make a request to the local managed identities for Azure resources endpoint to get an access token for Azure Key Vault.  
 
+ 
     The CURL request for the access token is below.  
 
     ```bash
@@ -147,4 +148,4 @@ Alternatively you may also do this via [PowerShell or the CLI](../../azure-resou
 In this tutorial, you learned how to use a Linux VM system-assigned managed identity to access Azure Key Vault.  To learn more about Azure Key Vault see:
 
 > [!div class="nextstepaction"]
->[Azure Key Vault](../../key-vault/general/overview.md)
+>[Azure Key Vault](../../key-vault/general/overview.md)

articles/active-directory/saas-apps/sonarqube-tutorial.md

@@ -1,6 +1,6 @@
 ---
-title: 'Tutorial: Azure AD SSO integration with Sonarqube'
-description: Learn how to configure single sign-on between Azure Active Directory and Sonarqube.
+title: 'Tutorial: Azure AD SSO integration with SonarQube'
+description: Learn how to configure single sign-on between Azure Active Directory and SonarQube.
 services: active-directory
 author: jeevansd
 manager: CelesteDG
@@ -13,59 +13,62 @@ ms.date: 06/25/2021
 ms.author: jeedes
 ---
 
-# Tutorial: Azure AD SSO integration with Sonarqube
+# Tutorial: Azure AD SSO integration with SonarQube
 
-In this tutorial, you'll learn how to integrate Sonarqube with Azure Active Directory (Azure AD). When you integrate Sonarqube with Azure AD, you can:
+In this tutorial, you'll learn how to integrate SonarQube with Azure Active Directory (Azure AD). When you integrate SonarQube with Azure AD, you can:
 
-* Control in Azure AD who has access to Sonarqube.
-* Enable your users to be automatically signed-in to Sonarqube with their Azure AD accounts.
+* Control in Azure AD who has access to SonarQube.
+* Enable your users to be automatically signed-in to SonarQube with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
 ## Prerequisites
 
 To get started, you need the following items:
 
 * An Azure AD subscription. If you don't have a subscription, you can get a [free account](https://azure.microsoft.com/free/).
-* Sonarqube single sign-on (SSO) enabled subscription.
+* SonarQube single sign-on (SSO) enabled subscription.
+
+> [!NOTE]
+> Help on installing SonarQube can be found in the [online documentation](https://docs.sonarqube.org/latest/setup/install-server/).
 
 ## Scenario description
 
 In this tutorial, you configure and test Azure AD SSO in a test environment.
 
-* Sonarqube supports **SP** initiated SSO.
+* SonarQube supports **SP** initiated SSO.
 
 > [!NOTE]
 > Identifier of this application is a fixed string value so only one instance can be configured in one tenant.
 
-## Add Sonarqube from the gallery
+## Add SonarQube from the gallery
 
-To configure the integration of Sonarqube into Azure AD, you need to add Sonarqube from the gallery to your list of managed SaaS apps.
+To configure the integration of SonarQube into Azure AD, you need to add SonarQube from the gallery to your list of managed SaaS apps.
 
 1. Sign in to the Azure portal using either a work or school account, or a personal Microsoft account.
 1. On the left navigation pane, select the **Azure Active Directory** service.
 1. Navigate to **Enterprise Applications** and then select **All Applications**.
 1. To add new application, select **New application**.
-1. In the **Add from the gallery** section, type **Sonarqube** in the search box.
-1. Select **Sonarqube** from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
+1. In the **Add from the gallery** section, type **SonarQube** in the search box.
+1. Select **SonarQube** from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
 
-## Configure and test Azure AD SSO for Sonarqube
+## Configure and test Azure AD SSO for SonarQube
 
-Configure and test Azure AD SSO with Sonarqube using a test user called **B.Simon**. For SSO to work, you need to establish a link relationship between an Azure AD user and the related user in Sonarqube.
+Configure and test Azure AD SSO with SonarQube using a test user called **B.Simon**. For SSO to work, you need to establish a link relationship between an Azure AD user and the related user in SonarQube.
 
-To configure and test Azure AD SSO with Sonarqube, perform the following steps:
+To configure and test Azure AD SSO with SonarQube, perform the following steps:
 
 1. **[Configure Azure AD SSO](#configure-azure-ad-sso)** - to enable your users to use this feature.
     1. **[Create an Azure AD test user](#create-an-azure-ad-test-user)** - to test Azure AD single sign-on with B.Simon.
     1. **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** - to enable B.Simon to use Azure AD single sign-on.
-1. **[Configure Sonarqube SSO](#configure-sonarqube-sso)** - to configure the single sign-on settings on application side.
-    1. **[Create Sonarqube test user](#create-sonarqube-test-user)** - to have a counterpart of B.Simon in Sonarqube that is linked to the Azure AD representation of user.
+1. **[Configure SonarQube SSO](#configure-sonarqube-sso)** - to configure the single sign-on settings on application side.
+    1. **[Create SonarQube test user](#create-sonarqube-test-user)** - to have a counterpart of B.Simon in SonarQube that is linked to the Azure AD representation of user.
 1. **[Test SSO](#test-sso)** - to verify whether the configuration works.
 
 ## Configure Azure AD SSO
 
 Follow these steps to enable Azure AD SSO in the Azure portal.
 
-1. In the Azure portal, on the **Sonarqube** application integration page, find the **Manage** section and select **single sign-on**.
+1. In the Azure portal, on the **SonarQube** application integration page, find the **Manage** section and select **single sign-on**.
 1. On the **Select a single sign-on method** page, select **SAML**.
 1. On the **Set up single sign-on with SAML** page, click the pencil icon for **Basic SAML Configuration** to edit the settings.
 
@@ -93,7 +96,7 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
 	![The Certificate download link](common/certificatebase64.png)
 
-1. On the **Set up Sonarqube** section, copy the appropriate URL(s) based on your requirement.
+1. On the **Set up SonarQube** section, copy the appropriate URL(s) based on your requirement.
 
 	![Copy configuration URLs](common/copy-configuration-urls.png)
 
@@ -111,19 +114,19 @@ In this section, you'll create a test user in the Azure portal called B.Simon.
 
 ### Assign the Azure AD test user
 
-In this section, you'll enable B.Simon to use Azure single sign-on by granting access to Sonarqube.
+In this section, you'll enable B.Simon to use Azure single sign-on by granting access to SonarQube.
 
 1. In the Azure portal, select **Enterprise Applications**, and then select **All applications**.
-1. In the applications list, select **Sonarqube**.
+1. In the applications list, select **SonarQube**.
 1. In the app's overview page, find the **Manage** section and select **Users and groups**.
 1. Select **Add user**, then select **Users and groups** in the **Add Assignment** dialog.
 1. In the **Users and groups** dialog, select **B.Simon** from the Users list, then click the **Select** button at the bottom of the screen.
 1. If you are expecting a role to be assigned to the users, you can select it from the **Select a role** dropdown. If no role has been set up for this app, you see "Default Access" role selected.
 1. In the **Add Assignment** dialog, click the **Assign** button.
 
-## Configure Sonarqube SSO
+## Configure SonarQube SSO
 
-1. Open a new web browser window and sign into your Sonarqube company site as an administrator.
+1. Open a new web browser window and sign into your SonarQube company site as an administrator.
 
 1. Click on **Administration > Configuration > Security** and go to the **SAML Plugin** perform the following steps.
 
@@ -160,20 +163,20 @@ In this section, you'll enable B.Simon to use Azure single sign-on by granting a
 
 	j. Click **Save**.
 
-### Create Sonarqube test user
+### Create SonarQube test user
 
-In this section, you create a user called B.Simon in Sonarqube. Work with [Sonarqube Client support team](https://sonarsource.com/company/contact/) to add the users in the Sonarqube platform. Users must be created and activated before you use single sign-on. 
+In this section, you create a user called B.Simon in SonarQube. Work with [SonarQube Client support team](https://sonarsource.com/company/contact/) to add the users in the SonarQube platform. Users must be created and activated before you use single sign-on. 
 
 ## Test SSO 
 
 In this section, you test your Azure AD single sign-on configuration with following options. 
 
-* Click on **Test this application** in Azure portal. This will redirect to Sonarqube Sign-on URL where you can initiate the login flow. 
+* Click on **Test this application** in Azure portal. This will redirect to SonarQube Sign-on URL where you can initiate the login flow. 
 
-* Go to Sonarqube Sign-on URL directly and initiate the login flow from there.
+* Go to SonarQube Sign-on URL directly and initiate the login flow from there.
 
-* You can use Microsoft My Apps. When you click the Sonarqube tile in the My Apps, this will redirect to Sonarqube Sign-on URL. For more information about the My Apps, see [Introduction to the My Apps](https://support.microsoft.com/account-billing/sign-in-and-start-apps-from-the-my-apps-portal-2f3b1bae-0e5a-4a86-a33e-876fbd2a4510).
+* You can use Microsoft My Apps. When you click the SonarQube tile in the My Apps, this will redirect to SonarQube Sign-on URL. For more information about the My Apps, see [Introduction to the My Apps](https://support.microsoft.com/account-billing/sign-in-and-start-apps-from-the-my-apps-portal-2f3b1bae-0e5a-4a86-a33e-876fbd2a4510).
 
 ## Next steps
 
-* Once you configure the Sonarqube you can enforce session controls, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session controls extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).
+* Once you configure SonarQube, you can enforce session controls, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session controls extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).

articles/azure-arc/kubernetes/tutorial-akv-secrets-provider.md

@@ -163,6 +163,9 @@ You should see output similar to the example below. Note that it may take severa
                "type": "Microsoft.KubernetesConfiguration/extensions",
                "apiVersion": "2021-09-01",
                "name": "[parameters('ExtensionInstanceName')]",
+               "identity": {
+                "type": "SystemAssigned"
+               },
                "properties": {
                    "extensionType": "[parameters('ExtensionType')]",
                    "releaseTrain": "[parameters('ReleaseTrain')]",

articles/azure-functions/security-concepts.md

@@ -131,7 +131,7 @@ For more information, see [How to use managed identities for App Service and Azu
 
 [Cross-origin resource sharing (CORS)](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) is a way to allow web apps running in another domain to make requests to your HTTP trigger endpoints. App Service provides built-in support for handing the required CORS headers in HTTP requests. CORS rules are defined on a function app level.  
 
-While it's tempting to use a wildcard that allows all sites to access your endpoint. But, this defeats the purpose of CORS, which is to help prevent cross-site scripting attacks. Instead, add a separate CORS entry for the domain of each web app that must access your endpoint. 
+While it's tempting to use a wildcard that allows all sites to access your endpoint, this defeats the purpose of CORS, which is to help prevent cross-site scripting attacks. Instead, add a separate CORS entry for the domain of each web app that must access your endpoint. 
 
 ### Managing secrets 
 

articles/azure-monitor/logs/data-collector-api.md

@@ -48,7 +48,7 @@ To use the HTTP Data Collector API, you create a POST request that includes the
 | Log-Type |Specify the record type of the data that's being submitted. It can contain only letters, numbers, and the underscore (_) character, and it can't exceed 100 characters. |
 | x-ms-date |The date that the request was processed, in RFC 7234 format. |
 | x-ms-AzureResourceId | The resource ID of the Azure resource that the data should be associated with. It populates the [_ResourceId](./log-standard-columns.md#_resourceid) property and allows the data to be included in [resource-context](manage-access.md#access-mode) queries. If this field isn't specified, the data won't be included in resource-context queries. |
-| time-generated-field | The name of a field in the data that contains the timestamp of the data item. If you specify a field, its contents are used for **TimeGenerated**. If you don't specify this field, the default for **TimeGenerated** is the time that the message is ingested. The contents of the message field should follow the ISO 8601 format YYYY-MM-DDThh:mm:ssZ. Note: the Time Generated value cannot be older than 3 days before received time or the row will be dropped.|
+| time-generated-field | The name of a field in the data that contains the timestamp of the data item. If you specify a field, its contents are used for **TimeGenerated**. If you don't specify this field, the default for **TimeGenerated** is the time that the message is ingested. The contents of the message field should follow the ISO 8601 format YYYY-MM-DDThh:mm:ssZ. Note: the Time Generated value cannot be older than 2 days before received time or the row will be dropped.|
 | | |
 
 ## Authorization

articles/cognitive-services/cognitive-services-virtual-networks.md

@@ -35,7 +35,7 @@ Network rules are enforced on all network protocols to Azure Cognitive Services,
 
 ## Supported regions and service offerings
 
-Virtual networks (VNETs) are supported in [regions where Cognitive Services are available](https://azure.microsoft.com/global-infrastructure/services/). Currently multi-service resource does not support VNET. Cognitive Services supports service tags for network rules configuration. The services listed below are included in the **CognitiveServicesManagement** service tag.
+Virtual networks (VNETs) are supported in [regions where Cognitive Services are available](https://azure.microsoft.com/global-infrastructure/services/). Cognitive Services supports service tags for network rules configuration. The services listed below are included in the **CognitiveServicesManagement** service tag.
 
 > [!div class="checklist"]
 > * Anomaly Detector

articles/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal.md

@@ -11,7 +11,7 @@ ms.author: cherylmc
 ---
 # Configure a point-to-site VPN connection using Azure certificate authentication: Azure portal
 
-This article helps you securely connect individual clients running Windows, Linux, or macOS to an Azure VNet. point-to-site VPN connections are useful when you want to connect to your VNet from a remote location, such when you're telecommuting from home or a conference. You can also use P2S instead of a Site-to-Site VPN when you have only a few clients that need to connect to a VNet. point-to-site connections don't require a VPN device or a public-facing IP address. P2S creates the VPN connection over either SSTP (Secure Socket Tunneling Protocol), or IKEv2. For more information about point-to-site VPN, see [About point-to-site VPN](point-to-site-about.md).
+This article helps you securely connect individual clients running Windows, Linux, or macOS to an Azure VNet. point-to-site VPN connections are useful when you want to connect to your VNet from a remote location, such as when you're telecommuting from home or a conference. You can also use P2S instead of a Site-to-Site VPN when you have only a few clients that need to connect to a VNet. point-to-site connections don't require a VPN device or a public-facing IP address. P2S creates the VPN connection over either SSTP (Secure Socket Tunneling Protocol), or IKEv2. For more information about point-to-site VPN, see [About point-to-site VPN](point-to-site-about.md).
 
 :::image type="content" source="./media/vpn-gateway-howto-point-to-site-resource-manager-portal/point-to-site-diagram.png" alt-text="Connect from a computer to an Azure VNet - point-to-site connection diagram.":::