MicrosoftDocs
diff --git a/‎articles/search/TOC.yml
Lines changed: 2 additions & 2 deletions b/‎articles/search/TOC.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/search/cognitive-search-custom-skill-interface.md
Lines changed: 10 additions & 10 deletions b/‎articles/search/cognitive-search-custom-skill-interface.md
Lines changed: 10 additions & 10 deletions
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/add-diagnostic-setting.png
-44.9 KB b/‎articles/search/media/search-monitor-logs-powerbi/add-diagnostic-setting.png
-44.9 KB
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/azure-search-app-tile-edit.png
-11.2 KB b/‎articles/search/media/search-monitor-logs-powerbi/azure-search-app-tile-edit.png
-11.2 KB
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/azure-search-app-tile.png
16.7 KB b/‎articles/search/media/search-monitor-logs-powerbi/azure-search-app-tile.png
16.7 KB
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/connect-to-storage-account-step-two.png
98.4 KB b/‎articles/search/media/search-monitor-logs-powerbi/connect-to-storage-account-step-two.png
98.4 KB
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/connect-to-storage-account.png
58 KB b/‎articles/search/media/search-monitor-logs-powerbi/connect-to-storage-account.png
58 KB
diff --git a/‎articles/search/media/search-monitor-logs-powerbi/get-started-with-your-new-app.png
-60.3 KB b/‎articles/search/media/search-monitor-logs-powerbi/get-started-with-your-new-app.png
-60.3 KB
diff --git a/‎articles/search/search-howto-aad.md
Lines changed: 13 additions & 15 deletions b/‎articles/search/search-howto-aad.md
Lines changed: 13 additions & 15 deletions
@@ -188,7 +188,7 @@
       href: search-sku-tier.md
     - name: Service limits
       href: search-limits-quotas-capacity.md
-    - name: Plan capacity
+    - name: Plan and manage capacity
       href: search-capacity-planning.md
     - name: Plan and manage costs
       href: search-sku-manage-costs.md
@@ -346,7 +346,7 @@
       href: semantic-how-to-query-request.md
     - name: Typeahead query
       href: search-add-autocomplete-suggestions.md
-    - name: Quety examples (simple syntax)
+    - name: Query examples (simple syntax)
       href: search-query-simple-examples.md
     - name: Add spell check
       href: speller-how-to-add.md
 
@@ -8,20 +8,20 @@ ms.service: cognitive-search
 ms.custom:
   - ignite-2023
 ms.topic: how-to
-ms.date: 06/29/2023
+ms.date: 04/25/2024
 ---
 
 # Add a custom skill to an Azure AI Search enrichment pipeline
 
-An [AI enrichment pipeline](cognitive-search-concept-intro.md) can include both [built-in skills](cognitive-search-predefined-skills.md) and [custom skills](cognitive-search-custom-skill-web-api.md) that you personally create and publish. Your custom code executes externally to the search service (for example, as an Azure function), but accepts inputs and sends outputs to the skillset just like any other skill.
+An [AI enrichment pipeline](cognitive-search-concept-intro.md) can include both [built-in skills](cognitive-search-predefined-skills.md) and [custom skills](cognitive-search-custom-skill-web-api.md) that you personally create and publish. Your custom code executes externally from the search service (for example, as an Azure function), but accepts inputs and sends outputs to the skillset just like any other skill.
 
 Custom skills might sound complex but can be simple and straightforward in terms of implementation. If you have existing packages that provide pattern matching or classification models, the content you extract from blobs could be passed to these models for processing. Since AI enrichment is Azure-based, your model should be on Azure also. Some common hosting methodologies include using [Azure Functions](cognitive-search-create-custom-skill-example.md) or [Containers](https://github.com/Microsoft/SkillsExtractorCognitiveSearch).
 
 If you're building a custom skill, this article describes the interface you use to integrate the skill into the pipeline. The primary requirement is the ability to accept inputs and emit outputs in ways that are consumable within the [skillset](cognitive-search-defining-skillset.md) as a whole. As such, the focus of this article is on the input and output formats that the enrichment pipeline requires.
 
 ## Benefits of custom skills
 
-Building a custom skill gives you a way to insert transformations unique to your content. A custom skill executes independently, applying whatever enrichment step you require. For example, you could build custom classification models to differentiate business and financial contracts and documents, or add a speech recognition skill to reach deeper into audio files for relevant content. For a step-by-step example, see [Example: Creating a custom skill for AI enrichment](cognitive-search-create-custom-skill-example.md).
+Building a custom skill gives you a way to insert transformations unique to your content. For example, you could build custom classification models to differentiate business and financial contracts and documents, or add a speech recognition skill to reach deeper into audio files for relevant content. For a step-by-step example, see [Example: Creating a custom skill for AI enrichment](cognitive-search-create-custom-skill-example.md).
 
 ## Set the endpoint and timeout interval
 
@@ -43,15 +43,15 @@ If instead your function or app uses Azure managed identities and Azure roles fo
 
 + Your function or app must be [configured for Microsoft Entra ID](../app-service/configure-authentication-provider-aad.md).
 
-+ Your [custom skill definition](cognitive-search-custom-skill-web-api.md) must include an "authResourceId" property. This property takes an application (client) ID, in a [supported format](../active-directory/develop/security-best-practices-for-app-registration.md#application-id-uri): `api://<appId>`.
++ Your [custom skill definition](cognitive-search-custom-skill-web-api.md) must include an `authResourceId` property. This property takes an application (client) ID, in a [supported format](../active-directory/develop/security-best-practices-for-app-registration.md#application-id-uri): `api://<appId>`.
 
-By default, the connection to the endpoint times out if a response isn't returned within a 30-second window. The indexing pipeline is synchronous and indexing will produce a timeout error if a response isn't received in that time frame. You can increase the interval to a maximum value of 230 seconds by setting the timeout parameter:
+By default, the connection to the endpoint times out if a response isn't returned within a 30-second window (`PT30S`). The indexing pipeline is synchronous and indexing will produce a timeout error if a response isn't received in that time frame. You can increase the interval to a maximum value of 230 seconds by setting the timeout parameter (`PT230S`).
 
 ## Format Web API inputs
 
-The Web API must accept an array of records to be processed. Each record must contain a property bag that is the input provided to your Web API. 
+The Web API must accept an array of records to be processed. Within each record, provide a property bag as input to your Web API. 
 
-Suppose you want to create a basic enricher that identifies the first date mentioned in the text of a contract. In this example, the custom skill accepts a single input "contractText" as the contract text. The skill also has a single output, which is the date of the contract. To make the enricher more interesting, return this "contractDate" in the shape of a multi-part complex type.
+Suppose you want to create a basic enricher that identifies the first date mentioned in the text of a contract. In this example, the custom skill accepts a single input "contractText" as the contract text. The skill also has a single output, which is the date of the contract. To make the enricher more interesting, return this "contractDate" in the shape of a multipart complex type.
 
 Your Web API should be ready to receive a batch of input records. Each member of the "values" array represents the input for a particular record. Each record is required to have the following elements:
 
@@ -69,7 +69,7 @@ The resulting Web API request might look like this:
         "data":
            {
              "contractText": 
-                "This is a contract that was issues on November 3, 2017 and that involves... "
+                "This is a contract that was issues on November 3, 2023 and that involves... "
            }
       },
       {
@@ -91,7 +91,7 @@ The resulting Web API request might look like this:
 }
 ```
 
-In practice, your code may get called with hundreds or thousands of records instead of only the three shown here.
+In practice, your code can be called with hundreds or thousands of records instead of only the three shown here.
 
 ## Format Web API outputs
 
@@ -111,7 +111,7 @@ The format of the output is a set of records containing a "recordId", and a prop
       {
         "recordId": "a1",
         "data" : {
-            "contractDate": { "day" : 3, "month": 11, "year" : 2017 }                    
+            "contractDate": { "day" : 3, "month": 11, "year" : 2023 }                    
         }
       },
       {
 
@@ -6,7 +6,7 @@ author: gmndrg
 ms.author: gimondra
 ms.service: cognitive-search
 ms.topic: how-to
-ms.date: 05/09/2023
+ms.date: 04/25/2024
 ms.custom:
   - subject-rbac-steps
   - ignite-2023
@@ -18,9 +18,9 @@ Search applications that are built on Azure AI Search can now use the [Microsoft
 
 This article shows you how to configure your client for Microsoft Entra ID:
 
-+ For authentication, you'll create a [managed identity](../active-directory/managed-identities-azure-resources/overview.md) as the security principle. You could also use a different type of service principal object, but this article uses managed identities because they eliminate the need to manage credentials.
++ For authentication, create a [managed identity](../active-directory/managed-identities-azure-resources/overview.md) for your application. You can use a different type of security principal object, but this article uses managed identities because they eliminate the need to manage credentials.
 
-+ For authorization, you'll assign an Azure role to the managed identity that grants permissions to run queries or manage indexing jobs.
++ For authorization, assign an Azure role to the managed identity that grants permissions to run queries or manage indexing jobs.
 
 + Update your client code to call [`TokenCredential()`](/dotnet/api/azure.core.tokencredential).  For example, you can get started with new SearchClient(endpoint, new `DefaultAzureCredential()`) to authenticate via a Microsoft Entra ID using [Azure.Identity](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/README.md).
 
@@ -48,15 +48,15 @@ In this step, configure your search service to recognize an **authorization** he
 
 The change is effective immediately, but wait a few seconds before testing. 
 
-All network calls for search service operations and content will respect the option you select: API keys, bearer token, or either one if you select **Both**.
+All network calls for search service operations and content respect the option you select: API keys, bearer token, or either one if you select **Both**.
 
-When you enable role-based access control in the portal, the failure mode will be "http401WithBearerChallenge" if authorization fails.
+When you enable role-based access control in the portal, the failure mode is "http401WithBearerChallenge" if authorization fails.
 
 ### [**REST API**](#tab/config-svc-rest)
 
 Use the Management REST API [Create or Update Service](/rest/api/searchmanagement/services/create-or-update) to configure your service.
 
-All calls to the Management REST API are authenticated through Microsoft Entra ID, with Contributor or Owner permissions. For help setting up authenticated requests in a REST client, see [Manage Azure AI Search using REST](search-manage-rest.md).
+All calls to the Management REST API are authenticated through Microsoft Entra ID, with Contributor or Owner permissions. For help with setting up authenticated requests in a REST client, see [Manage Azure AI Search using REST](search-manage-rest.md).
 
 1. Get service settings so that you can review the current configuration.
 
@@ -94,17 +94,17 @@ In this step, create a [managed identity](../active-directory/managed-identities
 
 1. Search for **Managed Identities**.
 
-1. Select **+ Create**.
+1. Select **Create**.
 
 1. Give your managed identity a name and select a region. Then, select **Create**.
 
    :::image type="content" source="media/search-howto-aad/create-managed-identity.png" alt-text="Screenshot of the Create Managed Identity wizard." border="true" :::
 
 ## Assign a role to the managed identity
 
-Next, you need to grant your managed identity access to your search service. Azure AI Search has various [built-in roles](search-security-rbac.md#built-in-roles-used-in-search). You can also create a [custom role](search-security-rbac.md#create-a-custom-role).
+Next, you need to grant your client's managed identity access to your search service. Azure AI Search has various [built-in roles](search-security-rbac.md#built-in-roles-used-in-search). You can also create a [custom role](search-security-rbac.md#create-a-custom-role).
 
-It's a best practice to grant minimum permissions. If your application only needs to handle queries, you should assign the [Search Index Data Reader](../role-based-access-control/built-in-roles.md#search-index-data-reader) role. Alternatively, if it needs both read and write access on a search index, you should use the [Search Index Data Contributor](../role-based-access-control/built-in-roles.md#search-index-data-contributor) role.
+It's a best practice to grant minimum permissions. If your application only needs to handle queries, you should assign the [Search Index Data Reader](../role-based-access-control/built-in-roles.md#search-index-data-reader) role. Alternatively, if the client needs both read and write access on a search index, you should use the [Search Index Data Contributor](../role-based-access-control/built-in-roles.md#search-index-data-contributor) role.
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 
@@ -125,10 +125,8 @@ It's a best practice to grant minimum permissions. If your application only need
    + Search Index Data Contributor
    + Search Index Data Reader
 
-   For more information on the available roles, see [Built-in roles used in Search](search-security-rbac.md#built-in-roles-used-in-search).
-
-   > [!NOTE]
-   > The Owner, Contributor, Reader, and Search Service Contributor roles don't give you access to the data within a search index, so you can't query a search index or index data using those roles. For data access to a search index, you need either the Search Index Data Contributor or Search Index Data Reader role.
+      > [!NOTE]
+   > The Owner, Contributor, Reader, and Search Service Contributor are control plane roles and don't give you access to the data within a search index. For data access, choose either the Search Index Data Contributor or Search Index Data Reader role. For more information on the scope and purpose of each role, see [Built-in roles used in Search](search-security-rbac.md#built-in-roles-used-in-search).
 
 1. On the **Members** tab, select the managed identity that you want to give access to your search service.
 
@@ -177,9 +175,9 @@ The following instructions reference an existing C# sample to demonstrate the co
 
 ### Local testing
 
-User-assigned managed identities work only in Azure environments. If you run this code locally, `DefaultAzureCredential` will fall back to authenticating with your credentials. Make sure you've also given yourself the required access to the search service if you plan to run the code locally. 
+User-assigned managed identities work only in Azure environments. If you run this code locally, `DefaultAzureCredential` falls back to authenticating with your credentials. Make sure you give yourself the required access to the search service if you plan to run the code locally. 
 
-1. Verify your account has role assignments to run all of the operations in the quickstart sample. To both create and query an index, you'll need "Search Index Data Reader" and "Search Index Data Contributor".
+1. Verify your account has role assignments to run all of the operations in the quickstart sample. To both create and query an index, use "Search Index Data Reader" and "Search Index Data Contributor".
 
 1. Go to **Tools** > **Options** > **Azure Service Authentication** to choose your Azure sign-on account.