Merge pull request #105139 from MicrosoftDocs/master

2/21 AM Publish

Author: huypub

articles/active-directory/app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md

@@ -93,10 +93,12 @@ Scoping filters are configured as part of the attribute mappings for each Azure
    i. **Greater_Than.** Clause returns "true" if the evaluated attribute is greater than the value. The value specified on the scoping filter must be an integer and the attribute on the user must be an integer [0,1,2,...]. 
 
    j. **Greater_Than_OR_EQUALS.** Clause returns "true" if the evaluated attribute is greater than or equal to the value. The value specified on the scoping filter must be an integer and the attribute on the user must be an integer [0,1,2,...]. 
+   
+   k. **Includes.** Clause returns "true" if the evaluated attribute contains the string value (case sensitive) as described [here](https://docs.microsoft.com/dotnet/api/system.string.contains?view=netframework-4.8). 
 
 
 >[!IMPORTANT] 
-> The Includes and IsMemberOf filters are not supported. They will soon be removed from the UI.
+> The IsMemberOf filter is not supported currently.
 
 9. Optionally, repeat steps 7-8 to add more scoping clauses.
 

articles/aks/azure-ad-integration-cli.md

@@ -119,7 +119,7 @@ oAuthPermissionId=$(az ad app show --id $serverApplicationId --query "oauth2Perm
 Add the permissions for the client application and server application components to use the oAuth2 communication flow using the [az ad app permission add][az-ad-app-permission-add] command. Then, grant permissions for the client application to communication with the server application using the [az ad app permission grant][az-ad-app-permission-grant] command:
 
 ```azurecli-interactive
-az ad app permission add --id $clientApplicationId --api $serverApplicationId --api-permissions $oAuthPermissionId=Scope
+az ad app permission add --id $clientApplicationId --api $serverApplicationId --api-permissions ${oAuthPermissionId}=Scope
 az ad app permission grant --id $clientApplicationId --api $serverApplicationId
 ```
 

articles/aks/private-clusters.md

@@ -6,7 +6,7 @@ author: mlearned
 
 ms.service: container-service
 ms.topic: article
-ms.date: 1/24/2020
+ms.date: 2/21/2020
 ms.author: mlearned
 ---
 
@@ -27,13 +27,33 @@ The control plane or API server is in an Azure Kubernetes Service (AKS)-managed
 * The Azure CLI version 2.0.77 or later, and the Azure CLI AKS Preview extension version 0.4.18
 
 ## Currently supported regions
-* West US
-* West US 2
-* East US 2
+
+* Australia East
+* Australia Southeast
+* Brazil South
 * Canada Central
+* Canada East
+* Cenral US
+* East Asia
+* East US
+* East US 2
+* East US 2 EUAP
+* France Central
+* Germany North
+* Japan East
+* Japan West
+* Korea Central
+* Korea South
+* North Central US
 * North Europe
+* North Europe
+* South Central US
+* UK South
 * West Europe
-* Australia East
+* West US
+* West US 2
+* East US 2
+
 
 ## Install the latest Azure CLI AKS Preview extension
 

articles/availability-zones/az-overview.md

@@ -39,6 +39,7 @@ The combinations of Azure services and regions that support Availability Zones a
 | Linux Virtual Machines          | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |
 | Windows Virtual Machines        | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |
 | Virtual Machine Scale Sets      | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |
+| Azure App Service Environments ILB | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |
 | Azure Kubernetes Service        | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |
 | **Storage**   |            |              |           |           |                |              |          |             |            |                |
 | Managed Disks                   | ✓   | ✓     | ✓  | ✓  | ✓       | ✓     | ✓ | ✓    | ✓   | ✓       |

articles/azure-monitor/index.yml

@@ -25,9 +25,9 @@ landingContent:
         links:
           - text: What is Azure Monitor?
             url: overview.md
-          - text: What is Azure Monitor logs / Log Analytics?
-            url: overview.md
-          - text: Azure Monitor logs / Log Analytics content hub page
+          - text: What is Azure Monitor Logs / Log Analytics?
+            url: platform/data-platform-logs.md
+          - text: Azure Monitor Logs / Log Analytics content hub page
             url: azure-monitor-log-hub.md
           - text: What is Application Insights?
             url: app/app-insights-overview.md

articles/azure-monitor/insights/azure-sql.md

@@ -1,25 +1,22 @@
 ---
 title: SharePoint files - QnA Maker
-titleSuffix: Azure Cognitive Services
 description: Add secured SharePoint data sources to your knowledge base to enrich the knowledge base with questions and answers that may be secured with Active Directory.
-services: cognitive-services
-author: diberry
-manager: nitinme
-ms.service: cognitive-services
-ms.subservice: qna-maker
 ms.topic: conceptual
-ms.date: 06/24/2019
-ms.author: diberry
+ms.date: 02/20/2020
 ---
 
 # Add a secured SharePoint data source to your knowledge base
 
-Add secured SharePoint data sources to your knowledge base to enrich the knowledge base with questions and answers that may be secured with Active Directory.
+Add secured cloud-based SharePoint data sources to your knowledge base to enrich the knowledge base with questions and answers that may be secured with Active Directory.
 
 When you add a secured SharePoint document to your knowledge base, as the QnA Maker manager, you must request Active Directory permission for QnA Maker. Once this permission is given from the Active Directory manager to QnA Maker for access to SharePoint, it doesn't have to be given again. Each subsequent document addition to the knowledge base will not need authorization if it is in the same SharePoint resource.
 
 If the QnA Maker knowledge base manager is not the Active Directory manager, you will need to communicate with the Active Directory manager to finish this process.
 
+## Prerequisites
+
+QnA Maker uses Microsoft Graph for permissions. If your SharePoint is on-premises, you won't be able to extract from SharePoint because Microsoft Graph won't be able to determine permissions.
+
 ## Add supported file types to knowledge base
 
 You can add all QnA Maker-supported [file types](../Concepts/content-types.md) from a SharePoint site to your knowledge base. You may have to grant [permissions](#permissions) if the file resource is secured.

articles/cognitive-services/QnAMaker/How-To/add-sharepoint-datasources.md

@@ -85,7 +85,7 @@ The access policy should now show up in your key vault's access policies.
 > Encrypting deployment data with a customer-managed key is available in the latest API version (2019-12-01) that is currently rolling out. Specify this API version in your deployment template. If you have any issues with this, please reach out to Azure Support.
 
 Once the key vault key and access policy are set up, add the following properties to your ACI deployment template. Learn more about deploying ACI resources with a template in the [Tutorial: Deploy a multi-container group using a Resource Manager template](https://docs.microsoft.com/azure/container-instances/container-instances-multi-container-group). 
-* Under `resources`, set `apiVersion` to `2012-12-01`.
+* Under `resources`, set `apiVersion` to `2019-12-01`.
 * Under the container group properties section of the deployment template, add an `encryptionProperties`, which contains the following values:
   * `vaultBaseUrl`: the DNS Name of your key vault, can be found  on the overview blade of the key vault resource in Portal
   * `keyName`: the name of the key generated earlier
@@ -231,4 +231,4 @@ Within a few seconds, you should receive an initial response from Azure. Once th
 
 <!-- LINKS - Internal -->
 [az-group-create]: /cli/azure/group#az-group-create
-[az-group-deployment-create]: /cli/azure/group/deployment#az-group-deployment-create
+[az-group-deployment-create]: /cli/azure/group/deployment#az-group-deployment-create

articles/container-instances/container-instances-encrypt-data.md

@@ -407,9 +407,10 @@ when the condition is met.
 
 ### DeployIfNotExists evaluation
 
-DeployIfNotExists runs after a Resource Provider has handled a create or update resource request
-and has returned a success status code. A template deployment occurs if there are no related
-resources or if the resources defined by **ExistenceCondition** don't evaluate to true.
+DeployIfNotExists runs about 15 minutes after a Resource Provider has handled a create or update
+resource request and has returned a success status code. A template deployment occurs if there are
+no related resources or if the resources defined by **ExistenceCondition** don't evaluate to true.
+The duration of the deployment depends on the complexity of resources included in the template.
 
 During an evaluation cycle, policy definitions with a DeployIfNotExists effect that match resources
 are marked as non-compliant, but no action is taken on that resource.

articles/governance/policy/concepts/effects.md

@@ -185,8 +185,8 @@ To create a **remediation task**, follow these steps:
    ![Remediate - select which resources to remediate](../media/remediate-resources/select-resources.png)
 
 1. Begin the remediation task once the resources have been filtered by clicking **Remediate**. The
-   policy compliance page will open to the **Remediation tasks** tab to show the state of the tasks
-   progress.
+   policy compliance page opens to the **Remediation tasks** tab to show the state of the tasks
+   progress. Deployments created by the remediation task begin right away.
 
    ![Remediate - progress of remediation tasks](../media/remediate-resources/task-progress.png)