Skip to content

Commit 7974a6e

Browse files
committed
Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into diagramsAvail
2 parents 7f61666 + 77ff625 commit 7974a6e

File tree

61 files changed

+1808
-1299
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

61 files changed

+1808
-1299
lines changed

articles/aks/csi-secrets-store-configuration-options.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,8 @@ To disable auto-rotation, you first need to disable the add-on. Then, you can re
6969
az aks addon enable -g myResourceGroup -n myAKSCluster2 -a azure-keyvault-secrets-provider
7070
```
7171
72+
If you are already using a `SecretProviderClass`, you can update the add-on without disabling it first by using `az aks addon enable` without specifying the `enable-secret-rotation` parameter.
73+
7274
### Sync mounted content with a Kubernetes secret
7375
7476
> [!NOTE]
-43 Bytes
Loading

articles/aks/planned-maintenance.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ Regular maintenance is performed on your AKS cluster automatically. There are tw
1919
* *AKS-initiated maintenance* involves the weekly releases that AKS performs to keep your cluster up to date with the latest features and fixes.
2020
* *User-initiated maintenance* includes [cluster auto-upgrades][aks-upgrade] and [node operating system (OS) automatic security updates][node-image-auto-upgrade].
2121

22-
When you use the feature of planned maintenance in AKS, you can run both types of maintenance in a cadence of your choice to minimize workload impact.
22+
When you use the feature of planned maintenance in AKS, you can run both types of maintenance in a cadence of your choice to minimize workload impact. You can use planned maintenance to schedule the timing of automatic upgrades, but enabling or disabling planned maintenance won't enable or disable automatic upgrades.
2323

2424
## Before you begin
2525

articles/azure-arc/servers/agent-overview.md

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -195,7 +195,7 @@ azcmagent config set extensions.agent.cpulimit 80
195195

196196
Metadata information about a connected machine is collected after the Connected Machine agent registers with Azure Arc-enabled servers. Specifically:
197197

198-
* Operating system name, type, and version
198+
* Operating system name, edition, type, and version
199199
* Computer name
200200
* Computer manufacturer and model
201201
* Computer fully qualified domain name (FQDN)
@@ -214,6 +214,15 @@ Metadata information about a connected machine is collected after the Connected
214214
* Total physical memory
215215
* Serial number
216216
* SMBIOS asset tag
217+
* Network interface information
218+
* IP address
219+
* Subnet
220+
* Windows licensing information
221+
* OS license status
222+
* OS license channel
223+
* Extended Security Updates eligibility
224+
* Extended Security Updates license status
225+
* Extended Security Updates license channel
217226
* Cloud provider
218227
* Amazon Web Services (AWS) metadata, when running in AWS:
219228
* Account ID

articles/azure-large-instances/workloads/epic/available-skus.md

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,10 @@ ms.service: azure-large-instances
1111
ms.date: 06/01/2023
1212
---
1313

14-
# Azure Large Instances for Epic workload SKUs
14+
# Azure Large Instances for Epic workload SKUs
1515

1616
This article provides a list of available Azure Large Instances for Epic<sup>®</sup> workload SKUs.
17+
1718
## Azure Large Instances availability by region
1819

1920
* West Europe
@@ -30,8 +31,8 @@ Azure Large Instances for Epic<sup>®</sup> workload has limited availability an
3031
* South Central US
3132
* West US 2 with Zones support
3233

33-
> [!Note]
34-
> Zones support refers to availability zones within a region where Azure Large Instances can be deployed across zones for high resiliency and availability. This capability enables support for multi-site active-active scaling.
34+
>[!Note]
35+
>Zones support refers to availability zones within a region where Azure Large Instances can be deployed across zones for high resiliency and availability. This capability enables support for multi-site active-active scaling.
3536
3637
## Azure Large Instances for Epic availability
3738

@@ -68,6 +69,10 @@ Azure Large Instances units for Epic deployed in different tenants can't communi
6869
A deployed tenant in the Azure Large Instances stamp is assigned to one Azure subscription for billing purposes. For a network, it can be accessed from virtual networks of other Azure subscriptions within the same Azure enrollment.
6970
If you deploy with another Azure subscription in the same Azure region, you also request for a separated Azure Large Instances tenant.
7071

72+
### Operational model
73+
In addition to its BareMetal offering, Azure Large Instances also has an offering where Microsoft deploys a foundational ESXi environment onto the host servers and subsequent configuration of VMware vCenter by Microsoft as an ESXi VM in the cluster. Microsoft owns the ESXi licenses. On the storage configurations, Azure Large Instances comes with highly redundant Fiber Channel storage provisioned. Microsoft retains the root admin access to ESXi and provides a cloud admin role for customer’s use. The Cloud Admin role in Azure Large Instances Solution has the following privileges on vCenter Server.
7174

75+
:::image type="content" source="media/support-diagram.png" alt-text="A diagram showing the support responsibilities for Microsoft and partners.":::
7276

77+
For more information, reach out to your Microsoft representative.
7378

66.5 KB
Loading

articles/communication-services/concepts/ui-library/includes/web-ui-use-cases.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -141,5 +141,10 @@ Accessibility by design is a principle across Microsoft products. UI Library fol
141141

142142
Localization is key to making products for users around the world and who speak different languages. UI Library provides default support for some languages and capabilities, including right-to-left languages. You can provide their own localization files to use with UI Library.
143143

144+
## Known Issues
145+
146+
* The UI library doesn't support updating message type when editing existing messages at this time. Adding rich text formatting to an existing message will add html styling to the text content. Since this does not change the message type, it may result in displaying html content as plain text in the message thread.
147+
148+
144149
> [!div class="nextstepaction"]
145150
> [Visit UI Library storybook](https://azure.github.io/communication-ui-library)

articles/event-grid/authenticate-with-entra-id-namespaces.md

Lines changed: 1 addition & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ EventGridEvent egEvent = new EventGridEvent(
8585
await client.SendEventAsync(egEvent);
8686
```
8787

88-
### Prerequisites
88+
### SDKs
8989

9090
Following are the prerequisites to authenticate to Event Grid.
9191

@@ -124,61 +124,6 @@ For more information, see the following articles:
124124
- [Azure Event Grid client library for JavaScript](/javascript/api/overview/azure/eventgrid-readme)
125125
- [Azure Event Grid client library for Python](/python/api/overview/azure/eventgrid-readme)
126126

127-
## Disable key and shared access signature authentication
128-
129-
Microsoft Entra authentication provides a superior authentication support than that's offered by access key or Shared Access Signature (SAS) token authentication. With Microsoft Entra authentication, the identity is validated against Microsoft Entra identity provider. As a developer, you won't have to handle keys in your code if you use Microsoft Entra authentication. You'll also benefit from all security features built into the Microsoft Identity platform, such as [Conditional Access](/entra/identity/conditional-access/overview) that can help you improve your application's security stance.
130-
131-
Once you decide to use Microsoft Entra authentication, you can disable authentication based on access keys or SAS tokens.
132-
133-
> [!NOTE]
134-
> Acess keys or SAS token authentication is a form of **local authentication**. you'll hear sometimes referring to "local auth" when discussing this category of authentication mechanisms that don't rely on Microsoft Entra ID. The API parameter used to disable local authentication is called, appropriately so, ``disableLocalAuth``.
135-
136-
### Azure portal
137-
138-
When creating a new topic, you can disable local authentication on the **Advanced** tab of the **Create Topic** page.
139-
140-
:::image type="content" source="./media/authenticate-with-microsoft-entra-id/create-topic-disable-local-auth.png" alt-text="Screenshot showing the Advanced tab of Create Topic page when you can disable local authentication.":::
141-
142-
For an existing topic, following these steps to disable local authentication:
143-
144-
1. Navigate to the **Event Grid Topic** page for the topic, and select **Enabled** under **Local Authentication**
145-
146-
:::image type="content" source="./media/authenticate-with-microsoft-entra-id/existing-topic-local-auth.png" alt-text="Screenshot showing the Overview page of an existing topic.":::
147-
2. In the **Local Authentication** popup window, select **Disabled**, and select **OK**.
148-
149-
:::image type="content" source="./media/authenticate-with-microsoft-entra-id/local-auth-popup.png" alt-text="Screenshot showing the Local Authentication window.":::
150-
151-
152-
### Azure CLI
153-
The following CLI command shows the way to create a custom topic with local authentication disabled. The disable local auth feature is currently available as a preview and you need to use API version ``2021-06-01-preview``.
154-
155-
```cli
156-
az resource create --subscription <subscriptionId> --resource-group <resourceGroup> --resource-type Microsoft.EventGrid/topics --api-version 2021-06-01-preview --name <topicName> --location <location> --properties "{ \"disableLocalAuth\": true}"
157-
```
158-
159-
For your reference, the following are the resource type values that you can use according to the topic you're creating or updating.
160-
161-
| Topic type | Resource type |
162-
| ------------------| :------------------------------------|
163-
| Domains | Microsoft.EventGrid/domains |
164-
| Partner Namespace | Microsoft.EventGrid/partnerNamespaces|
165-
| Custom Topic | Microsoft.EventGrid/topics |
166-
167-
### Azure PowerShell
168-
169-
If you're using PowerShell, use the following cmdlets to create a custom topic with local authentication disabled.
170-
171-
```PowerShell
172-
173-
Set-AzContext -SubscriptionId <SubscriptionId>
174-
175-
New-AzResource -ResourceGroupName <ResourceGroupName> -ResourceType Microsoft.EventGrid/topics -ApiVersion 2021-06-01-preview -ResourceName <TopicName> -Location <Location> -Properties @{disableLocalAuth=$true}
176-
```
177-
178-
> [!NOTE]
179-
> - To learn about using the access key or shared access signature authentication, see [Authenticate publishing clients with keys or SAS tokens](security-authenticate-publishing-clients.md)
180-
> - This article deals with authentication when publishing events to Event Grid (event ingress). Authenticating Event Grid when delivering events (event egress) is the subject of article [Authenticate event delivery to event handlers](security-authentication.md).
181-
182127
## Resources
183128
- Data plane SDKs
184129
- Java SDK: [GitHub](https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/eventgrid/azure-messaging-eventgrid) | [samples](https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/eventgrid/azure-messaging-eventgrid/src/samples/java/com/azure/messaging/eventgrid) | [migration guide from previous SDK version](https://github.com/Azure/azure-sdk-for-java/blob/master/sdk/eventgrid/azure-messaging-eventgrid/migration-guide.md)

articles/event-grid/custom-event-quickstart-portal.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ Before you create a subscription for the custom topic, create an endpoint for th
5858
:::image type="content" source="~/reusable-content/ce-skilling/azure/media/template-deployments/deploy-to-azure-button.svg" alt-text="Button to deploy the Resource Manager template to Azure." border="false" link="https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure-Samples%2Fazure-event-grid-viewer%2Fmaster%2Fazuredeploy.json":::
5959

6060
2. On the **Custom deployment** page, do the following steps:
61-
1. For **Resource group**, select the resource group that you created when creating the storage account. It will be easier for you to clean up after you're done with the tutorial by deleting the resource group.
61+
1. For **Resource group**, select an existing resource group or create a resource group.
6262
2. For **Site Name**, enter a name for the web app.
6363
3. For **Hosting plan name**, enter a name for the App Service plan to use for hosting the web app.
6464
5. Select **Review + create**.
@@ -68,7 +68,7 @@ Before you create a subscription for the custom topic, create an endpoint for th
6868
1. The deployment may take a few minutes to complete. Select Alerts (bell icon) in the portal, and then select **Go to resource group**.
6969

7070
:::image type="content" source="./media/blob-event-quickstart-portal/navigate-resource-group.png" alt-text="Screenshot showing the successful deployment message with a link to navigate to the resource group.":::
71-
4. On the **Resource group** page, in the list of resources, select the web app that you created. You also see the App Service plan and the storage account in this list.
71+
4. On the **Resource group** page, in the list of resources, select the web app (**contosoegriviewer** in the following example) that you created.
7272

7373
:::image type="content" source="./media/blob-event-quickstart-portal/resource-group-resources.png" alt-text="Screenshot that shows the Resource Group page with the deployed resources.":::
7474
5. On the **App Service** page for your web app, select the URL to navigate to the web site. The URL should be in this format: `https://<your-site-name>.azurewebsites.net`.

articles/network-watcher/nsg-flow-logs-migrate.md

Lines changed: 23 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,15 +6,27 @@ author: halkazwini
66
ms.author: halkazwini
77
ms.service: network-watcher
88
ms.topic: how-to
9-
ms.date: 04/29/2024
9+
ms.date: 05/10/2024
1010
ms.custom: devx-track-azurepowershell
1111

1212
#CustomerIntent: As an Azure administrator, I want to migrate my network security group flow logs to the new virtual network flow logs so that I can use all the benefits of virtual network flow logs, which overcome some of the network security group flow logs limitations.
1313
---
1414

1515
# Migrate from network security group flow logs to virtual network flow logs
1616

17-
In this article, you learn how to migrate your existing network security group flow logs to virtual network flow logs. Virtual network flow logs overcome some of the limitations of network security group flow logs. For more information, see [Virtual network flow logs](vnet-flow-logs-overview.md).
17+
In this article, you learn how to migrate your existing network security group flow logs to virtual network flow logs using a migration script. Virtual network flow logs overcome some of the limitations of network security group flow logs. For more information, see [Virtual network flow logs](vnet-flow-logs-overview.md).
18+
19+
> [!NOTE]
20+
> Use the migration script:
21+
> - when you don't have flow logging enabled on all network interfaces or subnets in a virtual network and you don't want to enable virtual network flow logging on all of them, or
22+
> - when your network security group flow logs in a virtual network have different configurations, and you want to create virtual network flow logs with those different configurations as the network security group flow logs.
23+
>
24+
> Use Azure Policy:
25+
> - when you have the same network security group applied to all network interfaces or subnets in a virtual network,
26+
> - when you have the same network security group flow log configurations for all network interfaces or subnets in a virtual network, or
27+
> - when you want to enable virtual network flow logging on the virtual network level.
28+
>
29+
> For more information, see [Deploy and configure virtual network flow logs using a built-in policy](vnet-flow-logs-policy.md#deploy-and-configure-virtual-network-flow-logs-using-a-built-in-policy).
1830
1931
## Prerequisites
2032

@@ -122,6 +134,15 @@ In this section, you learn how to use the script file that you downloaded in the
122134
123135
:::image type="content" source="./media/nsg-flow-logs-migrate/delete-flow-logs-confirmation.png" alt-text="Screenshot that shows how to confirm the deletion of migrated flow logs." lightbox="./media/nsg-flow-logs-migrate/delete-flow-logs-confirmation.png":::
124136
137+
## Considerations
138+
139+
- **Scale set with a load balancer**: The migration script enables virtual network flow logging on the subnet that has the scale set virtual machines.
140+
141+
> [!NOTE]
142+
> If network security group flow logging is not enabled on all network interfaces of the scale set, or the network interfaces don't share the same network security group flow log, then a virtual network flow log is created on the subnet with the same configurations as one of the network interfaces of the scale set.
143+
144+
- **PaaS**: The migration script doesn't support environments with PaaS solutions that have network security group flow logs in a user's subscription but target resources are in different subscriptions. For such environments, you should manually enable virtual network flow logging on the virtual network or subnet of the PaaS solution.
145+
125146
## Related content
126147
127148
- [Network security group flow logs](nsg-flow-logs-overview.md)

0 commit comments

Comments
 (0)