Merge pull request #204321 from ju-shim/vmss-711

VMSS branch merge conflict fix

Author: tamarakhader

articles/active-directory-b2c/supported-azure-ad-features.md

@@ -23,7 +23,7 @@ An Azure AD B2C tenant is different than an Azure Active Directory tenant, which
 | [Inviting External Identities guests](../active-directory//external-identities/add-users-administrator.md)| You can invite guest users and configure External Identities features such as federation and sign-in with Facebook and Google accounts. | You can invite only a Microsoft account or an Azure AD user as a guest to your Azure AD tenant for accessing applications or managing tenants. For [consumer accounts](user-overview.md#consumer-user), you use Azure AD B2C user flows and custom policies to manage users and sign-up or sign-in with external identity providers, such as Google or Facebook. |
 | [Roles and administrators](../active-directory/fundamentals/active-directory-users-assign-role-azure-portal.md)| Fully supported for administrative and user accounts. | Roles are not supported with [consumer accounts](user-overview.md#consumer-user). Consumer accounts don't have access to any Azure resources.|
 | [Custom domain names](../active-directory/fundamentals/add-custom-domain.md) |  You can use Azure AD custom domains for administrative accounts only. | [Consumer accounts](user-overview.md#consumer-user) can sign in with a username, phone number, or any email address. You can use [custom domains](custom-domain.md) in your redirect URLs.|
-| [Conditional Access](../active-directory/conditional-access/overview.md) | Fully supported for administrative and user accounts. | A subset of Azure AD Conditional Access features is supported with [consumer accounts](user-overview.md#consumer-user) Lean how to configure Azure AD B2C [conditional access](conditional-access-user-flow.md).|
+| [Conditional Access](../active-directory/conditional-access/overview.md) | Fully supported for administrative and user accounts. | A subset of Azure AD Conditional Access features is supported with [consumer accounts](user-overview.md#consumer-user) Learn how to configure Azure AD B2C [conditional access](conditional-access-user-flow.md).|
 | [Premium P1](https://azure.microsoft.com/pricing/details/active-directory) | Fully supported for Azure AD premium P1 features. For example, [Password Protection](../active-directory/authentication/concept-password-ban-bad.md), [Hybrid Identities](../active-directory/hybrid/whatis-hybrid-identity.md),  [Conditional Access](../active-directory/roles/permissions-reference.md#), [Dynamic groups](../active-directory/enterprise-users/groups-create-rule.md), and more. | Azure AD B2C uses [Azure AD B2C Premium P1 license](https://azure.microsoft.com/pricing/details/active-directory/external-identities/), which is different from Azure AD premium P1. A subset of Azure AD Conditional Access features is supported with [consumer accounts](user-overview.md#consumer-user). Learn how to configure Azure AD B2C [Conditional Access](conditional-access-user-flow.md).|
 | [Premium P2](https://azure.microsoft.com/pricing/details/active-directory/) | Fully supported for Azure AD premium P2 features. For example, [Identity Protection](../active-directory/identity-protection/overview-identity-protection.md), and [Identity Governance](../active-directory/governance/identity-governance-overview.md).  | Azure AD B2C uses [Azure AD B2C Premium P2 license](https://azure.microsoft.com/pricing/details/active-directory/external-identities/), which is different from Azure AD premium P2. A subset of Azure AD Identity Protection features is supported with [consumer accounts](user-overview.md#consumer-user). Learn how to [Investigate risk with Identity Protection](identity-protection-investigate-risk.md) and configure Azure AD B2C [Conditional Access](conditional-access-user-flow.md). |
 |[Data retention policy](../active-directory/reports-monitoring/reference-reports-data-retention.md#how-long-does-azure-ad-store-the-data)|Data retention period for both audit and sign in logs depend on your subscription. Learn more about [How long Azure AD store reporting data](../active-directory/reports-monitoring/reference-reports-data-retention.md#how-long-does-azure-ad-store-the-data).|Sign in and  audit logs are only retained for **seven (7) days**. If you require a longer retention period, use the [Azure monitor](azure-monitor.md).|

articles/active-directory/external-identities/cross-tenant-access-overview.md

@@ -50,6 +50,9 @@ You can configure organization-specific settings by adding an organization and m
 
 - For B2B collaboration with other Azure AD organizations, use cross-tenant access settings to manage inbound and outbound B2B collaboration and scope access to specific users, groups, and applications. You can set a default configuration that applies to all external organizations, and then create individual, organization-specific settings as needed. Using cross-tenant access settings, you can also trust multi-factor (MFA) and device claims (compliant claims and hybrid Azure AD joined claims) from other Azure AD organizations.
 
+   > [!TIP]
+   >If you intend to trust inbound MFA for external users, make sure you don't have an [Identity Protection policy](../identity-protection/howto-identity-protection-configure-mfa-policy.md) in place that requires external users to register for MFA. When both of these policies are present, external users won’t be able to satisfy the requirements for access. If you want to enforce the Identity Protection MFA registration policy, be sure to exclude external users.
+
 - For B2B direct connect, use organizational settings to set up a mutual trust relationship with another Azure AD organization. Both your organization and the external organization need to mutually enable B2B direct connect by configuring inbound and outbound cross-tenant access settings.
 
 - You can use external collaboration settings to limit who can invite external users, allow or block B2B specific domains, and set restrictions on guest user access to your directory.

articles/azure-fluid-relay/how-tos/azure-function-token-provider.md

@@ -15,7 +15,7 @@ fluid.url: https://fluidframework.com/docs/build/tokenproviders/
 > [!NOTE]
 > This preview version is provided without a service-level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
 
-In the [Fluid Framework](https://fluidframework.com/), TokenProviders are responsible for creating and signing tokens that the `@fluidframework/azure-client` uses to make requests to the Azure Fluid Relay service. The Fluid Framework provides a simple, insecure TokenProvider for development purposes, aptly named **InsecureTokenProvider**. Each Fluid service must implement a custom TokenProvider based on the particulars service's authentication and security considerations.
+In the [Fluid Framework](https://fluidframework.com/), TokenProviders are responsible for creating and signing tokens that the `@fluidframework/azure-client` uses to make requests to the Azure Fluid Relay service. The Fluid Framework provides a simple, insecure TokenProvider for development purposes, aptly named **InsecureTokenProvider**. Each Fluid service must implement a custom TokenProvider based on the particular service's authentication and security considerations.
 
 Each Azure Fluid Relay resource you create is assigned a **tenant ID** and its own unique **tenant secret key**. The secret key is a **shared secret**. Your app/service knows it, and the Azure Fluid Relay service knows it. TokenProviders must know the secret key to sign requests, but the secret key cannot be included in client code.
 

articles/azure-fluid-relay/how-tos/deploy-fluid-static-web-apps.md

@@ -26,7 +26,7 @@ If you don't have an Azure subscription, [create a free trial account](https://a
 
 ## Connect to Azure Fluid Relay
 
-You can connect to Azure Fluid Relay by providing the tenant ID and key that is uniquely generated for you when creating the Azure resource. You can build your own token provider implementation or you can use the two token provider implementations that the Fluid Framework provides: **InsecureTokenProvider** and **AzureFunctionTokenProvider**.
+You can connect to Azure Fluid Relay by providing the tenant ID and key that is uniquely generated for you when creating the Azure resource. You can build your own token provider implementation or you can use the two token provider implementations that the Fluid Framework provides: [InsecureTokenProvider](https://fluidframework.com/docs/apis/test-client-utils/insecuretokenprovider) and [AzureFunctionTokenProvider](https://fluidframework.com/docs/apis/azure-client/azurefunctiontokenprovider).
 
 To learn more about using InsecureTokenProvider for local development, see [Connecting to the service](connect-fluid-azure-service.md#connecting-to-the-service) and [Authentication and authorization in your app](../concepts/authentication-authorization.md#the-token-provider).
 

articles/baremetal-infrastructure/workloads/nc2-public-preview/about-the-public-preview.md

@@ -46,10 +46,9 @@ We offer two SKUs: AN36 and AN36P. For specifications, see [SKUs](skus.md).
 ### More benefits
 
 * Microsoft Azure Consumption Contract (MACC) credits
-* Nutanix Bring your own License (BYOL)  
 
 > [!NOTE]
-> During the public preview, RI is not supported. 
+> During the public preview, RI is not supported.
 An additional discount may be available.
 
 ## Support

articles/baremetal-infrastructure/workloads/nc2-public-preview/supported-instances-and-regions.md

@@ -16,25 +16,16 @@ Learn about instances and regions supported for NC2 on Azure Public Preview.
 Nutanix Clusters on Azure supports:
 
 * Minimum of three bare metal nodes per cluster.
-* Maximum of nine bare metal nodes for public preview.
+* Maximum of 16 bare metal nodes for public preview.
 * Only the Nutanix AHV hypervisor on Nutanix clusters running in Azure.
 * Prism Central instance deployed on Nutanix Clusters on Azure to manage the Nutanix clusters in Azure.
 
 ## Supported regions
 
 This public preview release supports the following Azure regions:
 
-|Region name |Ready Node for Nutanix AN36 |Ready Node for Nutanix AN36P |
-| :------------------- | -------------------: |:---------------:|
-|East US (Virginia)|​Yes|No|
-|West US 2 (Washington)​|Yes|No|
-|East US 2 (Virginia)|No|Yes|
-|North Central US (Illinois)​|No|Yes|
-|UK South (London)*|No|Yes|
-|Germany West Central (Frankfurt)​|No|Yes|
-|Australia East|No|Yes|
-|West Europe (Amsterdam)No|Yes|
-|Southeast Asia (Singapore)|No|Yes|
+* East US
+* West US 2
 
 ## Next steps
 

articles/cognitive-services/Speech-Service/language-support.md

@@ -396,11 +396,14 @@ You can use the locales in this table with [phrase list](improve-accuracy-phrase
 | English (India) | `en-IN` |
 | English (United Kingdom)) | `en-GB` |
 | English (United States) | `en-US` |
+| French (Canada) | `fr-CA` |
 | French (France) | `fr-FR` |
 | German (Germany) | `de-DE` |
 | Italian (Italy) | `it-IT` |
 | Japanese (Japan) | `ja-JP` |
+| Korean (Korea) | `ko-KR` |
 | Portuguese (Brazil) | `pt-BR` |
+| Spanish (Mexico) | `es-MX` |
 | Spanish (Spain) | `es-ES` |
 
 ---

articles/cognitive-services/Translator/how-to-create-translator-resource.md

@@ -26,7 +26,7 @@ The Translator service can be accessed through two different resource types:
 
 * [**Single-service**](https://portal.azure.com/#create/Microsoft.CognitiveServicesTextTranslation) resource types enable access to a single service API key and endpoint.
 
-* [**Multi-service**](https://portal.azure.com/#create/Microsoft.CognitiveServicesAllInOne) resource types enable access to multiple Cognitive Services using a single API key and endpoint. The Cognitive Services resource is currently available for the following services:
+* [**Multi-service**](https://portal.azure.com/#create/Microsoft.CognitiveServicesAllInOne) resource types enable access to multiple Cognitive Services using a single API key and endpoint.
 
 > [!TIP]
 > Create a Cognitive Services resource if you plan to access multiple cognitive services under a single endpoint/key. For Translator Service access only, create a Translator single-service resource. Please note that you'll need a single-service resource if you intend to use [Azure Active Directory authentication](../../active-directory/authentication/overview-authentication.md).

articles/cosmos-db/cassandra/cassandra-support.md

@@ -174,7 +174,7 @@ Azure Cosmos DB supports the following database commands on Cassandra API accoun
 | `REVOKE` | No |
 | `SELECT` | Yes |
 | `UPDATE` | Yes |
-| `TRUNCATE` | No |
+| `TRUNCATE` | Yes |
 | `USE` | Yes |
 
 ## Lightweight Transactions (LWT)

articles/cosmos-db/hierarchical-partition-keys.md

@@ -363,9 +363,9 @@ For example, assume we have a hierarchical partition key composed of **TenantId
 ```bicep
 partitionKey: {
   paths: [
-    'TenantId',
-    'UserId',
-    'SessionId'
+    '/TenantId',
+    '/UserId',
+    '/SessionId'
   ]
   kind: 'MultiHash'
   version: 2
@@ -377,9 +377,9 @@ partitionKey: {
 ```json
 "partitionKey": {
     "paths": [
-        "TenantId",
-        "UserId",
-        "SessionId"
+        "/TenantId",
+        "/UserId",
+        "/SessionId"
     ],
     "kind": "MultiHash",
     "version": 2