Skip to content

Commit 921aed6

Browse files
Merge branch 'patch-4' of https://github.com/chengyuanlai-msft/azure-docs-pr into patch-4
2 parents 5f39de2 + d10c84b commit 921aed6

File tree

125 files changed

+1274
-184
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

125 files changed

+1274
-184
lines changed

articles/active-directory-b2c/identity-protection-investigate-risk.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
title: Investigate risk with Azure Active Directory B2C Identity Protection
33
description: Learn how to investigate risky users, and detections in Azure AD B2C Identity Protection
4-
ms.service: active-directory
4+
ms.service: entra-id
55
ms.subservice: conditional-access
66
ms.topic: overview
77
ms.date: 01/24/2024

articles/active-directory-b2c/partner-grit-iam.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ ms.subservice: B2C
1616

1717
# Tutorial: Configure the Grit IAM B2B2C solution with Azure Active Directory B2C
1818

19-
In this tutorial, you learn how to integrate Azure Active Directory B2C (Azure AD B2C) authentication with a [Grit IAM B2B2C](https://www.gritiam.com/b2b2c) solution. You can use the solution to provide secure, reliable, self-serviceable, and user-friendly identity and access management to your customers. Shared profile data such as first name, last name, home address, and email used in web and mobile applications are stored in a centralized manner with consideration to compliance and regulatory needs.
19+
In this tutorial, you learn how to integrate Azure Active Directory B2C (Azure AD B2C) authentication with a [Grit IAM B2B2C](https://www.gritiam.com/b2b2c.html) solution. You can use the solution to provide secure, reliable, self-serviceable, and user-friendly identity and access management to your customers. Shared profile data such as first name, last name, home address, and email used in web and mobile applications are stored in a centralized manner with consideration to compliance and regulatory needs.
2020

2121

2222
Use Grit's B2BB2C solution for:
@@ -28,7 +28,7 @@ Use Grit's B2BB2C solution for:
2828

2929
To get started, ensure the following prerequisites are met:
3030

31-
- A Grit IAM account. You can go to [Grit IAM B2B2C solution](https://www.gritiam.com/b2b2c) to get a demo.
31+
- A Grit IAM account. You can go to [Grit IAM B2B2C solution](https://www.gritiam.com/b2b2c.html) to get a demo.
3232
- A Microsoft Entra subscription. If you don't have one, you can create a [free Azure account](https://azure.microsoft.com/free/).
3333
- An Azure AD B2C tenant linked to the Azure subscription. You can learn more at [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md).
3434
- Configure your application in the Azure portal.

articles/ai-services/speech-service/includes/how-to/compressed-audio-input/gstreamer-android.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ APP_PLATFORM = android-21
7373
APP_BUILD_SCRIPT = Android.mk
7474
```
7575

76-
You can build `libgstreamer_android.so` by using the following command on Ubuntu 18.04 or 20.04. The following command lines have been tested for [GStreamer Android version 1.14.4](https://gstreamer.freedesktop.org/download/) with [Android NDK b16b.](https://dl.google.com/android/repository/android-ndk-r16b-linux-x86_64.zip)
76+
You can build `libgstreamer_android.so` by using the following command on Ubuntu 18.04 or 20.04. The following command lines have been tested for [GStreamer Android version 1.14.4] with [Android NDK b16b.](https://dl.google.com/android/repository/android-ndk-r16b-linux-x86_64.zip)
7777

7878
```sh
7979
# Assuming wget and unzip are already installed on the system

articles/api-management/compute-infrastructure.md

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ description: Learn about the compute platform used to host your API Management s
44
author: dlepow
55
ms.service: api-management
66
ms.topic: conceptual
7-
ms.date: 12/19/2023
7+
ms.date: 03/26/2024
88
ms.author: danlep
99
ms.custom:
1010
---
@@ -30,9 +30,7 @@ The following table summarizes the compute platforms currently used in the **Con
3030
<sup>1</sup> Newly created instances in these tiers and some existing instances in Developer and Premium tiers configured with virtual networks or availability zones.
3131

3232
> [!NOTE]
33-
> Currently, the `stv2` platform isn't available in the following Azure regions: China East, China East 2, China North, China North 2.
34-
>
35-
> Also, as Qatar Central is a recently established Azure region, only the `stv2` platform is supported for API Management services deployed in this region.
33+
> In Qatar Central, only the `stv2` platform is supported for API Management services deployed in this region.
3634
3735
## How do I know which platform hosts my API Management instance?
3836

articles/automation/update-management/overview.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ The following table summarizes the supported connected sources with Update Manag
4646
| Linux |Yes |Update Management collects information about system updates from Linux machines with the Log Analytics agent and installation of required updates on supported distributions.<br> Machines need to report to a local or remote repository. |
4747
| Operations Manager management group |Yes |Update Management collects information about software updates from agents in a connected management group.<br/><br/>A direct connection from the Operations Manager agent to Azure Monitor logs isn't required. Log data is forwarded from the management group to the Log Analytics workspace. |
4848

49-
The machines assigned to Update Management report how up to date they are based on what source they are configured to synchronize with. Windows machines need to be configured to report to either [Windows Server Update Services](/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or [Microsoft Update](https://support.microsoft.com/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a), and Linux machines need to be configured to report to a local or public repository. You can also use Update Management with Microsoft Configuration Manager, and to learn more see [Integrate Update Management with Windows Configuration Manager](mecmintegration.md).
49+
The machines assigned to Update Management report how up to date they are based on what source they are configured to synchronize with. Windows machines need to be configured to report to either [Windows Server Update Services](/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or [Microsoft Update](https://www.catalog.update.microsoft.com/), and Linux machines need to be configured to report to a local or public repository. You can also use Update Management with Microsoft Configuration Manager, and to learn more see [Integrate Update Management with Windows Configuration Manager](mecmintegration.md).
5050

5151
If the Windows Update Agent (WUA) on the Windows machine is configured to report to WSUS, depending on when WSUS last synchronized with Microsoft Update, the results might differ from what Microsoft Update shows. This behavior is the same for Linux machines that are configured to report to a local repo instead of a public repo. On a Windows machine, the compliance scan is run every 12 hours by default. For a Linux machine, the compliance scan is performed every hour by default. If the Log Analytics agent is restarted, a compliance scan is started within 15 minutes. When a machine completes a scan for update compliance, the agent forwards the information in bulk to Azure Monitor Logs.
5252

articles/azure-arc/resource-bridge/maintenance.md

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,19 +7,23 @@ ms.date: 11/03/2023
77

88
# Azure Arc resource bridge maintenance operations
99

10-
To keep your Azure Arc resource bridge deployment online and operational, you might need to perform maintenance operations such as updating credentials or monitoring upgrades.
10+
To keep your Azure Arc resource bridge deployment online and operational, you need to perform maintenance operations such as updating credentials, monitoring upgrades and ensuring the appliance VM is online.
1111

12-
To maintain the on-premises appliance VM, the [appliance configuration files generated during deployment](deploy-cli.md#az-arcappliance-createconfig) need to be saved in a secure location and made available on the management machine. The management machine used to perform maintenance operations must meet all of [the Arc resource bridge requirements](system-requirements.md).
12+
## Prerequisites
1313

14-
The following sections describe some of the most common maintenance tasks for Arc resource bridge.
14+
To maintain the on-premises appliance VM, the [appliance configuration files generated during deployment](deploy-cli.md#az-arcappliance-createconfig) need to be saved in a secure location and made available on the management machine.
15+
16+
The management machine used to perform maintenance operations must meet all of [the Arc resource bridge requirements](system-requirements.md).
17+
18+
The following sections describe the maintenance tasks for Arc resource bridge.
1519

1620
## Update credentials in the appliance VM
1721

18-
Arc resource bridge consists of an on-premises appliance VM. The appliance VM [stores credentials](system-requirements.md#user-account-and-credentials) (for example, a user account for VMware vCenter) used to access the control center of the on-premises infrastructure to view and manage on-premises resources.
22+
Arc resource bridge consists of an on-premises appliance VM. The appliance VM [stores credentials](system-requirements.md#user-account-and-credentials) (for example, a user account for VMware vCenter) used to access the control center of the on-premises infrastructure to view and manage on-premises resources. The credentials used by Arc resource bridge are the same ones provided during deployment of the resource bridge. This allows the resource bridge visibility to on-premises resources for guest management in Azure.
1923

20-
The credentials used by Arc resource bridge are the same ones provided during deployment of the bridge. This allows the bridge visibility to on-premises resources for guest management in Azure.
24+
If the credentials change, the credentials stored in the Arc resource bridge need to be updated with the [`update-infracredentials` command](/cli/azure/arcappliance/update-infracredentials). This command must be run from the management machine, and it requires a [kubeconfig file](system-requirements.md#kubeconfig).
2125

22-
If the credentials change, the credentials stored in the Arc resource bridge need to be updated with the [`update-infracredentials` command](/cli/azure/arcappliance/update-infracredentials). This command must be run from the management machine, and it requires a [kubeconfig file](system-requirements.md#kubeconfig).
26+
Reference: [Arc-enabled VMware - Update the credentials stored in Arc resource bridge](../vmware-vsphere/administer-arc-vmware.md#updating-the-vsphere-account-credentials-using-a-new-password-or-a-new-vsphere-account-after-onboarding)
2327

2428
## Troubleshoot Arc resource bridge
2529

articles/azure-arc/resource-bridge/system-requirements.md

Lines changed: 22 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -39,17 +39,19 @@ These minimum requirements enable most scenarios. However, a partner product may
3939

4040
## IP address prefix (subnet) requirements
4141

42-
The IP address prefix (subnet) where Arc resource bridge will be deployed requires a minimum prefix of /29. The IP address prefix must have enough available IP addresses for the gateway IP, control plane IP, appliance VM IP, and reserved appliance VM IP. Please work with your network engineer to ensure that there is an available subnet with the required available IP addresses and IP address prefix for Arc resource bridge.
42+
The IP address prefix (subnet) where Arc resource bridge will be deployed requires a minimum prefix of /29. The IP address prefix must have enough available IP addresses for the gateway IP, control plane IP, appliance VM IP, and reserved appliance VM IP. Arc resource bridge only uses the IP addresses assigned to the IP pool range (Start IP, End IP) and the Control Plane IP. We recommend that the End IP immediately follow the Start IP. Ex: Start IP =192.168.0.2, End IP = 192.168.0.3. Please work with your network engineer to ensure that there is an available subnet with the required available IP addresses and IP address prefix for Arc resource bridge.
4343

44-
The IP address prefix is the subnet's IP address range for the virtual network and subnet mask (IP Mask) in CIDR notation, for example `192.168.7.1/24`. You provide the IP address prefix (in CIDR notation) during the creation of the configuration files for Arc resource bridge.
44+
The IP address prefix is the subnet's IP address range for the virtual network and subnet mask (IP Mask) in CIDR notation, for example `192.168.7.1/29`. You provide the IP address prefix (in CIDR notation) during the creation of the configuration files for Arc resource bridge.
4545

4646
Consult your network engineer to obtain the IP address prefix in CIDR notation. An IP Subnet CIDR calculator may be used to obtain this value.
4747

4848
## Static IP configuration
4949

5050
If deploying Arc resource bridge to a production environment, static configuration must be used when deploying Arc resource bridge. Static IP configuration is used to assign three static IPs (that are in the same subnet) to the Arc resource bridge control plane, appliance VM, and reserved appliance VM.
5151

52-
DHCP is only supported in a test environment for testing purposes only for VM management on Azure Stack HCI, and it should not be used in a production environment. DHCP isn't supported on any other Arc-enabled private cloud, including Arc-enabled VMware, Arc for AVS, or Arc-enabled SCVMM. If using DHCP, you must reserve the IP addresses used by the control plane and appliance VM. In addition, these IPs must be outside of the assignable DHCP range of IPs. Ex: The control plane IP should be treated as a reserved/static IP that no other machine on the network will use or receive from DHCP. If the control plane IP or appliance VM IP changes (ex: due to an outage, this impacts the resource bridge availability and functionality.
52+
DHCP is only supported in a test environment for testing purposes only for VM management on Azure Stack HCI. It should not be used in a production environment. DHCP isn't supported on any other Arc-enabled private cloud, including Arc-enabled VMware, Arc for AVS, or Arc-enabled SCVMM.
53+
54+
If using DHCP, you must reserve the IP addresses used by the control plane and appliance VM. In addition, these IPs must be outside of the assignable DHCP range of IPs. Ex: The control plane IP should be treated as a reserved/static IP that no other machine on the network will use or receive from DHCP. If the control plane IP or appliance VM IP changes, this impacts the resource bridge availability and functionality.
5355

5456
## Management machine requirements
5557

@@ -58,10 +60,14 @@ The machine used to run the commands to deploy and maintain Arc resource bridge
5860
Management machine requirements:
5961

6062
- [Azure CLI x64](/cli/azure/install-azure-cli-windows?tabs=azure-cli) installed
61-
- Open communication to Control Plane IP (`controlplaneendpoint` parameter in `createconfig` command)
62-
- Open communication to Appliance VM IP
63-
- Open communication to the reserved Appliance VM IP
64-
- if applicable, communication over port 443 to the private cloud management console (ex: VMware vCenter host machine)
63+
- Open communication to Control Plane IP
64+
65+
- Communication to Appliance VM IP (SSH TCP port 22, Kubernetes API port 6443)
66+
67+
- Communication to the reserved Appliance VM IP ((SSH TCP port 22, Kubernetes API port 6443)
68+
69+
- communication over port 443 (if applicable) to the private cloud management console (ex: VMware vCenter host machine)
70+
6571
- Internal and external DNS resolution. The DNS server must resolve internal names, such as the vCenter endpoint for vSphere or cloud agent service endpoint for Azure Stack HCI. The DNS server must also be able to resolve external addresses that are [required URLs](network-requirements.md#outbound-connectivity) for deployment.
6672
- Internet access
6773

@@ -77,11 +83,8 @@ Appliance VM IP address requirements:
7783

7884
- Open communication with the management machine and management endpoint (such as vCenter for VMware or MOC cloud agent service endpoint for Azure Stack HCI).
7985
- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity) enabled in proxy/firewall.
80-
- Static IP assigned (strongly recommended)
86+
- Static IP assigned and within the IP address prefix.
8187

82-
- If using DHCP, then the address must be reserved and outside of the assignable DHCP range of IPs. No other machine on the network will use or receive this IP from DHCP. DHCP is generally not recommended because a change in IP address (ex: due to an outage) impacts the resource bridge availability.
83-
84-
- Must be from within the IP address prefix.
8588
- Internal and external DNS resolution.
8689
- If using a proxy, the proxy server has to be reachable from this IP and all IPs within the VM IP pool.
8790

@@ -99,15 +102,11 @@ Reserved appliance VM IP requirements:
99102

100103
- Internet connectivity to [required URLs](network-requirements.md#outbound-connectivity) enabled in proxy/firewall.
101104

102-
- Static IP assigned (strongly recommended)
103-
104-
- If using DHCP, then the address must be reserved and outside of the assignable DHCP range of IPs. No other machine on the network will use or receive this IP from DHCP. DHCP is generally not recommended because a change in IP address (ex: due to an outage) impacts the resource bridge availability.
105-
106-
- Must be from within the IP address prefix.
105+
- Static IP assigned and within the IP address prefix.
107106

108-
- Internal and external DNS resolution.
107+
- Internal and external DNS resolution.
109108

110-
- If using a proxy, the proxy server has to be reachable from this IP and all IPs within the VM IP pool.
109+
- If using a proxy, the proxy server has to be reachable from this IP and all IPs within the VM IP pool.
111110

112111
## Control plane IP requirements
113112

@@ -117,8 +116,7 @@ Control plane IP requirements:
117116

118117
- Open communication with the management machine.
119118

120-
- Static IP address assigned; the IP address should be outside the DHCP range but still available on the network segment. This IP address can't be assigned to any other machine on the network.
121-
- If using DHCP, the control plane IP should be a single reserved IP that is outside of the assignable DHCP range of IPs. No other machine on the network will use or receive this IP from DHCP. DHCP is generally not recommended because a change in IP address (ex: due to an outage) impacts the resource bridge availability.
119+
- Static IP address assigned and within the IP address prefix.
122120

123121
- If using a proxy, the proxy server has to be reachable from IPs within the IP address prefix, including the reserved appliance VM IP.
124122

@@ -128,23 +126,23 @@ DNS server(s) must have internal and external endpoint resolution. The appliance
128126

129127
## Gateway
130128

131-
The gateway IP should be an IP from within the subnet designated in the IP address prefix.
129+
The gateway IP is the IP of the gateway for the network where Arc resource bridge is deployed. The gateway IP should be an IP from within the subnet designated in the IP address prefix.
132130

133131
## Example minimum configuration for static IP deployment
134132

135-
The following example shows valid configuration values that can be passed during configuration file creation for Arc resource bridge. It is strongly recommended to use static IP addresses when deploying Arc resource bridge.
133+
The following example shows valid configuration values that can be passed during configuration file creation for Arc resource bridge.
136134

137135
Notice that the IP addresses for the gateway, control plane, appliance VM and DNS server (for internal resolution) are within the IP address prefix. This key detail helps ensure successful deployment of the appliance VM.
138136

139137
IP Address Prefix (CIDR format): 192.168.0.0/29
140138

141-
Gateway (IP format): 192.168.0.1
139+
Gateway IP: 192.168.0.1
142140

143141
VM IP Pool Start (IP format): 192.168.0.2
144142

145143
VM IP Pool End (IP format): 192.168.0.3
146144

147-
Control Plane IP (IP format): 192.168.0.4
145+
Control Plane IP: 192.168.0.4
148146

149147
DNS servers (IP list format): 192.168.0.1, 10.0.0.5, 10.0.0.6
150148

0 commit comments

Comments
 (0)