Merge branch 'main' into release-preview-site-manager

Author: v-alje

.openpublishing.redirection.json

@@ -3851,7 +3851,7 @@
         },
         {
             "source_path_from_root": "/articles/aks/cluster-configuration.md",
-            "redirect_url": "/azure/aks/concepts-clusters-workloads.md",
+            "redirect_url": "/azure/aks/concepts-clusters-workloads",
             "redirect_document_id": false
         },
         {

articles/ai-studio/concepts/rbac-ai-studio.md

@@ -24,7 +24,7 @@ In this article, you learn how to manage access (authorization) to an Azure AI h
 
 ## Azure AI hub resource vs Azure AI project
 
-In the Azure AI Studio, there are two levels of access: the Azure AI hub resource and the Azure AI project. The resource is home to the infrastructure (including virtual network setup, customer-managed keys, managed identities, and policies) as well as where you configure your Azure AI services. Azure AI hub resource access can allow you to modify the infrastructure, create new Azure AI hub resources, and create projects. Azure AI projects are a subset of the Azure AI hub resource that act as workspaces that allow you to build and deploy AI systems. Within a project you can develop flows, deploy models, and manage project assets. Project access lets you develop AI end-to-end while taking advantage of the infrastructure setup on the Azure AI hub resource.
+In the Azure AI Studio, there are two levels of access: the Azure AI hub and the Azure AI project. The AI hub is home to the infrastructure (including virtual network setup, customer-managed keys, managed identities, and policies) as well as where you configure your Azure AI services. Azure AI hub access can allow you to modify the infrastructure, create new Azure AI hub resources, and create projects. Azure AI projects are a subset of the Azure AI hub resource that act as workspaces that allow you to build and deploy AI systems. Within a project you can develop flows, deploy models, and manage project assets. Project access lets you develop AI end-to-end while taking advantage of the infrastructure setup on the Azure AI hub resource.
 
 :::image type="content" source="../media/concepts/azureai-hub-project-relationship.png" alt-text="Diagram of the relationship between AI Studio resources." lightbox="../media/concepts/azureai-hub-project-relationship.png":::
 
@@ -114,7 +114,6 @@ The Azure AI hub resource has dependencies on other Azure services. The followin
 | `Microsoft.Insights/Components/Write` | Write to an application insights component configuration. |
 | `Microsoft.OperationalInsights/workspaces/write` | Create a new workspace or links to an existing workspace by providing the customer ID from the existing workspace. |
 
-
 ## Sample enterprise RBAC setup
 The following is an example of how to set up role-based access control for your Azure AI Studio for an enterprise.
 
@@ -151,6 +150,18 @@ If the built-in roles are insufficient, you can create custom roles. Custom role
 > [!NOTE]
 > You must be an owner of the resource at that level to create custom roles within that resource. 
 
+## Scenario: Use a customer-managed key
+
+When using a customer-managed key (CMK), an Azure Key Vault is used to store the key. The user or service principal used to create the workspace must have owner or contributor access to the key vault.
+
+If your Azure AI hub is configured with a **user-assigned managed identity**, the identity must be granted the following roles. These roles allow the managed identity to create the Azure Storage, Azure Cosmos DB, and Azure Search resources used when using a customer-managed key:
+
+- `Microsoft.Storage/storageAccounts/write`
+- `Microsoft.Search/searchServices/write`
+- `Microsoft.DocumentDB/databaseAccounts/write`
+
+Within the key vault, the user or service principal must have create, get, delete, and purge access to the key through a key vault access policy. For more information, see [Azure Key Vault security](/azure/key-vault/general/security-features#controlling-access-to-key-vault-data).
+
 ## Next steps
 
 - [How to create an Azure AI hub resource](../how-to/create-azure-ai-resource.md)

articles/aks/custom-node-configuration.md

@@ -239,7 +239,7 @@ The settings below can be used to tune the operation of the virtual memory (VM)
 
 ## Next steps
 
-- Learn [how to configure your AKS cluster](cluster-configuration.md).
+- Learn [how to configure your AKS cluster](./concepts-clusters-workloads.md).
 - Learn how [upgrade the node images](node-image-upgrade.md) in your cluster.
 - See [Upgrade an Azure Kubernetes Service (AKS) cluster](upgrade-cluster.md) to learn how to upgrade your cluster to the latest version of Kubernetes.
 - See the list of [Frequently asked questions about AKS](faq.md) to find answers to some common AKS questions.

articles/azure-arc/servers/private-link-security.md

@@ -1,5 +1,5 @@
 ---
-title: Use Azure Private Link to securely connect servers to Azure Arc
+title: Use Azure Private Link to connect servers to Azure Arc using a private endpoint
 description: Learn how to use Azure Private Link to securely connect networks to Azure Arc.
 ms.topic: conceptual
 ms.custom:

articles/azure-monitor/agents/agents-overview.md

@@ -116,7 +116,7 @@ The tables below provide a comparison of Azure Monitor Agent with the legacy the
 |		|	IIS logs	|	✓ 	| ✓ |
 |	**Data sent to**	|		|		|		|
 |		|	Azure Monitor Logs	| ✓ | ✓ |
-|	**Services and features supported**	|		|		|		|		|
+|	**Services and features supported**	|		|		|		|
 |		|	Microsoft Sentinel 	|	✓ ([View scope](./azure-monitor-agent-migration.md#migrate-additional-services-and-features))	| ✓ |
 |		|	VM Insights	|	✓ | ✓ |
 |		|	Microsoft Defender for Cloud - Only uses MDE agent	|		|  |
@@ -140,7 +140,7 @@ The tables below provide a comparison of Azure Monitor Agent with the legacy the
 |		|	File based logs	| ✓ |		|
 |	**Data sent to**	|		|		|		|
 |		|	Azure Monitor Logs	| ✓ | ✓ |
-|	**Services and features supported**	|		|		|		|		|		|
+|	**Services and features supported**	|		|		|		|
 |		|	Microsoft Sentinel 	|	✓ ([View scope](./azure-monitor-agent-migration.md#migrate-additional-services-and-features))	| ✓ |
 |		|	VM Insights	| ✓ |	✓ |
 |		|	Microsoft Defender for Cloud - Only use MDE agent	| | |
@@ -156,7 +156,7 @@ View [supported operating systems for Azure Arc Connected Machine agent](../../a
 ### Windows
 
 | Operating system | Azure Monitor agent | Legacy agent|
-|:---|:---:|:---:|:---:|
+|:---|:---:|:---:
 | Windows Server 2022                                      | ✓ | ✓ |
 | Windows Server 2022 Core                                 | ✓ |   |
 | Windows Server 2019                                      | ✓ | ✓ |
@@ -181,7 +181,7 @@ View [supported operating systems for Azure Arc Connected Machine agent](../../a
 > This article references CentOS, a Linux distribution that is nearing End Of Life (EOL) status. Please consider your use and planning accordingly. For more information, see the [CentOS End Of Life guidance](~/articles/virtual-machines/workloads/centos/centos-end-of-life.md).
 
 | Operating system | Azure Monitor agent <sup>1</sup> | Legacy Agent <sup>1</sup> |
-|:---|:---:|:---:|:---:|
+|:---|:---:|:---:|
 | AlmaLinux 9                                                 | ✓<sup>2</sup> | ✓ |
 | AlmaLinux 8                                                 | ✓<sup>2</sup> | ✓ |
 | Amazon Linux 2017.09                                        |  | ✓ |
@@ -215,8 +215,8 @@ View [supported operating systems for Azure Arc Connected Machine agent](../../a
 | Ubuntu 22.04 LTS                                            | ✓ | ✓ |
 | Ubuntu 20.04 LTS                                            | ✓<sup>2</sup> | ✓ |
 | Ubuntu 18.04 LTS                                            | ✓<sup>2</sup> | ✓ |
-| Ubuntu 16.04 LTS                                            | ✓ | ✓ | ✓ |
-| Ubuntu 14.04 LTS                                            |   | ✓ | ✓ |
+| Ubuntu 16.04 LTS                                            | ✓ | ✓ |
+| Ubuntu 14.04 LTS                                            |   | ✓ |
 
 <sup>1</sup> Requires Python (2 or 3) to be installed on the machine.<br>
 <sup>2</sup> Also supported on Arm64-based machines.<br>

articles/azure-netapp-files/understand-guidelines-active-directory-domain-service-site.md

@@ -72,7 +72,7 @@ Ensure that you meet the following requirements about the DNS configurations:
     * Ensure that DNS servers have network connectivity to the Azure NetApp Files delegated subnet hosting the Azure NetApp Files volumes.
     * Ensure that network ports UDP 53 and TCP 53 are not blocked by firewalls or NSGs.
 * Ensure that [the SRV records registered by the AD DS Net Logon service](https://social.technet.microsoft.com/wiki/contents/articles/7608.srv-records-registered-by-net-logon.aspx) have been created on the DNS servers.
-* Ensure that the PTR records for the AD DS domain controllers used by Azure NetApp Files have been created on the DNS servers.
+* Ensure the PTR records for the AD DS domain controllers used by Azure NetApp Files have been created on the DNS servers in the same domain as your Azure NetApp Files configuration.
 * Azure NetApp Files doesn’t automatically delete pointer records (PTR) associated with DNS entries when a volume is deleted. PTR records are used for reverse DNS lookups, which map IP addresses to hostnames. They are typically managed by the DNS server's administrator.
 When you create a volume in Azure NetApp Files, you can associate it with a DNS name. However, the management of DNS records, including PTR records, is outside the scope of Azure NetApp Files. Azure NetApp Files provides the option to associate a volume with a DNS name for easier access, but it doesn't manage the DNS records associated with that name. 
 If you delete a volume in Azure NetApp Files, the associated DNS records (such as the A records for forwarding DNS lookups) need to be managed and deleted from the DNS server or the DNS service you are using.

articles/cloud-shell/features.md

@@ -196,6 +196,6 @@ Programming languages
 [27]: https://kubernetes.io/docs/reference/kubectl/
 [28]: https://pnp.github.io/office365-cli/
 [29]: https://puppet.com/docs/bolt/latest/bolt.html
-[30]: https://www.ansible.com/microsoft-azure
+[30]: /azure/developer/ansible/overview
 [31]: https://www.terraform.io/docs/providers/azurerm/
 [32]: persisting-shell-storage.md

articles/communication-services/quickstarts/chat/includes/meeting-interop-javascript.md

@@ -64,7 +64,7 @@ Create an **index.html** file in the root directory of your project. We use this
 ## Add the Teams UI controls
 
 Replace the code in index.html with the following snippet.
-The text boxes at the top of the page will be used to enter the Teams meeting context and meeting thread ID. The 'Join Teams Meeting' button is used to join the specified meeting.
+The text box at the top of the page will be used to enter the Teams meeting context. The 'Join Teams Meeting' button is used to join the specified meeting.
 A chat pop-up appears at the bottom of the page. It can be used to send messages on the meeting thread, and it displays in real time any messages sent on the thread while the Communication Services user is a member.
 
 ```html
@@ -349,7 +349,7 @@ Open your browser and navigate to `http://localhost:8080/`. You should see app l
 
 :::image type="content" source="../join-teams-meeting-chat-quickstart.png" alt-text="Screenshot of the completed JavaScript Application.":::
 
-Insert the Teams meeting link and thread ID into the text boxes. Press *Join Teams Meeting* to join the Teams meeting. After the Communication Services user has been admitted into the meeting, you can chat from within your Communication Services application. Navigate to the box at the bottom of the page to start chatting. For simplicity, the application only shows the last two messages in the chat.
+Insert the Teams meeting link into the text box. Press *Join Teams Meeting* to join the Teams meeting. After the Communication Services user has been admitted into the meeting, you can chat from within your Communication Services application. Navigate to the box at the bottom of the page to start chatting. For simplicity, the application only shows the last two messages in the chat.
 
 > [!NOTE] 
 > Certain features are currently not supported for interoperability scenarios with Teams. Learn more about the supported features, please see [Teams meeting capabilities for Teams external users](../../../concepts/interop/guest/capabilities.md)

articles/communication-services/tutorials/file-sharing-tutorial-interop-chat.md

@@ -74,9 +74,7 @@ To be able to start the Composite for meeting chat, we need to pass `TeamsMeetin
 { "meetingLink": "<TEAMS_MEETING_LINK>" }
 ```
 
-Note that meeting link should look something like `https://teams.microsoft.com/l/meetup-join/19%3ameeting_XXXXXXXXXXX%40thread.v2/XXXXXXXXXXX`
-
-And this is all you need! And there's no other setup needed to enable the Azure Communication Services end user to receive file attachments from the Teams user. 
+This is all you need - and there's no other setup needed to enable the Azure Communication Services end user to receive file attachments from the Teams user!
 
 ## Permissions
 

articles/communication-services/tutorials/inline-image-tutorial-interop-chat.md

@@ -13,8 +13,6 @@ ms.subservice: chat
 
 # Enable inline image using UI Library in Teams Interoperability Chat
 
-[!INCLUDE [Public Preview Notice](../includes/public-preview-include.md)]
-
 In a Teams Interoperability Chat ("Interop Chat"), we can enable Azure Communication Service end users to receive inline images sent by Teams users. Currently, the Azure Communication Service end user is able to only receive inline images from the Teams user. Refer to [UI Library Use Cases](../concepts/ui-library/ui-library-use-cases.md) to learn more.
 
 >[!IMPORTANT]
@@ -33,7 +31,7 @@ Access the code for this tutorial on [GitHub](https://github.com/Azure-Samples/c
 - [Visual Studio Code](https://code.visualstudio.com/) on one of the [supported platforms](https://code.visualstudio.com/docs/supporting/requirements#_platforms).
 - [Node.js](https://nodejs.org/), Active LTS and Maintenance LTS versions. Use the `node --version` command to check your version.
 - An active Communication Services resource and connection string. [Create a Communication Services resource](../quickstarts/create-communication-resource.md).
-- Using the UI library version [1.7.0-beta.1](https://www.npmjs.com/package/@azure/communication-react/v/1.7.0-beta.1) or the latest.
+- Using the UI library version [1.15.0](https://www.npmjs.com/package/@azure/communication-react/v/1.15.0) or the latest.
 - Have a Teams meeting created and the meeting link ready.
 - Be familiar with how [ChatWithChat Composite](https://azure.github.io/communication-ui-library/?path=/docs/composites-call-with-chat-basicexample--basic-example) works.
 
@@ -75,10 +73,7 @@ To be able to start the Composite for meeting chat, we need to pass `TeamsMeetin
 { "meetingLink": "<TEAMS_MEETING_LINK>" }
 ```
 
-Note that meeting link should look something like `https://teams.microsoft.com/l/meetup-join/19%3ameeting_XXXXXXXXXXX%40thread.v2/XXXXXXXXXXX`.
-
-
-And this is all you need! And there's no other setup needed to enable inline image specifically. 
+This is all you need - and there's no other setup needed to enable inline image specifically. 
 
 
 ## Run the code