Merge pull request #192240 from MicrosoftDocs/main

hmacgregor1 · web-flow · commit a0245f669397 · 2022-03-20T16:00:22.000-07:00
Merge Master to Live Sunday, 4/20/22, 4 PM
diff --git a/articles/active-directory-b2c/cookie-definitions.md b/articles/active-directory-b2c/cookie-definitions.md
@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 08/12/2021
+ms.date: 03/20/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -42,8 +42,18 @@ The following table lists the cookies used in Azure AD B2C.
 | `x-ms-cpim-trans` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Used for tracking the transactions  (number of authentication requests to Azure AD B2C) and the current transaction. |
 | `x-ms-cpim-sso:{Id}` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Used for maintaining the SSO session. This cookie is set as `persistent`, when [Keep Me Signed In](session-behavior.md#enable-keep-me-signed-in-kmsi) is enabled.|
 | `x-ms-cpim-cache:{id}_n` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md), successful authentication | Used for maintaining the request state. |
-| `x-ms-cpim-csrf` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Cross-Site Request Forgery token used for CRSF protection. |
+| `x-ms-cpim-csrf` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Cross-Site Request Forgery token used for CRSF protection. For more information, read the [Cross-Site request forgery token](#cross-site-request-forgery-token) section. |
 | `x-ms-cpim-dc` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Used for Azure AD B2C network routing. |
 | `x-ms-cpim-ctx` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Context |
 | `x-ms-cpim-rp` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Used for storing membership data for the resource provider tenant. |
 | `x-ms-cpim-rc` | b2clogin.com, login.microsoftonline.com, branded domain | End of [browser session](session-behavior.md) | Used for storing the relay cookie. |
+
+## Cross-Site request forgery token
+
+To prevent Cross Site Request Forgery (CSRF) attacks, Azure AD B2C applies the Synchronizer Token strategy mechanism. For more details on this pattern, check out the [Cross-Site Request Forgery Prevention](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern) article.
+
+Azure AD B2C generates a synchronizer token, and adds it in two places; in a cookie labeled `x-ms-cpim-csrf`, and a query string parameter named `csrf_token` in the URL of the page sent to the Azure AD B2C. As Azure AD B2C service processes the incoming requests from the browser, it confirms that both the query string and cookie versions of the token exist, and that they exactly match. Also it verifies the elements of the contents of the token to confirm against expected values for the in-progress authentication.
+
+For example, in the sign-up or sign-in page, when a user selects the "Forgot password", or "Sign-up now" links, the browser sends a GET request to Azure AD B2C in order to load the contents of the next page. The request to load content Azure AD B2C additionally chooses to send and validate the Synchronizer Token as an extra layer of protection to ensure that the request to load the page was the result of an in-progress authentication.
+
+The Synchronizer Token is a credential that doesn't identify a user, but rather is tied to an active unique authentication session. 
diff --git a/articles/azure-monitor/logs/basic-logs-query.md b/articles/azure-monitor/logs/basic-logs-query.md
@@ -24,7 +24,7 @@ Log queries against Basic Logs are optimized for simple data retrieval using a s
 - [extend](/azure/data-explorer/kusto/query/extendoperator)
 - [project](/azure/data-explorer/kusto/query/projectoperator)
 - [project-away](/azure/data-explorer/kusto/query/projectawayoperator)
-- [project-keep](/azure/data-explorer/kusto/query/projectkeepoperator)
+- [project-keep](/azure/data-explorer/kusto/query/project-keep-operator)
 - [project-rename](/azure/data-explorer/kusto/query/projectrenameoperator)
 - [project-reorder](/azure/data-explorer/kusto/query/projectreorderoperator)
 - [parse](/azure/data-explorer/kusto/query/parseoperator)
@@ -98,4 +98,4 @@ For more information, see [Azure Monitor pricing](https://azure.microsoft.com/pr
 
 - [Learn more about Basic Logs and the different log plans.](log-analytics-workspace-overview.md#log-data-plans-preview)
 - [Configure a table for Basic Logs.](basic-logs-configure.md)
-- [Use a search job to retrieve data from Basic Logs into Analytics Logs where it can be queries multiple times.](search-jobs.md)
+- [Use a search job to retrieve data from Basic Logs into Analytics Logs where it can be queries multiple times.](search-jobs.md)
diff --git a/articles/azure-monitor/logs/custom-logs-overview.md b/articles/azure-monitor/logs/custom-logs-overview.md
@@ -27,8 +27,8 @@ Authentication for the custom logs API is performed at the data collection endpo
 ## Tables
 Custom logs can send data to any custom table that you create and to certain built-in tables in your Log Analytics workspace. The target table must exist before you can send data to it. The following built-in tables are currently supported:
 
-- [CommonSecurityLog](/azure/azure-monitor/reference/tables/commonsecurityevent)
-- [SecurityEvents](/azure/azure-monitor/reference/tables/securityevents)
+- [CommonSecurityLog](/azure/azure-monitor/reference/tables/commonsecuritylog)
+- [SecurityEvents](/azure/azure-monitor/reference/tables/securityevent)
 - [Syslog](/azure/azure-monitor/reference/tables/syslog)
 - [WindowsEvents](/azure/azure-monitor/reference/tables/windowsevent)
 
diff --git a/articles/azure-monitor/logs/search-jobs.md b/articles/azure-monitor/logs/search-jobs.md
@@ -221,7 +221,7 @@ Log queries in a search job are intended to scan very large sets of data. To sup
 - [extend](/azure/data-explorer/kusto/query/extendoperator)
 - [project](/azure/data-explorer/kusto/query/projectoperator)
 - [project-away](/azure/data-explorer/kusto/query/projectawayoperator)
-- [project-keep](/azure/data-explorer/kusto/query/projectkeepoperator)
+- [project-keep](/azure/data-explorer/kusto/query/project-keep-operator)
 - [project-rename](/azure/data-explorer/kusto/query/projectrenameoperator)
 - [project-reorder](/azure/data-explorer/kusto/query/projectreorderoperator)
 - [parse](/azure/data-explorer/kusto/query/whereoperator)
@@ -246,4 +246,4 @@ For more information, see [Azure Monitor pricing](https://azure.microsoft.com/pr
 
 - [Learn more about data retention and archiving data.](data-retention-archive.md)
 - [Learn about restoring data, which is another method for retrieving archived data.](restore.md)
-- [Learn about directly querying Basic Logs.](basic-logs-query.md)
+- [Learn about directly querying Basic Logs.](basic-logs-query.md)
diff --git a/articles/azure-monitor/logs/tables-feature-support.md b/articles/azure-monitor/logs/tables-feature-support.md
@@ -122,7 +122,6 @@ The following list identifies the tables in a [Log Analytics workspace](log-anal
 | [DeviceNetworkInfo](/azure/azure-monitor/reference/tables/devicenetworkinfo) | |
 | [DnsEvents](/azure/azure-monitor/reference/tables/dnsevents) | |
 | [DnsInventory](/azure/azure-monitor/reference/tables/dnsinventory) | |
-| [DummyHydrationFact](/azure/azure-monitor/reference/tables/dummyhydrationfact) | |
 | [Dynamics365Activity](/azure/azure-monitor/reference/tables/dynamics365activity) | |
 | [EmailAttachmentInfo](/azure/azure-monitor/reference/tables/emailattachmentinfo) | |
 | [EmailEvents](/azure/azure-monitor/reference/tables/emailevents) | |
diff --git a/articles/azure-monitor/logs/tutorial-custom-logs-api.md b/articles/azure-monitor/logs/tutorial-custom-logs-api.md
@@ -27,7 +27,7 @@ In this tutorial, you learn to:
 To complete this tutorial, you need the following: 
 
 - Log Analytics workspace where you have at least [contributor rights](manage-access.md#manage-access-using-azure-permissions) .
-- [Permissions to create Data Collection Rule objects](/essentials/data-collection-rule-overview.md#permissions) in the workspace.
+- [Permissions to create Data Collection Rule objects](/azure/azure-monitor/essentials/data-collection-rule-overview#permissions) in the workspace.
 
 ## Collect workspace details
 Start by gathering information that you'll need from your workspace.
@@ -440,4 +440,4 @@ The cache that drives IntelliSense may take up to 24 hours to update.
 
 - [Complete a similar tutorial using the Azure portal.](tutorial-custom-logs.md)
 - [Read more about custom logs.](custom-logs-overview.md)
-- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
+- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
diff --git a/articles/azure-monitor/logs/tutorial-custom-logs.md b/articles/azure-monitor/logs/tutorial-custom-logs.md
@@ -24,7 +24,7 @@ In this tutorial, you learn to:
 To complete this tutorial, you need the following: 
 
 - Log Analytics workspace where you have at least [contributor rights](manage-access.md#manage-access-using-azure-permissions) .
-- [Permissions to create Data Collection Rule objects](/essentials/data-collection-rule-overview.md#permissions) in the workspace.
+- [Permissions to create Data Collection Rule objects](/azure/azure-monitor/essentials/data-collection-rule-overview#permissions) in the workspace.
 
 
 ## Overview of tutorial
diff --git a/articles/azure-monitor/logs/tutorial-ingestion-time-transformations-api.md b/articles/azure-monitor/logs/tutorial-ingestion-time-transformations-api.md
@@ -25,7 +25,7 @@ In this tutorial, you learn to:
 To complete this tutorial, you need the following: 
 
 - Log Analytics workspace where you have at least [contributor rights](manage-access.md#manage-access-using-azure-permissions) .
-- [Permissions to create Data Collection Rule objects](/essentials/data-collection-rule-overview.md#permissions) in the workspace. 
+- [Permissions to create Data Collection Rule objects](../essentials/data-collection-rule-overview.md#permissions) in the workspace. 
 
 
 ## Overview of tutorial
@@ -284,4 +284,4 @@ There is currently a known issue affecting dynamic columns. A temporary workarou
 
 - [Read more about ingestion-time transformations](ingestion-time-transformations.md)
 - [See which tables support ingestion-time transformations](tables-feature-support.md)
-- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
+- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
diff --git a/articles/azure-monitor/logs/tutorial-ingestion-time-transformations.md b/articles/azure-monitor/logs/tutorial-ingestion-time-transformations.md
@@ -117,4 +117,4 @@ There is currently a known issue affecting dynamic columns. A temporary workarou
 
 - [Read more about ingestion-time transformations](ingestion-time-transformations.md)
 - [See which tables support ingestion-time transformations](tables-feature-support.md)
-- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
+- [Learn more about writing transformation queries](../essentials/data-collection-rule-transformations.md)
diff --git a/articles/defender-for-cloud/defender-for-app-service-introduction.md b/articles/defender-for-cloud/defender-for-app-service-introduction.md
@@ -30,7 +30,7 @@ To protect your Azure App Service plan with Microsoft Defender for App Service,
 |------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | Release state:               | General availability (GA)                                                                                                                                                                      |
 | Pricing:                     | Microsoft Defender for App Service is billed as shown on the [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/)<br>Billing is according to total compute instances in all plans       |
-| Supported App Service plans: | [All App Service plans](https://azure.microsoft.com/pricing/details/app-service/plans/) are supported except [Azure Functions on the consumption plan](../azure-functions/functions-scale.md). |
+| Supported App Service plans: | [The supported App Service plans](https://azure.microsoft.com/pricing/details/app-service/plans/) are:<br>• Free plan<br>• Basic Service plan<br>• Standard Service plan<br>• Premium v2 Service Plan<br>• Premium v3 Service Plan<br>• App Service Environment v1<br>• App Service Environment v2<br>• App Service Environment v3|
 | Clouds:                      | :::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/no-icon.png"::: National (Azure Government, Azure China 21Vianet)                                                     |
 |                              |                                                                                                                                                                                                |
 
diff --git a/articles/defender-for-cloud/release-notes.md b/articles/defender-for-cloud/release-notes.md
@@ -85,7 +85,7 @@ The current user experience only provides the score when all compliance checks h
 
 ### Deprecated the recommendation to use service principals to protect your subscriptions
 
-As organizations move away from using management certificates to manage their subscriptions, and [our recent announcement that we're retiring the Cloud Services (classic) deployment model](https://azure.microsoft.com/updates/cloud-services-retirement-announcement/), we'll be deprecating the following Defender for Cloud recommendation and its related policy:
+As organizations move away from using management certificates to manage their subscriptions, and [our recent announcement that we're retiring the Cloud Services (classic) deployment model](https://azure.microsoft.com/updates/cloud-services-retirement-announcement/), we deprecated the following Defender for Cloud recommendation and its related policy:
 
 |Recommendation |Description |Severity |
 |---|---|---|
@@ -99,7 +99,7 @@ Learn more:
 
 ### Legacy implementation of ISO 27001 is being replaced with new ISO 27001:2013
 
-The legacy implementation of ISO 27001 will has been removed from Defender for Cloud's regulatory compliance dashboard. If you're tracking your ISO 27001 compliance with Defender for Cloud, onboard the new ISO 27001:2013 standard for all relevant management groups or subscriptions, and the current legacy ISO 27001 is removed from the dashboard.
+The legacy implementation of ISO 27001 has been removed from Defender for Cloud's regulatory compliance dashboard. If you're tracking your ISO 27001 compliance with Defender for Cloud, onboard the new ISO 27001:2013 standard for all relevant management groups or subscriptions.
 
 :::image type="content" source="media/upcoming-changes/removing-iso-27001-legacy-implementation.png" alt-text="Defender for Cloud's regulatory compliance dashboard showing the message about the removal of the legacy implementation of ISO 27001." lightbox="media/upcoming-changes/removing-iso-27001-legacy-implementation.png":::
 
diff --git a/articles/defender-for-iot/organizations/tutorial-getting-started-eiot-sensor.md b/articles/defender-for-iot/organizations/tutorial-getting-started-eiot-sensor.md
@@ -46,17 +46,17 @@ Before you deploy your Enterprise IoT sensor, you will need to configure your se
 
 **To set up a server, or VM**:
 
-1. Ensure the minimum resources are set to:
-
-    * 4C CPU
-
-    * 8-GB ram
-
-    * 250 GB HDD
-
-    * Two Network Adapters
-
-    * OS: Ubuntu 18.04
+1. Ensure that your resources are set to one of the following specifications:
+
+    | Tier | Requirements |
+    |--|--|
+    | **Minimum** | To support at least 1 Gbps: <br><br>- 4 CPUs, each with 2.4 GHz or more<br>- 8 GB RAM of DDR4 or better<br>- 250 GB HDD |
+    | **Recommended** | To support up to 10 Gbps: <br><br>-	8 CPUs, each with 2.4 GHz or more<br>-  32 GB RAM of DDR4 or better<br>- 500 GB HDD |
+   
+    Make sure that your server or VM also has:
+   
+    * Two network adapters
+    * Ubuntu 18.04 operating system.
 
 1. Connect a NIC to a switch.
 
@@ -233,4 +233,4 @@ sudo apt purge -y microsoft-eiot-sensor
 
 ## Next steps
 
-[Manage your IoT devices with the device inventory for organizations](how-to-manage-device-inventory-for-organizations.md#manage-your-iot-devices-with-the-device-inventory-for-organizations)
+[Manage your IoT devices with the device inventory for organizations](how-to-manage-device-inventory-for-organizations.md#manage-your-iot-devices-with-the-device-inventory-for-organizations)
diff --git a/articles/governance/azure-management.md b/articles/governance/azure-management.md
@@ -1,7 +1,7 @@
 ---
 title: Azure Management Overview - Azure Governance
 description: Overview of the areas of management for Azure applications and resources with links to content on Azure management tools.
-ms.date: 08/17/2021
+ms.date: 03/20/2022
 ms.topic: overview
 ---
 # What are the Azure Management areas?
@@ -63,8 +63,7 @@ to track cloud usage and expenditures for your Azure resources and other cloud p
 
 Manage the security of your resources and data. A security program involves assessing threats,
 collecting and analyzing data, and compliance of your applications and resources. Security
-monitoring and threat analysis are provided by [Azure Security
-Center](../security-center/security-center-introduction.md), which includes unified security
+monitoring and threat analysis are provided by [Microsoft Defender for Cloud](../security-center/security-center-introduction.md), which includes unified security
 management and advanced threat protection across hybrid cloud workloads. See [Introduction to Azure
 Security](../security/fundamentals/overview.md) for comprehensive information and guidance on
 securing Azure resources.
@@ -85,12 +84,12 @@ Migration refers to transitioning workloads currently running on-premises to the
 migration suitability of on-premises virtual machines to Azure. Azure Site Recovery migrates virtual
 machines [from on-premises](../site-recovery/migrate-tutorial-on-premises-azure.md) or [from Amazon
 Web Services](../site-recovery/migrate-tutorial-aws-azure.md). [Azure Database
-Migration](../dms/dms-overview.md) assists you in migrating database sources to Azure Data
+Migration Service](../dms/dms-overview.md) assists you in migrating database sources to Azure Data
 platforms.
 
 ## Next Steps
 
 To learn more about Azure Governance, see these articles:
 
-- See the [Azure Governance hub](./index.yml).
-- See [Governance in the Cloud Adoption Framework for Azure](/azure/cloud-adoption-framework/govern/)
+- [Azure Governance hub](./index.yml).
+- [Governance in the Cloud Adoption Framework for Azure](/azure/cloud-adoption-framework/govern/)
diff --git a/articles/governance/resource-graph/samples/samples-by-category.md b/articles/governance/resource-graph/samples/samples-by-category.md
@@ -55,6 +55,10 @@ Otherwise, use <kbd>Ctrl</kbd>-<kbd>F</kbd> to use your browser's search feature
 
 [!INCLUDE [azure-resource-graph-samples-cat-azure-service-health](../../../../includes/resource-graph/samples/bycat/azure-service-health.md)]
 
+## Azure Spot
+
+[!INCLUDE [azure-resource-graph-samples-cat-azure-spot](../../../../includes/resource-graph/samples/bycat/azure-spot.md)]
+
 ## Azure SQL
 
 [!INCLUDE [azure-resource-graph-samples-cat-azure-sql](../../../../includes/resource-graph/samples/bycat/azure-sql.md)]
diff --git a/includes/resource-graph/samples/bycat/azure-spot.md b/includes/resource-graph/samples/bycat/azure-spot.md
@@ -0,0 +1,37 @@
+---
+author: timwarner-msft
+ms.service: resource-graph
+ms.topic: include
+ms.date: 03/18/2022
+ms.author: timwarner
+ms.custom: generated
+---
+
+### Compare the Spot eviction rate across multiple VM SKUs and regions
+
+This query gets the Spot eviction rate across multiple VM SKUs and regions. Spot eviction rate is presented as a percentage range. The results are sorted by VM SKU and region in ascending order.
+
+```kusto
+SpotResources
+| where type =~ 'microsoft.compute/skuspotevictionrate/location'
+| where sku.name in~ ('standard_d2s_v4', 'standard_d4s_v4')
+| where location in~ ('eastus', 'southcentralus')
+| project skuName = tostring(sku.name), location, spotEvictionRate = tostring(properties.evictionRate)
+| order by skuName asc, location asc
+```
+
+### Compare the latest Spot price across multiple VM SKUs and regions for an OS type
+
+This query gets the latest Spot price across multiple VM SKUs and regions for an OS type. The results are sorted by price in ascending order.
+
+```kusto
+SpotResources
+| where type =~ 'microsoft.compute/skuspotpricehistory/ostype/location'
+| where sku.name in~ ('standard_d2s_v4', 'standard_d4s_v4')
+| where properties.osType =~ 'linux'
+| where location in~ ('eastus', 'southcentralus')
+| project skuName = tostring(sku.name), osType = tostring(properties.osType), location, latestSpotPriceUSD = todouble(properties.spotPrices[0].priceUSD)
+| order by latestSpotPriceUSD asc
+```
+
+---
