Merge pull request #220118 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

SECURITY.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.8 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
+
+If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). 
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

articles/active-directory/fundamentals/whats-new-archive.md

@@ -8597,13 +8597,13 @@ For more information about how to use these reports, see [Azure Active Directory
 
 ---
 
-### Use "Report Reader" role (non-admin role) to view Azure AD Activity Reports
+### Use "Reports Reader" role (non-admin role) to view Azure AD Activity Reports
 
 **Type:** New feature
 **Service category:** Reporting
 **Product capability:** Monitoring & Reporting
 
-As part of customers feedback to enable non-admin roles to have access to Azure AD activity logs, we've enabled the ability for users who are in the "Report Reader" role to access Sign-ins and Audit activity within the Azure portal as well as using the Microsoft Graph API.
+As part of customers feedback to enable non-admin roles to have access to Azure AD activity logs, we've enabled the ability for users who are in the "Reports Reader" role to access Sign-ins and Audit activity within the Azure portal as well as using the Microsoft Graph API.
 
 For more information, how to use these reports, see [Azure Active Directory reporting](../reports-monitoring/overview-reports.md).
 

articles/active-directory/governance/entitlement-management-logs-and-reporting.md

@@ -60,7 +60,7 @@ To view events for an access package, you must have access to the underlying Azu
 - Global administrator  
 - Security administrator  
 - Security reader  
-- Report reader  
+- Reports reader  
 - Application administrator  
 
 Use the following procedure to view events: 

articles/active-directory/hybrid/how-to-connect-health-adfs-risky-ip-workbook.md

@@ -37,7 +37,7 @@ Additionally, it is possible for a single IP address to attempt multiple logins
 2.	A Log Analytics Workspace with the “ADFSSignInLogs” stream enabled.
 3.	Permissions to use the Azure AD Monitor Workbooks. To use Workbooks, you need:
 - An Azure Active Directory tenant with a premium (P1 or P2) license.
-- Access to a Log Analytics Workspace and the following roles in Azure AD (if accessing Log Analytics through Azure AD portal): Security administrator, Security reader, Report reader, Global administrator
+- Access to a Log Analytics Workspace and the following roles in Azure AD (if accessing Log Analytics through Azure AD portal): Security administrator, Security reader, Reports reader, Global administrator
 
 
 ## What is in the report?

articles/active-directory/manage-apps/migrate-adfs-application-activity.md

@@ -25,7 +25,7 @@ The AD FS application activity report in the Azure portal lets you quickly ident
 * **Prioritize applications for migration.** Get the number of unique users who have signed in to the application in the past 1, 7, or 30 days to help determine the criticality or risk of migrating the application.
 * **Run migration tests and fix issues.** The reporting service automatically runs tests to determine if an application is ready to migrate. The results are displayed in the AD FS application activity report as a migration status. If the AD FS configuration is not compatible with an Azure AD configuration, you get specific guidance on how to address the configuration in Azure AD.
 
-The AD FS application activity data is available to users who are assigned any of these admin roles: global administrator, report reader, security reader, application administrator, or cloud application administrator.
+The AD FS application activity data is available to users who are assigned any of these admin roles: global administrator, reports reader, security reader, application administrator, or cloud application administrator.
 
 ## Prerequisites
 
@@ -42,7 +42,7 @@ The AD FS application activity data is available to users who are assigned any o
 
 The AD FS application activity report is available in the Azure portal under Azure AD **Usage & insights** reporting. The AD FS application activity report analyzes each AD FS application to determine if it can be migrated as-is, or if additional review is needed.
 
-1. Sign in to the [Azure portal](https://portal.azure.com) with an admin role that has access to AD FS application activity data (global administrator, report reader, security reader, application administrator, or cloud application administrator).
+1. Sign in to the [Azure portal](https://portal.azure.com) with an admin role that has access to AD FS application activity data (global administrator, reports reader, security reader, application administrator, or cloud application administrator).
 
 2. Select **Azure Active Directory**, and then select **Enterprise applications**.
 

articles/active-directory/reports-monitoring/concept-audit-logs.md

@@ -68,7 +68,7 @@ With an application-centric view, you can get answers to questions such as:
 
 The audit activity report is available in all editions of Azure AD. To access the audit logs, you need to have one of the following roles: 
 
-- Report Reader
+- Reports Reader
 - Security Reader
 - Security Administrator
 - Global Reader

articles/active-directory/reports-monitoring/concept-provisioning-logs.md

@@ -42,7 +42,7 @@ To view the provisioning logs, your tenant must have an Azure AD Premium license
 
 Application owners can view logs for their own applications. The following roles are required to view provisioning logs:
 
-- Report Reader
+- Reports Reader
 - Security Reader
 - Security Operator
 - Security Administrator

articles/active-directory/reports-monitoring/concept-usage-insights-report.md

@@ -29,7 +29,7 @@ Accessing the data from Usage and insights requires:
 
 * An Azure AD tenant
 * An Azure AD premium (P1/P2) license to view the sign-in data
-* A user in the Global Administrator, Security Administrator, Security Reader, or Report Reader roles.
+* A user in the Global Administrator, Security Administrator, Security Reader, or Reports Reader roles.
 
 To access Usage & insights:
 

articles/active-directory/reports-monitoring/howto-analyze-activity-logs-log-analytics.md

@@ -33,7 +33,7 @@ To follow along, you need:
 * The following roles in Azure Active Directory (if you're accessing Log Analytics through Azure Active Directory portal)
     - Security Admin
     - Security Reader
-    - Report Reader
+    - Reports Reader
     - Global Admin
 
 ## Navigate to the Log Analytics workspace

articles/active-directory/reports-monitoring/howto-configure-prerequisites-for-reporting-api.md

@@ -215,7 +215,7 @@ Accessing sign-in reports requires an Azure Active Directory premium 1 (P1) lice
 
 ### Error: The allowed roles doesn't include User. 
 
- Avoid errors trying to access audit logs or sign-in using the API. Make sure your account is part of the **Security Reader** or **Report Reader** role in your Azure Active Directory tenant.
+ Avoid errors trying to access audit logs or sign-in using the API. Make sure your account is part of the **Security Reader** or **Reports Reader** role in your Azure Active Directory tenant.
 
 ### Error: Application missing Azure AD 'Read directory data' permission