Merge pull request #112856 from MicrosoftDocs/master

4/27 AM Publish

Author: huypub

.openpublishing.redirection.json

@@ -51734,6 +51734,126 @@
       "source_path": "articles/jenkins/jenkins-azure-vm-agents.md",
       "redirect_url": "/azure/developer/jenkins/scale-deployments-using-vm-agents",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/jenkins/index.yml",
+      "redirect_url": "/azure/developer/jenkins/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-backend.md",
+      "redirect_url": "/azure/developer/terraform/store-state-in-azure-storage",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-cloud-shell.md",
+      "redirect_url": "/azure/developer/terraform/install-configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-complete-vm.md",
+      "redirect_url": "/azure/developer/terraform/create-linux-virtual machine-with-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-configuration.md",
+      "redirect_url": "/azure/developer/terraform/deploy-azure-cosmos-db-to-azure-container-instances",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-k8s-cluster-with-aks-applicationgateway-ingress.md",
+      "redirect_url": "/azure/developer/terraform/create-k8s-cluster-with-aks-applicationgateway-ingress",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-k8s-cluster-with-tf-and-aks.md",
+      "redirect_url": "/azure/developer/terraform/create-k8s-cluster-with-tf-and-aks",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-vm-cluster-module.md",
+      "redirect_url": "/azure/developer/terraform/create-vm-cluster-module",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-vm-cluster-with-infrastructure.md",
+      "redirect_url": "/azure/developer/terraform/create-vm-cluster-with-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-vm-scaleset-network-disks-hcl.md",
+      "redirect_url": "/azure/developer/terraform/create-vm-scaleset-network-disks-hcl",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-create-vm-scaleset-network-disks-using-packer-hcl.md",
+      "redirect_url": "/azure/developer/terraform/create-vm-scaleset-network-disks-using-packer-hcl",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-hub-network.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-hub-network",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-hub-nva.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-hub-nva",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-introduction.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-introduction",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-on-prem.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-on-prem",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-spoke-network.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-spoke-network",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-hub-spoke-validation.md",
+      "redirect_url": "/azure/developer/terraform/hub-spoke-validation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-install-configure.md",
+      "redirect_url": "/azure/developer/terraform/install-configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-overview.md",
+      "redirect_url": "/azure/developer/terraform/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-slot-walkthru.md",
+      "redirect_url": "/azure/developer/terraform/provision-infrastructure-using-azure-deployment-slots",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-vscode-extension.md",
+      "redirect_url": "/azure/developer/terraform/configure-vs-code-extension-for-terraform",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-vscode-module-generator.md",
+      "redirect_url": "/azure/developer/terraform/create-a-base-template-using-yeoman",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/terraform-modules.md",
+      "redirect_url": "/azure/developer/terraform/test-modules-using-terratest",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/terraform/index",
+      "redirect_url": "/azure/developer/terraform/",
+      "redirect_document_id": false
     }
-  ]
+ ]
 }

articles/active-directory-b2c/code-samples.md

@@ -43,3 +43,9 @@ The following tables provide links to samples for applications including iOS, An
 | Sample | Description |
 |--------| ----------- |
 | [javascript-msal-singlepageapp](https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp) | A single page application (SPA) calling a Web API. Authentication is done with Azure AD B2C by using MSAL.js. |
+
+## SAML test application
+
+| Sample | Description |
+|--------| ----------- |
+| [saml-sp-tester](https://github.com/azure-ad-b2c/saml-sp-tester/tree/master/source-code) | SAML test application to test Azure AD B2C configured to act as SAML identity provider. |

articles/active-directory/app-provisioning/scim-graph-scenarios.md

@@ -13,7 +13,7 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: conceptual
-ms.date: 04/06/2020
+ms.date: 04/23/2020
 ms.author: mimart
 ms.reviewer: arvinh
 
@@ -23,23 +23,28 @@ ms.collection: M365-identity-device-management
 
 # Using SCIM and Microsoft Graph together to provision users and enrich your application with the data it needs
 
-**Target audience:** This document is targeted towards developers building applications integrated with Azure AD. For others looking to integrate an existing application such as Zoom, ServiceNow, and DropBox you can skip this and review the application specific [tutorials](https://docs.microsoft.com/azure/active-directory/saas-apps/tutorial-list). 
+**Target audience:** This document is targeted towards developers building applications to be integrated with Azure AD. For others looking to use applications already integrated with Azure AD, such as Zoom, ServiceNow, and DropBox, you can skip this and review the application specific [tutorials](https://docs.microsoft.com/azure/active-directory/saas-apps/tutorial-list) or review [how the provisioning service works](https://docs.microsoft.com/azure/active-directory/app-provisioning/how-provisioning-works).
 
 **Common scenarios**
 
+Azure AD provides an out of the box service for provisioning and an extensible platform to build your applications on. The decision tree outlines how a developer would use [SCIM](https://aka.ms/scimoverview) and the [Microsoft Graph](https://docs.microsoft.com/graph/overview) to automate provisioning. 
+
 > [!div class="checklist"]
 > * Automatically create users in my application
 > * Automatically remove users from my application when they shouldn't have access anymore
 > * Integrate my application with multiple identity providers for provisioning
-> * Enrich my application with data from Microsoft services such as Sharepoint, Outlook, and Office.
+> * Enrich my application with data from Microsoft services such as Teams, Outlook, and Office.
 > * Automatically create, update, and delete users and groups in Azure AD and Active Directory
 
 ![SCIM Graph decision tree](./media/user-provisioning/scim-graph.png)
 
 ## Scenario 1: Automatically create users in my app
-Today, IT admins manually create user accounts in my application each time someone needs access or periodically upload CSV files. The process is time consuming for customers and slows down adoption of my application. All I need is basic [user](https://docs.microsoft.com/graph/api/resources/user?view=graph-rest-1.0) information such as name, email, and userPrincipalName to create a user. Furthermore, my customers use various IdPs and I don't have the resources to maintain a sync engine and custom integrations with each IdP. 
+Today, IT admins provision users by manually creating user accounts or periodically uploading CSV files into my application. The process is time consuming for customers and slows down adoption of my application. All I need is basic user information such as name, email, and userPrincipalName to create a user. 
+
+**Recommendation**: 
+* If your customers use various IdPs and you do not want to maintain a sync engine to integrate with each, support a SCIM compliant [/Users](https://aka.ms/scimreferencecode) endpoint. Your customers will be able to easily use this endpoint to integrate with the Azure AD provisioning service and automatically create user accounts when they need access. You can build the endpoint once and it will be compatible with all IdPs. Check out the example request below for how a user would be created using SCIM.
+* If you require user data found on the user object in Azure AD and other data from across Microsoft, consider building a SCIM endpoint for user provisioning and calling into the Microsoft Graph to get the rest of the data. 
 
-**Recommendation**: Support a SCIM compliant [/Users](https://aka.ms/scimreferencecode) endpoint. Your customers will be able to easily use this endpoint to integrate with the Azure AD provisioning service and automatically create user accounts when they need access. You can build the endpoint once and it will be compatible with all IdPs, without having to maintain a sync engine. Check out the example request below for how a user would be created.
 
 ```json
 POST /Users
@@ -93,21 +98,21 @@ My application relies on groups for access to various resources, and customers w
 
 **Recommendation:** Support a SCIM compliant /Groups [endpoint](https://aka.ms/scimreferencecode). The Azure AD provisioning service will take care of creating groups and managing membership updates in your application. 
 
-## Scenario 4: Enrich my app with data from Microsoft services such as Teams, Outlook, and OneDrive.
+## Scenario 4: Enrich my app with data from Microsoft services such as Teams, Outlook, and OneDrive
 My application is built into Microsoft Teams and relies on message data. In addition, we store files for users in OneDrive. How can I enrich my application with the data from these services and across Microsoft?
 
 **Recommendation:** The [Microsoft Graph](https://docs.microsoft.com/graph/) is your entry point to access Microsoft data. Each workload exposes APIs with the data that you need. The Microsoft graph can be used along with [SCIM provisioning](https://docs.microsoft.com/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups) for the scenarios above. You can use SCIM to provision basic user attributes into your application while calling into graph to get any other data that you need. 
 
-## Scenario 5: Track changes in Microsoft services such as Teams, Outlook, and Azure AD.
+## Scenario 5: Track changes in Microsoft services such as Teams, Outlook, and Azure AD
 I need to be able to track changes to Teams and Outlook messages and react to them in real time. How can I get these changes pushed to my application?
 
-**Recommendation:** The Microsoft Graph provides [change notifications](https://docs.microsoft.com/graph/webhooks) and change tracking for various resources. Note the following limitations of change notifications:
+**Recommendation:** The Microsoft Graph provides [change notifications](https://docs.microsoft.com/graph/webhooks) and [change tracking](https://docs.microsoft.com/graph/delta-query-overview) for various resources. Note the following limitations of change notifications:
 - If an event receiver acknowledges an event, but fails to act on it for any reason, the event may be lost
 - If an event receiver acknowledges an event, but fails to act on it for any reason, the event may be lost
 - Change notifications don't always contain the [resource data](https://docs.microsoft.com/graph/webhooks-with-resource-data)
 For the reasons above, developers often use change notifications along with change tracking for synchronization scenarios. 
 
-## Scenario 6: Provision users and groups in Azure AD.
+## Scenario 6: Provision users and groups in Azure AD
 My application creates information about a user that customers need in Azure AD. This could be an HR application than manages hiring, a communications app that creates phone numbers for users, or some other app that generates data that would be valuable in Azure AD. How do I populate the user record in Azure AD with that data? 
 
 **Recommendation** The Microsoft graph exposes /Users and /Groups endpoints that you can integrate with today to provision users into Azure AD. Please note that Azure Active Directory doesn't support writing those users back into Active Directory. 

articles/active-directory/develop/quickstart-v2-javascipt-auth-code.md

@@ -23,7 +23,7 @@ ROBOTS: NOINDEX
 > This feature is currently in preview. Previews are made available to you on the condition that you agree to the [supplemental terms of use](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). Some aspects of this feature might change before general availability (GA).
 
 
-This quickstart uses MSAL.js 2.0 with the Authorization Code flow. To use MSAL.js 1.0 with the implicit flow, view [this quickstart](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v2-javascript)
+This quickstart uses MSAL.js 2.0 with the Authorization Code flow. To use MSAL.js 1.0 with the implicit flow, view [this quickstart](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v2-javascript).
 
 In this quickstart, you use a code sample to learn how a JavaScript single-page application (SPA) can sign in users of personal accounts, work accounts, and school accounts. A JavaScript SPA can also get an access token to call the Microsoft Graph API or any web API. See [How the sample works](#how-the-sample-works) for an illustration.
 

articles/active-directory/develop/v2-oauth2-on-behalf-of-flow.md

@@ -183,7 +183,7 @@ Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkFRQUJBQUFBQUFCbmZpRy1tQTZOVG
 Depending on the architecture or usage of your application, you may consider different strategies for ensuring that the OBO flow is successful. In all cases, the ultimate goal is to ensure proper consent is given so that the client app can call the middle-tier app, and the middle tier app has permission to call the back-end resource.
 
 > [!NOTE]
-> Previously the Microsoft account system (personal accounts) did not support the "Known client application" field, nor could it show combined consent.  This has been added and all apps in the Microsoft identity platform can use the known client application approach for gettign consent for OBO calls.
+> Previously the Microsoft account system (personal accounts) did not support the "Known client application" field, nor could it show combined consent.  This has been added and all apps in the Microsoft identity platform can use the known client application approach for getting consent for OBO calls.
 
 ### /.default and combined consent
 

articles/active-directory/manage-apps/application-proxy-connector-installation-problem.md

@@ -94,7 +94,7 @@ Follow the steps to verify the certificate:
 2. Extract [PsExec](https://docs.microsoft.com/sysinternals/downloads/psexec) from the package and run **psexec -i -u "nt authority\network service" cmd.exe** from an elevated command prompt.
 3. Run **certmgr.msc** in the newly appeared command prompt
 2. In the management console expand the Personal container and click on Certificates
-3. Locate the certificate issued by **connectorregistrationca.msappproxy.ne
+3. Locate the certificate issued by **connectorregistrationca.msappproxy.net**
 
 **To renew the client certificate:**
 

articles/active-directory/users-groups-roles/directory-assign-admin-roles.md

@@ -640,7 +640,7 @@ Can perform common billing related tasks like updating payment information.
 | microsoft.directory/organization/basic/update | Update basic properties on organization in Azure Active Directory. |
 | microsoft.azure.serviceHealth/allEntities/allTasks | Read and configure Azure Service Health. |
 | microsoft.azure.supportTickets/allEntities/allTasks | Create and manage Azure support tickets. |
-| microsoft.commerce.billing/allEntities/allTasks | Manage all aspects of Office 365 billing. |
+| microsoft.commerce.billing/allEntities/allTasks | Manage all aspects of billing. |
 | microsoft.office365.webPortal/allEntities/basic/read | Read basic properties on all resources in microsoft.office365.webPortal. |
 | microsoft.office365.serviceHealth/allEntities/allTasks | Read and configure Office 365 Service Health. |
 | microsoft.office365.supportTickets/allEntities/allTasks | Create and manage Office 365 support tickets. |
@@ -750,7 +750,7 @@ Can manage all aspects of Azure AD and Microsoft services that use Azure AD iden
 | microsoft.azure.informationProtection/allEntities/allTasks | Manage all aspects of Azure Information Protection. |
 | microsoft.azure.serviceHealth/allEntities/allTasks | Read and configure Azure Service Health. |
 | microsoft.azure.supportTickets/allEntities/allTasks | Create and manage Azure support tickets. |
-| microsoft.commerce.billing/allEntities/allTasks | Manage all aspects of Office 365 billing. |
+| microsoft.commerce.billing/allEntities/allTasks | Manage all aspects of billing. |
 | microsoft.intune/allEntities/allTasks | Manage all aspects of Intune. |
 | microsoft.office365.complianceManager/allEntities/allTasks | Manage all aspects of Office 365 Compliance Manager |
 | microsoft.office365.desktopAnalytics/allEntities/allTasks | Manage all aspects of Desktop Analytics. |
@@ -1043,7 +1043,7 @@ Can read everything that a Global Administrator can, but not edit anything.
 
 | **Actions** | **Description** |
 | --- | --- |
-| microsoft.commerce.billing/allEntities/read    | Read all aspects of Office 365 billing. |
+| microsoft.commerce.billing/allEntities/read    | Read all aspects of billing. |
 | microsoft.directory/administrativeUnits/basic/read    | Read basic properties on administrativeUnits in Azure Active Directory. |
 | microsoft.directory/administrativeUnits/members/read    | Read administrativeUnits.members property in Azure Active Directory. |
 | microsoft.directory/applications/basic/read    | Read basic properties on applications in Azure Active Directory. |

articles/active-directory/users-groups-roles/licensing-service-plan-reference.md

@@ -5,17 +5,17 @@ description: Identifier map to manage Azure Active Directory licensing in the Az
 services: active-directory
 keywords: Azure Active Directory licensing service plans
 documentationcenter: ''
-author: ajayanti1
+author: kkern
 manager: mtillman
 editor: ''
 
 ms.service: active-directory
 ms.topic: article
 ms.workload: identity
 ms.subservice: users-groups-roles
-ms.date: 03/14/2020
-ms.author: arjay
-ms.reviewer: arjay
+ms.date: 04/27/2020
+ms.author: kakern
+ms.reviewer: kakern
 ms.custom: "it-pro;seo-update-azuread-jan"
 ms.collection: M365-identity-device-management
 #Aruna Jayanti is minding this reference until it can be automated

articles/aks/quickstart-helm.md

@@ -176,7 +176,7 @@ appVersion: v1
 
 ## Run your Helm chart
 
-Use the `helm create` command to install your application using your Helm chart.
+Use the `helm install` command to install your application using your Helm chart.
 
 ```console
 helm install webfrontend webfrontend/