Merge pull request #210104 from MicrosoftDocs/repo_sync_working_branch

huypub · web-flow · commit b3b8650bee8d · 2022-09-06T09:44:09.000-07:00
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)
diff --git a/articles/active-directory-b2c/authorization-code-flow.md b/articles/active-directory-b2c/authorization-code-flow.md
@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 07/29/2022
+ms.date: 09/05/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ms.custom: fasttrack-edit
@@ -181,7 +181,7 @@ Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZn
 Access tokens and ID tokens are short-lived. After they expire, you must refresh them to continue to access resources. When you refresh the access token, Azure AD B2C returns a new token. The refreshed access token will have updated `nbf` (not before), `iat` (issued at), and `exp` (expiration) claim values. All other claim values will be the same as the originally issued access token. 
 
 
-To refresh the toke, submit another POST request to the `/token` endpoint. This time, provide the `refresh_token` instead of the `code`:
+To refresh the token, submit another POST request to the `/token` endpoint. This time, provide the `refresh_token` instead of the `code`:
 
 ```http
 POST https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
diff --git a/articles/active-directory/saas-apps/ms-confluence-jira-plugin-adminguide.md b/articles/active-directory/saas-apps/ms-confluence-jira-plugin-adminguide.md
@@ -62,7 +62,9 @@ The plug-in supports the following versions of Jira and Confluence:
 * Jira Core and Software: 6.0 to 8.22.1
 * Jira Service Desk: 3.0.0 to 4.22.1
 * JIRA also supports 5.2. For more details, click [Microsoft Azure Active Directory single sign-on for JIRA 5.2](./jira52microsoft-tutorial.md)
-* Confluence: 5.0 to 7.17.0
+* Confluence: 5.0 to 5.10
+* Confluence: 6.0.1 to 6.15.9
+* Confluence: 7.0.1 to 7.17.0
 
 ## Installation
 
@@ -164,23 +166,12 @@ No. The plug-in supports only on-premises versions of Jira and Confluence.
 
 The plug-in supports these versions:
 
-* Jira Core and Software: 6.0 to 7.12
-* Jira Service Desk: 3.0.0 to 3.5.0
+* Jira Core and Software: 6.0 to 8.22.1
+* Jira Service Desk: 3.0.0 to 4.22.1
 * JIRA also supports 5.2. For more details, click [Microsoft Azure Active Directory single sign-on for JIRA 5.2](./jira52microsoft-tutorial.md)
 * Confluence: 5.0 to 5.10
-* Confluence: 6.0.1
-* Confluence: 6.1.1
-* Confluence: 6.2.1
-* Confluence: 6.3.4
-* Confluence: 6.4.0
-* Confluence: 6.5.0
-* Confluence: 6.6.2
-* Confluence: 6.7.0
-* Confluence: 6.8.1
-* Confluence: 6.9.0
-* Confluence: 6.10.0
-* Confluence: 6.11.0
-* Confluence: 6.12.0
+* Confluence: 6.0.1 to 6.15.9
+* Confluence: 7.0.1 to 7.17.0
 
 ### Is the plug-in free or paid?
 
diff --git a/articles/azure-vmware/configure-vmware-hcx.md b/articles/azure-vmware/configure-vmware-hcx.md
@@ -22,7 +22,7 @@ After you complete these steps, you'll have a production-ready environment for c
 
 - [VMware HCX Connector](install-vmware-hcx.md) has been installed.
 
-- If you plan to use VMware HCX Enterprise, make sure you've enabled the [VMware HCX Enterprise](https://cloud.vmware.com/community/2019/08/08/introducing-hcx-enterprise/) add-on through a [support request](https://portal.azure.com/#create/Microsoft.Support). It's a free 12-month trial in Azure VMware Solution.
+- If you plan to use VMware HCX Enterprise, make sure you've enabled the [VMware HCX Enterprise](https://cloud.vmware.com/community/2019/08/08/introducing-hcx-enterprise/) add-on through a [support request](https://portal.azure.com/#create/Microsoft.Support). VMware HCX Enterprise edition is available and supported on Azure VMware Solution, at no additional cost.
 
 - If you plan to [enable VMware HCX MON](https://docs.vmware.com/en/VMware-HCX/4.1/hcx-user-guide/GUID-0E254D74-60A9-479C-825D-F373C41F40BC.html), make sure you have:  
 
diff --git a/articles/azure-vmware/enable-public-ip-nsx-edge.md b/articles/azure-vmware/enable-public-ip-nsx-edge.md
@@ -27,6 +27,9 @@ With this capability, you have the following features:
 - DDoS Security protection against network traffic in and out of the Internet. 
 - HCX Migration support over the Public Internet.
 
+>[!IMPORTANT]
+>You can configure up to 64 total Public IP addresses across these network blocks. If you want to configure more than 64 Public IP addresses, please submit a support ticket stating how many.
+
 ## Prerequisites
 - Azure VMware Solution private cloud
 - DNS Server configured on the NSX-T Datacenter
@@ -100,18 +103,18 @@ A No NAT rule can be used to exclude certain matches from performing Network Add
 ### Inbound Internet Access for VMs
 A Destination Network Translation Service (DNAT) is used to expose a VM on a specific Public IP address and/or a specific port. This service provides inbound internet access to your workload VMs.
 
-**Log in VMware NSX-T**
+**Log in to VMware NSX-T**
 1.	From your Azure VMware Solution private cloud, select **VMware credentials**.
 2.	Locate your NSX-T URL and credentials.
 3.	Log in to **VMware NSX-T**.
 
 **Configure the DNAT rule**
-  1. Name the rule.
-   1. Select **DNAT** as the action.
-   1. Enter the reserved Public IP in the destination match. This IP is from the range of Public IPs reserved from the Azure VMware Solution Portal.
-   1. Enter the VM Private IP in the translated IP.
-   1. Select **SAVE**. 
-   1. Optionally, configure the Translated Port or source IP for more specific matches.
+1. Name the rule.
+1. Select **DNAT** as the action.
+1. Enter the reserved Public IP in the destination match. This IP is from the range of Public IPs reserved from the Azure VMware Solution Portal.
+1. Enter the VM Private IP in the translated IP.
+1. Select **SAVE**. 
+1. Optionally, configure the Translated Port or source IP for more specific matches.
     
 The VM is now exposed to the internet on the specific Public IP and/or specific ports.
 
diff --git a/articles/azure-vmware/enable-vmware-cds-with-azure.md b/articles/azure-vmware/enable-vmware-cds-with-azure.md
@@ -21,6 +21,8 @@ The following diagram shows typical architecture for Cloud Director services wit
 
 VMware Cloud Director supports multi-tenancy by using organizations. A single organization can have multiple organization virtual data centers (VDC). Each Organization’s VDC can have their own dedicated Tier-1 router (Edge Gateway) which is further connected with the provider’s managed shared Tier-0 router.
 
+[Learn more about CDs on Azure VMware Solutions refernce architecture](https://cloudsolutions.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/cloud-director-service-reference-architecture-for-azure-vmware-solution.pdf)
+
 ## Connect tenants and their organization virtual datacenters to Azure vNet based resources
 
 To provide access to vNET based Azure resources, each tenant can have their own dedicated Azure vNET with Azure VPN gateway. A site-to-site VPN between customer organization VDC and Azure vNET is established. To achieve this connectivity, the provider will provide public IP to the organization VDC. Organization VDC’s administrator can configure IPSEC VPN connectivity from the Cloud Director service portal. 
@@ -168,5 +170,11 @@ For more information about VMware Cloud Director Availability, see [VMware Cloud
 
 **Answer**: This offering is supported in all Azure regions where Azure VMware Solution is available except for Brazil South and South Africa. Ensure that the region you wish to connect to VMware Cloud Director service is within a 150-milliseconds round trip time for latency with VMware Cloud Director service.
 
+**Question**: How do I configure VMware Cloud Director service on Microsoft Azure VMware Solutions?
+
+**Answer** [Learn about how to configure CDs on Azure VMware Solutions](https://docs.vmware.com/en/VMware-Cloud-Director-service/services/using-vmware-cloud-director-service/GUID-602DE9DD-E7F6-4114-BD89-347F9720A831.html)
+
 ## Next steps
-[VMware Cloud Director service Documentation](https://docs.vmware.com/en/VMware-Cloud-Director-service/index.html)  
+
+[VMware Cloud Director Service Documentation](https://docs.vmware.com/en/VMware-Cloud-Director-service/index.html)  
+[Migration to Azure VMware Solutions with Cloud Director service](https://cloudsolutions.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/migration-to-azure-vmware-solution-with-cloud-director-service.pdf)
diff --git a/articles/sentinel/connect-aws.md b/articles/sentinel/connect-aws.md
@@ -256,6 +256,7 @@ Permissions policies that must be applied to the [Microsoft Sentinel role you cr
 
 For more information, see [Monitor the health of your data connectors](monitor-data-connector-health.md).
 
+Learn how to [troubleshoot Amazon Web Services S3 connector issues](https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/troubleshoot-amazon-web-services-s3-connector-issues/ba-p/3608072).
 
 # [CloudTrail connector (legacy)](#tab/ct)
 
diff --git a/articles/synapse-analytics/security/synapse-workspace-understand-what-role-you-need.md b/articles/synapse-analytics/security/synapse-workspace-understand-what-role-you-need.md
@@ -46,6 +46,10 @@ You can review the status of running notebooks and jobs in Apache Spark pools if
 
 You can review logs and cancel running jobs and pipelines if you're a Synapse Compute Operator at the workspace or for a specific Spark pool or pipeline.  
 
+### Debug pipelines
+
+You can review and make changes in pipelines as a Synapse User, but if you want to be able to debug it you also need to have Synapse Credential User.
+
 ### Publish and save your code
 
 You can publish new or updated code artifacts to the service if you're a Synapse Artifact Publisher, Synapse Contributor, or Synapse Administrator. 
diff --git a/articles/virtual-network/service-tags-overview.md b/articles/virtual-network/service-tags-overview.md
@@ -55,7 +55,7 @@ By default, service tags reflect the ranges for the entire cloud. Some service t
 | **AzureAttestation** | Azure Attestation. | Outbound | No | Yes | 
 | **AzureBackup** |Azure Backup.<br/><br/>**Note**: This tag has a dependency on the **Storage** and **AzureActiveDirectory** tags. | Outbound | No | Yes |
 | **AzureBotService** | Azure Bot Service. | Outbound | No | No |
-| **AzureCloud** | All [datacenter public IP addresses](https://www.microsoft.com/download/details.aspx?id=56519). | Outbound | Yes | Yes |
+| **AzureCloud** | All [datacenter public IP addresses](https://www.microsoft.com/download/details.aspx?id=56519). | Both | Yes | Yes |
 | **AzureCognitiveSearch** | Azure Cognitive Search. <br/><br/>This tag or the IP addresses covered by this tag can be used to grant indexers secure access to data sources. For more information about indexers, see [indexer connection documentation](../search/search-indexer-troubleshooting.md#connection-errors). <br/><br/> **Note**: The IP of the search service isn't included in the list of IP ranges for this service tag and **also needs to be added** to the IP firewall of data sources. | Inbound | No | No |
 | **AzureConnectors** | This tag represents the IP addresses used for managed connectors that make inbound webhook callbacks to the Azure Logic Apps service and outbound calls to their respective services, for example, Azure Storage or Azure Event Hubs. | Both | Yes | Yes |
 | **AzureContainerRegistry** | Azure Container Registry. | Outbound | Yes | Yes |
@@ -65,7 +65,7 @@ By default, service tags reflect the ranges for the entire cloud. Some service t
 | **AzureDataLake** | Azure Data Lake Storage Gen1. | Outbound | No | Yes |
 | **AzureDeviceUpdate** | Device Update for IoT Hub. | Both | No | Yes |
 | **AzureDevSpaces** | Azure Dev Spaces. | Outbound | No | No |
-| **AzureDevOps** | Azure DevOps. | Inbound | No | Yes |
+| **AzureDevOps** | Azure DevOps. | Inbound | Yes | Yes |
 | **AzureDigitalTwins** | Azure Digital Twins.<br/><br/>**Note**: This tag or the IP addresses covered by this tag can be used to restrict access to endpoints configured for event routes. | Inbound | No | Yes |
 | **AzureEventGrid** | Azure Event Grid. | Both | No | No |
 | **AzureFrontDoor.Frontend** <br/> **AzureFrontDoor.Backend** <br/> **AzureFrontDoor.FirstParty**  | Azure Front Door. | Both | No | No |
diff --git a/includes/virtual-network-multiple-ip-addresses-intro.md b/includes/virtual-network-multiple-ip-addresses-intro.md
@@ -21,11 +21,14 @@ An Azure Virtual Machine (VM) has one or more network interfaces (NIC) attached
 
 * Hosting multiple websites or services with different IP addresses and SSL certificates on a single server.
 * Serve as a network virtual appliance, such as a firewall or load balancer.
-* The ability to add any of the private IP addresses for any of the NICs to an Azure Load Balancer back-end pool. In the past, only the primary IP address for the primary NIC could be added to a back-end pool. To learn more about how to load balance multiple IP configurations, read the [Load balancing multiple IP configurations](../articles/load-balancer/load-balancer-multiple-ip.md?toc=%2fazure%2fvirtual-network%2ftoc.json) article.
+* The ability to add any of the private IP addresses for any of the NICs to an Azure Load Balancer back-end pool. In the past, only the primary IP address for the primary NIC could be added to a back-end pool. To learn more about how to load balance inbound multiple IP configurations, read the [Load balancing multiple IP configurations](../articles/load-balancer/load-balancer-multiple-ip.md?toc=%2fazure%2fvirtual-network%2ftoc.json) article.
+
+> [!NOTE]
+> Secondary IPConfigs are not supported for use in Outbound rules in Public Load Balancers.
 
 Every NIC attached to a VM has one or more IP configurations associated to it. Each configuration is assigned one static or dynamic private IP address. Each configuration may also have one public IP address resource associated to it. A public IP address resource has either a dynamic or static public IP address assigned to it. To learn more about IP addresses in Azure, read the [IP addresses in Azure](../articles/virtual-network/ip-services/public-ip-addresses.md) article.
 
 > [!NOTE]
 > All IP configurations on a single NIC must be associated to the same subnet.  If multiple IPs on different subnets are desired, multiple NICs on a VM can be used.  To learn more about multiple NICs on a VM in Azure, read the [Create VM with Multiple NICs](../articles/virtual-machines/windows/multiple-nics.md) article.
 
-There is a limit to how many private IP addresses can be assigned to a NIC. There is also a limit to how many public IP addresses that can be used in an Azure subscription. See the [Azure limits](../articles/azure-resource-manager/management/azure-subscription-service-limits.md?toc=%2fazure%2fvirtual-network%2ftoc.json#azure-resource-manager-virtual-networking-limits) article for details.
+There is a limit to how many private IP addresses can be assigned to a NIC. There is also a limit to how many public IP addresses that can be used in an Azure subscription. See the [Azure limits](../articles/azure-resource-manager/management/azure-subscription-service-limits.md?toc=%2fazure%2fvirtual-network%2ftoc.json#azure-resource-manager-virtual-networking-limits) article for details.

Original file line number	Diff line number	Diff line change
`@@ -256,6 +256,7 @@ Permissions policies that must be applied to the [Microsoft Sentinel role you cr`
`256`	`256`
`257`	`257`	`For more information, see [Monitor the health of your data connectors](monitor-data-connector-health.md).`
`258`	`258`
	`259`	`+Learn how to [troubleshoot Amazon Web Services S3 connector issues](https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/troubleshoot-amazon-web-services-s3-connector-issues/ba-p/3608072).`
`259`	`260`
`260`	`261`	`# [CloudTrail connector (legacy)](#tab/ct)`
`261`	`262`