Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into filesAD

Author: roygara

articles/active-directory/app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md

@@ -93,10 +93,12 @@ Scoping filters are configured as part of the attribute mappings for each Azure
    i. **Greater_Than.** Clause returns "true" if the evaluated attribute is greater than the value. The value specified on the scoping filter must be an integer and the attribute on the user must be an integer [0,1,2,...]. 
 
    j. **Greater_Than_OR_EQUALS.** Clause returns "true" if the evaluated attribute is greater than or equal to the value. The value specified on the scoping filter must be an integer and the attribute on the user must be an integer [0,1,2,...]. 
+   
+   k. **Includes.** Clause returns "true" if the evaluated attribute contains the string value (case sensitive) as described [here](https://docs.microsoft.com/dotnet/api/system.string.contains?view=netframework-4.8). 
 
 
 >[!IMPORTANT] 
-> The Includes and IsMemberOf filters are not supported. They will soon be removed from the UI.
+> The IsMemberOf filter is not supported currently.
 
 9. Optionally, repeat steps 7-8 to add more scoping clauses.
 

articles/aks/azure-ad-integration-cli.md

@@ -119,7 +119,7 @@ oAuthPermissionId=$(az ad app show --id $serverApplicationId --query "oauth2Perm
 Add the permissions for the client application and server application components to use the oAuth2 communication flow using the [az ad app permission add][az-ad-app-permission-add] command. Then, grant permissions for the client application to communication with the server application using the [az ad app permission grant][az-ad-app-permission-grant] command:
 
 ```azurecli-interactive
-az ad app permission add --id $clientApplicationId --api $serverApplicationId --api-permissions $oAuthPermissionId=Scope
+az ad app permission add --id $clientApplicationId --api $serverApplicationId --api-permissions ${oAuthPermissionId}=Scope
 az ad app permission grant --id $clientApplicationId --api $serverApplicationId
 ```
 

articles/aks/private-clusters.md

@@ -6,7 +6,7 @@ author: mlearned
 
 ms.service: container-service
 ms.topic: article
-ms.date: 1/24/2020
+ms.date: 2/21/2020
 ms.author: mlearned
 ---
 
@@ -27,13 +27,33 @@ The control plane or API server is in an Azure Kubernetes Service (AKS)-managed
 * The Azure CLI version 2.0.77 or later, and the Azure CLI AKS Preview extension version 0.4.18
 
 ## Currently supported regions
-* West US
-* West US 2
-* East US 2
+
+* Australia East
+* Australia Southeast
+* Brazil South
 * Canada Central
+* Canada East
+* Cenral US
+* East Asia
+* East US
+* East US 2
+* East US 2 EUAP
+* France Central
+* Germany North
+* Japan East
+* Japan West
+* Korea Central
+* Korea South
+* North Central US
 * North Europe
+* North Europe
+* South Central US
+* UK South
 * West Europe
-* Australia East
+* West US
+* West US 2
+* East US 2
+
 
 ## Install the latest Azure CLI AKS Preview extension
 

articles/container-instances/container-instances-encrypt-data.md

@@ -85,7 +85,7 @@ The access policy should now show up in your key vault's access policies.
 > Encrypting deployment data with a customer-managed key is available in the latest API version (2019-12-01) that is currently rolling out. Specify this API version in your deployment template. If you have any issues with this, please reach out to Azure Support.
 
 Once the key vault key and access policy are set up, add the following properties to your ACI deployment template. Learn more about deploying ACI resources with a template in the [Tutorial: Deploy a multi-container group using a Resource Manager template](https://docs.microsoft.com/azure/container-instances/container-instances-multi-container-group). 
-* Under `resources`, set `apiVersion` to `2012-12-01`.
+* Under `resources`, set `apiVersion` to `2019-12-01`.
 * Under the container group properties section of the deployment template, add an `encryptionProperties`, which contains the following values:
   * `vaultBaseUrl`: the DNS Name of your key vault, can be found  on the overview blade of the key vault resource in Portal
   * `keyName`: the name of the key generated earlier
@@ -231,4 +231,4 @@ Within a few seconds, you should receive an initial response from Azure. Once th
 
 <!-- LINKS - Internal -->
 [az-group-create]: /cli/azure/group#az-group-create
-[az-group-deployment-create]: /cli/azure/group/deployment#az-group-deployment-create
+[az-group-deployment-create]: /cli/azure/group/deployment#az-group-deployment-create