Merge pull request #235788 from MicrosoftDocs/repo_sync_working_branch

huypub · web-flow · commit b9faf1b664b2 · 2023-04-25T14:54:49.000-07:00
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)
diff --git a/articles/active-directory/external-identities/authentication-conditional-access.md b/articles/active-directory/external-identities/authentication-conditional-access.md
@@ -46,7 +46,7 @@ When an Azure AD organization shares resources with external users with an ident
 
 The following diagram illustrates the authentication flow when an external user signs in with an account from a non-Azure AD identity provider, such as Google, Facebook, or a federated SAML/WS-Fed identity provider.
 
-[ ![Diagram showing the Authentication flow for B2B guest users from an external directory.](media/authentication-conditional-access/authentication-flow-b2b-guests.png) ](media/authentication-conditional-access/authentication-flow-b2b-guests.png#lightbox))
+[ ![Diagram showing the Authentication flow for B2B guest users from an external directory.](media/authentication-conditional-access/authentication-flow-b2b-guests.png) ](media/authentication-conditional-access/authentication-flow-b2b-guests.png#lightbox)
 
 | Step | Description |
 |--------------|-----------------------|
diff --git a/articles/active-directory/fundamentals/secure-external-access-resources.md b/articles/active-directory/fundamentals/secure-external-access-resources.md
@@ -39,7 +39,7 @@ Both methods have drawbacks. For more information, see the following table.
 | Area of concern | Local credentials | Federation |
 |----|---|---|
 | Security | - Access continues after external user terminates<br> - UserType is Member by default, which grants too much default access | - No user-level visibility  <br> - Unknown partner security posture|
-| Expense | - Password and multi-factor authentication (MFA) management<br> - Onboarding process<br> - Identity cleanup<br> - Overhead of running a separate directory | Small partners can't afford the infrastructure, lack expertise, and might user consumer email|
+| Expense | - Password and multi-factor authentication (MFA) management<br> - Onboarding process<br> - Identity cleanup<br> - Overhead of running a separate directory | Small partners can't afford the infrastructure, lack expertise, and might use consumer email|
 | Complexity | Partner users manage more credentials | Complexity grows with each new partner, and increased for partners|
 
 Azure Active Directory (Azure AD) B2B integrates with other tools in Azure AD, and Microsoft 365 services. Azure AD B2B simplifies collaboration, reduces expense, and increases security. 
diff --git a/articles/api-management/api-management-revisions.md b/articles/api-management/api-management-revisions.md
@@ -45,7 +45,7 @@ You can set a revision as current using the Azure portal. If you use PowerShell,
 
 ## Revision descriptions
 
-When you create a revision, you can set a description for your own tracking purposes. Descriptions aren't played to your API users.
+When you create a revision, you can set a description for your own tracking purposes. Descriptions aren't displayed to your API users.
 
 When you set a revision as current you can also optionally specify a public change log note. The change log is included in the developer portal for your API users to view. You can modify your change log note using the `Update-AzApiManagementApiRelease` PowerShell cmdlet.
 
diff --git a/articles/api-management/how-to-server-sent-events.md b/articles/api-management/how-to-server-sent-events.md
@@ -40,11 +40,13 @@ Follow these guidelines when using API Management to reach a backend API that im
 
 * **Avoid other policies that buffer responses** - Certain policies such as [`validate-content`](validate-content-policy.md) can also buffer response content and shouldn't be used with APIs that implement SSE.
 
+* **Avoid logging request/response body for Azure Monitor and Application Insights** - You can configure API request logging for Azure Monitor or Application Insights using diagnostic settings. The diagnostic settings allow you to log the request/response body at various stages of the request execution. For APIs that implement SSE, this can cause unexpected buffering which can lead to problems. Diagnostic settings for Azure Monitor and Application Insights configured at the global/All APIs scope apply to all APIs in the service. You can override the settings for individual APIs as needed. For APIs that implement SSE, ensure you have disabled request/response body logging for Azure Monitor and Application Insights. 
+
 * **Disable response caching** - To ensure that notifications to the client are timely, verify that [response caching](api-management-howto-cache.md) isn't enabled. For more information, see [API Management caching policies](api-management-caching-policies.md).
 
 * **Test API under load** - Follow general practices to test your API under load to detect performance or configuration issues before going into production.  
 
 ## Next steps
 
 * Learn more about [configuring policies](./api-management-howto-policies.md) in API Management.
-* Learn about API Management [capacity](api-management-capacity.md).
+* Learn about API Management [capacity](api-management-capacity.md).
diff --git a/articles/api-management/set-body-policy.md b/articles/api-management/set-body-policy.md
@@ -100,6 +100,9 @@ The `set-body` policy can be configured to use the [Liquid](https://shopify.gith
 > [!IMPORTANT]
 > In order to correctly bind to an XML body using the Liquid template, use a `set-header` policy to set Content-Type to either application/xml, text/xml (or any type ending with +xml); for a JSON body, it must be application/json, text/json (or any type ending with +json).
 
+> [!IMPORTANT]
+> Liquid templates use the request/response body in the current execution pipeline as their input. For this reason, liquid templates do not work when used inside a return-response policy. A return-response policy cancels the current execution pipeline and removes the request/response body. As a result, any liquid template used inside the return-response will receive an empty string as its input and will not produced the expected output. 
+
 ### Supported Liquid filters
 
 The following Liquid filters are supported in the `set-body` policy. For filter examples, see the [Liquid documentation](https://shopify.github.io/liquid/). 
@@ -268,4 +271,4 @@ The following example uses the `AsFormUrlEncodedContent()` expression to access
 
 * [API Management transformation policies](api-management-transformation-policies.md)
 
-[!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]
+[!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]
diff --git a/articles/applied-ai-services/form-recognizer/concept-invoice.md b/articles/applied-ai-services/form-recognizer/concept-invoice.md
@@ -172,7 +172,7 @@ See how data, including customer information, vendor details, and line items, is
 | &bullet; French (fr) | France (fr) |
 | &bullet; Italian (it) | Italy (it)|
 | &bullet; Portuguese (pt) | Portugal (pt), Brazil (br)|
-| &bullet; Dutch (de) | Netherlands (de)|
+| &bullet; Dutch (nl) | Netherlands (nl)|
 
 ## Field extraction
 
diff --git a/articles/azure-monitor/essentials/prometheus-remote-write-active-directory.md b/articles/azure-monitor/essentials/prometheus-remote-write-active-directory.md
@@ -226,7 +226,7 @@ This step is only required if you didn't enable Azure Key Vault Provider for Sec
     | Value | Description |
     |:---|:---|
     | `<CLUSTER-NAME>` | Name of your AKS cluster |
-    | `<CONTAINER-IMAGE-VERSION>` | `mcr.microsoft.com/azuremonitor/prometheus/promdev/prom-remotewrite:prom-remotewrite-20221103.1`<br>This is the remote write container image version.   |
+    | `<CONTAINER-IMAGE-VERSION>` | `mcr.microsoft.com/azuremonitor/prometheus/promdev/prom-remotewrite:prom-remotewrite-20230323.1`<br>This is the remote write container image version.   |
     | `<INGESTION-URL>` | **Metrics ingestion endpoint** from the **Overview** page for the Azure Monitor workspace |
     | `<APP-REGISTRATION -CLIENT-ID> ` | Client ID of your application |
     | `<TENANT-ID> ` | Tenant ID of the Azure Active Directory application |
diff --git a/articles/azure-monitor/essentials/prometheus-remote-write-managed-identity.md b/articles/azure-monitor/essentials/prometheus-remote-write-managed-identity.md
@@ -152,7 +152,7 @@ This step isn't required if you're using an AKS identity since it will already h
     | Value | Description |
     |:---|:---|
     | `<AKS-CLUSTER-NAME>` | Name of your AKS cluster |
-    | `<CONTAINER-IMAGE-VERSION>` | `mcr.microsoft.com/azuremonitor/prometheus/promdev/prom-remotewrite:prom-remotewrite-20221103.1`<br>This is the remote write container image version.   |
+    | `<CONTAINER-IMAGE-VERSION>` | `mcr.microsoft.com/azuremonitor/prometheus/promdev/prom-remotewrite:prom-remotewrite-20230323.1`<br>This is the remote write container image version.   |
     | `<INGESTION-URL>` | **Metrics ingestion endpoint** from the **Overview** page for the Azure Monitor workspace |
     | `<MANAGED-IDENTITY-CLIENT-ID>` | **Client ID** from the **Overview** page for the managed identity |
     | `<CLUSTER-NAME>` | Name of the cluster Prometheus is running on |
diff --git a/articles/bastion/kerberos-authentication-portal.md b/articles/bastion/kerberos-authentication-portal.md
@@ -16,7 +16,7 @@ This article shows you how to configure Azure Bastion to use Kerberos authentica
 
 ## Considerations
 
-* During Preview, the Kerberos setting for Azure Bastion can be configured in the Azure portal only.
+* During Preview, the Kerberos setting for Azure Bastion can be configured in the Azure portal only and not with native client.
 * VMs migrated from on-premises to Azure are not currently supported for Kerberos. 
 * Cross-realm authentication is not currently supported for Kerberos. 
 * Changes to DNS server are not currently supported for Kerberos. After making any changes to DNS server, you will need to delete and re-create the Bastion resource.
diff --git a/articles/healthcare-apis/azure-api-for-fhir/release-notes.md b/articles/healthcare-apis/azure-api-for-fhir/release-notes.md
@@ -18,6 +18,12 @@ Azure API for FHIR provides a fully managed deployment of the Microsoft FHIR Ser
 > [!Note]
 > Azure Health Data services is the evolved version of Azure API for FHIR enabling customers to manage FHIR, DICOM, and MedTech services with integrations into other Azure Services. To learn about Azure Health Data Services [click here](https://azure.microsoft.com/products/health-data-services/).
 
+## **April 2023**
+
+**Fixed transient issues associated with loading custom search parameters**
+This bug fix address the issue, where the FHIR service would not load the latest SearchParameter status in event of failure.
+For more details, visit [#3222](https://github.com/microsoft/fhir-server/pull/3222)
+
 ## **November 2022**
 
 **Fixed the Error generated when resource is updated using if-match header and PATCH**
diff --git a/articles/healthcare-apis/release-notes.md b/articles/healthcare-apis/release-notes.md
@@ -19,6 +19,17 @@ ms.custom: references_regions
 
 Azure Health Data Services is a set of managed API services based on open standards and frameworks for the healthcare industry. They enable you to build scalable and secure healthcare solutions by bringing protected health information (PHI) datasets together and connecting them end-to-end with tools for machine learning, analytics, and AI. This document provides details about the features and enhancements made to Azure Health Data Services including the different service types (FHIR service, DICOM service, and MedTech service) that seamlessly work with one another.
 
+## April 2023
+#### FHIR Service 
+
+**Fixed performance for Search Queries with identifiers**
+This bug fix addresses timeout issues observed for search queries with identifiers, by leveraging OPTIMIZE clause.
+For more details, visit [#3207](https://github.com/microsoft/fhir-server/pull/3207)
+
+**Fixed transient issues associated with loading custom search parameters**
+This bug fix addresses the issue, where the FHIR service would not load the latest SearchParameter status in event of failure.
+For more details, visit [#3222](https://github.com/microsoft/fhir-server/pull/3222)
+
 ## March 2023
 #### Azure Health Data Services
 
@@ -27,7 +38,6 @@ Azure Health Data Services is a set of managed API services based on open standa
 General availability (GA) of Azure Health Data services in Japan East region.
 
 
-
 ## February 2023
 #### FHIR  service
 
diff --git a/articles/virtual-machines/automatic-vm-guest-patching.md b/articles/virtual-machines/automatic-vm-guest-patching.md
@@ -239,7 +239,7 @@ Set-AzVMOperatingSystem -VM $VirtualMachine -Windows -ComputerName $ComputerName
 Use the [Set-AzVMOperatingSystem](/powershell/module/az.compute/set-azvmoperatingsystem) and [Update-AzVM](/powershell/module/az.compute/update-azvm) cmdlet to enable automatic VM guest patching on an existing VM.
 
 ```azurepowershell-interactive
-Get-AzVM -VM $VirtualMachine -Windows -ComputerName $ComputerName -Credential $Credential
+$VirtualMachine = Get-AzVM -ResourceGroupName "myResourceGroup" -Name "myVM"
 Set-AzVMOperatingSystem -VM $VirtualMachine -PatchMode "AutomaticByPlatform"
 Update-AzVM -VM $VirtualMachine
 ```
