Merge pull request #216427 from inward-eye/main

comment on M365 groups not supported

Author: Stacyrch140

articles/purview/how-to-enable-data-use-management.md

@@ -6,7 +6,7 @@ ms.author: vlrodrig
 ms.service: purview
 ms.subservice: purview-data-policies
 ms.topic: how-to
-ms.date: 8/10/2022
+ms.date: 10/31/2022
 ms.custom:
 ---
 
@@ -17,8 +17,8 @@ ms.custom:
 *Data use management* is an option within the data source registration in Microsoft Purview. This option lets Microsoft Purview manage data access for your resources. The high level concept is that the data owner allows its data resource to be available for access policies by enabling *Data use management*. 
 
 Currently, a data owner can enable Data use management on a data resource, which enables it for these types of access policies:
-
-* [Data owner access policies](concept-policies-data-owner.md) - access policies authored via Microsoft Purview data policy experience.
+* [DevOps policies](concept-policies-devops.md) 
+* [Data owner access policies](concept-policies-data-owner.md)
 * [Self-service access policies](concept-self-service-data-access-policy.md) - access policies automatically generated by Microsoft Purview after a [self-service access request](how-to-request-access.md) is approved.
 
 To be able to create any data policy on a resource, Data use management must first be enabled on that resource. This article will explain how to enable Data use management on your resources in Microsoft Purview.

articles/purview/how-to-policies-data-owner-authoring-generic.md

@@ -68,7 +68,7 @@ Ensure you have the *Policy Author* permission as described [here](how-to-enable
 
     :::image type="content" source="./media/how-to-policies-data-owner-authoring-generic/select-asset.png" alt-text="Screenshot showing data owner can select the asset when creating or editing a policy statement.":::
 
-1. Select the **Subjects** button and enter the subject identity as a principal, group, or MSI. Then select the **OK** button. This will take you back to the policy editor
+1. Select the **Subjects** button and enter the subject identity as a principal, group, or MSI. Note that Microsoft 365 groups are not supported. Then select the **OK** button. This will take you back to the policy editor.
 
     :::image type="content" source="./media/how-to-policies-data-owner-authoring-generic/select-subject.png" alt-text="Screenshot showing data owner can select the subject when creating or editing a policy statement.":::
 

articles/purview/how-to-policies-devops-authoring-generic.md

@@ -41,7 +41,7 @@ To create a new DevOps policy, ensure first that you have the Microsoft Purview
 1.  Select the **Data source type** and then one of the listed data sources under **Data source name**. Then click on **Select**. This will take you back to the New Policy experience
 ![Screenshot shows to select a data source for policy.](./media/how-to-policies-devops-authoring-generic/select-a-data-source.png)
 
-1. Select one of two roles, *SQL Performance monitor* or *SQL Security auditor*. Then select **Add/remove subjects**. This will open the Subject window. Type the name of an Azure AD principal (user, group or service principal) in the **Select subjects** box. Keep adding or removing subjects until you are satisfied. Select **Save**. This will take you back to the prior window.
+1. Select one of two roles, *SQL Performance monitor* or *SQL Security auditor*. Then select **Add/remove subjects**. This will open the Subject window. Type the name of an Azure AD principal (user, group or service principal) in the **Select subjects** box. Note that Microsoft 365 groups are not supported. Keep adding or removing subjects until you are satisfied. Select **Save**. This will take you back to the prior window.
 ![Screenshot shows to select role and subject for policy.](./media/how-to-policies-devops-authoring-generic/select-role-and-subjects.png)
 
 1. Select **Save** to save the policy. A policy has been created and automatically published. Enforcement will start at the data source within 5 minutes.

articles/purview/index.yml

@@ -190,10 +190,14 @@ landingContent:
       links:
         - text: Registering data sources for Data Use Management
           url: how-to-enable-data-use-management.md
+        - text: DevOps policies - Create, list, update and delete policies
+          url: how-to-policies-devops-authoring-generic.md
+        - text: DevOps policies - Azure SQL Database 
+          url: how-to-policies-devops-azure-sql-db.md
+        - text: DevOps policies - Azure Arc enabled SQL Servers
+          url: how-to-policies-devops-arc-sql-server.md
         - text: Authoring and publishing data owner access policies
           url: how-to-policies-data-owner-authoring-generic.md
-    - linkListType: tutorial
-      links:
         - text: Data owner policies for Azure Storage
           url: how-to-policies-data-owner-storage.md
         - text: Data owner policies on resource groups or subscriptions

articles/purview/microsoft-purview-connector-overview.md

@@ -48,7 +48,7 @@ The table below shows the supported capabilities for each data source. Select th
 || [SAP HANA](register-scan-sap-hana.md) | [Yes](register-scan-sap-hana.md#register) | No | No | No | No |
 || [Snowflake](register-scan-snowflake.md) | [Yes](register-scan-snowflake.md#register) | No | [Yes](register-scan-snowflake.md#lineage) | No | No |
 ||    [SQL Server](register-scan-on-premises-sql-server.md)| [Yes](register-scan-on-premises-sql-server.md#register) |[Yes](register-scan-on-premises-sql-server.md#scan) | No* | No| No |
-||    SQL Server on Azure-Arc| No |No | No |[Yes (Preview)](how-to-policies-data-owner-arc-sql-server.md) | No |
+||    **SQL Server on Azure-Arc**| No |No | No |Preview: [1.DevOps policies](how-to-policies-devops-arc-sql-server.md) [2.Data Owner](how-to-policies-data-owner-arc-sql-server.md) | No |
 ||    [Teradata](register-scan-teradata-source.md)| [Yes](register-scan-teradata-source.md#register)| [Yes](register-scan-teradata-source.md#scan)| [Yes*](register-scan-teradata-source.md#lineage) | No| No |
 |File|[Amazon S3](register-scan-amazon-s3.md)|[Yes](register-scan-amazon-s3.md)| [Yes](register-scan-amazon-s3.md)| Limited* | No| No |
 ||[HDFS](register-scan-hdfs.md)|[Yes](register-scan-hdfs.md)| [Yes](register-scan-hdfs.md)| No | No| No |

articles/purview/register-scan-azure-multiple-sources.md

@@ -6,8 +6,8 @@ ms.author: viseshag
 ms.service: purview
 ms.subservice: purview-data-map
 ms.topic: how-to
-ms.date: 11/02/2021
-ms.custom: template-how-to, ignite-fall-2021
+ms.date: 10/28/2022
+ms.custom: template-how-to
 ---
 
 # Connect to and manage multiple Azure sources in Microsoft Purview
@@ -156,6 +156,7 @@ To manage a scan, do the following:
 
 ### Supported policies
 The following types of policies are supported on this data resource from Microsoft Purview:
+- [DevOps policies](concept-policies-devops.md)
 - [Data owner policies](concept-policies-data-owner.md)
 
 
@@ -178,6 +179,7 @@ Once your data source has the  **Data Use Management** option set to **Enabled**
 
 ### Create a policy
 To create an access policy on an entire Azure subscription or resource group, follow these guide:
+* [DevOps policy covering all sources in a subscription or resource group](./how-to-policies-devops-authoring-generic.md#create-a-new-devops-policy)
 * [Data owner policy covering all sources in a subscription or resource group](./how-to-policies-data-owner-resource-group.md#create-and-publish-a-data-owner-policy) - This guide will allow you to provision access on all enabled data sources in a resource group, or across an Azure subscription. The pre-requisite is that the subscription or resource group is registered with the Data use management option enabled. 
 
 

articles/purview/register-scan-azure-sql-database.md

@@ -5,8 +5,8 @@ author: athenads
 ms.author: athenadsouza
 ms.service: purview
 ms.topic: how-to
-ms.date: 10/04/2022
-ms.custom: template-how-to, ignite-fall-2021
+ms.date: 10/28/2022
+ms.custom: template-how-to
 ---
 # Connect to Azure SQL Database in Microsoft Purview
 
@@ -362,6 +362,7 @@ Scans can be managed or run again on completion
 
 ### Supported policies
 The following types of policies are supported on this data resource from Microsoft Purview:
+- [DevOps policies](concept-policies-devops.md)
 - [Data owner policies](concept-policies-data-owner.md)
 
 ### Access policy pre-requisites on Azure SQL Database
@@ -382,7 +383,8 @@ Once your data source has the **Data Use Management** option *Enabled*, it will
 
 ### Create a policy
 To create an access policy for Azure SQL Database, follow these guides:
-* [Data owner policy on a single Azure SQL Database account](./how-to-policies-data-owner-azure-sql-db.md#create-and-publish-a-data-owner-policy) - This guide will allow you to provision access on a single Azure SQL Database account in your subscription.
+* [DevOps policy on a single Azure SQL Database](./how-to-policies-devops-azure-sql-db.md#create-a-new-devops-policy)
+* [Data owner policy on a single Azure SQL Database](./how-to-policies-data-owner-azure-sql-db.md#create-and-publish-a-data-owner-policy) - This guide will allow you to provision access on a single Azure SQL Database account in your subscription.
 * [Data owner policy covering all sources in a subscription or resource group](./how-to-policies-data-owner-resource-group.md) - This guide will allow you to provision access on all enabled data sources in a resource group, or across an Azure subscription. The pre-requisite is that the subscription or resource group is registered with the Data use management option enabled. 
 
 ## Lineage (Preview)