Merge pull request #194996 from MicrosoftDocs/main

4/13 AM Publish

Author: huypub

.openpublishing.redirection.json

@@ -36613,6 +36613,11 @@
       "redirect_url": "/azure/cognitive-services/Computer-vision/quickstarts-sdk/csharp-sdk",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/cognitive-services/Computer-vision/Tutorials/CSharpTutorial.md",
+      "redirect_url": "/azure/cognitive-services/Computer-vision/overview-image-analysis",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/cognitive-services/Content-Moderator/Review-Tool-User-Guide/Upload-Images.md",
       "redirect_url": "/azure/cognitive-services/content-moderator",

articles/active-directory/authentication/howto-authentication-passwordless-security-key.md

@@ -99,6 +99,7 @@ There are two ways to get your AAGUID. You can either ask your security key prov
 1. Click **Security Info**.
    1. If the user already has at least one Azure AD Multi-Factor Authentication method registered, they can immediately register a FIDO2 security key.
    1. If they don't have at least one Azure AD Multi-Factor Authentication method registered, they must add one.
+   1. An Administrator can issue a [Temporary Access Pass](howto-authentication-temporary-access-pass.md) to allow the user to register a Passwordless authentication method.
 1. Add a FIDO2 Security key by clicking **Add method** and choosing **Security key**.
 1. Choose **USB device** or **NFC device**.
 1. Have your key ready and choose **Next**.
@@ -141,4 +142,4 @@ If a user's UPN changes, you can no longer modify FIDO2 security keys to account
 
 [Learn more about device registration](../devices/overview.md)
 
-[Learn more about Azure AD Multi-Factor Authentication](../authentication/howto-mfa-getstarted.md)
+[Learn more about Azure AD Multi-Factor Authentication](../authentication/howto-mfa-getstarted.md)

articles/active-directory/develop/msal-net-token-cache-serialization.md

@@ -34,7 +34,7 @@ The recommendation is:
 
         A shared cache is faster because it's not serialized. However, the memory will grow as tokens are cached. The number of tokens is equal to the number of tenants times the number of downstream APIs. An app token is about 2 KB in size, whereas tokens for a user are about 7 KB in size. It's great for development, or if you have few users. 
     -	If you  want to use an in-memory token cache and control its size and eviction policies, use the [Microsoft.Identity.Web in-memory cache option](msal-net-token-cache-serialization.md?tabs=aspnet#in-memory-token-cache-1).
--	If you build an SDK and want to write your own token cache serializer for confidential client applications, inherit from [Microsoft.Identity.Web.MsalAsbtractTokenCacheProvider](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.TokenCache/MsalAbstractTokenCacheProvider.cs) and override the `WriteCacheBytesAsync` and `ReadCacheBytesAsync` methods.
+-	If you build an SDK and want to write your own token cache serializer for confidential client applications, inherit from [Microsoft.Identity.Web.MsalAbstractTokenCacheProvider](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.TokenCache/MsalAbstractTokenCacheProvider.cs) and override the `WriteCacheBytesAsync` and `ReadCacheBytesAsync` methods.
 
 
 ## [ASP.NET Core web apps and web APIs](#tab/aspnetcore)
@@ -496,7 +496,7 @@ The strategies are different depending on whether you're writing a token cache s
 
 ### Custom token cache for a web app or web API (confidential client application)
 
-If you want to write your own token cache serializer for confidential client applications, we recommend that you inherit from [Microsoft.Identity.Web.MsalAsbtractTokenCacheProvider](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.TokenCache/MsalAbstractTokenCacheProvider.cs) and override the `WriteCacheBytesAsync` and `ReadCacheBytesAsync` methods.
+If you want to write your own token cache serializer for confidential client applications, we recommend that you inherit from [Microsoft.Identity.Web.MsalAbstractTokenCacheProvider](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.TokenCache/MsalAbstractTokenCacheProvider.cs) and override the `WriteCacheBytesAsync` and `ReadCacheBytesAsync` methods.
 
 Examples of token cache serializers are provided in [Microsoft.Identity.Web/TokenCacheProviders](https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.TokenCache).
 

articles/active-directory/enterprise-users/directory-delete-howto.md

@@ -57,7 +57,7 @@ Expired (30 days) | Data accessible to all| Users have normal access to Microsof
 Disabled (30 days) | Data accessible to admin only | Users can’t access Microsoft 365 files, or apps<br>Admins can access the Microsoft 365 admin center but can’t assign licenses to or update users
 Deprovisioned  (30 days after Disabled) | Data deleted (automatically deleted if no other services are in use) | Users can’t access Microsoft 365 files, or apps<br>Admins can access the Microsoft 365 admin center to purchase and manage other subscriptions
 
-## Delete a subscription
+## Delete a Office/Microsoft 365 subscription
 
 You can put a subscription into the **Deprovisioned** state to be deleted in three days using the Microsoft 365 admin center.
 
@@ -88,6 +88,16 @@ You can put a subscription into the **Deprovisioned** state to be deleted in thr
 1. Once you have deleted a subscription in your organization and 72 hours have elapsed, you can sign back into the Azure AD admin center again and there should be no required action and no subscriptions blocking your organization deletion. You should be able to successfully delete your Azure AD organization.
 
    ![pass subscription check at deletion screen](./media/directory-delete-howto/delete-checks-passed.png)
+   
+## Delete an Azure subscription
+
+If you have an Active or Cancelled Azure Subscription associated to your Azure AD Tenant then you would not be able to delete Azure AD Tenant. After you cancel, billing is stopped immediately. However, Microsoft waits 30 - 90 days before permanently deleting your data in case you need to access it or you change your mind. We don't charge you for keeping the data. 
+
+- If you have a free trial or pay-as-you-go subscription, you don't have to wait 90 days for the subscription to automatically delete. You can delete your subscription three days after you cancel it. The Delete subscription option isn't available until three days after you cancel your subscription. For more details please read through [Delete free trial or pay-as-you-go subscriptions](https://docs.microsoft.com/azure/cost-management-billing/manage/cancel-azure-subscription#delete-free-trial-or-pay-as-you-go-subscriptions).
+- All other subscription types are deleted only through the [subscription cancellation](https://docs.microsoft.com/azure/cost-management-billing/manage/cancel-azure-subscription#cancel-subscription-in-the-azure-portal) process. In other words, you can't delete a subscription directly unless it's a free trial or pay-as-you-go subscription. However, after you cancel a subscription, you can create an [Azure support request](https://go.microsoft.com/fwlink/?linkid=2083458) to ask to have the subscription deleted immediately.
+- Alternatively, you can also move/transfer the Azure subscription to another Azure AD tenant account. When you transfer billing ownership of your subscription to an account in another Azure AD tenant, you can move the subscription to the new account's tenant. Additionally, perfoming Switch Directory on the subscription would not help as the billing would still be aligned with Azure AD Tenant which was used to sign up for the subscription. For more information review [Transfer a subscription to another Azure AD tenant account](https://docs.microsoft.com/azure/cost-management-billing/manage/billing-subscription-transfer#transfer-a-subscription-to-another-azure-ad-tenant-account)
+
+Once you have all the Azure and Office/Microsoft 365 Subscriptions cancelled and deleted you can proceed with cleaning up rest of the things within Azure AD Tenant before actually delete it.
 
 ## Enterprise apps with no way to delete
 

articles/active-directory/enterprise-users/groups-assign-sensitivity-labels.md

@@ -66,7 +66,7 @@ To apply published labels to groups, you must first enable the feature. These st
 1. Save the changes and apply the settings:
 
     ```powershell
-    Set-AzureADDirectorySetting -Id $grpUnifiedSetting.Id -DirectorySetting $setting
+    Set-AzureADDirectorySetting -Id $grpUnifiedSetting.Id -DirectorySetting $Setting
     ```
 
 If you’re receiving a Request_BadRequest error, it's because the settings already exist in the tenant, so when you try to create a new property:value pair, the result is an error. In this case, take the following steps:
@@ -160,4 +160,4 @@ If you must make a change, use an [Azure AD PowerShell script](https://github.co
 - [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites)
 - [Update groups after label policy change manually with Azure AD PowerShell script](https://github.com/microsoftgraph/powershell-aad-samples/blob/master/ReassignSensitivityLabelToO365Groups.ps1)
 - [Edit your group settings](../fundamentals/active-directory-groups-settings-azure-portal.md)
-- [Manage groups using PowerShell commands](../enterprise-users/groups-settings-v2-cmdlets.md)
+- [Manage groups using PowerShell commands](../enterprise-users/groups-settings-v2-cmdlets.md)

articles/active-directory/privileged-identity-management/pim-create-azure-ad-roles-and-resource-roles-review.md

@@ -143,6 +143,7 @@ Based on your selections in **Upon completion settings**, auto-apply will be exe
 > [!NOTE]
 > It is possible for a security group to have other groups assigned to it. In this case, only the users assigned directly to the security group assigned to the role will appear in the review of the role.
 
+
 ## Update the access review
 
 After one or more access reviews have been started, you may want to modify or update the settings of your existing access reviews. Here are some common scenarios that you might want to consider:

articles/app-service/reference-app-settings.md

@@ -334,6 +334,7 @@ For more information on custom containers, see [Run a custom container in Azure]
 | `DOCKER_REGISTRY_SERVER_URL` | URL of the registry server, when running a custom container in App Service. For security, this variable is not passed on to the container. | `https://<server-name>.azurecr.io` |
 | `DOCKER_REGISTRY_SERVER_USERNAME` | Username to authenticate with the registry server at `DOCKER_REGISTRY_SERVER_URL`. For security, this variable is not passed on to the container. ||
 | `DOCKER_REGISTRY_SERVER_PASSWORD` | Password to authenticate with the registry server at `DOCKER_REGISTRY_SERVER_URL`. For security, this variable is not passed on to the container. ||
+| `DOCKER_ENABLE_CI` | Set to `true` to enable the continuous deployment for custom containers. The default is `false` for custom containers. ||
 | `WEBSITE_PULL_IMAGE_OVER_VNET` | Connect and pull from a registry inside a Virtual Network or on-premise. Your app will need to be connected to a Virtual Network using VNet integration feature. This setting is also needed for Azure Container Registry with Private Endpoint. ||
 | `WEBSITES_WEB_CONTAINER_NAME` | In a Docker Compose app, only one of the containers can be internet accessible. Set to the name of the container defined in the configuration file to override the default container selection. By default, the internet accessible container is the first container to define port 80 or 8080, or, when no such container is found, the first container defined in the configuration file. |  |
 | `WEBSITES_PORT` | For a custom container, the custom port number on the container for App Service to route requests to. By default, App Service attempts automatic port detection of ports 80 and 8080. This setting is *not* injected into the container as an environment variable. ||

articles/azure-app-configuration/manage-feature-flags.md

@@ -4,16 +4,16 @@ titleSuffix: Azure App Configuration
 description: In this tutorial, you learn how to manage feature flags separately from your application by using Azure App Configuration.
 services: azure-app-configuration
 documentationcenter: ''
-author: AlexandraKemperMS
+author: maud-lv
 editor: ''
 
 ms.assetid: 
 ms.service: azure-app-configuration
 ms.workload: tbd
 ms.devlang: csharp
 ms.topic: tutorial
-ms.date: 04/19/2019
-ms.author: alkemper
+ms.date: 04/05/2022
+ms.author: malev
 ms.custom: "devx-track-csharp, mvc"
 
 #Customer intent: I want to control feature availability in my app by using App Configuration.
@@ -35,44 +35,53 @@ The Feature Manager in the Azure portal for App Configuration provides a UI for
 
 To add a new feature flag:
 
-1. Select **Feature Manager** > **+Add** to add a feature flag.
+1. Open an Azure App Configuration store and from the **Operations** menu, select **Feature Manager** > **+Add**.
+:::image type="content" source="media/add-feature-flag.png" alt-text="Screenshot of the Azure platform. Add a feature flag." lightbox="media/add-feature-flag-expanded.png":::
 
-    ![Feature flag list](./media/azure-app-configuration-feature-flags.png)
+1. Check the box **Enable feature flag** to make the new feature flag active as soon as the flag has been created.
 
-1. Enter a unique key name for the feature flag. You need this name to reference the flag in your code.
+1. Enter a **Feature flag name**. The feature flag name is the unique ID of the flag, and the name that should be used when referencing the flag in code.
 
-1. If you want, give the feature flag a description.
+1. You can edit the key for your feature flag. The default value for this key is the name of your feature flag. You can change the key to add a prefix, which can be used to find specific feature flags when loading the feature flags in your application. For example, using the application's name as prefix such as **appname:featureflagname**.
 
-1. Set the initial state of the feature flag. This state is usually *Off* or *On*. The *On* state changes to *Conditional* if you add a filter to the feature flag.
+1. Optionally select an existing label or create a new one, and enter a description for the new feature flag.
 
-    ![Feature flag creation](./media/azure-app-configuration-feature-flag-create.png)
+1. Leave the **Use feature filter** box unchecked and select **Apply** to create the feature flag. To learn more about feature filters, visit [Use feature filters to enable conditional feature flags](howto-feature-filters-aspnet-core.md) and [Enable staged rollout of features for targeted audiences](howto-targetingfilter-aspnet-core.md).
+:::image type="content" source="media/create-feature-flag.png" alt-text="Screenshot of the Azure platform. Feature flag creation form.":::
 
-1. When the state is *On*, select **+Add filter** to specify any additional conditions to qualify the state. Enter a built-in or custom filter key, and then select **+Add parameter** to associate one or more parameters with the filter. Built-in filters include:
+## Update feature flags
 
-    | Key | JSON parameters |
-    |---|---|
-    | Microsoft.Percentage | {"Value": 0-100 percent} |
-    | Microsoft.TimeWindow | {"Start": UTC time, "End": UTC time} |
-    | Microsoft.Targeting | { "Audience": JSON blob defining users, groups, and rollout percentages. See an example under the `EnabledFor` element of [this settings file](https://github.com/microsoft/FeatureManagement-Dotnet/blob/master/examples/FeatureFlagDemo/appsettings.json) }
+To update a feature flag:
 
-    ![Feature flag filter](./media/azure-app-configuration-feature-flag-filter.png)
+1. From the **Operations** menu, select **Feature Manager**.
 
-## Update feature flag states
+1. Move to the right end of the feature flag you want to modify, select the **More actions** ellipsis (**...**). From this menu, you can edit the flag, create a label, lock or delete the feature flag.
+:::image type="content" source="media/edit-feature-flag.png" alt-text="Screenshot of the Azure platform. Edit a feature flag." lightbox="media/edit-feature-flag-expanded.png":::
 
-To change a feature flag's state value:
+1. Select **Edit** and update the feature flag.
 
-1. Select **Feature Manager**.
+In the **Feature manager**, you can also change the state of a feature flag by checking or unchecking the **Enable Feature flag** checkbox.
 
-1. To the right of a feature flag you want to modify, select the ellipsis (**...**), and then select **Edit**.
+## Access feature flags
 
-1. Set a new state for the feature flag.
+In the **Operations** menu, select **Feature manager**. You can select **Edits Columns** to add or remove columns, and change the column order.
+create a label, lock or delete the feature flag.
+:::image type="content" source="media/edit-columns-feature-flag.png" alt-text="Screenshot of the Azure platform. Edit feature flag columns." lightbox="media/edit-columns-feature-flag-expanded.png":::
 
-## Access feature flags
+Feature flags created with the Feature Manager are stored and retrieved as regular key-values. They're kept under a special namespace prefix `.appconfig.featureflag`.
 
-Feature flags created by the Feature Manager are stored and retrieved as regular key values. They're kept under a special namespace prefix `.appconfig.featureflag`. To view the underlying key values, use the Configuration Explorer. Your application can retrieve these values by using the App Configuration configuration providers, SDKs, command-line extensions, and REST APIs.
+To view the underlying key-values:
 
-## Next steps
+1. In the **Operations** menu, open the **Configuration explorer**.
+
+1. Select **Manage view** > **Settings**.
 
-In this tutorial, you learned how to manage feature flags and their states by using App Configuration. For more information about feature-management support in App Configuration and ASP.NET Core, see the following article:
+1. Select **Include feature flags in the configuration explorer** and **Apply**.
+:::image type="content" source="media/include-feature-flag-configuration-explorer.png" alt-text="Screenshot of the Azure platform. Include feature flags in Configuration explorer." lightbox="media/include-feature-flag-configuration-explorer.png":::
+
+Your application can retrieve these values by using the App Configuration configuration providers, SDKs, command-line extensions, and REST APIs.
+
+## Next steps
 
-* [Use feature flags in an ASP.NET Core app](./use-feature-flags-dotnet-core.md)
+> [!div class="nextstepaction"]
+> [Enable staged rollout of features for targeted audiences](./howto-targetingfilter-aspnet-core.md)