Merge pull request #250973 from MicrosoftDocs/JasonWHowell-patch-1

prmerger-automator[bot] · web-flow · commit e7660017dec3 · 2023-09-12T05:49:41.000Z
Fix absolute links
diff --git a/articles/active-directory/external-identities/tenant-restrictions-v2.md b/articles/active-directory/external-identities/tenant-restrictions-v2.md
@@ -46,7 +46,7 @@ While [tenant restrictions v1](../manage-apps/tenant-restrictions.md) provide au
 
 In your organization's [cross-tenant access settings](cross-tenant-access-overview.md), you can configure a tenant restrictions v2 policy. After you create the policy, there are three ways to apply the policy in your organization.
 
-- **Universal tenant restrictions v2**. This option provides both authentication plane and data plane protection without a corporate proxy. [Universal tenant restrictions](https://learn.microsoft.com/azure/global-secure-access/how-to-universal-tenant-restrictions) use Global Secure Access (preview) to tag all traffic no matter the operating system, browser, or device form factor. It allows support for both client and remote network connectivity.
+- **Universal tenant restrictions v2**. This option provides both authentication plane and data plane protection without a corporate proxy. [Universal tenant restrictions](/azure/global-secure-access/how-to-universal-tenant-restrictions) use Global Secure Access (preview) to tag all traffic no matter the operating system, browser, or device form factor. It allows support for both client and remote network connectivity.
 - **Authentication plane tenant restrictions v2**. You can deploy a corporate proxy in your organization and [configure the proxy to set tenant restrictions v2 signals](#option-2-set-up-tenant-restrictions-v2-on-your-corporate-proxy) on all traffic to Microsoft Entra and Microsoft Accounts (MSA).
 - **Windows tenant restrictions v2**. For your corporate-owned Windows devices, you can enforce both authentication plane and data plane protection by enforcing tenant restrictions directly on devices. Tenant restrictions are enforced upon resource access, providing data path coverage and protection against token infiltration. A corporate proxy isn't required for policy enforcement. Devices can be Azure AD managed or domain-joined devices that are managed via Group Policy.
 
@@ -341,7 +341,7 @@ There are three options for enforcing tenant restrictions v2 for clients:
 
 ### Option 1: Universal tenant restrictions v2 as part of Microsoft Entra Global Secure Access (preview)
 
-Universal tenant restrictions v2 as part of [Microsoft Entra Global Secure Access](https://learn.microsoft.com/azure/global-secure-access/overview-what-is-global-secure-access) is recommended because it provides authentication and data plane protection for all devices and platforms. This option provides more protection against sophisticated attempts to bypasses authentication. For example, attackers might try to allow anonymous access to a malicious tenant’s apps, such as anonymous meeting join in Teams. Or, attackers might attempt to import to your organizational device an access token lifted from a device in the malicious tenant. Universal tenant restrictions v2 prevents these attacks by sending tenant restrictions v2 signals on the authentication plane (Microsoft Entra and Microsoft Account) and data plane (Microsoft cloud applications).
+Universal tenant restrictions v2 as part of [Microsoft Entra Global Secure Access](/azure/global-secure-access/overview-what-is-global-secure-access) is recommended because it provides authentication and data plane protection for all devices and platforms. This option provides more protection against sophisticated attempts to bypasses authentication. For example, attackers might try to allow anonymous access to a malicious tenant’s apps, such as anonymous meeting join in Teams. Or, attackers might attempt to import to your organizational device an access token lifted from a device in the malicious tenant. Universal tenant restrictions v2 prevents these attacks by sending tenant restrictions v2 signals on the authentication plane (Microsoft Entra and Microsoft Account) and data plane (Microsoft cloud applications).
 
 ### Option 2: Set up tenant restrictions v2 on your corporate proxy
 
diff --git a/articles/azure-monitor/logs/private-link-design.md b/articles/azure-monitor/logs/private-link-design.md
@@ -108,7 +108,7 @@ That granularity allows you to set access according to your needs, per workspace
 Blocking queries from public networks means clients like machines and SDKs outside of the connected AMPLSs can't query data in the resource. That data includes logs, metrics, and the live metrics stream. Blocking queries from public networks affects all experiences that run these queries, such as workbooks, dashboards, insights in the Azure portal, and queries run from outside the Azure portal.
 
 > [!NOTE]
-> There are certain exceptions where these settings do not apply. You can find details with regards to it in [this](https://learn.microsoft.com/azure/azure-monitor/logs/private-link-design#exceptions) below section.
+> There are certain exceptions where these settings do not apply. You can find details in [the following section](#exceptions).
 
 Your [data collection endpoints](../essentials/data-collection-endpoint-overview.md) can be set to accept or block access from public networks (networks not connected to the resource AMPLS).
 
diff --git a/articles/stream-analytics/set-up-cicd-pipeline.md b/articles/stream-analytics/set-up-cicd-pipeline.md
@@ -176,7 +176,7 @@ Open a web browser and navigate to your Azure Stream Analytics Visual Studio Cod
 > [!NOTE]
 > The `Override template parameters` is not applicable for ARM --v2 builds since parameters are passed as objects. To address this, it's recommended to include a PowerShell script in your pipeline to read the parameter file as JSON and make the necessary parameter modifications.
 >
-> For more guidance on adding the PowerShell script, please refer to [ConvertFrom-Json](https://learn.microsoft.com/powershell/module/microsoft.powershell.utility/convertfrom-json) and [Update Object in JSON file](https://stackoverflow.com/questions/65753594/update-object-in-json-file-using-powershell).
+> For more guidance on adding the PowerShell script, please refer to [ConvertFrom-Json](/powershell/module/microsoft.powershell.utility/convertfrom-json) and [Update Object in JSON file](https://stackoverflow.com/questions/65753594/update-object-in-json-file-using-powershell).
 
 1. From the tasks dropdown, select **Deploy job to test environment**.
 
@@ -221,4 +221,4 @@ To create a release, select **Create release** in the top-right corner.
 ## Next steps
 
 * [Continuous integration and Continuous deployment for Azure Stream Analytics](cicd-overview.md)
-* [Automate build, test, and deployment of an Azure Stream Analytics job using CI/CD tools](cicd-tools.md)
+* [Automate build, test, and deployment of an Azure Stream Analytics job using CI/CD tools](cicd-tools.md)
