Merge branch 'MicrosoftDocs:main' into master

mathapli · web-flow · commit ebf82d7641e9 · 2024-11-11T22:46:59.000+05:30
diff --git a/articles/azure-cache-for-redis/cache-azure-active-directory-for-authentication.md b/articles/azure-cache-for-redis/cache-azure-active-directory-for-authentication.md
@@ -147,6 +147,7 @@ The following table includes links to code samples. They demonstrate how to conn
 | Client library  | Language   | Link to sample code|
 |----|----|----|
 | StackExchange.Redis | .NET           | [StackExchange.Redis code sample](https://github.com/Azure/Microsoft.Azure.StackExchangeRedis)   |
+| go-redis            | Go             | [go-redis code sample](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#example-package-Redis) |
 | redis-py            | Python         | [redis-py code sample](https://aka.ms/redis/aad/sample-code/python)        |
 | Jedis               | Java           | [Jedis code sample](https://aka.ms/redis/aad/sample-code/java-jedis)    |
 | Lettuce             | Java           | [Lettuce code sample](https://aka.ms/redis/aad/sample-code/java-lettuce)  |
diff --git a/articles/azure-resource-manager/bicep/bicep-cli.md b/articles/azure-resource-manager/bicep/bicep-cli.md
@@ -3,7 +3,7 @@ title: Bicep CLI commands and overview
 description: Describes the commands that you can use in the Bicep CLI. These commands include building Azure Resource Manager templates from Bicep.
 ms.topic: reference
 ms.custom: devx-track-azurecli, devx-track-bicep, devx-track-arm-template
-ms.date: 10/23/2024
+ms.date: 10/30/2024
 ---
 
 # Bicep CLI commands
@@ -140,6 +140,99 @@ To install a specific version:
 az bicep install --version v0.3.255
 ```
 
+## jsonrpc
+
+The `jsonrpc` command enables running the Bicep CLI with a JSON-RPC interface, allowing for programmatic interaction with structured output and avoiding cold-start delays when compiling multiple files. This setup also supports building libraries to interact with Bicep files programmatically in non-.NET languages.
+
+The wire format for sending and receiving input/output is header-delimited, using the following structure, where `\r` and `\n` represent carriage return and line feed characters:
+
+```
+Content-Length: <length>\r\n\r\n<message>\r\n\r\n
+```
+
+* `<length>` is the length of the `<message>` string, including the trailing `\r\n\r\n`.
+* `<message>` is the raw JSON message.
+
+For example:
+
+```
+Content-Length: 72\r\n\r\n{"jsonrpc": "2.0", "id": 0, "method": "bicep/version", "params": {}}\r\n\r\n
+```
+
+The following message shows an example for Bicep version.
+
+* The input:
+
+  ```json
+  {
+    "jsonrpc": "2.0",
+    "id": 0,
+    "method": "bicep/version",
+    "params": {}
+  }
+  ```
+  
+* The output:
+
+  ```json
+  {
+    "jsonrpc": "2.0",
+    "id": 0,
+    "result": {
+      "version": "0.24.211"
+    }
+  }
+  ```
+
+For the available methods & request/response bodies, see [`ICliJsonRpcProtocol.cs`](https://github.com/Azure/bicep/blob/main/src/Bicep.Cli/Rpc/ICliJsonRpcProtocol.cs).
+For an example establishing a JSONRPC connection and interacting with Bicep files programmatically using Node, see [`jsonrpc.test.ts`](https://github.com/Azure/bicep/blob/main/src/Bicep.Cli.E2eTests/src/jsonrpc.test.ts).
+
+### Usage for named pipe
+
+Use the following syntax to connect to an existing named pipe as a JSONRPC client.
+
+```bicep cli
+bicep jsonrpc --pipe <named_pipe>`
+```
+
+`<named_pipe>` is an existing named pipe to connect the JSONRPC client to.
+
+To connect to a named pipe on OSX/Linux :
+
+```bicep cli
+bicep jsonrpc --pipe /tmp/bicep-81375a8084b474fa2eaedda1702a7aa40e2eaa24b3.sock
+```
+
+To connect to a named pipe on Windows :
+
+```bicep cli
+bicep jsonrpc --pipe \\.\pipe\\bicep-81375a8084b474fa2eaedda1702a7aa40e2eaa24b3.sock`
+```
+
+For more examples, see [C#](https://github.com/Azure/bicep/blob/096c32f9d5c42bfb85dff550f72f3fe16f8142c7/src/Bicep.Cli.IntegrationTests/JsonRpcCommandTests.cs#L24-L50) and [node.js](https://github.com/anthony-c-martin/bicep-node/blob/4769e402f2d2c1da8d27df86cb3d62677e7a7456/src/utils/jsonrpc.ts#L117-L151).
+
+### Usage for TCP socket
+
+Use the following syntax to connect to an existing TCP socket as a JSONRPC client.
+
+```bicep cli
+bicep jsonrpc --socket <tcp_socket>
+```
+
+`<tcp_socket>` is a socket number to connect the JSONRPC client to.
+
+To connect to a TCP socket
+
+`bicep jsonrpc --socket 12345`
+
+### Usage for stdin and stdout
+
+Use the following syntax to run the JSONRPC interface using stdin & stdout for messages.
+
+```bicep cli
+bicep jsonrpc --stdio
+```
+
 ## lint
 
 The `lint` command returns the errors and the [linter rule](./linter.md) violations of a Bicep file.
@@ -264,19 +357,19 @@ module stgModule 'br:exampleregistry.azurecr.io/bicep/modules/storage:v1' = {
 
 The local cache is found in:
 
-- On Windows
+* On Windows
 
     ```path
     %USERPROFILE%\.bicep\br\<registry-name>.azurecr.io\<module-path\<tag>
     ```
 
-- On Linux
+* On Linux
 
     ```path
     /home/<username>/.bicep
     ```
 
-- On Mac
+* On Mac
 
     ```path
     ~/.bicep
@@ -318,6 +411,6 @@ If the Bicep CLI hasn't been installed, you'll encounter an error message statin
 
 To learn about deploying a Bicep file, see:
 
-- [Azure CLI](deploy-cli.md)
-- [Cloud Shell](deploy-cloud-shell.md)
-- [PowerShell](deploy-powershell.md)
+* [Azure CLI](deploy-cli.md)
+* [Cloud Shell](deploy-cloud-shell.md)
+* [PowerShell](deploy-powershell.md)
diff --git a/articles/cost-management-billing/costs/export-cost-data-storage-account-sas-key.md b/articles/cost-management-billing/costs/export-cost-data-storage-account-sas-key.md
@@ -18,8 +18,10 @@ Often, partners don't have their own Azure subscriptions in the tenant associate
 
 ## Requirements
 
+- **Availability:** This feature is available only in the public cloud. 
+
 - You must be a partner with a Microsoft Partner Agreement. Your customers on the Azure plan must have a signed Microsoft Customer Agreement.
-    - SAS key-based export isn't supported for indirect enterprise agreements.
+- SAS key-based export isn't supported for indirect enterprise agreements.
 - SAS key-based export is available for partners that sign in to the Azure portal from a partner tenant. However, the SAS key option isn't supported if you're using Azure Lighthouse for customer management.
 - You must be global admin for your partner organization's billing account.
 - You must have access to configure a storage account that's in a different tenant of your partner organization. You're responsible for maintaining permissions and data access when your export data to your storage account.
diff --git a/articles/frontdoor/TOC.yml b/articles/frontdoor/TOC.yml
@@ -154,6 +154,8 @@
           href: front-door-url-rewrite.md?pivots=front-door-standard-premium
         - name: URL redirect
           href: front-door-url-redirect.md?pivots=front-door-standard-premium
+      - name: WebSocket
+        href: standard-premium/websocket.md
       - name: Sensitive data protection
         href: standard-premium/sensitive-data-protection.md
       - name: Understand billing
diff --git a/articles/frontdoor/front-door-diagnostics.md b/articles/frontdoor/front-door-diagnostics.md
@@ -5,7 +5,7 @@ services: frontdoor
 author: duongau
 ms.service: azure-frontdoor
 ms.topic: how-to
-ms.date: 12/19/2023
+ms.date: 11/05/2024
 ms.author: duau
 zone_pivot_groups: front-door-tiers
 ---
@@ -30,14 +30,14 @@ The metrics listed in the following table are recorded and stored free of charge
 |--|--|--|--|
 | Byte Hit Ratio | The percentage of traffic that was served from the Azure Front Door cache, computed against the total egress traffic. The byte hit ratio is  low if most of the traffic is forwarded to the origin rather than served from the cache. <br/><br/> **Byte Hit Ratio** = (egress from edge - egress from origin)/egress from edge. <br/><br/> Scenarios excluded from bytes hit ratio calculations:<ul><li>You explicitly disable caching, either through the Rules Engine or query string caching behavior.</li><li>You explicitly configure a `Cache-Control` directive with the `no-store` or `private` cache directives.</li></ul> | Endpoint | Avg, Min |
 | Origin Health Percentage | The percentage of successful health probes sent from Azure Front Door to origins. | Origin, Origin Group | Avg |
-| Origin Latency | Azure Front Door calculates the time from sending the request to the origin to receiving the last response byte from the origin. | Endpoint, Origin | Avg, Max |
+| Origin Latency | Azure Front Door calculates the time from sending the request to the origin to receiving the last response byte from the origin. WebSocket is excluded from the origin latency.| Endpoint, Origin | Avg, Max |
 | Origin Request Count | The number of requests sent from Azure Front Door to origins. | Endpoint, Origin, HTTP Status, HTTP Status Group | Avg, Sum |
 | Percentage of 4XX | The percentage of all the client requests for which the response status code is 4XX. | Endpoint, Client Country, Client Region | Avg, Max |
 | Percentage of 5XX | The percentage of all the client requests for which the response status code is 5XX. | Endpoint, Client Country, Client Region | Avg, Max |
 | Request Count | The number of client requests served through Azure Front Door, including requests served entirely from the cache. | Endpoint, Client Country, Client Region, HTTP Status, HTTP Status Group | Avg, Sum |
 | Request Size | The number of bytes sent in requests from clients to Azure Front Door. | Endpoint, Client Country, client Region, HTTP Status, HTTP Status Group | Avg, Max |
 | Response Size | The number of bytes sent as responses from Front Door to clients. | Endpoint, client Country, client Region, HTTP Status, HTTP Status Group | Avg, Max |
-| Total Latency | Azure Front Door receives the client request and sends the last response byte to the client. This is the total time taken. | Endpoint, Client Country, Client Region, HTTP Status, HTTP Status Group | Avg, Max |
+| Total Latency | Azure Front Door receives the client request and sends the last response byte to the client. This is the total time taken. For WebSocket, this metric refers to the time it takes to establish the WebSocket connection. | Endpoint, Client Country, Client Region, HTTP Status, HTTP Status Group | Avg, Max |
 | Web Application Firewall Request Count | The number of requests processed by the Azure Front Door web application firewall. | Action, Policy Name, Rule Name | Avg, Sum |
 
 > [!NOTE]
@@ -65,18 +65,18 @@ Information about every request is logged into the access log. Each access log e
 | Property | Description |
 |----------|-------------| 
 | TrackingReference | The unique reference string that identifies a request served by Azure Front Door. The tracking reference is sent to the client and to the origin by using the `X-Azure-Ref` headers. Use the tracking reference when searching for a specific request in the access or WAF logs. |
-| Time | The date and time when the Azure Front Door edge delivered requested contents to client (in UTC). |
+| Time | The date and time when the Azure Front Door edge delivered requested contents to client (in UTC). For WebSocket connections, the time represents when the connection gets closed. |
 | HttpMethod | HTTP method used by the request: DELETE, GET, HEAD, OPTIONS, PATCH, POST, or PUT. |
 | HttpVersion | The HTTP version that the client specified in the request. |
 | RequestUri | The URI of the received request. This field contains the full scheme, port, domain, path, and query string. |
 | HostName | The host name in the request from client. If you enable custom domains and have wildcard domain (`*.contoso.com`), the HostName log field's value is `subdomain-from-client-request.contoso.com`. If you use the Azure Front Door domain (`contoso-123.z01.azurefd.net`), the HostName log field's value is `contoso-123.z01.azurefd.net`. |
-| RequestBytes | The size of the HTTP request message in bytes, including the request headers and the request body. |
-| ResponseBytes | The size of the HTTP response message in bytes. |
+| RequestBytes | The size of the HTTP request message in bytes, including the request headers and the request body. For WebSocket connections, this is the total number of bytes sent from the client to the server through the connection.|
+| ResponseBytes | The size of the HTTP response message in bytes. For WebSocket connections, this is the total number of bytes sent from the server to the client through the connection.|
 | UserAgent | The user agent that the client used. Typically, the user agent identifies the browser type. |
 | ClientIp | The IP address of the client that made the original request. If there was an `X-Forwarded-For` header in the request, then the client IP address is taken from the header. |
 | SocketIp | The IP address of the direct connection to the Azure Front Door edge. If the client used an HTTP proxy or a load balancer to send the request, the value of SocketIp is the IP address of the proxy or load balancer. |
-| timeTaken | The length of time from when the Azure Front Door edge received the client's request to the time that Azure Front Door sent the last byte of the response to the client, in seconds. This field doesn't take into account network latency and TCP buffering. |
-| RequestProtocol | The protocol that the client specified in the request. Possible values include: **HTTP**, **HTTPS**. |
+| TimeTaken | The duration from when the Azure Front Door edge received the client's request to when the last byte of the response was sent to the client, measured in seconds. This metric excludes network latency and TCP buffering. For WebSocket connections, it represents the connection duration from establishment to closure. |
+| RequestProtocol | The protocol specified by the client in the request. Possible values include: **HTTP**, **HTTPS**. For WebSocket, the protocols are **WS**, **WSS**. Only requests that successfully upgrade to WebSocket will have WS/WSS. |
 | SecurityProtocol | The TLS/SSL protocol version used by the request, or null if the request didn't use encryption. Possible values include: **SSLv3**, **TLSv1**, **TLSv1.1**, **TLSv1.2**. |
 | SecurityCipher | When the value for the request protocol is HTTPS, this field indicates the TLS/SSL cipher negotiated by the client and Azure Front Door. |
 | Endpoint | The domain name of the Azure Front Door endpoint, such as `contoso-123.z01.azurefd.net`. |
@@ -253,7 +253,7 @@ Front Door currently provides diagnostic logs. Diagnostic logs provide individua
 | TimeTaken | The length of time from first byte of request into Front Door to last byte of response out, in seconds. |
 | TrackingReference | The unique reference string that identifies a request served by Front Door, also sent as X-Azure-Ref header to the client. Required for searching details in the access logs for a specific request. |
 | UserAgent | The browser type that the client used. |
-| ErrorInfo | This field contains the specific type of error for further troubleshooting. </br> Possible values include: </br> **NoError**: Indicates no error was found. </br> **CertificateError**: Generic SSL certificate error.</br> **CertificateNameCheckFailed**: The host name in the SSL certificate is invalid or doesn't match. </br> **ClientDisconnected**: Request failure because of client network connection. </br> **UnspecifiedClientError**: Generic client error. </br> **InvalidRequest**: Invalid request. It might occur because of malformed header, body, and URL. </br> **DNSFailure**: DNS Failure. </br> **DNSNameNotResolved**: The server name or address couldn't be resolved. </br> **OriginConnectionAborted**: The connection with the origin was stopped abruptly. </br> **OriginConnectionError**: Generic origin connection error. </br> **OriginConnectionRefused**: The connection with the origin wasn't able to established. </br> **OriginError**: Generic origin error. </br> **OriginInvalidResponse**: Origin returned an invalid or unrecognized response. </br> **OriginTimeout**: The timeout period for origin request expired. </br> **ResponseHeaderTooBig**: The origin returned too large of a response header. </br> **RestrictedIP**: The request was blocked because of restricted IP. </br> **SSLHandshakeError**: Unable to establish connection with origin because of SSL hand shake failure. </br> **UnspecifiedError**: An error occurred that didn’t fit in any of the errors in the table. </br> **SSLMismatchedSNI**:The request was invalid because the HTTP message header didn't match the value presented in the TLS SNI extension during SSL/TLS connection setup.|
+| ErrorInfo | This field contains the specific type of error for further troubleshooting. </br> Possible values include: </br> **NoError**: Indicates no error was found. </br> **CertificateError**: Generic SSL certificate error.</br> **CertificateNameCheckFailed**: The host name in the SSL certificate is invalid or doesn't match. </br> **ClientDisconnected**: Request failure because of client network connection. </br> **UnspecifiedClientError**: Generic client error. </br> **InvalidRequest**: Invalid request. It might occur because of malformed header, body, and URL. </br> **DNSFailure**: DNS Failure. </br> **DNSNameNotResolved**: The server name or address couldn't be resolved. </br> **OriginConnectionAborted**: The connection with the origin was stopped abruptly. </br> **OriginConnectionError**: Generic origin connection error. </br> **OriginConnectionRefused**: The connection with the origin wasn't able to established. </br> **OriginError**: Generic origin error. </br> **OriginInvalidResponse**: Origin returned an invalid or unrecognized response. </br> **OriginTimeout**: The timeout period for origin request expired. </br> **ResponseHeaderTooBig**: The origin returned too large of a response header. </br> **RestrictedIP**: The request was blocked because of restricted IP. </br> **SSLHandshakeError**: Unable to establish connection with origin because of SSL hand shake failure. </br> **UnspecifiedError**: An error occurred that didn’t fit in any of the errors in the table. </br> **SSLMismatchedSNI**: The request was invalid because the HTTP message header didn't match the value presented in the TLS SNI extension during SSL/TLS connection setup.|
 | Result | `SSLMismatchedSNI` is a status code that signifies a successful request with a mismatch warning between the SNI and the host header. This status code implies domain fronting, a technique that violates Azure Front Door’s terms of service. Requests with `SSLMismatchedSNI` will be rejected after January 22, 2024.|
 | Sni | This field specifies the Server Name Indication (SNI) that is sent during the TLS/SSL handshake. It can be used to identify the exact SNI value if there was a `SSLMismatchedSNI` status code. Additionally, it can be compared with the host value in the `requestUri` field to detect and resolve the mismatch issue. |
 
diff --git a/articles/frontdoor/standard-premium/websocket.md b/articles/frontdoor/standard-premium/websocket.md
