Merge pull request #283851 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: PhilKang0704

articles/application-gateway/configuration-frontend-ip.md

@@ -38,9 +38,6 @@ A frontend IP address is associated to a *listener*, which checks for incoming r
 
 You can create private and public listeners with the same port number. However, be aware of any network security group (NSG) associated with the Application Gateway subnet. Depending on your NSG's configuration, you might need an allow-inbound rule with **Destination IP addresses** as your application gateway's public and private frontend IPs. When you use the same port, your application gateway changes the **Destination** of the inbound flow to the frontend IPs of your gateway.
 
-> [!NOTE]
-> Currently, the use of the same port number for public and private TCP/TLS protocol or IPv6 listeners is not supported.
-
  **Inbound rule**:
 
 - **Source**: According to your requirement

articles/application-gateway/ingress-controller-autoscale-pods.md

@@ -30,9 +30,9 @@ Use following two components:
 1. First, create a Microsoft Entra service principal and assign it `Monitoring Reader` access over Application Gateway's resource group.
 
     ```azurecli
-        applicationGatewayGroupName="<application-gateway-group-id>"
-        applicationGatewayGroupId=$(az group show -g $applicationGatewayGroupName -o tsv --query "id")
-        az ad sp create-for-rbac -n "azure-k8s-metric-adapter-sp" --role "Monitoring Reader" --scopes applicationGatewayGroupId
+    applicationGatewayGroupName="<application-gateway-group-id>"
+    applicationGatewayGroupId=$(az group show -g $applicationGatewayGroupName -o tsv --query "id")
+    az ad sp create-for-rbac -n "azure-k8s-metric-adapter-sp" --role "Monitoring Reader" --scopes applicationGatewayGroupId
     ```
 
 1. Now, deploy the [`Azure Kubernetes Metric Adapter`](https://github.com/Azure/azure-k8s-metrics-adapter) using the Microsoft Entra service principal created previously.
@@ -98,7 +98,7 @@ In following example, we target a sample deployment `aspnet`. We scale up Pods w
 
 Replace your target deployment name and apply the following auto scale configuration:
 ```yaml
-apiVersion: autoscaling/v2beta1
+apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
   name: deployment-scaler

articles/azure-monitor/app/opentelemetry-configuration.md

@@ -627,20 +627,60 @@ useAzureMonitor(options);
 
 ### [Python](#tab/python)
 
+Azure Monitor OpenTelemetry Distro for Python support the credential classes provided by [Azure Identity](https://github.com/Azure/azure-sdk-for-js/tree/master/sdk/identity/identity#credential-classes).
+
+- We recommend `DefaultAzureCredential` for local development.
+- We recommend `ManagedIdentityCredential` for system-assigned and user-assigned managed identities.
+  - For system-assigned, use the default constructor without parameters.
+  - For user-assigned, provide the `client_id` to the constructor.
+- We recommend `ClientSecretCredential` for service principals.
+  - Provide the tenant ID, client ID, and client secret to the constructor.
+
+If using `ManagedIdentityCredential`
 ```python
 # Import the `ManagedIdentityCredential` class from the `azure.identity` package.
 from azure.identity import ManagedIdentityCredential
 # Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package.
 from azure.monitor.opentelemetry import configure_azure_monitor
+from opentelemetry import trace
 
 # Configure the Distro to authenticate with Azure Monitor using a managed identity credential.
+credential = ManagedIdentityCredential(client_id="<client_id>")
 configure_azure_monitor(
     connection_string="your-connection-string",
-    credential=ManagedIdentityCredential(),
+    credential=credential,
 )
 
+tracer = trace.get_tracer(__name__)
+
+with tracer.start_as_current_span("hello with aad managed identity"):
+    print("Hello, World!")
+
 ```
 
+If using `ClientSecretCredential`
+```python
+# Import the `ClientSecretCredential` class from the `azure.identity` package.
+from azure.identity import ClientSecretCredential
+# Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package.
+from azure.monitor.opentelemetry import configure_azure_monitor
+from opentelemetry import trace
+
+# Configure the Distro to authenticate with Azure Monitor using a client secret credential.
+credential = ClientSecretCredential(
+    tenant_id="<tenant_id",
+    client_id="<client_id>",
+    client_secret="<client_secret>",
+)
+configure_azure_monitor(
+    connection_string="your-connection-string",
+    credential=credential,
+)
+
+with tracer.start_as_current_span("hello with aad client secret identity"):
+    print("Hello, World!")
+
+```
 ---
 
 ## Offline Storage and Automatic Retries

articles/container-apps/health-probes.md

@@ -164,9 +164,6 @@ The optional `failureThreshold` setting defines the number of attempts Container
 
 If ingress is enabled, the following default probes are automatically added to the main app container if none is defined for each type.
 
-> [!NOTE]
-> Default probes are currently not applied on workload profile environments when using the Consumption plan. This behavior may change in the future.
-
 | Probe type | Default values |
 | -- | -- |
 | Startup | Protocol: TCP<br>Port: ingress target port<br>Timeout: 3 seconds<br>Period: 1 second<br>Initial delay: 1 second<br>Success threshold: 1<br>Failure threshold: 240 |

articles/operator-nexus/howto-platform-prerequisites.md

@@ -378,22 +378,35 @@ ogcli update port "port-<PORT_#>"  label=\"<NEW_NAME>\"	<PORT_#>
 | NEW_NAME        | Port label name             |
 | PORT_#          | Terminal Server port number |
 
+
 ### Step 9: Settings required for PURE Array serial connections
 
-For configuring PURE Array serial connections, use the following commands:
+Pure Storage arrays purchased prior to 2024 have revision R3 controllers which use rollover console cables and require the custom serial port connection commands below:
 
+**Pure Stoarge R3 Controllers:**
 ```bash
 ogcli update port ports-<PORT_#> 'baudrate="115200"' <PORT_#> Pure Storage Controller console
 ogcli update port ports-<PORT_#> 'pinout="X1"' <PORT_#>	Pure Storage Controller console
 ```
 
+Newer Pure Storage appliances, and systems upgraded from R3 to R4 Pure Storage controllers, will use straight-through console cables with the updated settings below:
+
+**Pure Storage R4 Controllers:**
+```bash
+ogcli update port ports-<PORT_#> 'baudrate="115200"' <PORT_#> Pure Storage Controller console
+ogcli update port ports-<PORT_#> 'pinout="X2"' <PORT_#>	Pure Storage Controller console
+```
+
 **Parameters:**
 
 | Parameter Name  | Description                 |
 | ----------------| --------------------------- |
 | PORT_#          | Terminal Server port number |
 
-These commands set the baudrate and pinout for connecting to the Pure Storage Controller console.
+These commands set the baud rate and pinout for connecting to the Pure Storage Controller console.
+
+>[!NOTE]
+>All other Terminal Server port configurations settings should remain the same and work by default with a straight-through RJ45 console cable.
 
 ### Step 10: Verifying settings
 

articles/postgresql/flexible-server/generative-ai-recommendation-system.md

@@ -17,7 +17,7 @@ ms.custom:
 
 [!INCLUDE [applies-to-postgresql-flexible-server](~/reusable-content/ce-skilling/azure/includes/postgresql/includes/applies-to-postgresql-flexible-server.md)]
 
-This hands-on tutorial shows you how to build a recommender application using Azure Database for PostgreSQL flexible server and Azure OpenAI service. Recommendations have applications in different domains – service providers frequently tend to provide recommendations for products and services they offer based on prior history and contextual information collected from the customer and environment. 
+This hands-on tutorial shows you how to build a recommender application using Azure Database for PostgreSQL flexible server and Azure OpenAI Service. Recommendations have applications in different domains – service providers frequently tend to provide recommendations for products and services they offer based on prior history and contextual information collected from the customer and environment. 
 
 There are different ways to model recommendation systems. This article explores the simplest form – recommendation based one product corresponding to, say, a prior purchase. This tutorial uses the recipe dataset used in the [Semantic Search](./generative-ai-semantic-search.md) article and the recommendation is for recipes based on a recipe a customer liked or searched for before.
 
@@ -27,7 +27,7 @@ There are different ways to model recommendation systems. This article explores
 1. Grant access to Azure OpenAI in the desired subscription.
 1. Grant permissions to [create Azure OpenAI resources and to deploy models](../../ai-services/openai/how-to/role-based-access-control.md).
 
-[Create and deploy an Azure OpenAI service resource and a model](../../ai-services/openai/how-to/create-resource.md), deploy the embeddings model [text-embedding-ada-002](../../ai-services/openai/concepts/models.md#embeddings-models). Copy the deployment name as it is needed to create embeddings.
+[Create and deploy an Azure OpenAI Service resource and a model](../../ai-services/openai/how-to/create-resource.md), deploy the embeddings model [text-embedding-ada-002](../../ai-services/openai/concepts/models.md#embeddings-models). Copy the deployment name as it is needed to create embeddings.
 
 ## Enable the `azure_ai` and `pgvector` extensions
 

articles/security/fundamentals/customer-lockbox-alternative-email.md

@@ -8,12 +8,12 @@ ms.author: mbaldwin
 ms.date: 03/15/2024
 ---
 
-# Customer Lockbox for Microsoft Azure alternate email notifications (public preview)
+# Customer Lockbox for Microsoft Azure alternate email notifications
 
 > [!NOTE]
 > To use this feature, your organization must have an [Azure support plan](https://azure.microsoft.com/support/plans/) with a minimal level of **Developer**.
 
-Customer Lockbox for Microsoft Azure is launching a new feature that enables customers to use alternate email IDs for getting Customer Lockbox notifications. This enables Customer Lockbox for Microsoft Azure customers to receive notifications in scenarios where their Azure account is not email enabled or if they have a service principal defined as the tenant admin or subscription owner.
+Alternate email notification feature enables customers to use alternate email IDs for getting Customer Lockbox notifications. This enables Customer Lockbox for Microsoft Azure customers to receive notifications in scenarios where their Azure account is not email enabled or if they have a service principal defined as the tenant admin or subscription owner.
 
 > [!IMPORTANT]
 > This feature only enables Customer Lockbox notifications to be sent to alternate email IDs. It does not enable alternate users to act as approvers for Customer Lockbox requests.
@@ -70,4 +70,4 @@ Here are the known issues with this feature:
 ## Next steps
 
 - [Customer Lockbox for Microsoft Azure](customer-lockbox-overview.md)
-- [Customer Lockbox for Microsoft Azure frequently asked questions](customer-lockbox-faq.yml)
+- [Customer Lockbox for Microsoft Azure frequently asked questions](customer-lockbox-faq.yml)

articles/virtual-machines/linux/azure-dns.md

@@ -54,7 +54,7 @@ Along with resolution of public DNS names, Azure provides internal name resoluti
     Names must use only 0-9, a-z, and '-', and they can't start or end with a '-'. See RFC 3696 Section 2.
 * DNS query traffic is throttled for each virtual machine. Throttling shouldn't impact most applications.  If request throttling is observed, ensure that client-side caching is enabled.  For more information, see [Getting the most from name resolution that Azure provides](#getting-the-most-from-name-resolution-that-azure-provides).
 
-### Getting the most from name resolution that Azure provides\
+### Getting the most from name resolution that Azure provides
 
 **Client-side caching:**