Merge pull request #292387 from MicrosoftDocs/main

12/24 AM Publish

Author: Saisang

articles/active-directory-b2c/custom-policy-reference-sso.md

@@ -52,7 +52,7 @@ The following table shows which session provider to use depending on the type of
 |Session provider  |Applicable technical profile types| Purpose |Write claims|Read claims|
 |---------|---------|---------|---------|---------|
 |[DefaultSSOSessionProvider](#defaultssosessionprovider)  | [Self-asserted](self-asserted-technical-profile.md), [Microsoft Entra ID](active-directory-technical-profile.md), [Microsoft Entra multifactor authentication](multi-factor-auth-technical-profile.md), [Claims transformation](claims-transformation-technical-profile.md)| Skips technical profile execution.| Yes | Yes |
-|[ExternalLoginSSOSessionProvider](#externalloginssosessionprovider) | [OAuth1 identity provider](oauth1-technical-profile.md), [Oauth2 identity provider](oauth2-technical-profile.md), [OpenID Connect identity provider](openid-connect-technical-profile.md), [SAML identity provider](saml-identity-provider-technical-profile.md)| Accelerate identity provider selection page. Performing single-logout.|Yes|Yes|
+|[ExternalLoginSSOSessionProvider](#externalloginssosessionprovider) | [OAuth1 identity provider](oauth1-technical-profile.md), [OAuth2 identity provider](oauth2-technical-profile.md), [OpenID Connect identity provider](openid-connect-technical-profile.md), [SAML identity provider](saml-identity-provider-technical-profile.md)| Accelerate identity provider selection page. Performing single-logout.|Yes|Yes|
 |[OAuthSSOSessionProvider](#oauthssosessionprovider) |[JWT token issuer](jwt-issuer-technical-profile.md) | Manages session between OAuth2 or OpenId Connect relying party and Azure AD B2C. Performs single-logout. | No | No |
 |[SamlSSOSessionProvider](#samlssosessionprovider) | [SAML token issuer](saml-issuer-technical-profile.md) | Manages session between SAML relying party and Azure AD B2C. Performs single-logout. | No | No |
 |[NoopSSOSessionProvider](#noopssosessionprovider) |Any| Suppress any technical profile from being part of the session.| No | No |

articles/active-directory-b2c/oauth2-error-technical-profile.md

@@ -102,7 +102,7 @@ Use these steps to generate custom values of error code and error message:
     </ClaimsTransformations> -->
     ```
 
-1. Add the two claims transformations in the `OutputClaimsTransformations` element of any technical profile before Oauth2 technical that you define:
+1. Add the two claims transformations in the `OutputClaimsTransformations` element of any technical profile before OAuth2 technical that you define:
 
     ```xml
         <OutputClaimsTransformations>
@@ -160,7 +160,7 @@ In the following example:
 </UserJourney>
 ```
 
-Optionally, you can use preconditions to manipulate the Oauth2 error technical profile. For example, if there is no email claim, you can set to call Oauth2 error technical profile:
+Optionally, you can use preconditions to manipulate the OAuth2 error technical profile. For example, if there is no email claim, you can set to call OAuth2 error technical profile:
 
 ```xml
 <OrchestrationStep Order="3" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="ReturnOAuth2Error">

articles/active-directory-b2c/secure-rest-api.md

@@ -243,7 +243,7 @@ Authorization: Bearer <token>
 
 A bearer token is an opaque string. It can be a JWT access token or any string that the REST API expects Azure AD B2C to send in the authorization header. Azure AD B2C supports the following types:
 
-- **Bearer token**. To be able to send the bearer token in the Restful technical profile, your policy needs to first acquire the bearer token and then use it in the RESTful technical profile.  
+- **Bearer token**. To be able to send the bearer token in the RESTful technical profile, your policy needs to first acquire the bearer token and then use it in the RESTful technical profile.  
 - **Static bearer token**. Use this approach when your REST API issues a long-term access token. To use a static bearer token, create a policy key and make a reference from the RESTful technical profile to your policy key. 
 
 ## Using OAuth2 Bearer  
@@ -587,5 +587,5 @@ The following XML snippet is an example of a RESTful technical profile configure
 ::: zone-end
 
 ::: zone pivot="b2c-custom-policy"
-- Learn more about the [Restful technical profile](restful-technical-profile.md) element in the custom policy reference.
+- Learn more about the [RESTful technical profile](restful-technical-profile.md) element in the custom policy reference.
 ::: zone-end

articles/api-management/howto-protect-backend-frontend-azure-ad-b2c.md

@@ -62,7 +62,7 @@ Here's a quick overview of the steps:
 1. Build the Function API
 1. Configure the Function API to enable EasyAuth with the new Azure AD B2C Client IDs and Keys and lock down to APIM VIP
 1. Build the API Definition in API Management
-1. Set up Oauth2 for the API Management API configuration
+1. Set up OAuth2 for the API Management API configuration
 1. Set up the **CORS** policy and add the **validate-jwt** policy to validate the OAuth token for every incoming request
 1. Build the calling application to consume the API
 1. Upload the JS SPA Sample
@@ -221,7 +221,7 @@ You'll need to add CIDR formatted blocks of addresses to the IP restrictions pan
 1. Click Browse, choose the function app you're hosting the API inside, and click select. Next, click select again.
 1. Give the API a name and description for API Management's internal use and add it to the ‘unlimited’ Product.
 1. Copy and record the API's 'base URL' and click 'create'.
-1. Click the 'settings' tab, then under subscription - switch off the 'Subscription Required' checkbox as we'll use the Oauth JWT token in this case to rate limit. Note that if you're using the consumption tier, this would still be required in a production environment.
+1. Click the 'settings' tab, then under subscription - switch off the 'Subscription Required' checkbox as we'll use the OAuth JWT token in this case to rate limit. Note that if you're using the consumption tier, this would still be required in a production environment.
 
    > [!TIP]
    > If using the consumption tier of APIM the unlimited product won't be available as an out of the box. Instead, navigate to "Products" under "APIs" and hit "Add".

articles/app-service/includes/quickstart-java/quickstart-java-linux-maven-pivot.md

@@ -103,7 +103,7 @@ If you see a message about being in **detached HEAD** state, this message is saf
 > [!TIP]
 > The Maven plugin supports **Java 17** and **Tomcat 10.0**. For more information about latest support, see [Java 17 and Tomcat 10.0 are available on Azure App Service](https://devblogs.microsoft.com/java/java-17-and-tomcat-10-0-available-on-azure-app-service/).
 
-The deployment process to Azure App Service uses your Azure credentials from the Azure CLI automatically. If the Azure CLI isn't installed locally, then the Maven plugin authenticates with Oauth or device sign-in. For more information, see [authentication with Maven plugins](https://github.com/microsoft/azure-maven-plugins/wiki/Authentication).
+The deployment process to Azure App Service uses your Azure credentials from the Azure CLI automatically. If the Azure CLI isn't installed locally, then the Maven plugin authenticates with OAuth or device sign-in. For more information, see [authentication with Maven plugins](https://github.com/microsoft/azure-maven-plugins/wiki/Authentication).
 
 Run the Maven command shown next to configure the deployment. This command helps you to set up the App Service operating system, Java version, and Tomcat version.
 

articles/app-service/includes/quickstart-java/quickstart-java-windows-maven-pivot.md

@@ -77,7 +77,7 @@ JBoss EAP is only available on the Linux version of App Service. Select the **Li
 > The Maven plugin supports **Java 17** and **Tomcat 10.0**. For more information about latest support, see [Java 17 and Tomcat 10.0 are available on Azure App Service](https://devblogs.microsoft.com/java/java-17-and-tomcat-10-0-available-on-azure-app-service/).
 
 
-The deployment process to Azure App Service uses your Azure credentials from the Azure CLI automatically. If the Azure CLI isn't installed locally, then the Maven plugin authenticates with Oauth or device sign-in. For more information, see [authentication with Maven plugins](https://github.com/microsoft/azure-maven-plugins/wiki/Authentication).
+The deployment process to Azure App Service uses your Azure credentials from the Azure CLI automatically. If the Azure CLI isn't installed locally, then the Maven plugin authenticates with OAuth or device sign-in. For more information, see [authentication with Maven plugins](https://github.com/microsoft/azure-maven-plugins/wiki/Authentication).
 
 Run the following Maven command to configure the deployment. This command helps you set up the App Service operating system, Java version, and Tomcat version.
 

articles/automation/start-runbooks.md

@@ -16,7 +16,7 @@ The following table helps you determine the method to start a runbook in Azure A
 | --- | --- |
 | [Azure portal](#start-a-runbook-with-the-azure-portal) |<li>Simplest method with interactive user interface.<br> <li>Form to provide simple parameter values.<br> <li>Easily track job state.<br> <li>Access authenticated with Azure sign in. |
 | [Windows PowerShell](/powershell/module/az.automation/start-azautomationrunbook) |<li>Call from command line with Windows PowerShell cmdlets.<br> <li>Can be included in automated feature with multiple steps.<br> <li>Request is authenticated with certificate or OAuth user principal / service principal.<br> <li>Provide simple and complex parameter values.<br> <li>Track job state.<br> <li>Client required to support PowerShell cmdlets. |
-| [Azure Automation API](/rest/api/automation/) |<li>Most flexible method but also most complex.<br> <li>Call from any custom code that can make HTTP requests.<br> <li>Request authenticated with certificate, or Oauth user principal / service principal.<br> <li>Provide simple and complex parameter values. *If you're calling a Python runbook using the API, the JSON payload must be serialized.*<br> <li>Track job state. |
+| [Azure Automation API](/rest/api/automation/) |<li>Most flexible method but also most complex.<br> <li>Call from any custom code that can make HTTP requests.<br> <li>Request authenticated with certificate, or OAuth user principal / service principal.<br> <li>Provide simple and complex parameter values. *If you're calling a Python runbook using the API, the JSON payload must be serialized.*<br> <li>Track job state. |
 | [Webhooks](automation-webhooks.md) |<li>Start runbook from single HTTP request.<br> <li>Authenticated with security token in URL.<br> <li>Client can't override parameter values specified when webhook created. Runbook can define single parameter that is populated with the HTTP request details.<br> <li>No ability to track job state through webhook URL. |
 | [Respond to Azure Alert](/azure/azure-monitor/alerts/alerts-overview) |<li>Start a runbook in response to Azure alert.<br> <li>Configure webhook for runbook and link to alert.<br> <li>Authenticated with security token in URL. |
 | [Schedule](./shared-resources/schedules.md) |<li>Automatically start runbook on hourly, daily, weekly, or monthly schedule.<br> <li>Manipulate schedule through Azure portal, PowerShell cmdlets, or Azure API.<br> <li>Provide parameter values to be used with schedule. |

articles/backup/azure-kubernetes-service-cluster-restore.md

@@ -6,7 +6,7 @@ ms.service: azure-backup
 ms.custom:
   - ignite-2023
   - ignite-2024
-ms.date: 12/29/2023
+ms.date: 11/19/2024
 author: AbhishekMallick-MS
 ms.author: v-abhmallick
 ---

articles/backup/backup-blobs-storage-account-ps.md

@@ -3,7 +3,7 @@ title: Back up Azure blobs within a storage account using Azure PowerShell
 description: Learn how to back up all Azure blobs within a storage account using Azure PowerShell.
 ms.topic: how-to
 ms.custom: devx-track-azurepowershell
-ms.date: 11/27/2024
+ms.date: 12/27/2024
 author: AbhishekMallick-MS
 ms.author: v-abhmallick
 ---
@@ -156,7 +156,96 @@ To update the backup instance, run the following cmdlets:
 
 1. Change the policy used for backing up the Azure Blobs by using the [Update-AzDataProtectionBackupInstance](/powershell/module/az.dataprotection/update-azdataprotectionbackupinstance?view=azps-13.0.0&preserve-view=true). Specify the relevant backup item and the new backup policy.
 
+1. Update the policy or the new containers to existing backup items.
 
-## Next steps
+   1. Create the storage account context by using the `New-AzStorageContext` cmdlet. Provide the `-UseConnectedAccount` parameter so that data operations are performed using your Microsoft Entra credentials. Learn more [about the storage account commands](/azure/storage/blobs/blob-containers-powershell#list-containers). 
+
+      ```azurepowershell
+      Create a context object using Azure AD credentials
+      $ctx = New-AzStorageContext -StorageAccountName xxx -UseConnectedAccount 
+
+      ```
+
+   1. Retrieve the storage containers using the `Get-AzStorageContainer` cmdlet. To retrieve a single container, provide the `-Name` parameter. To return a list of containers that begins with a given character string, specify a value for the `-Prefix` parameter.
+
+   The following example retrieves both an individual container and a list of container resources:
+
+      ```azurepowershell
+
+
+      # Create variables
+      $containerName  = "individual-container"
+      $prefixName     = "loop-"
+
+      # Approach 1: Retrieve an individual container
+      Get-AzStorageContainer -Name $containerName -Context $ctx
+      Write-Host
+
+      # Approach 2: Retrieve a list of containers
+      $targetContainers = Get-AzStorageContainer -Context $ctx | Where-Object { $_.Name -match "cont" } 
+      ```
+
+      The result provides the URI of the blob endpoint and lists the containers retrieved by name and prefix:
+
+      ```
+      Storage Account Name: demostorageaccount
+      
+      Name                 PublicAccess         LastModified                   IsDeleted  VersionId        
+      ----                 ------------         ------------                   ---------  ---------        
+      individual-container                      11/2/2021 5:52:08 PM +00:00                                
+      
+      loop-container1                           11/2/2021 12:22:00 AM +00:00                               
+      loop-container2                           11/2/2021 12:22:00 AM +00:00                               
+
+      loop-container1                           11/2/2021 12:22:00 AM +00:00                               
+      loop-container2                           11/2/2021 12:22:00 AM +00:00
+      loop-container3                           11/2/2021 12:22:00 AM +00:00   True       01D7E7129FDBD7D4
+      loop-container4                           11/2/2021 12:22:00 AM +00:00   True       01D7E8A5EF01C787 
+      ```
+
+   1. Fetch the backup instance that needs to be updated.
+
+         ```azurepowershell
+         C:\Users\dapatil> $instance = Search-AzDataProtectionBackupInstanceInAzGraph -Subscription "Demosub" -ResourceGroup Demo-BCDR-RG -Vault BCDR-BV-EastUS -DatasourceType AzureBlob
+         PS C:\Users\dapatil> $instance
+                        Output
+         Name                                                                     BackupInstanceName
+         ----                                                                     ------------------
+         blobsa-blobsa-c7325e08-980d-43b2-863f-68feee4fd03c               blobsa-blobsa-c7325e08-980d-43b2-863f-68feee4fd03c
+         blobsavaulted-blobsavaulted-40c36519-f422-45aa-bbeb-3f0eedb440c7 blobsavaulted-blobsavaulted-40c36519-f422-45aa-bbeb-3f0eedb440c7
+         testdpp-testdpp-ff4254dd-7a70-437b-9a10-8c0d2223d037                     testdpp-testdpp-ff4254dd-7a70-437b-9a10-8c0d2223d037
+
+         ```
+
+   1. Fetch the backup policy with the name of vaulted-policy that you want to update in Backup Instance. You can also fetch the new policy that needs to be updated in Backup Instance.
+
+         ```azurepowershell
+         $updatePolicy = Get-AzDataProtectionBackupPolicy -SubscriptionId "Demosub" -VaultName BCDR-BV-EastUS -ResourceGroupName Demo-BCDR-RG -name continer-1
+         ```
+
+   1. Update the backup instance with new list of container (the existing backed up containers & new containers).       
+
+         ```azurepowershell
+         PS C:\Users\dapatil> $updateBI = Update-AzDataProtectionBackupInstance -ResourceGroupName Daya-BCDR-RG -VaultName DPBCDR-BV-EastUS -BackupInstanceName $instance[0].Name -SubscriptionId "ef4ab5a7-c2c0-4304-af80-af49f48af3d1"  -PolicyId $updatePolicy.id -VaultedBackupContainer $targetContainers.name
+         
+         
+         PS C:\Users\dapatil> $updateBI.Property.PolicyInfo.PolicyId
+         /subscriptions/ef4ab5a7-c2c0-4304-af80-af49f48af3d1/resourceGroups/Daya-BCDR-RG/providers/Microsoft.DataProtection/backupVaults/DPBCDR-BV-EastUS/backupPolicies/continerdeltest-1
+         PS C:\Users\dapatil> $updateBI.Property.PolicyInfo.PolicyParameter.BackupDatasourceParametersList[0].ContainersList
+         cont-01
+         cont-02
+         cont-03
+         cont-04
+         cont-05
+         cont-06
+         cont-07
+         cont-08
+         cont-09
+         cont-10
+         cont-11
+         ```
+
+
+##  Next steps
 
 [Restore Azure blobs using Azure PowerShell](restore-blobs-storage-account-ps.md)

articles/backup/backup-client-automation.md

@@ -2,7 +2,8 @@
 title: Use PowerShell to back up Windows Server to Azure
 description: In this article, learn how to use PowerShell to set up Azure Backup on Windows Server or a Windows client, and manage backup and recovery.
 ms.topic: how-to
-ms.date: 08/29/2023
+ms.date: 12/10/2024
+ms.service: azure-backup
 ms.custom: devx-track-azurepowershell, has-azure-ad-ps-ref, engagement-fy24
 author: AbhishekMallick-MS
 ms.author: v-abhmallick