Merge pull request #280239 from MicrosoftDocs/repo_sync_working_branch

Taojunshen · web-flow · commit f1a21d7a9f79 · 2024-07-09T00:51:21.000+08:00
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)
diff --git a/articles/ai-studio/how-to/develop/index-build-consume-sdk.md b/articles/ai-studio/how-to/develop/index-build-consume-sdk.md
@@ -268,7 +268,7 @@ from azure.ai.ml.entities import LocalSource
 
 input_source=LocalSource(input_data="<path-to-your-local-files>")
 
-# Github repository
+# GitHub repository
 from azure.ai.ml.entities import GitSource
 
 input_source=GitSource(
diff --git a/articles/automation/source-control-integration.md b/articles/automation/source-control-integration.md
@@ -42,7 +42,7 @@ Azure Automation supports three types of source control:
 > Azure Automation Run As Account will retire on **September 30, 2023** and will be replaced with Managed Identities. Before that date, you need to [migrate from a Run As account to Managed identities](migrate-run-as-accounts-managed-identity.md).
 
 > [!NOTE]
-> According to [this](/azure/devops/organizations/accounts/change-application-access-policies#application-connection-policies) Azure DevOps documentation, **Third-party application access via OAuth** policy is defaulted to **off** for all new organizations. So if you try to configure source control in Azure Automation with **Azure Devops (Git)** as source control type without enabling **Third-party application access via OAuth** under Policies tile of Organization Settings in Azure DevOps then you might get **SourceControl securityToken is invalid** error. Hence to avoid this error, make sure you first enable **Third-party application access via OAuth** under Policies tile of Organization Settings in Azure DevOps. 
+> According to [this](/azure/devops/organizations/accounts/change-application-access-policies#application-connection-policies) Azure DevOps documentation, **Third-party application access via OAuth** policy is defaulted to **off** for all new organizations. So if you try to configure source control in Azure Automation with **Azure DevOps (Git)** as source control type without enabling **Third-party application access via OAuth** under Policies tile of Organization Settings in Azure DevOps then you might get **SourceControl securityToken is invalid** error. Hence to avoid this error, make sure you first enable **Third-party application access via OAuth** under Policies tile of Organization Settings in Azure DevOps. 
 
 ## Configure source control
 
diff --git a/articles/container-apps/azure-pipelines.md b/articles/container-apps/azure-pipelines.md
@@ -91,7 +91,7 @@ Take the following steps to configure an Azure DevOps pipeline to deploy to Azur
 | Requirement  | Instructions |
 |--|--|
 | Azure account | If you don't have one, [create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). You need the *Contributor* or *Owner* permission on the Azure subscription to proceed. Refer to [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.yml?tabs=current) for details. |
-| Azure Devops project | Go to [Azure DevOps](https://azure.microsoft.com/services/devops/) and select *Start free*. Then create a new project. |
+| Azure DevOps project | Go to [Azure DevOps](https://azure.microsoft.com/services/devops/) and select *Start free*. Then create a new project. |
 | Azure CLI | Install the [Azure CLI](/cli/azure/install-azure-cli).|
 
 ### Create an Azure DevOps repository and clone the source code
diff --git a/articles/defender-for-cloud/defender-for-devops-introduction.md b/articles/defender-for-cloud/defender-for-devops-introduction.md
@@ -40,7 +40,7 @@ Here, you can add [Azure DevOps](quickstart-onboard-devops.md), [GitHub](quickst
 
 The DevOps inventory table allows you to review onboarded DevOps resources and the security information related to them.
 
-:::image type="content" source="media/defender-for-devops-introduction/inventory-grid.png" alt-text="Screenshot that shows the Devops inventory table on the DevOps security overview page." lightbox="media/defender-for-devops-introduction/bottom-of-page.png":::
+:::image type="content" source="media/defender-for-devops-introduction/inventory-grid.png" alt-text="Screenshot that shows the DevOps inventory table on the DevOps security overview page." lightbox="media/defender-for-devops-introduction/bottom-of-page.png":::
 
 On this part of the screen you see:
 
diff --git a/articles/defender-for-cloud/faq-defender-for-devops.yml b/articles/defender-for-cloud/faq-defender-for-devops.yml
@@ -78,7 +78,7 @@ sections:
           Exemptions aren't available for DevOps security recommendations within Microsoft Defender for Cloud at the moment.
 
       - question: |
-          Why am I not able to see GitHub Advanced Security for Azure Devops (GHAzDO) results in Defender for Cloud?
+          Why am I not able to see GitHub Advanced Security for Azure DevOps (GHAzDO) results in Defender for Cloud?
         answer: |
           Confirm your connectors is properly [authorized](#why-am-i-getting-an-error-while-trying-to-connect-).
           
diff --git a/articles/defender-for-cloud/multi-factor-authentication-enforcement.md b/articles/defender-for-cloud/multi-factor-authentication-enforcement.md
@@ -92,6 +92,7 @@ To see which accounts don't have MFA enabled, use the following Azure Resource G
 
 - Conditional Access feature to enforce MFA on external users/tenants isn't supported yet.
 - Conditional Access policy applied to Microsoft Entra roles (such as all global admins, external users, external domain, etc.) isn't supported yet.
+- Conditional Access authentication strength isn't supported yet.
 - External MFA solutions such as Okta, Ping, Duo, and more aren't supported within the identity MFA recommendations.
 
 ## Next steps
diff --git a/articles/dev-box/concept-dev-box-network-requirements.md b/articles/dev-box/concept-dev-box-network-requirements.md
@@ -183,7 +183,7 @@ This list doesn't include FQDNs and endpoints for other services such as Microso
 
 Direct connectivity to Azure Virtual Desktop RDP broker service endpoints is critical for remote performance to a dev box. These endpoints affect both connectivity and latency. To align with the Microsoft 365 network connectivity principles, you should categorize these endpoints as *Optimize* endpoints, and use a [Remote Desktop Protocol (RDP) Shortpath](/windows-365/enterprise/rdp-shortpath-public-networks) from your Azure virtual network to those endpoints. RDP Shortpath  can provide another connection path for improved dev box connectivity, especially in suboptimal network conditions.
 
-To make it easier to configure network security controls, use Azure Virtual Desktop service tags to identity those endpoints for direct routing using an Azure Networking User Defined Route (UDR). A UDR results in direct routing between your virtual network and the RDP broker for lowest latency. For more information about Azure Service Tags, see Azure service tags overview.
+To make it easier to configure network security controls, use Azure Virtual Desktop service tags to identify those endpoints for direct routing using an Azure Networking User Defined Route (UDR). A UDR results in direct routing between your virtual network and the RDP broker for lowest latency. For more information about Azure Service Tags, see Azure service tags overview.
 Changing the network routes of a dev box (at the network layer or at the dev box layer like VPN) might break the connection between the dev box and the Azure Virtual Desktop RDP broker. If so, the end user is disconnected from their dev box until a connection is re-established.
 
 ## DNS requirements
@@ -255,4 +255,4 @@ For more information, see [Virtual Network service endpoints](/azure/virtual-net
 
 - [Check access to required FQDNs and endpoints for Azure Virtual Desktop](/azure/virtual-desktop/check-access-validate-required-fqdn-endpoint).
 - Learn how to unblock these FQDNs and endpoints in Azure Firewall, see [Use Azure Firewall to protect Azure Virtual Desktop](/azure/firewall/protect-azure-virtual-desktop).
-- For more information about network connectivity, see [Understanding Azure Virtual Desktop network connectivity](/azure/virtual-desktop/network-connectivity).
+- For more information about network connectivity, see [Understanding Azure Virtual Desktop network connectivity](/azure/virtual-desktop/network-connectivity).
diff --git a/articles/load-balancer/tutorial-cross-region-portal.md b/articles/load-balancer/tutorial-cross-region-portal.md
@@ -30,7 +30,6 @@ If you don’t have an Azure subscription, create a [free account](https://azure
 - An Azure subscription.
 - Two **standard** sku Azure Load Balancers with backend pools deployed in two different Azure regions.
     - For information on creating a regional standard load balancer and virtual machines for backend pools, see [Quickstart: Create a public load balancer to load balance VMs using the Azure portal](quickstart-load-balancer-standard-public-portal.md).
-        - Append the name of the load balancers, virtual machines, and other resources in each region with a **-R1** and **-R2**. 
 
 ## Sign in to Azure portal
 
diff --git a/articles/managed-grafana/how-to-data-source-plugins-managed-identity.md b/articles/managed-grafana/how-to-data-source-plugins-managed-identity.md
@@ -53,7 +53,7 @@ Azure Managed Grafana supports many popular data sources. The table below lists
 Within the Standard service tier, users who have subscribed to the Grafana Enterprise option can also access the following data sources.
 
 * [AppDynamics](https://grafana.com/grafana/plugins/dlopes7-appdynamics-datasource)
-* [Azure Devops](https://grafana.com/grafana/plugins/grafana-azuredevops-datasource)
+* [Azure DevOps](https://grafana.com/grafana/plugins/grafana-azuredevops-datasource)
 * [Databricks](https://grafana.com/grafana/plugins/grafana-databricks-datasource)
 * [DataDog](https://grafana.com/grafana/plugins/grafana-datadog-datasource)
 * [Dynatrace](https://grafana.com/grafana/plugins/grafana-dynatrace-datasource)
diff --git a/articles/postgresql/flexible-server/generative-ai-azure-cognitive.md b/articles/postgresql/flexible-server/generative-ai-azure-cognitive.md
@@ -591,5 +591,5 @@ select
 
 ## Related content
 
-- [Learn more about Azure Open AI integration](generative-ai-azure-openai.md)
+- [Learn more about Azure OpenAI Service integration](generative-ai-azure-openai.md)
 - [Learn more about Azure Machine Learning integration](generative-ai-azure-machine-learning.md)
diff --git a/articles/private-link/availability.md b/articles/private-link/availability.md
@@ -119,7 +119,7 @@ The following tables list the Private Link services and the regions where they'r
 |Azure App Service | All public regions<br/> China North 2 & East 2    | Supported with Basic, Standard, Premium v2, Premium v3, Isolated v2 App Service Plans and Function Apps Premium plan  | GA   <br/> [Learn how to create a private endpoint for Azure App Service.](../app-service/networking/private-endpoint.md)   |
 |Azure Search | All public regions <br/> All Government regions | Supported with service in Private Mode | GA   <br/> [Learn how to create a private endpoint for Azure Search.](../search/service-create-private-endpoint.md)    |
 |Azure Relay | All public regions      |  | GA   <br/> [Learn how to create a private endpoint for Azure Relay.](../azure-relay/private-link-service.md)  |
-|Azure Static Web Apps | All public regions      |  | Preview <br/> [Configure private endpoint in Azure Static Web Apps](../static-web-apps/private-endpoint.md)  |
+|Azure Static Web Apps | All public regions      |  | GA <br/> [Configure private endpoint in Azure Static Web Apps](../static-web-apps/private-endpoint.md)  |
 
 ### Private Link service with a standard load balancer
 
diff --git a/articles/sentinel/data-connectors/datalake2sentinel.md b/articles/sentinel/data-connectors/datalake2sentinel.md
@@ -39,7 +39,7 @@ ThreatIntelligenceIndicator
 
 Installation and setup instructions
 
-Use the documentation from this Github repository to install and configure the Datalake to Microsoft Sentinel connector. 
+Use the documentation from this GitHub repository to install and configure the Datalake to Microsoft Sentinel connector. 
 
 https://github.com/cert-orangecyberdefense/datalake2sentinel
 
diff --git a/articles/sentinel/data-connectors/github-using-webhooks.md b/articles/sentinel/data-connectors/github-using-webhooks.md
@@ -13,7 +13,7 @@ ms.collection: sentinel-data-connector
 
 The [GitHub](https://www.github.com) webhook data connector provides the capability to ingest GitHub subscribed events into Microsoft Sentinel using [GitHub webhook events](https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads). The connector provides ability to get events into Microsoft Sentinel which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems and more. 
 
- **Note:** If you are intended to ingest Github Audit logs, Please refer to GitHub Enterprise Audit Log Connector from "**Data Connectors**" gallery.
+ **Note:** If you are intended to ingest GitHub Audit logs, Please refer to GitHub Enterprise Audit Log Connector from "**Data Connectors**" gallery.
 
 This is autogenerated content. For changes, contact the solution provider.
 
@@ -56,7 +56,7 @@ To integrate with GitHub (using Webhooks) (using Azure Functions) make sure you
 
 **Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**
 
->**IMPORTANT:** Before deploying the Github Webhook connector, have the Workspace ID  and Workspace Primary Key (can be copied from the following).
+>**IMPORTANT:** Before deploying the GitHub Webhook connector, have the Workspace ID  and Workspace Primary Key (can be copied from the following).
 
 
 
@@ -70,7 +70,7 @@ To integrate with GitHub (using Webhooks) (using Azure Functions) make sure you
 
 
 
-*Now we are done with the github Webhook configuration. Once the github events triggered and after the delay of 20 to 30 mins (As there will be a dealy for LogAnalytics to spin up the resources for the first time), you should be able to see all the transactional events from the Github into LogAnalytics workspace table called "githubscanaudit_CL".*
+*Now we are done with the github Webhook configuration. Once the github events triggered and after the delay of 20 to 30 mins (As there will be a dealy for LogAnalytics to spin up the resources for the first time), you should be able to see all the transactional events from the GitHub into LogAnalytics workspace table called "githubscanaudit_CL".*
 
  For more details, Click [here](https://aka.ms/sentinel-gitHubwebhooksteps)
 
diff --git a/articles/static-web-apps/deploy-nextjs-hybrid.md b/articles/static-web-apps/deploy-nextjs-hybrid.md
@@ -288,7 +288,7 @@ Next.js uses environment variables at build time and at request time, to support
         uses: Azure/static-web-apps-deploy@v1
         with:
           azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN }}
-          repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for Github integrations (i.e. PR comments)
+          repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for GitHub integrations (i.e. PR comments)
           action: "upload"
           app_location: "/" 
           api_location: ""
diff --git a/includes/storage-account-key-note-include.md b/includes/storage-account-key-note-include.md
@@ -12,7 +12,7 @@ ms.custom: "include file", engagement-fy23
 
 ## Protect your access keys
 
-Storage account access keys provide full access to the configuration of a storage account, as well as the data. Always be careful to protect your access keys. Use Azure Key Vault to manage and rotate your keys securely. Access to the shared key grants a user full access to a storage account’s configuration and its data. Access to shared keys should be carefully limited and monitored. Use user delegation SAS tokens with limited scope of access in scenarios where Microsoft Entra ID based authorization can't be used. Avoid hard-coding access keys or saving them anywhere in plain text that is accessible to others. Rotate your keys if you believe they might have been compromised.
+Storage account access keys provide full access to the storage account data and the ability to generate SAS tokens. Always be careful to protect your access keys. Use Azure Key Vault to manage and rotate your keys securely. Access to the shared key grants a user full access to a storage account’s data. Access to shared keys should be carefully limited and monitored. Use user delegation SAS tokens with limited scope of access in scenarios where Microsoft Entra ID based authorization can't be used. Avoid hard-coding access keys or saving them anywhere in plain text that is accessible to others. Rotate your keys if you believe they might have been compromised.
 
 > [!IMPORTANT]
 > To prevent users from accessing data in your storage account with Shared Key, you can disallow Shared Key authorization for the storage account. Granular access to data with least privileges necessary is recommended as a security best practice. Microsoft Entra ID based authorization using managed identities should be used for scenarios that support OAuth. Kerberos or SMTP should be used for Azure Files over SMB. For Azure Files over REST, SAS tokens can be used. Shared key access should be disabled if not required to prevent its inadvertent use. For more information, see [Prevent Shared Key authorization for an Azure Storage account](../articles/storage/common/shared-key-authorization-prevent.md).
