Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into nw-overview

Author: halkazwini

.openpublishing.redirection.json

@@ -4087,10 +4087,12 @@
             "source_path_from_root": "/articles/event-grid/move-domains-across-regions.md",
             "redirect_url": "/azure",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/data-factory/continuous-integration-delivery-automate-github-actions.md",
+            "redirect_url": "/azure",
+            "redirect_document_id": false
         }
-
-
-
-        
+       
     ]
 }

articles/ai-services/computer-vision/includes/identity-curl-quickstart.md

@@ -24,8 +24,7 @@ Get started with facial recognition using the Face REST API. The Face service pr
     * You'll need the key and endpoint from the resource you create to connect your application to the Face API. You'll paste your key and endpoint into the code below later in the quickstart.
     * You can use the free pricing tier (`F0`) to try the service, and upgrade later to a paid tier for production.
 * [PowerShell version 6.0+](/powershell/scripting/install/installing-powershell-core-on-windows), or a similar command-line application.
-* [cURL](https://curl.haxx.se/) installed.
-
+* [cURL](https://curl.se/) installed.
 
 
 
@@ -34,58 +33,134 @@ Get started with facial recognition using the Face REST API. The Face service pr
 > [!NOTE]
 > If you haven't received access to the Face service using the [intake form](https://aka.ms/facerecognition), some of these functions won't work.
 
-1. First, call the Detect API on the source face. This is the face that we'll try to identify from the larger group. Copy the following command to a text editor, insert your own key, and then copy it into a shell window and run it.
+1. First, call the Detect API on the source face. This is the face that we'll try to identify from the larger group. Copy the following command to a text editor, insert your own key and endpoint, and then copy it into a shell window and run it.
+
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_detect":::
+
+    #### [Linux](#tab/linux)
 
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_detect":::
 
+    ---
+
     Save the returned face ID string to a temporary location. You'll use it again at the end.
 
-1. Next you'll need to create a **LargePersonGroup**. This object will store the aggregated face data of several persons. Run the following command, inserting your own key. Optionally, change the group's name and metadata in the request body.
+1. Next you'll need to create a **LargePersonGroup** and give it an arbitrary ID that matches regex pattern `^[a-z0-9-_]+$`. This object will store the aggregated face data of several persons. Run the following command, inserting your own key. Optionally, change the group's name and metadata in the request body.
+
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_create_persongroup":::
+
+    #### [Linux](#tab/linux)
 
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_create_persongroup":::
 
-    Save the returned ID of the created group to a temporary location.
+    ---
+
+    Save the specified ID of the created group to a temporary location.
 
 1. Next, you'll create **Person** objects that belong to the group. Run the following command, inserting your own key and the ID of the **LargePersonGroup** from the previous step. This command creates a **Person** named "Family1-Dad".
 
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_create_person":::
+
+    #### [Linux](#tab/linux)
+
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_create_person":::
 
+    ---
+
     After you run this command, run it again with different input data to create more **Person** objects: "Family1-Mom", "Family1-Son", "Family1-Daughter", "Family2-Lady", and "Family2-Man".
 
     Save the IDs of each **Person** created; it's important to keep track of which person name has which ID.
 
 1. Next you'll need to detect new faces and associate them with the **Person** objects that exist. The following command detects a face from the image *Family1-Dad1.jpg* and adds it to the corresponding person. You need to specify the `personId` as the ID that was returned when you created the "Family1-Dad" **Person** object. The image name corresponds to the name of the created **Person**. Also enter the **LargePersonGroup** ID and your key in the appropriate fields.
 
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_add_face":::
+
+    #### [Linux](#tab/linux)
+
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_add_face":::
 
+    ---
+
     Then, run the above command again with a different source image and target **Person**. The images available are: *Family1-Dad1.jpg*, *Family1-Dad2.jpg* *Family1-Mom1.jpg*, *Family1-Mom2.jpg*, *Family1-Son1.jpg*, *Family1-Son2.jpg*, *Family1-Daughter1.jpg*, *Family1-Daughter2.jpg*, *Family2-Lady1.jpg*, *Family2-Lady2.jpg*, *Family2-Man1.jpg*, and *Family2-Man2.jpg*. Be sure that the **Person** whose ID you specify in the API call matches the name of the image file in the request body.
 
     At the end of this step, you should have multiple **Person** objects that each have one or more corresponding faces, detected directly from the provided images.
 
 1. Next, train the **LargePersonGroup** with the current face data. The training operation teaches the model how to associate facial features, sometimes aggregated from multiple source images, to each single person. Insert the **LargePersonGroup** ID and your key before running the command.
 
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_train":::
+
+    #### [Linux](#tab/linux)
+
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_train":::
+
+    ---
 
+1. Check whether the training status is succeeded. If not, wait for a while and query again.
+
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_check_status":::
+
+    #### [Linux](#tab/linux)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_check_status":::
+
+    ---
+
 1. Now you're ready to call the Identify API, using the source face ID from the first step and the **LargePersonGroup** ID. Insert these values into the appropriate fields in the request body, and insert your key.
 
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_identify":::
+
+    #### [Linux](#tab/linux)
+
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_identify":::
 
+    ---
+
     The response should give you a **Person** ID indicating the person identified with the source face. It should be the ID that corresponds to the "Family1-Dad" person, because the source face is of that person.
 
 1. To do face verification, you'll use the **Person** ID returned in the previous step, the **LargePersonGroup** ID, and also the source face ID. Insert these values into the fields in the request body, and insert your key.
 
+    #### [Windows](#tab/windows)
+
+    :::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="verify":::
+
+    #### [Linux](#tab/linux)
+
     :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="verify":::
 
+    ---
+
     The response should give you a boolean verification result along with a confidence value.
 
 
 
 ## Clean up resources
 
-To delete the **LargePersonGroup** you created in this exercise, run the LargePersonGroup - Delete call.
+To delete the **LargePersonGroup** you created in this exercise, run the [LargePersonGroup - Delete](/rest/api/face/person-group-operations/delete-large-person-group) call.
+
+#### [Windows](#tab/windows)
+
+:::code source="~/cognitive-services-quickstart-code/curl/face/detect.ps1" ID="identify_delete":::
+
+#### [Linux](#tab/linux)
 
 :::code source="~/cognitive-services-quickstart-code/curl/face/detect.sh" ID="identify_delete":::
 
+---
+
 If you want to clean up and remove an Azure AI services subscription, you can delete the resource or resource group. Deleting the resource group also deletes any other resources associated with it.
 
 * [Portal](../../multi-service-resource.md?pivots=azportal#clean-up-resources)

articles/ai-services/document-intelligence/containers/install-run.md

@@ -19,7 +19,7 @@ ms.author: lajanuar
 <!-- markdownlint-disable MD051 -->
 
 :::moniker range="doc-intel-2.1.0 || doc-intel-4.0.0"
-Support for containers is currently available with Document Intelligence version `2022-08-31 (GA)` for all models and `2023-07-31 (GA)` for Read and Layout only:
+Support for containers is currently available with Document Intelligence version `2022-08-31 (GA)` for all models and `2023-07-31 (GA)` for Read, Layout, ID Document, Receipt and Invoice models:
 
 * [REST API `2022-08-31 (GA)`](/rest/api/aiservices/document-models/analyze-document?view=rest-aiservices-v3.0%20(2022-08-31)&preserve-view=true&tabs=HTTP)
 * [REST API `2023-07-31 (GA)`](/rest/api/aiservices/document-models/analyze-document?view=rest-aiservices-v3.1%20(2023-07-31)&tabs=HTTP&preserve-view=true)
@@ -38,9 +38,9 @@ Azure AI Document Intelligence is an Azure AI service that lets you build automa
 
 In this article you learn how to download, install, and run Document Intelligence containers. Containers enable you to run the Document Intelligence service in your own environment. Containers are great for specific security and data governance requirements.
 
-* **Read**, and **Layout**  models are supported by Document Intelligence v3.1 containers.
+* **Read**, **Layout**,  **ID Document**,  **Receipt**, and **Invoice**  models are supported by Document Intelligence v3.1 containers.
 
-* **Read**, **Layout**, **General Document**, **ID Document**,  **Receipt**, **Invoice**, **Business Card**, and **Custom** models are supported by Document Intelligence v3.0 containers.
+* **Read**, **Layout**, **General Document**, **Business Card**, and **Custom** models are supported by Document Intelligence v3.0 containers.
 
 * **Business Card** model is currently only supported in the [v2.1 containers](install-run.md?view=doc-intel-2.1.0&preserve-view=true).
 

articles/ai-services/document-intelligence/studio-overview.md

@@ -53,6 +53,9 @@ Your organization can opt to disable local authentication and enforce Microsoft
 
 * **Designating role assignments**. Document Intelligence Studio basic access requires the [`Cognitive Services User`](../../role-based-access-control/built-in-roles/ai-machine-learning.md#cognitive-services-user) role. For more information, *see* [Document Intelligence role assignments](quickstarts/try-document-intelligence-studio.md#azure-role-assignments) and [Document Intelligence Studio Permission](faq.yml#what-permissions-do-i-need-to-access-document-intelligence-studio-).
 
+> [!IMPORTANT]
+> Make sure you have the Cognitive Services User role, and not the Cognitive Services Contributor role when setting up Entra authentication. In Azure concept, Contributor role can only perform actions to control and manage the resource itself, including listing the access keys. Any user accounts with "Contributor" role that is able to access the Document Intelligence service is calling with access keys. However, when setting up access with Entra ID, key-access will be disabled and Cognitive Service User role will be required for an account to use the resources.
+
 ## Authentication
 
 Navigate to the [Document Intelligence Studio](https://formrecognizer.appliedai.azure.com/). If it's your first time logging in, a popup window appears prompting you to configure your service resource. In accordance with your organization's policy, you have one or two options:

articles/ai-services/openai/concepts/content-filter.md

@@ -989,7 +989,7 @@ data: [DONE]
 ```
 
 > [!IMPORTANT]
-> When content filtering is triggered for a prompt and a `"status": 400` is received as part of the response there will be a charge for this request as the prompt was evaluated by the service. [Charges will also occur](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) when a `"status":200` is received with `"finish_reason": "content_filter"`. In this case the prompt did not have any issues, but the completion generated by the model was detected to violate the content filtering rules which results in the completion being filtered.
+> When content filtering is triggered for a prompt and a `"status": 400` is received as part of the response there will be a charge for this request as the prompt was evaluated by the service. Due to the asynchronous nature of the content filtering system, a charge for both the prompt and completion tokens will occur. [Charges will also occur](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) when a `"status":200` is received with `"finish_reason": "content_filter"`. In this case the prompt did not have any issues, but the completion generated by the model was detected to violate the content filtering rules which results in the completion being filtered.
 
 ## Best practices
 

articles/aks/control-plane-metrics-default-list.md

@@ -42,17 +42,20 @@ The following metrics are allow-listed with `minimalingestionprofile=true` for d
 - `apiserver_cache_list_returned_objects_total`
 - `apiserver_flowcontrol_demand_seats_average`
 - `apiserver_flowcontrol_current_limit_seats`
-- `apiserver_request_sli_duration_seconds_bucket`
+- ~~`apiserver_request_sli_duration_seconds_bucket`~~
 - `apiserver_request_sli_duration_seconds_sum`
 - `apiserver_request_sli_duration_seconds_count`
 - `process_start_time_seconds`
-- `apiserver_request_duration_seconds_bucket`
+- ~~`apiserver_request_duration_seconds_bucket`~~
 - `apiserver_request_duration_seconds_sum`
 - `apiserver_request_duration_seconds_count`
 - `apiserver_storage_list_fetched_objects_total`
 - `apiserver_storage_list_returned_objects_total`
 - `apiserver_current_inflight_requests`
 
+> [!NOTE]
+`apiserver_request_sli_duration_seconds_bucket` and `apiserver_request_duration_seconds_bucket`  are not collected now with a recent release. These are high cardinality metrics which may increase the number of metrics stored based on the number of custom resources in the cluster. If you would like to collect these bucket metrics, you can add it to the keep list. We highly recommend not turning off the minimal ingestion profile for the control plane components
+
 **controlplane-etcd**
 
 - `etcd_server_has_leader`

articles/aks/manage-abort-operations.md

@@ -28,6 +28,31 @@ This command provides you with a percentage that indicates how close the operati
   "status": "InProgress"
 ```
 
+There is also a cli command equivalent for the above that shows the status of the most recent operation in the cluster. 
+```azurecli-interactive
+az aks operation show-latest --resource-group myResourceGroup --name myCluster
+```
+The following is an example output -
+```azurecli-interactive
+{
+  "endTime": null,
+  "error": null,
+  "id": "/subscriptions/3368aba5-673c-452f-96b8-71326a289646/resourcegroups/testkaar/providers/Microsoft.ContainerService/managedClusters/contoso/operations/94e04d66-5b57-4c2b-bf3e-e026f1067dd1",
+  "name": "94e04d66-5b57-4c2b-bf3e-e026f1067dd1",
+  "operations": null,
+  "percentComplete": 1.0,
+  "resourceGroup": "testkaar",
+  "resourceId": null,
+  "startTime": "2024-06-12T18:16:21+00:00",
+  "status": "InProgress"
+}
+```
+You can also run this command using the operation-id available from the above output.  The `Id` parameter denotes the operation-id to use example:
+
+```azurecli-interactive
+az aks operation show --resource-group myResourceGroup --name myCluster --operation-id "94e04d66-5b57-4c2b-bf3e-e026f1067dd1"
+```
+
 While it's important to allow operations to gracefully terminate when they're no longer needed, there are circumstances where you need to release control of node pools and clusters with long running operations using an *abort* command.
 
 AKS support for aborting long running operations is now generally available. This feature allows you to take back control and run another operation seamlessly. This design is supported using the [Azure REST API](/rest/api/azure/) or the [Azure CLI](/cli/azure/).

articles/aks/manage-azure-rbac.md

@@ -13,10 +13,11 @@ author: palma21
 
 # Use Azure role-based access control for Kubernetes Authorization
 
-When you leverage [integrated authentication between Microsoft Entra ID and AKS](managed-azure-ad.md), you can use Microsoft Entra users, groups, or service principals as subjects in [Kubernetes role-based access control (Kubernetes RBAC)][kubernetes-rbac]. This feature frees you from having to separately manage user identities and credentials for Kubernetes. However, you still have to set up and manage Azure RBAC and Kubernetes RBAC separately.
-
 This article covers how to use Azure RBAC for Kubernetes Authorization, which allows for the unified management and access control across Azure resources, AKS, and Kubernetes resources. For more information, see [Azure RBAC for Kubernetes Authorization][kubernetes-rbac].
 
+> [!NOTE]
+> When you leverage [integrated authentication between Microsoft Entra ID and AKS](managed-azure-ad.md), you can use Microsoft Entra users, groups, or service principals as subjects in [Kubernetes role-based access control (Kubernetes RBAC)][kubernetes-rbac]. This feature frees you from having to separately manage user identities and credentials for Kubernetes. However, you still have to set up and manage Azure RBAC and Kubernetes RBAC separately.
+
 ## Before you begin
 
 * You need the Azure CLI version 2.24.0 or later installed and configured. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][install-azure-cli].

articles/app-service/tutorial-connect-app-access-sql-database-as-user-dotnet.md

@@ -88,7 +88,7 @@ First, enable Microsoft Entra authentication to SQL Database by assigning a Micr
 1. Restrict the database server authentication to Active Directory authentication. This step effectively disables SQL authentication.
 
     ```azurecli-interactive
-    az sql server ad-only-auth enable --resource-group <group-name> --server-name <server-name>
+    az sql server ad-only-auth enable --resource-group <group-name> --name <server-name>
     ```
 
 For more information on adding an Active Directory admin, see [Provision Microsoft Entra admin (SQL Database)](/azure/azure-sql/database/authentication-aad-configure#provision-azure-ad-admin-sql-database).

articles/automation/automation-linux-hrw-install.md

@@ -229,15 +229,13 @@ sudo python /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/
 
 ## <a name="remove-linux-hybrid-runbook-worker"></a>Remove the Hybrid Runbook Worker
 
-Run the following commands as root on the agent-based Linux Hybrid Worker:
+1. Run the following commands as root on the agent-based Linux Hybrid Worker:
 
-1. ```bash
-      sudo bash
+   ```bash
+   sudo bash
+   rm -r /home/nxautomation
    ```
 
-1. ```bash
-      rm -r /home/nxautomation
-   ```
 1. Under **Process Automation**, select **Hybrid worker groups** and then your hybrid worker group to go to the **Hybrid Worker Group** page.
 1. Under **Hybrid worker group**, select **Hybrid Workers**.
 1. Select the checkbox next to the machine(s) you want to delete from the hybrid worker group.