Merge pull request #189273 from MicrosoftDocs/main

2/21 PM Publish

Author: huypub

.openpublishing.redirection.defender-for-iot.json

@@ -30,7 +30,17 @@
             "redirect_url": "/azure/defender-for-iot/organizations/getting-started",
             "redirect_document_id": false
         },
-	{
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/how-to-view-information-provided-in-alerts.md",
+            "redirect_url": "/azure/defender-for-iot/organizations/how-to-view-alerts",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/how-to-work-with-alerts-on-your-sensor.md",
+            "redirect_url": "/azure/defender-for-iot/organizations/concept-key-concepts#analytics-and-self-learning-engines",
+            "redirect_document_id": false
+        },
+	    {
             "source_path_from_root": "/azure/defender-for-iot/organizations/quickstart-system-prerequisites.md",
             "redirect_url": "/azure/defender-for-iot/organizations/getting-started",
             "redirect_document_id": false

articles/azure-arc/data/rotate-user-tls-certificate.md

@@ -118,37 +118,37 @@ DNS:mi1-svc, DNS:mi1-svc.test.svc.cluster.local, DNS:mi1-svc.test.svc
 
 Use the following command by providing Kubernetes secret that you created previously to rotate the certificate: 
 
-```console
+```azurecli
 az sql mi-arc update -n <managed instance name> --k8s-namespace <arc> --use-k8s --service-cert-secret <your-cert-secret>
 ```
 
 For example:
 
-```console
+```azurecli
 az sql mi-arc update -n mysqlmi --k8s-namespace <arc> --use-k8s --service-cert-secret mymi-cert-secret
 ```
 
 Use the following command to rotate the certificate with the PEM formatted certificate public and private keys. The command generates a default service certificate name. 
 
-```console
+```azurecli
 az sql mi-arc update -n <managed instance name> --k8s-namespace arc --use-k8s --cert-public-key-file <path-to-my-cert-public-key> --cert-private-key-file <path-to-my-cert-private-key> --k8s-namespace <your-k8s-namespace>
 ```
 
 For example:
 
-```console
+```azurecli
 az sql mi-arc update -n mysqlmi --k8s-namespace arc --use-k8s --cert-public-key-file ./mi1-1-cert --cert-private-key-file ./mi1-1-pvt
 ```
 
 You can also provide a Kubernetes service cert secret name for `--service-cert-secret` parameter. In this case, it's taken as an updated secret name. The command checks if the secret exists. If not, the command creates a secret name and then rotates the secret in the managed instance.
 
-```console
+```azurecli
 az sql mi-arc update -n <managed instance name> --k8s-namespace <arc> --use-k8s --cert-public-key-file <path-to-my-cert-public-key> --cert-private-key-file <path-to-my-cert-private-key> --service-cert-secret <path-to-mymi-cert-secret>
 ```
 
 For example:
 
-```console
+```azurecli
 az sql mi-arc update -n mysqlmi --k8s-namespace arc --use-k8s --cert-public-key-file ./mi1-1-cert --cert-private-key-file ./mi1-1-pvt --service-cert-secret mi1-12-1-cert-secret
 ```
 

articles/azure-arc/data/troubleshooting-get-logs.md

@@ -57,8 +57,8 @@ az arcdata dc debug copy-logs --target-folder <desired folder> --exclude-dumps -
 
 For example:
 
-```console
-#az arcdata dc debug copy-logs --target-folder C:\temp\logs --exclude-dumps --skip-compress --resource-kind postgresql-12 --resource-name pg1 --use-k8s --k8s-namespace
+```azurecli
+az arcdata dc debug copy-logs --target-folder C:\temp\logs --exclude-dumps --skip-compress --resource-kind postgresql-12 --resource-name pg1 --use-k8s --k8s-namespace
 ```
 
 The following folder hierarchy is an example. It's organized by pod name, then container, and then by directory hierarchy within the container.

articles/azure-arc/data/upload-metrics-and-logs-to-azure-monitor.md

@@ -136,7 +136,7 @@ az role assignment create --assignee <appId> --role 'Monitoring Metrics Publishe
 
 # [PowerShell](#tab/powershell)
 
-```powershell
+```azurecli
 az role assignment create --assignee <appId> --role 'Monitoring Metrics Publisher' --scope subscriptions/<SubscriptionID>/resourceGroups/<resourcegroup>
 ```
 

articles/azure-arc/data/upload-metrics.md

@@ -34,14 +34,14 @@ The Arc data services extension managed identity is used for uploading metrics.
 ### (1) Retrieve managed identity of the Arc data controller extension
 
 # [PowerShell](#tab/powershell)
-```powershell
+```azurecli
 $Env:MSI_OBJECT_ID = (az k8s-extension show --resource-group <resource group>  --cluster-name <connectedclustername> --cluster-type connectedClusters --name <name of extension> | convertFrom-json).identity.principalId
 #Example
 $Env:MSI_OBJECT_ID = (az k8s-extension show --resource-group myresourcegroup  --cluster-name myconnectedcluster --cluster-type connectedClusters --name ads-extension | convertFrom-json).identity.principalId
 ```
 
 # [macOS & Linux](#tab/linux)
-```console
+```azurecli
 export MSI_OBJECT_ID=`az k8s-extension show --resource-group <resource group>  --cluster-name <connectedclustername>  --cluster-type connectedClusters --name <name of extension> | jq '.identity.principalId' | tr -d \"`
 #Example
 export MSI_OBJECT_ID=`az k8s-extension show --resource-group myresourcegroup  --cluster-name myconnectedcluster --cluster-type connectedClusters --name ads-extension | jq '.identity.principalId' | tr -d \"`
@@ -57,12 +57,12 @@ N/A
 
 Run the below command to assign the **Monitoring Metrics Publisher** role:
 # [PowerShell](#tab/powershell)
-```powershell
+```azurecli
 az role assignment create --assignee $Env:MSI_OBJECT_ID --role 'Monitoring Metrics Publisher' --scope "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP_NAME"
 ```
 
 # [macOS & Linux](#tab/linux)
-```console
+```azurecli
 az role assignment create --assignee ${MSI_OBJECT_ID} --role 'Monitoring Metrics Publisher' --scope "/subscriptions/${subscription}/resourceGroups/${resourceGroup}"
 ```
 

articles/azure-arc/kubernetes/agent-upgrade.md

@@ -20,15 +20,15 @@ Azure Arc-enabled Kubernetes provides its agents with out- of-the-box auto-upgra
 
 The following command connects a cluster to Azure Arc with auto-upgrade **enabled**:
 
-```console
+```azurecli
 az connectedk8s connect --name AzureArcTest1 --resource-group AzureArcTest
 ```
 
 With auto-upgrade enabled, the agent polls Azure hourly for availability of a newer version of agents. If the agent finds an available newer version, it triggers a Helm chart upgrade for the Azure Arc agents.
 
 To opt-out of auto-upgrade, specify the `--disable-auto-upgrade` parameter while connecting the cluster to Azure Arc. The following command connects a cluster to Azure Arc with auto-upgrade **disabled**:
 
-```console
+```azurecli
 az connectedk8s connect --name AzureArcTest1 --resource-group AzureArcTest --disable-auto-upgrade
 ```
 
@@ -39,15 +39,15 @@ az connectedk8s connect --name AzureArcTest1 --resource-group AzureArcTest --dis
 
 After you connect a cluster to Azure Arc, you can toggle the auto-upgrade capability with the `az connectedk8s update` command, as shown below:
 
-```console
+```azurecli
 az connectedk8s update --name AzureArcTest1 --resource-group AzureArcTest --auto-upgrade false
 ```
 
 ## Manually upgrade agents
 
 If you have disabled auto-upgrade for agents, you can manually initiate upgrades for these agents using the `az connectedk8s upgrade` command as shown below:
 
-```console
+```azurecli
 az connectedk8s upgrade -g AzureArcTest1 -n AzureArcTest --agent-version 1.1.0
 ```
 

articles/azure-arc/kubernetes/azure-rbac.md

@@ -145,7 +145,7 @@ The server application needs the `Microsoft.Authorization/*/read` permissions to
 
 Enable Azure role-based access control (RBAC) on your Azure Arc-enabled Kubernetes cluster by running the following command:
 
-```console
+```azurecli
 az connectedk8s enable-features -n <clusterName> -g <resourceGroupName> --features azure-rbac --app-id "${SERVER_APP_ID}" --app-secret "${SERVER_APP_SECRET}"
 ```
 
@@ -350,13 +350,13 @@ Copy the following JSON object into a file called *custom-role.json*. Replace th
 
 1. Create the role definition by running the following command from the folder where you saved *custom-role.json*:
 
-    ```bash
+    ```azurecli
     az role definition create --role-definition @custom-role.json
     ```
 
 1. Create a role assignment by using this custom role definition:
 
-    ```bash
+    ```azurecli
     az role assignment create --role "Arc Deployment Viewer" --assignee <AZURE-AD-ENTITY-ID> --scope $ARM_ID/namespaces/<namespace-name>
     ```
 
@@ -371,7 +371,7 @@ There are two ways to get the *kubeconfig* file that you need to access the clus
 
 Run the following command to start the proxy process:
 
-```console
+```azurecli
 az connectedk8s proxy -n <clusterName> -g <resourceGroupName>
 ```
 

articles/azure-arc/kubernetes/cluster-connect.md

@@ -23,13 +23,13 @@ A conceptual overview of this feature is available in [Cluster connect - Azure A
 
 - Install the `connectedk8s` Azure CLI extension of version >= 1.2.0:
 
-    ```console
+    ```azurecli
     az extension add --name connectedk8s
     ```
   
     If you've already installed the `connectedk8s` extension, update the extension to the latest version:
     
-    ```console
+    ```azurecli
     az extension update --name connectedk8s
     ```
 
@@ -46,7 +46,7 @@ A conceptual overview of this feature is available in [Cluster connect - Azure A
 
 - Replace the placeholders and run the below command to set the environment variables used in this document:
 
-    ```console
+    ```azurecli
     CLUSTER_NAME=<cluster-name>
     RESOURCE_GROUP=<resource-group-name>
     ARM_ID_CLUSTER=$(az connectedk8s show -n $CLUSTER_NAME -g $RESOURCE_GROUP --query id -o tsv)
@@ -57,7 +57,7 @@ A conceptual overview of this feature is available in [Cluster connect - Azure A
 
 You can enable the Cluster Connect on any Azure Arc-enabled Kubernetes cluster by running the following command on a machine where the `kubeconfig` file is pointed to the cluster of concern:
 
-```console
+```azurecli
 az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $RESOURCE_GROUP
 ```
 
@@ -67,13 +67,13 @@ az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $
 
     - For Azure AD user account:
 
-        ```console
+        ```azurecli
         AAD_ENTITY_OBJECT_ID=$(az ad signed-in-user show --query objectId -o tsv)
         ```
 
     - For Azure AD application:
 
-        ```console
+        ```azurecli
         AAD_ENTITY_OBJECT_ID=$(az ad sp show --id <id> --query objectId -o tsv)
         ```
 
@@ -87,7 +87,7 @@ az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $
 
     - If you are using Azure RBAC for authorization checks on the cluster, you can create an Azure role assignment mapped to the Azure AD entity. Example:
 
-        ```console
+        ```azurecli
         az role assignment create --role "Azure Arc Kubernetes Viewer" --assignee $AAD_ENTITY_OBJECT_ID --scope $ARM_ID_CLUSTER
         ```
 
@@ -121,13 +121,13 @@ az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $
 
     - If using Azure Active Directory authentication option, after logging into Azure CLI using the Azure AD entity of interest, get the Cluster Connect `kubeconfig` needed to communicate with the cluster from anywhere (from even outside the firewall surrounding the cluster):
 
-        ```console
+        ```azurecli
         az connectedk8s proxy -n $CLUSTER_NAME -g $RESOURCE_GROUP
         ```
 
     - If using the service account authentication option, get the Cluster Connect `kubeconfig` needed to communicate with the cluster from anywhere:
 
-        ```console
+        ```azurecli
         az connectedk8s proxy -n $CLUSTER_NAME -g $RESOURCE_GROUP --token $TOKEN
         ```
 

articles/azure-arc/kubernetes/faq.md

@@ -36,7 +36,7 @@ The system assigned managed identity associated with your Azure Arc-enabled Kube
 
 To check when the certificate is about to expire for any given cluster, run the following command:
 
-```console
+```azurecli
 az connectedk8s show -n <name> -g <resource-group>
 ```
 
@@ -46,13 +46,13 @@ If the value of `managedIdentityCertificateExpirationTime` indicates a timestamp
 
 1. Delete Azure Arc-enabled Kubernetes resource and agents on the cluster. 
 
-    ```console
+    ```azurecli
     az connectedk8s delete -n <name> -g <resource-group>
     ```
 
 1. Recreate the Azure Arc-enabled Kubernetes resource by deploying agents on the cluster.
     
-    ```console
+    ```azurecli
     az connectedk8s connect -n <name> -g <resource-group>
     ```
 

articles/azure-arc/kubernetes/quickstart-connect-cluster.md

@@ -25,7 +25,7 @@ For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enable
 
 * Install the **connectedk8s** Azure CLI extension of version >= 1.2.0:
 
-  ```
+  ```azurecli
   az extension add --name connectedk8s
   ```
 
@@ -39,7 +39,7 @@ For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enable
   * Self-managed Kubernetes cluster using [Cluster API](https://cluster-api.sigs.k8s.io/user/quick-start.html)
   * If you want to connect a OpenShift cluster to Azure Arc, execute the following command one time on your cluster before running `az connectedk8s connect`:
 
-    ```
+    ```bash
     oc adm policy add-scc-to-user privileged system:serviceaccount:azure-arc:azure-arc-kube-aad-proxy-sa
     ```
 
@@ -76,7 +76,7 @@ For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enable
   * Self-managed Kubernetes cluster using [Cluster API](https://cluster-api.sigs.k8s.io/user/quick-start.html)
   * If you want to connect a OpenShift cluster to Azure Arc, you need to execute the following command just once on your cluster before running `New-AzConnectedKubernetes`:
 
-    ```
+    ```bash
     oc adm policy add-scc-to-user privileged system:serviceaccount:azure-arc:azure-arc-kube-aad-proxy-sa
     ```
 
@@ -162,7 +162,7 @@ az group create --name AzureArcTest --location EastUS --output table
 
 Output:
 
-```
+```output
 Location    Name
 ----------  ------------
 eastus      AzureArcTest
@@ -176,7 +176,7 @@ New-AzResourceGroup -Name AzureArcTest -Location EastUS
 
 Output:
 
-```
+```output
 ResourceGroupName : AzureArcTest
 Location          : eastus
 ProvisioningState : Succeeded
@@ -201,7 +201,7 @@ az connectedk8s connect --name AzureArcTest1 --resource-group AzureArcTest
 
 Output:
 
-```
+```output
 Helm release deployment succeeded
 
     {
@@ -247,7 +247,7 @@ New-AzConnectedKubernetes -ClusterName AzureArcTest1 -ResourceGroupName AzureArc
 
 Output:
 
-```
+```output
 Location Name          Type
 -------- ----          ----
 eastus   AzureArcTest1 microsoft.kubernetes/connectedclusters
@@ -311,7 +311,7 @@ az connectedk8s list --resource-group AzureArcTest --output table
 
 Output:
 
-```
+```output
 Name           Location    ResourceGroup
 -------------  ----------  ---------------
 AzureArcTest1  eastus      AzureArcTest
@@ -325,7 +325,7 @@ Get-AzConnectedKubernetes -ResourceGroupName AzureArcTest
 
 Output:
 
-```
+```output
 Location Name          Type
 -------- ----          ----
 eastus   AzureArcTest1 microsoft.kubernetes/connectedclusters
@@ -342,15 +342,15 @@ Azure Arc-enabled Kubernetes deploys a few agents into the `azure-arc` namespace
 
 1. View these deployments and pods using:
 
-   ```
+   ```bash
    kubectl get deployments,pods -n azure-arc
    ```
 
 1. Verify all pods are in a `Running` state.
 
    Output:
 
-   ```
+   ```output
     NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
     deployment.apps/cluster-metadata-operator   1/1     1            1           13d
     deployment.apps/clusterconnect-agent        1/1     1            1           13d