Merge branch 'main' into release-updatecenterv2-publicpreview

articles/active-directory/conditional-access/howto-conditional-access-apis.md

@@ -31,6 +31,9 @@ Many of the following examples use tools like [Managed Identities](../managed-id
 
 ### PowerShell
 
+> [!IMPORTANT]
+> Due to the planned deprecation of PowerShell modules (MSOL & AAD) after December 2022, no further updates are planned for these modules to support new Conditional Access features. See recent announcements for more information: https://aka.ms/AzureADPowerShellDeprecation. New Conditional Access features may not be available or may not be functional within these PowerShell modules as a result of this announcement. Please consider [migrating to Microsoft Graph PowerShell](https://aka.ms/MigrateMicrosoftGraphPowerShell). Additional guidance and examples will be released soon.
+
 For many administrators, PowerShell is already an understood scripting tool. The following example shows how to use the [Azure AD PowerShell module](https://www.powershellgallery.com/packages/AzureAD) to manage Conditional Access policies.
 
 - [Configure Conditional Access policies with Azure AD PowerShell commands](https://github.com/Azure-Samples/azure-ad-conditional-access-apis/tree/main/01-configure/powershell)

articles/active-directory/governance/access-reviews-overview.md

@@ -99,7 +99,7 @@ Here are some example license scenarios to help you determine the number of lice
 | An administrator creates an access review of Group C with 50 member users and 25 guest users. Makes it a self-review. | 50 licenses for each user as self-reviewers.* | 50 |
 | An administrator creates an access review of Group D with 6 member users and 108 guest users. Makes it a self-review. | 6 licenses for each user as self-reviewers. Guest users are billed on a monthly active user (MAU) basis. No additional licenses are required. *  | 6 |
 
-\* Azure AD External Identities (guest user) pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. This model replaces the 1:5 ratio billing model, which allowed up to five guest users for each Azure AD Premium license in your tenant. When your tenant is linked to a subscription and you use External Identities features to collaborate with guest users, you'll be automatically billed using the MAU-based billing model. For more information, see Billing model for Azure AD External Identities.
+\* Azure AD External Identities (guest user) pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. This model replaces the 1:5 ratio billing model, which allowed up to five guest users for each Azure AD Premium license in your tenant. When your tenant is linked to a subscription and you use External Identities features to collaborate with guest users, you'll be automatically billed using the MAU-based billing model. For more information, see [Billing model for Azure AD External Identities](../external-identities/external-identities-pricing.md).
 
 ## Next steps
 

articles/active-directory/governance/entitlement-management-overview.md

@@ -167,7 +167,10 @@ Here are some example license scenarios to help you determine the number of lice
 | Scenario | Calculation | Number of licenses |
 | --- | --- | --- |
 | A Global Administrator at Woodgrove Bank creates initial catalogs and delegates administrative tasks to 6 other users. One of the policies specifies that **All employees** (2,000 employees) can request a specific set of access packages. 150 employees request the access packages. | 2,000 employees who **can** request the access packages | 2,000 |
-| A Global Administrator at Woodgrove Bank creates initial catalogs and delegates administrative tasks to 6 other users. One of the policies specifies that **All employees** (2,000 employees) can request a specific set of access packages. Another policy specifies that some users from **Users from partner Contoso** (guests) can request the same access packages subject to approval. Contoso has 30,000 users. 150 employees request the access packages and 10,500 users from Contoso request access. | 2,000 employees + 500 guest users from Contoso that exceed the 1:5 ratio (10,500 - (2,000 * 5)) | 2,500 |
+| A Global Administrator at Woodgrove Bank creates initial catalogs and delegates administrative tasks to 6 other users. One of the policies specifies that **All employees** (2,000 employees) can request a specific set of access packages. Another policy specifies that some users from **Users from partner Contoso** (guests) can request the same access packages subject to approval. Contoso has 30,000 users. 150 employees request the access packages and 10,500 users from Contoso request access. | 2,000 employees need licenses, guest users are billed on a monthly active user basis and no additional licenses are required for them. * | 2,000 |
+
+\* Azure AD External Identities (guest user) pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. This model replaces the 1:5 ratio billing model, which allowed up to five guest users for each Azure AD Premium license in your tenant. When your tenant is linked to a subscription and you use External Identities features to collaborate with guest users, you'll be automatically billed using the MAU-based billing model. For more information, see [Billing model for Azure AD External Identities](../external-identities/external-identities-pricing.md).
+
 
 ## Next steps
 

articles/active-directory/reports-monitoring/reference-azure-ad-sla-performance.md

@@ -55,8 +55,8 @@ For each month, we truncate the SLA attainment at three places after the decimal
 | ---       | ---     | ---     |
 | January   |         | 99.999% |
 | February  | 99.999% | 99.999% |
-| March     | 99.568% |         |
-| April     | 99.999% |         |
+| March     | 99.568% | 99.999% |
+| April     | 99.999% | 99.999% |
 | May       | 99.999% |         |
 | June      | 99.999% |         |
 | July      | 99.999% |         |
@@ -89,4 +89,4 @@ All incidents that seriously impact Azure AD performance are documented in the [
 
 * [Azure AD reports overview](overview-reports.md)
 * [Programmatic access to Azure AD reports](concept-reporting-api.md)
-* [Azure Active Directory risk detections](../identity-protection/overview-identity-protection.md)
+* [Azure Active Directory risk detections](../identity-protection/overview-identity-protection.md)

articles/aks/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure Kubernetes Service (AKS)
 description: Lists Azure Policy Regulatory Compliance controls available for Azure Kubernetes Service (AKS). These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 ms.service: container-service
 ms.custom: subject-policy-compliancecontrols

articles/api-management/api-management-howto-manage-protocols-ciphers.md

@@ -20,7 +20,7 @@ ms.author: danlep
 Azure API Management supports multiple versions of Transport Layer Security (TLS) protocol for:
 * Client side
 * Backend side
-* The 3DES ciphe
+* The 3DES cipher
 
 This guide shows you how to manage protocols and ciphers configuration for an Azure API Management instance.
 
@@ -44,4 +44,3 @@ This guide shows you how to manage protocols and ciphers configuration for an Az
 ## Next steps
 
 * Learn more about [TLS](/dotnet/framework/network-programming/tls).
-* Check out more [videos](https://azure.microsoft.com/documentation/videos/index/?services=api-management) about API Management.

articles/api-management/how-to-configure-local-metrics-logs.md

@@ -190,12 +190,12 @@ Now we have everything deployed and configured, the self-hosted gateway should r
 
 Make some API calls through the self-hosted gateway, if everything is configured correctly, you should be able to view below metrics:
 
-| Metric  | Description |
+| Metric        | Description |
 | ------------- | ------------- |
-| Requests  | Number of API requests in the period |
-| DurationInMS | Number of milliseconds from the moment gateway received request until the moment response sent in full |
-| BackendDurationInMS | Number of milliseconds spent on overall backend IO (connecting, sending and receiving bytes)  |
-| ClientDurationInMS | Number of milliseconds spent on overall client IO (connecting, sending and receiving bytes)  |
+| requests_total  | Number of API requests in the period |
+| request_duration_seconds | Number of milliseconds from the moment gateway received request until the moment response sent in full |
+| request_backend_duration_seconds | Number of milliseconds spent on overall backend IO (connecting, sending and receiving bytes)  |
+| request_client_duration_seconds | Number of milliseconds spent on overall client IO (connecting, sending and receiving bytes)  |
 
 ## Logs
 

articles/api-management/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure API Management
 description: Lists Azure Policy Regulatory Compliance controls available for Azure API Management. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 author: dlepow
 ms.author: danlep

articles/app-service/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure App Service
 description: Lists Azure Policy Regulatory Compliance controls available for Azure App Service. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 ms.service: app-service
 ms.custom: subject-policy-compliancecontrols

articles/application-gateway/custom-error.md

@@ -33,13 +33,13 @@ To create a custom error page, you must have:
 
 - an HTTP response status code.
 - corresponding location for the error page. 
-- error page should be internet accessible.
+- error page should be internet accessible and return 200 response.
 - error page should be in \*.htm or \*.html extension type.
 - error page size must be less than 1 MB.
 
 You may reference either internal or external images/CSS for this HTML file. For externally referenced resources, use absolute URLs that are publicly accessible. Be aware of the HTML file size when using internal images (Base64-encoded inline image) or CSS. Relative links with files in the same location are currently not supported.
 
-After you specify an error page, the application gateway downloads it from the storage blob location and saves it to the local application gateway cache. Then, that HTML page is served by the application gateway, whereas the externally referenced resources are fetched directly by the client. To modify an existing custom error page, you must point to a different blob location in the application gateway configuration. The application gateway doesn't periodically check the blob location to fetch new versions.
+After you specify an error page, the application gateway downloads it from the defined location and saves it to the local application gateway cache. Then, that HTML page is served by the application gateway, whereas the externally referenced resources are fetched directly by the client. To modify an existing custom error page, you must point to a different blob location in the application gateway configuration. The application gateway doesn't periodically check the blob location to fetch new versions.
 
 ## Portal configuration
 

articles/applied-ai-services/form-recognizer/toc.yml

@@ -48,7 +48,7 @@ items:
     href: how-to-guides/use-prebuilt-read.md
   - name: Use SDKs and the REST API (v2.1)
     href: how-to-guides/try-sdk-rest-api.md
-  - name: Generate SAS tokens for Azure Blob containers
+  - name: Create SAS tokens for Azure Blob storage
     href:  generate-sas-tokens.md
   - name: Custom models
     items:
@@ -226,4 +226,4 @@ items:
   - name: Support and help options
     href: ../../cognitive-services/cognitive-services-support-options.md?context=/azure/applied-ai-services/form-recognizer/context/context
   - name: Privacy and cookies
-    href: https://privacy.microsoft.com/en-US/privacystatement
+    href: https://privacy.microsoft.com/en-US/privacystatement

articles/automation/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure Automation
 description: Lists Azure Policy Regulatory Compliance controls available for Azure Automation. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 ms.service: automation
 ms.custom: subject-policy-compliancecontrols

articles/azure-app-configuration/manage-feature-flags.md

@@ -64,7 +64,7 @@ In the **Feature manager**, you can also change the state of a feature flag by c
 
 ## Access feature flags
 
-In the **Operations** menu, select **Feature manager**. You can select **Edits Columns** to add or remove columns, and change the column order.
+In the **Operations** menu, select **Feature manager**. You can select **Edit Columns** to add or remove columns, and change the column order.
 create a label, lock or delete the feature flag.
 :::image type="content" source="media/edit-columns-feature-flag.png" alt-text="Screenshot of the Azure platform. Edit feature flag columns." lightbox="media/edit-columns-feature-flag-expanded.png":::
 

articles/azure-app-configuration/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure App Configuration
 description: Lists Azure Policy Regulatory Compliance controls available for Azure App Configuration. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 author: AlexandraKemperMS
 ms.author: alkemper

articles/azure-arc/kubernetes/tutorial-akv-secrets-provider.md

@@ -377,6 +377,12 @@ Some common issues and troubleshooting steps for Azure Key Vault secrets provide
 
 Additional troubleshooting steps that are specific to the Secrets Store CSI Driver Interface can be referenced [here](https://secrets-store-csi-driver.sigs.k8s.io/troubleshooting.html).
 
+## Frequently asked questions
+
+### Is the extension of Azure Key Vault Secrets Provider zone redundant?
+
+Yes, all components of Azure Key Vault Secrets Provider are deployed on availability zones and are hence zone redundant.
+
 ## Next steps
 
 > **Just want to try things out?**  

articles/azure-arc/servers/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure Arc-enabled servers (preview)
 description: Lists Azure Policy Regulatory Compliance controls available for Azure Arc-enabled servers (preview). These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 ms.custom: subject-policy-compliancecontrols
 ---

articles/azure-cache-for-redis/security-controls-policy.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure Cache for Redis
 description: Lists Azure Policy Regulatory Compliance controls available for Azure Cache for Redis. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 03/10/2022
+ms.date: 05/10/2022
 ms.topic: sample
 author: flang-msft
 ms.author: franlanglois