Service | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
active-directory | How To Mfa Registration Campaign | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/how-to-mfa-registration-campaign.md | In addition to choosing who can be nudged, you can define how many days a user c 1. User taps **Next** and steps through the Authenticator app setup. 1. First download the app. --  +  1. See how to set up the Authenticator app. Nudge is available only on browsers and not on applications. **How long will the campaign run for?** You can use the APIs to enable the campaign for as long as you like. Whenever you want to be done running the campaign, simply use the APIs to disable the campaign. - **Can each group of users have a different snooze duration?** No. The snooze duration for the prompt is a tenant-wide setting and applies to all groups in scope. A nudge won't appear if a user is in scope for a conditional access policy that ## Next steps [Enable passwordless sign-in with Microsoft Authenticator](howto-authentication-passwordless-phone.md)+ |
active-directory | Howto Conditional Access Policy Compliant Device | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/howto-conditional-access-policy-compliant-device.md | On Windows 7, iOS, Android, macOS, and some third-party web browsers, Azure AD i #### Subscription activation -Organizations that use the [Subscription Activation](/windows/deployment/windows-10-subscription-activation) feature to enable users to ΓÇ£step-upΓÇ¥ from one version of Windows to another, may want to exclude the Universal Store Service APIs and Web Application, AppID 45a330b1-b1ec-4cc1-9161-9f03992aa49f from their device compliance policy. +Organizations that use the [Subscription Activation](/windows/deployment/windows-10-subscription-activation) feature to enable users to ΓÇ£step-upΓÇ¥ from one version of Windows to another, may want to exclude the Universal Store Service APIs and Web Application, AppID 45a330b1-b1ec-4cc1-9161-9f03992aa49f from their Conditional Access policy. ## Next steps |
active-directory | Scenario Azure First Sap Identity Integration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/fundamentals/scenario-azure-first-sap-identity-integration.md | -This document provides advice on the technical design and configuration of SAP platforms and applications when using Azure Active Directory as the primary user authentication service. +This document provides advice on the **technical design and configuration** of SAP platforms and applications when using Azure Active Directory as the primary user authentication service. Learn more about the initial setup in [this tutorial](../saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial.md). ## Terminology used in this guide As discussed before, we recommend setting up a trust configuration in BTP toward  -SAP has example implementations for client certificate notifications with SAP Cloud Platform Integration [here](https://blogs.sap.com/2017/12/06/sap-cloud-platform-integration-automated-notification-of-keystore-entries-reaching-expiry/) and [here](https://blogs.sap.com/2019/03/01/sap-cloud-platform-integration-automated-notification-for-client-certificates-reaching-expiry/). This could be adapted with Azure Integration Services or PowerAutomate. However, they would need to be adapted to work with server certificates. Such approach requires a custom implementation. +SAP has example implementations for [client certificate notifications](https://blogs.sap.com/2017/12/06/sap-cloud-platform-integration-automated-notification-of-keystore-entries-reaching-expiry/) with SAP Cloud Integration and [near-expiry handling](https://blogs.sap.com/2019/03/01/sap-cloud-platform-integration-automated-notification-for-client-certificates-reaching-expiry/). Find another example focusing on the SAP BTP trust store and Azure Key Vault [here](https://blogs.sap.com/2022/12/02/automatic-sap-btp-trust-store-certificate-renewal-with-azure-key-vault-or-how-to-stop-thinking-about-expiry-dates-once-and-for-all/). This could be adapted with Azure Integration Services or PowerAutomate. However, they would need to be adapted to work with server certificates. Such approach requires a custom implementation. #### Why this recommendation? Azure AD B2C doesn't natively support the use of groups to create collections of Fortunately, Azure AD B2C is highly customizable, so you can configure the SAML tokens it sends to IAS to include any custom information. For various options on supporting authorization claims, see the documentation accompanying the [Azure AD B2C App Roles sample](https://github.com/azure-ad-b2c/api-connector-samples/tree/main/Authorization-AppRoles), but in summary: through its [API Connector](../../active-directory-b2c/api-connectors-overview.md) extensibility mechanism you can optionally still use groups, app roles, or even a custom database to determine what the user is allowed to access. Regardless of where the authorization information comes from, it can then be emitted as the `Groups` attribute inside the SAML token by configuring that attribute name as the [default partner claim type on the claims schema](../../active-directory-b2c/claimsschema.md#defaultpartnerclaimtypes) or by overriding the [partner claim type on the output claims](../../active-directory-b2c/relyingparty.md#outputclaims). Note however that BTP allows you to [map Role Collections to User Attributes](https://help.sap.com/products/BTP/65de2977205c403bbc107264b8eccf4b/b3fbb1a9232d4cf99967a0b29dd85d4c.html), which means that *any* attribute name can be used for authorization decisions, even if you don't use the `Groups` attribute name.++## Next Steps ++- Learn more about the initial setup in [this tutorial](../saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial.md) +- Discover additional [SAP integration scenarios with Azure AD](../../sap/workloads/integration-get-started.md#azure-ad) and beyond |
active-directory | Sap Hana Cloud Platform Identity Authentication Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial.md | In this tutorial, you'll learn how to integrate SAP Cloud Identity Services with * Enable your users to be automatically signed-in to SAP Cloud Identity Services with their Azure AD accounts. * Manage your accounts in one central location - the Azure portal. +> [!TIP] +> Follow the recommendations and best-practice guide "[Using Azure Active Directory to secure access to SAP platforms and applications](../fundamentals/scenario-azure-first-sap-identity-integration.md)" to operationalize the setup. + ## Prerequisites To get started, you need the following items: You can also use Microsoft My Apps to test the application in any mode. When you ## Next steps Once you configure the SAP Cloud Identity Services you can enforce session controls, which protect exfiltration and infiltration of your organizationΓÇÖs sensitive data in real time. Session controls extend from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-aad).++Consult the [recommendations and best-practice guide](../fundamentals/scenario-azure-first-sap-identity-integration.md) to operationalize the setup. |
aks | Aks Planned Maintenance Weekly Releases | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/aks-planned-maintenance-weekly-releases.md | +Weekly releases can also be scheduled with more fine-grained control using Planned Maintenance's `default` configuration type. For more information, see [Planned Maintenance to schedule and control upgrades][planned-maintenance]. + ## Before you begin This article assumes that you have an existing AKS cluster. If you need an AKS cluster, see the AKS quickstart [using the Azure CLI][aks-quickstart-cli], [using Azure PowerShell][aks-quickstart-powershell], or [using the Azure portal][aks-quickstart-portal]. az maintenance assignment delete --name assignmentName --provider-name "Microsof [az-aks-install-cli]: /cli/azure/aks#az_aks_install_cli [az-provider-register]: /cli/azure/provider#az_provider_register [aks-upgrade]: upgrade-cluster.md-[releases]:release-tracker.md +[releases]:release-tracker.md +[planned-maintenance]: ./planned-maintenance.md |
aks | Auto Upgrade Cluster | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/auto-upgrade-cluster.md | To set the auto-upgrade channel on existing cluster, update the *auto-upgrade-ch az aks update --resource-group myResourceGroup --name myAKSCluster --auto-upgrade-channel stable ``` +## Auto-upgrade in the Azure portal ++If you're using the Azure portal, you can find auto-upgrade settings under the *Settings* > *Cluster configuration* blade by selecting *Upgrade version*. By default, the `Patch` channel is selected. +++The Azure portal also highlights all the deprecated APIs between your current version and newer, available versions you intend to migrate to. For more information, see [the Kubernetes API Removal and Deprecation process][k8s-deprecation]. + ## Using auto-upgrade with Planned Maintenance If youΓÇÖre using Planned Maintenance and Auto-Upgrade, your upgrade will start during your specified maintenance window. The following best practices will help maximize your success when using auto-upg <!-- EXTERNAL LINKS --> [pdb-best-practices]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [release-tracker]: release-tracker.md+[k8s-deprecation]: https://kubernetes.io/blog/2022/11/18/upcoming-changes-in-kubernetes-1-26/#:~:text=A%20deprecated%20API%20is%20one%20that%20has%20been,point%20you%20must%20migrate%20to%20using%20the%20replacement |
aks | Planned Maintenance | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/planned-maintenance.md | Title: Use Planned Maintenance for your Azure Kubernetes Service (AKS) cluster (preview) + Title: Use Planned Maintenance to schedule and control upgrades for your Azure Kubernetes Service (AKS) cluster (preview) -description: Learn how to use Planned Maintenance in Azure Kubernetes Service (AKS). +description: Learn how to use Planned Maintenance to schedule and control cluster and node image upgrades in Azure Kubernetes Service (AKS). Last updated 01/17/2023-# Use Planned Maintenance to schedule maintenance windows for your Azure Kubernetes Service (AKS) cluster (preview) +# Use Planned Maintenance to schedule and control upgrades for your Azure Kubernetes Service (AKS) cluster (preview) -Your AKS cluster has regular maintenance performed on it automatically. By default, this work can happen at any time. Planned Maintenance allows you to schedule weekly maintenance windows to perform updates and minimize workload impact. Once scheduled, maintenance will occur only during the window you selected. +Your AKS cluster has regular maintenance performed on it automatically. By default, this work can happen at any time. Planned Maintenance allows you to schedule weekly maintenance windows to perform updates and minimize workload impact. Once scheduled, upgrades occur only during the window you selected. ++There are currently two available configuration types: `default` and `aksManagedAutoUpgradeSchedule`: ++- `default` corresponds to a basic configuration that updates your control plane and your kube-system pods on a Virtual Machine Scale Sets instance. It is a legacy configuration that is mostly suitable for basic scheduling of [weekly releases][release-tracker]. Another way of accomplishing this behavior, using pre-configured windows, is detailed at [use Planned Maintenance to schedule weekly releases][pm-weekly] ++- `aksManagedAutoUpgradeSchedule` is a more complex configuration that controls when upgrades scheduled by your designated auto-upgrade channel are performed. More finely controlled cadence and recurrence settings are possible. For more information on cluster auto-upgrade, see [Automatically an Azure Kubernetes Service (AKS) cluster][aks-upgrade]. ++We recommend using `aksManagedAutoUpgradeSchedule` for all maintenance and upgrade scenarios, while `default` is meant exclusively for weekly releases. You can port `default` configurations to `aksManagedAutoUpgradeSchedule` configurations via the `az aks maintenanceconfiguration update` command. ## Before you begin az extension add --name aks-preview az extension update --name aks-preview ``` -## Understanding maintenance window configuration types --There are currently two available configuration types: `default` and `aksManagedAutoUpgradeSchedule`: --- `default` corresponds to a basic configuration that will update your control plane and your kube-system pods on a virtual machine scale sets instance. It is a legacy configuration that is mostly suitable for basic scheduling of [weekly releases][release-tracker].--- `aksManagedAutoUpgradeSchedule` is a more complex configuration that controls when upgrades scheduled by your designated auto-upgrade channel are performed. More finely controlled cadence and recurrence settings are possible. For more information on cluster auto-upgrade, see [Automatically an Azure Kubernetes Service (AKS) cluster][aks-upgrade].--### Choosing between configuration types +## Creating a maintenance window -We recommend using `aksManagedAutoUpgradeSchedule` for all maintenance and upgrade scenarios, while `default` is meant exclusively for weekly releases. You can port `default` configurations to `aksManagedAutoUpgradeSchedule` configurations via the `az aks maintenanceconfiguration update` command. +To create a maintenance window, you can use the `az aks maintenanceconfiguration add` command using the `--name` value `default` or `aksManagedAutoUpgradeSchedule`. The name value should reflect the desired configuration type. Using any other name will cause your maintenance window not to run. > [!NOTE] > When using auto-upgrade, to ensure proper functionality, use a maintenance window with a duration of four hours or more. -## Creating a maintenance window --To create a maintenance window, you can use the `az aks maintenanceconfiguration add` command using the `--name` value `default` or `aksManagedAutoUpgradeSchedule`. The name value should reflect the desired configuration type. Using any other name will cause your maintenance window not to run. - Planned Maintenance windows are specified in Coordinated Universal Time (UTC). A `default` maintenance window has the following properties: An `aksManagedAutoUpgradeSchedule` has the following properties: |Name|Description|Default value| |--|--|--| |`utcOffset`|Used to determine the timezone for cluster maintenance|`+00:00`|-|`startDate`|The date on which the maintenance window will begin to take effect|The current date at creation time| +|`startDate`|The date on which the maintenance window begins to take effect|The current date at creation time| |`startTime`|The time for maintenance to begin, based on the timezone determined by `utcOffset`|N/A| |`schedule`|Used to determine frequency. Three types are available: `Weekly`, `AbsoluteMonthly`, and `RelativeMonthly`|N/A| |`intervalWeeks`|The interval in weeks for maintenance runs|N/A| az aks maintenanceconfiguration delete -g MyResourceGroup --cluster-name myAKSCl [aks-upgrade]: upgrade-cluster.md [release-tracker]: release-tracker.md [auto-upgrade]: auto-upgrade-cluster.md+[pm-weekly]: ./aks-planned-maintenance-weekly-releases.md |
aks | Upgrade Cluster | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/upgrade-cluster.md | To check which Kubernetes releases are available for your cluster: If no upgrades are available, create a new cluster with a supported version of Kubernetes and migrate your workloads from the existing cluster to the new cluster. It's not supported to upgrade a cluster to a newer Kubernetes version when no upgrades are available. +The Azure portal also highlights all the deprecated APIs between your current version and newer, available versions you intend to migrate to. For more information, see [the Kubernetes API Removal and Deprecation process][k8s-deprecation]. ++ ## Customize node surge upgrade You can also manually upgrade your cluster in the Azure portal. 4. In **Kubernetes version**, select **Upgrade version**. This will redirect you to a new page. 5. In **Kubernetes version**, select your desired version and then select **Save**. +The Azure portal also highlights all the deprecated APIs between your current version and newer, available versions you intend to migrate to. For more information, see [the Kubernetes API Removal and Deprecation process][k8s-deprecation]. ++ It takes a few minutes to upgrade the cluster, depending on how many nodes you have. To confirm that the upgrade was successful, navigate to your AKS cluster in the Azure portal. On the **Overview** page, select the **Kubernetes version**. In addition to manually upgrading a cluster, you can set an auto-upgrade channel ## Special considerations for node pools that span multiple Availability Zones -AKS uses best-effort zone balancing in node groups. During an Upgrade surge, zone(s) for the surge node(s) in virtual machine scale sets is unknown ahead of time. This can temporarily cause an unbalanced zone configuration during an upgrade. However, AKS deletes the surge node(s) once the upgrade has been completed and preserves the original zone balance. If you desire to keep your zones balanced during upgrade, increase the surge to a multiple of three nodes. Virtual machine scale sets will then balance your nodes across Availability Zones with best-effort zone balancing. +AKS uses best-effort zone balancing in node groups. During an Upgrade surge, zone(s) for the surge node(s) in Virtual Machine Scale Sets is unknown ahead of time. This can temporarily cause an unbalanced zone configuration during an upgrade. However, AKS deletes the surge node(s) once the upgrade has been completed and preserves the original zone balance. If you desire to keep your zones balanced during upgrade, increase the surge to a multiple of three nodes. Virtual Machine Scale Sets will then balance your nodes across Availability Zones with best-effort zone balancing. If you have PVCs backed by Azure LRS Disks, theyΓÇÖll be bound to a particular zone, and they may fail to recover immediately if the surge node doesnΓÇÖt match the zone of the PVC. This could cause downtime on your application when the Upgrade operation continues to drain nodes but the PVs are bound to a zone. To handle this case and maintain high availability, configure a [Pod Disruption Budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) on your application. This allows Kubernetes to respect your availability requirements during Upgrade's drain operation. This article showed you how to upgrade an existing AKS cluster. To learn more ab [aks-auto-upgrade]: auto-upgrade-cluster.md [release-tracker]: release-tracker.md [specific-nodepool]: node-image-upgrade.md#upgrade-a-specific-node-pool+[k8s-deprecation]: https://kubernetes.io/blog/2022/11/18/upcoming-changes-in-kubernetes-1-26/#:~:text=A%20deprecated%20API%20is%20one%20that%20has%20been,point%20you%20must%20migrate%20to%20using%20the%20replacement |
automation | Change Tracking Data Collection Rule Creation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/automation/change-tracking/change-tracking-data-collection-rule-creation.md | + + Title: Script sample - Create a data collection rule in change tracking. +description: Learn about how to create a data collection rule + Last updated : 02/06/2023++++++# JSON script to create a data collection rule ++This script helps you to create a data collection rule in Change tracking and inventory. ++## Sample script ++```json +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "dataCollectionRuleName": { + "type": "string", + "metadata": { + "description": "Specifies the name of the data collection rule to create." + }, + "defaultValue": "Microsoft-CT-DCR" + }, + "workspaceResourceId": { + "type": "string", + "metadata": { + "description": "Specifies the Azure resource ID of the Log Analytics workspace to use to store change tracking data." + } + } + }, + "resources": [ + { + "type": "microsoft.resources/deployments", + "name": "get-workspace-region", + "apiVersion": "2020-08-01", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [], + "outputs": { + "workspaceLocation": { + "type": "string", + "value": "[reference(parameters('workspaceResourceId'), '2020-08-01', 'Full').location]" + } + } + } + } + }, + { + "type": "microsoft.resources/deployments", + "name": "CtDcr-Deployment", + "apiVersion": "2020-08-01", + "properties": { + "mode": "Incremental", + "parameters": { + "workspaceRegion": { + "value": "[reference('get-workspace-region').outputs.workspaceLocation.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "workspaceRegion": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.Insights/dataCollectionRules", + "apiVersion": "2021-04-01", + "name": "[parameters('dataCollectionRuleName')]", + "location": "[[parameters('workspaceRegion')]", + "properties": { + "description": "Data collection rule for CT.", + "dataSources": { + "extensions": [ + { + "streams": [ + "Microsoft-ConfigurationChange" + ], + "extensionName": "ChangeTracking-Windows", + "extensionSettings": { + "enableFiles": true, + "enableSoftware": true, + "enableRegistry": true, + "enableServices": false, + "enableInventory": true, + "registrySettings": { + "registryCollectionFrequency": 3000, + "registryInfo": [ + { + "name": "Registry_1", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\Scripts\\Startup", + "valueName": "" + }, + { + "name": "Registry_2", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\Scripts\\Shutdown", + "valueName": "" + }, + { + "name": "Registry_3", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run", + "valueName": "" + }, + { + "name": "Registry_4", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components", + "valueName": "" + }, + { + "name": "Registry_5", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Classes\\Directory\\ShellEx\\ContextMenuHandlers", + "valueName": "" + }, + { + "name": "Registry_6", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Classes\\Directory\\Background\\ShellEx\\ContextMenuHandlers", + "valueName": "" + }, + { + "name": "Registry_7", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Classes\\Directory\\Shellex\\CopyHookHandlers", + "valueName": "" + }, + { + "name": "Registry_8", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellIconOverlayIdentifiers", + "valueName": "" + }, + { + "name": "Registry_9", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellIconOverlayIdentifiers", + "valueName": "" + }, + { + "name": "Registry_10", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", + "valueName": "" + }, + { + "name": "Registry_11", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", + "valueName": "" + }, + { + "name": "Registry_12", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Extensions", + "valueName": "" + }, + { + "name": "Registry_13", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Microsoft\\Internet Explorer\\Extensions", + "valueName": "" + }, + { + "name": "Registry_14", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Drivers32", + "valueName": "" + }, + { + "name": "Registry_15", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Microsoft\\Windows NT\\CurrentVersion\\Drivers32", + "valueName": "" + }, + { + "name": "Registry_16", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\KnownDlls", + "valueName": "" + }, + { + "name": "Registry_17", + "groupTag": "Recommended", + "enabled": false, + "recurse": true, + "description": "", + "keyName": "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify", + "valueName": "" + } + ] + }, + "fileSettings": { + "fileCollectionFrequency": 2700 + }, + "softwareSettings": { + "softwareCollectionFrequency": 1800 + }, + "inventorySettings": { + "inventoryCollectionFrequency": 36000 + }, + "servicesSettings": { + "serviceCollectionFrequency": 1800 + } + }, + "name": "CTDataSource-Windows" + }, + { + "streams": [ + "Microsoft-ConfigurationChange" + ], + "extensionName": "ChangeTracking-Linux", + "extensionSettings": { + "enableFiles": true, + "enableSoftware": true, + "enableRegistry": false, + "enableServices": false, + "enableInventory": true, + "fileSettings": { + "fileCollectionFrequency": 900, + "fileInfo": [ + { + "name": "ChangeTrackingLinuxPath_default", + "enabled": true, + "destinationPath": "/etc/*.conf", + "useSudo": true, + "recurse": true, + "maxContentsReturnable": 5000000, + "pathType": "File", + "type": "File", + "links": "Follow", + "maxOutputSize": 500000, + "groupTag": "Recommended" + } + ] + }, + "softwareSettings": { + "softwareCollectionFrequency": 300 + }, + "inventorySettings": { + "inventoryCollectionFrequency": 36000 + }, + "servicesSettings": { + "serviceCollectionFrequency": 1800 + } + }, + "name": "CTDataSource-Linux" + } + ] + }, + "destinations": { + "logAnalytics": [ + { + "workspaceResourceId": "[parameters('workspaceResourceId')]", + "name": "Microsoft-CT-Dest" + } + ] + }, + "dataFlows": [ + { + "streams": [ + "Microsoft-ConfigurationChange" + ], + "destinations": [ + "Microsoft-CT-Dest" + ] + } + ] + } + } + ] + } + } + } + ] +} +``` ++## Execute the script ++Save the above script on your machine with a name as *CtDcrCreation.json*. For more information, see [Enable Change Tracking and Inventory using Azure Monitoring Agent (Preview)](enable-vms-monitoring-agent.md#enable-change-tracking-at-scale-using-azure-monitoring-agent). ++## Next steps ++[Learn more](manage-change-tracking-monitoring-agent.md) on Manage change tracking and inventory using Azure Monitoring Agent (Preview). + |
automation | Enable Vms Monitoring Agent | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/automation/change-tracking/enable-vms-monitoring-agent.md | Title: Enable Azure Automation Change Tracking for single machine and multiple m description: This article tells how to enable the Change Tracking feature for single machine and multiple machines at scale from the Azure portal. Previously updated : 12/14/2022 Last updated : 02/06/2023 This section provides detailed procedure on how you can enable change tracking o :::image type="content" source="media/enable-vms-monitoring-agent/select-vm-portal-inline.png" alt-text="Screenshot showing how to select virtual machine from the portal." lightbox="media/enable-vms-monitoring-agent/select-vm-portal-expanded.png"::: 1. Select the virtual machine for which you want to enable Change Tracking.-1. In the search enter **Change tracking** to view the change tracking and inventory page. +1. In the search,, enter **Change tracking** to view the change tracking and inventory page. :::image type="content" source="media/enable-vms-monitoring-agent/select-change-tracking-vm-inline.png" alt-text="Screenshot showing to select change tracking option for a single virtual machine from the portal." lightbox="media/enable-vms-monitoring-agent/select-change-tracking-vm-expanded.png"::: 1. In the **Stay up-to-date with all changes** layout, select **Enable using AMA agent (Recommended)** option and **Enable**. - This will initiate the deployment and the notification appears on the top right corner of the screen. + It will initiate the deployment and the notification appears on the top right corner of the screen. :::image type="content" source="media/enable-vms-monitoring-agent/deployment-success-inline.png" alt-text="Screenshot showing the notification of deployment." lightbox="media/enable-vms-monitoring-agent/deployment-success-expanded.png"::: Using the Deploy if not exist (DINE) policy, you can enable Change tracking with 1. In Azure portal, select **Policy**. 1. In the **Policy|Definitions** page, in **Authoring**, select **Definitions** 1. In the **Definition Type** category, select **Initiative** and in **Category**, select **ChangeTracking andInventory**- You will see a list of three policies: + You'll see a list of three policies: - Enable ChangeTracking and inventory for Virtual Machine Scale Sets - Enable ChangeTracking and inventory for virtual machines - Enable ChangeTracking and inventory for Arc-enabled virtual machines Using the Deploy if not exist (DINE) policy, you can enable Change tracking with 1. In the **Enable ChangeTracking and Inventory for virtual machines** page, enter the following options: 1. In **Basics**, you can define the scope. Select the three dots to configure a scope. In the **Scope** page, provide the **Subscription** and **Resource group**. 1. In **Parameters**, select the option in the **Bring your own user assigned managed identity**.- 1. Provide the **Data Collection Rule Resource id**. + 1. Provide the **Data Collection Rule Resource id**. Learn more on [how to obtain the Data Collection Rule Resource ID after you create the Data collection rule](#create-data-collection-rule). 1. Select **Review + create**. ++### Create data collection rule +1. Download [CtDcrCreation.json](change-tracking-data-collection-rule-creation.md) file on your machine. +1. Go to Azure portal and in the search, enter *Deploy a custom template*. +1. In the **Custom deployment** page > **select a template**, select **Build your own template in the editor**. + :::image type="content" source="media/enable-vms-monitoring-agent/build-template.png" alt-text="Screenshot to get started with building a template."::: +1. In the **Edit template**, select **Load file** to upload the *CtDcrCreation.json* file. +1. Select **Save**. +1. In the **Custom deployment** > **Basics** tab, provide **Subscription** and **Resource group** where you want to deploy the Data Collection Rule. The **Data Collection Rule Name** is optional. + :::image type="content" source="media/enable-vms-monitoring-agent/build-template-basics.png" alt-text="Screenshot to provide subscription and resource group details to deploy data collection rule."::: + + >[!NOTE] + >- Ensure that the name of your Data Collection Rule is unique in that resource group, else the deployment will overwrite the existing Data Collection Rule. + >- The Log Analytics Workspace Resource Id specifies the Azure resource ID of the Log Analytics workspace used to store change tracking data. Ensure that location of workspace is from the [Change tracking supported regions](../how-to/region-mappings.md) ++1. Select **Review+create** > **Create** to initiate the deployment of *CtDcrCreation*. +1. After the deployment is complete, select **CtDcr-Deployment** to see the DCR Name. Use the **Resource ID** of the newly created Data Collection Rule for Change tracking and inventory deployment through policy. + :::image type="content" source="media/enable-vms-monitoring-agent/deployment-confirmation.png" alt-text="Screenshot of deployment notification."::: + ## Next steps - For details of working with the feature, see [Manage Change Tracking](../change-tracking/manage-change-tracking-monitoring-agent.md). |
azure-arc | Adding Exporters And Pipelines | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-arc/data/adding-exporters-and-pipelines.md | + + Title: Adding Exporters and Pipelines | Azure Arc-enabled Data Services +description: Learn how to add exporters and pipelines to the telemetry router ++++ Last updated : 10/25/2022++++# Add exporters and pipelines to your telemetry router deployment ++> [!NOTE] +> +> - The telemetry router is in Public Preview and should be deployed for **testing purposes only**. +> - While the telemetry router is in Public Preview, be advised that future preview releases could include changes to CRD specs, CLI commands, and/or telemetry router messages. +> - The current preview does not support in-place upgrades of a data controller deployed with the Arc telemetry router enabled. In order to install or upgrade a data controller in a future release, you will need to uninstall the data controller and then re-install. ++## What are Exporters and Pipelines? ++Exporters and Pipelines are two of the main components of the telemetry router. Exporters describe how to send data to a destination system such as Kafka. When creating an exporter, you associate it with a pipeline in order to route that type of telemetry data to that destination. You can have multiple exporters for each pipeline. ++This article provides examples of how you can set up your own exporters and pipelines to route monitoring telemetry data to your own supported exporter. ++### Supported Exporters ++| Exporter | Supported Pipeline Types | +|--|--| +| Kafka | logs, metrics | +| Elasticsearch | logs | ++## Configurations ++All configurations are specified through the telemetry router's custom resource specification and support the configuration of exporters and pipelines. ++### Exporters ++For the Public Preview, exporters are partially configurable and support the following solutions: ++| Exporter | Supported Telemetry Types | +|--|--| +| Kafka | logs, metrics | +| Elasticsearch | logs | ++The following properties are currently configurable during the Public Preview: ++#### General Exporter Settings ++| Setting | Description | +|--|--| +| certificateName | The client certificate in order to export to the monitoring solution | +| caCertificateName | The cluster's Certificate Authority or customer-provided certificate for the Exporter | ++#### Kafka Exporter Settings ++| Setting | Description | +|--|--| +| topic | Name of the topic to export | +| brokers | List of brokers to connect to | +| encoding | Encoding for the telemetry: otlp_json or otlp_proto | ++#### Elasticsearch Exporter Settings ++| Setting | Description | +|--|--| +| index | This setting can be the name of an index or datastream name to publish events | +| endpoint | Endpoint of the Elasticsearch to export to | ++### Pipelines ++The Telemetry Router supports logs and metrics pipelines. These pipelines are exposed in the custom resource specification of the Arc telemetry router and available for modification. ++#### Pipeline Settings ++| Setting | Description | +|--|--| +| logs | Can only declare new logs pipelines | +| metrics | Can only declare new metrics pipelines | +| exporters | List of exporters. Can be multiple of the same type | ++### Credentials ++#### Credentials Settings ++| Setting | Description | +|--|--| +| certificateName | Name of the certificate must correspond to the certificate name specified in the exporter declaration | +| secretName | Name of the secret provided through Kubernetes | +| secretNamespace | Namespace with secret provided through Kubernetes | ++## Example TelemetryRouter Specification ++```yaml +apiVersion: arcdata.microsoft.com/v1beta4 +kind: TelemetryRouter +metadata: + name: arc-telemetry-router + namespace: <namespace> +spec: + credentials: + certificates: + - certificateName: arcdata-msft-elasticsearch-exporter-internal + - certificateName: cluster-ca-certificate + exporters: + elasticsearch: + - caCertificateName: cluster-ca-certificate + certificateName: arcdata-msft-elasticsearch-exporter-internal + endpoint: https://logsdb-svc:9200 + index: logstash-otel + name: arcdata/msft/internal + pipelines: + logs: + exporters: + - elasticsearch/arcdata/msft/internal +``` +++## Example 1: Adding a Kafka exporter for a metrics pipeline ++You can test creating a Kafka exporter for a metrics pipeline that can send metrics data to your own instance of Kafka. You need to prefix the name of your metrics pipeline with `kafka/`. You can have one unnamed instance for each telemetry type. For example, "kafka" is a valid name for a metrics pipeline. + +1. Provide your client and CA certificates in the `credentials` section through Kubernetes secrets +2. Declare the new Exporter in the `exporters` section with the needed settings - name, certificates, broker, and index. Be sure to list the new exporter under the applicable type ("kakfa:") +3. List your exporter in the `pipelines` section of the spec as a metrics pipeline. The exporter name needs to be prefixed with the type of exporter. For example, `kafka/myMetrics` ++In this example, we've added a metrics pipeline called "metrics" with a single exporter (`kafka/myMetrics`) that routes to your instance of Kafka. ++**arc-telemetry-router.yaml** ++```yaml +apiVersion: arcdata.microsoft.com/v1beta4 +kind: TelemetryRouter +metadata: + name: arc-telemetry-router + namespace: <namespace> +spec: + credentials: + certificates: + # Step 1. Provide your client and ca certificates through Kubernetes secrets + # where the name of the secret and its namespace are specified. + - certificateName: <kafka-client-certificate-name> + secretName: <name_of_secret> + secretNamespace: <namespace_with_secret> + - certificateName: <ca-certificate-name> + secretName: <name_of_secret> + secretNamespace: <namespace_with_secret> + exporters: + kafka: + # Step 2. Declare your Kafka exporter with the needed settings + # (name, certificates, endpoint, and index to export to) + - name: myMetrics + # Provide your client and CA certificate names + # for the exporter as well as any additional settings needed + caCertificateName: <ca-certificate-name> + certificateName: <kafka-client-certificate-name> + broker: <kafka_broker> + # Index can be the name of an index or datastream name to publish events to + index: <kafka_index> + pipelines: + metrics: + exporters: + # Step 3. Assign your kafka exporter to the list + # of exporters for the metrics pipeline. + - kafka/myMetrics +``` ++```bash +kubectl apply -f arc-telemetry-router.yaml -n <namespace> +``` ++You've added a metrics pipeline that exports to your instance of Kafka. After you've applied the changes to the yaml file, the TelemetryRouter custom resource will go into an updating state, and the collector service will restart. ++## Example 2: Adding an Elasticsearch exporter for a logs pipeline ++Your telemetry router deployment can export to multiple destinations by configuring more exporters. Multiple types of exporters are supported on a given telemetry router deployment. This example demonstrates adding an Elasticsearch exporter as a second exporter. We activate this second exporter by adding it to a logs pipeline. ++1. Provide your client and CA certificates in the `credentials` section through Kubernetes secrets +2. Declare the new Exporter beneath the `exporters` section with the needed settings - name, certificates, endpoint, and index. Be sure to list the new exporter under the applicable type ("Elasticsearch:"). +3. List your exporter in the `pipelines` section of the spec as a logs pipeline. The exporter name needs to be prefixed with the type of exporter. For example, `elasticsearch/myLogs` ++This example builds on the previous example by adding a logs pipeline for an Elasticsearch exporter (`elasticsearch/myLogs`). At the end of the example, we have two exporters with each exporter added to a different pipeline. ++**arc-telemetry-router.yaml** ++```yaml +apiVersion: arcdata.microsoft.com/v1beta4 +kind: TelemetryRouter +metadata: + name: arc-telemetry-router + namespace: <namespace> +spec: + credentials: + certificates: + # Step 1. Provide your client and ca certificates through Kubernetes secrets + # where the name of the secret and its namespace are specified. + - certificateName: <elasticsearch-client-certificate-name> + secretName: <name_of_secret> + secretNamespace: <namespace_with_secret> + - certificateName: <kafka-client-certificate-name> + secretName: <name_of_secret> + secretNamespace: <namespace_with_secret> + - certificateName: <ca-certificate-name> + secretName: <name_of_secret> + secretNamespace: <namespace_with_secret> + exporters: + elasticsearch: + # Step 2. Declare your Elasticsearch exporter with the needed settings + # (certificates, endpoint, and index to export to) + - name: myLogs + # Provide your client and CA certificate names + # for the exporter as well as any additional settings needed + caCertificateName: <ca-certificate-name> + certificateName: <elasticsearch-client-certificate-name> + endpoint: <elasticsearch_endpoint> + # Index can be the name of an index or datastream name to publish events to + index: <elasticsearch_index> + kafka: + - name: myMetrics + caCertificateName: <ca-certificate-name> + certificateName: <kafka-client-certificate-name> + broker: <kafka_broker> + index: <kafka_index> + pipelines: + logs: + exporters: + # Step 3. Add your Elasticsearch exporter to + # the exporters list of a logs pipeline. + - elasticsearch/myLogs + metrics: + exporters: + - kafka/myMetrics +``` ++```bash +kubectl apply -f arc-telemetry-router.yaml -n <namespace> +``` ++You now have Kafka and Elasticsearch exporters, added to metrics and logs pipelines. After you apply the changes to the yaml file, the TelemetryRouter custom resource will go into an updating state, and the collector service will restart. |
azure-arc | Deploy Telemetry Router | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-arc/data/deploy-telemetry-router.md | Last updated 09/07/2022 -# Deploy the Azure Arc Telemetry Router +# Deploy the Azure Arc telemetry Router > [!NOTE] >-> - The telemetry router is currently in Public Preview and you should only deploy it for **testing purposes only**. -> - In-place upgrades of a data controller deployed with the Arc telemetry router enabled are not currently available in the current preview. In order to install a data controller in a future release, you will need to uninstall the data controller and then re-install. +> - The telemetry router is in Public Preview and should be deployed for **testing purposes only**. +> - While the telemetry router is in Public Preview, be advised that future preview releases could include changes to CRD specs, CLI commands, and/or telemetry router messages. +> - The current preview does not support in-place upgrades of a data controller deployed with the Arc telemetry router enabled. In order to install or upgrade a data controller in a future release, you will need to uninstall the data controller and then re-install. -**What is the Arc Telemetry Router?** +## What is the Azure Arc Telemetry Router? -The Arc telemetry router enables exporting the collected monitoring telemetry data to other monitoring solutions. For this Public Preview, we only support exporting log data to either Kafka or Elasticsearch and metric data to Kafka. +The Azure Arc telemetry router enables exporting telemetry data to other monitoring solutions. For this Public Preview, we only support exporting log data to either Kafka or Elasticsearch and metric data to Kafka. This document specifies how to deploy the telemetry router and configure it to work with the supported exporters. -## **Configuration** +## Deployment -When deployed, the Arc telemetry router custom resource manages a hierarchy of resources. All configurations are specified through the telemetry router's custom resource specification. For the Public Preview, it initially targets the configuration of exporters and pipelines. --### Exporters --For the Public Preview, Exporters are partially configurable and support the following Primary Exporters: --- Kafka-- Elasticsearch--The following properties are currently configurable during the Public Preview: --General Exporter Settings --| Setting | Description | -|--|--| -| endpoint | Endpoint of the monitoring solution to export to | -| certificateName | The client certificate in order to export to the monitoring solution | -| caCertificateName | The cluster's Certificate Authority or customer-provided certificate for the Exporter | --Kafka Exporter Settings --| Setting | Description | -|--|--| -| topic | Name of the topic to export to | -| brokers | Broker service endpoint | -| encoding | Encoding for the telemetry: otlp_json or otlp_proto | --Elasticsearch Exporter Settings --| Setting | Description | -|--|--| -| index | This setting can be the name of an index or datastream name to publish events to | --### Pipelines --During the Public Preview, only logs and metrics pipelines are supported. These pipelines are exposed in the custom resource specification of the Arc telemetry router and available for modification. During our public preview, only exporters are configurable. All pipelines must be prefixed with "logs" or "metrics" in order to be injected with the necessary receivers and processors. For example, `logs/internal` --Logs pipelines may export to Kafka or Elasticsearch. Metrics pipelines may only export to Kafka. --Pipeline Settings --| Setting | Description | -|--|--| -| logs | Can only declare new logs pipelines. Must be prefixed with "logs" | -| metrics | Can only declare new metrics pipelines. Must be prefixed with "metrics" | -| exporters | List of exporters. Can be multiple of the same type. | --### Credentials --**Credentials Settings** --| Setting | Description | -|--|--| -| certificateName | Name of the certificate must correspond to the certificate name specified in the exporter declaration | -| secretName | Name of the secret provided through Kubernetes | -| secretNamespace | Namespace with secret provided through Kubernetes | --### Example TelemetryRouter Specification: --```yaml -apiVersion: arcdata.microsoft.com/v1beta2 -kind: TelemetryRouter -metadata: - name: arc-telemetry-router - namespace: test -spec: - collector: - customerPipelines: - # Additional logs pipelines must be prefixed with "logs" - # For example: logs/internal, logs/external, etc. - logs: - # The name of these exporters need to map to the declared ones beneath - # the exporters property. - # logs pipelines can export to elasticsearch or kafka - exporters: - - elasticsearch - - kafka - # Additional metrics piplines must be prefixed with "metrics" - # For example: metrics/internal, metrics/external, etc. - metrics: - # The name of these exporters need to map to the declared ones beneath - # the exporters property. - # metrics pipelines can export to kafka only - exporters: - - kafka - exporters: - # Only elasticsearch and kafka exporters are supported for this first preview. - # Any additional exporters of those types must be prefixed with the name - # of the exporter, e.g. kafka/2, elasticsearch/2 - elasticsearch: - # Users will specify client and CA certificate names - # for the exporter as well as any additional settings needed - # These names should map to the credentials section below. - caCertificateName: cluster-ca-certificate - certificateName: elasticsearch-exporter - endpoint: <elasticsearch_endpoint> - settings: - # Currently supported properties include: index - # This can be the name of an index or datastream name to publish events to - index: <elasticsearch_index> - kafka: - certificateName: kafka-exporter - caCertificateName: cluster-ca-certificate - settings: - # Currently supported properties include: topic, brokers, and encoding - # Name of the topic to export to - topic: kafka_logs_topic - # Broker service endpoint - brokers: kafka-broker-svc.test.svc.cluster.local:9092 - # Encoding for the telemetry, otlp_json or otlp_proto - encoding: otlp_json - credentials: - certificates: - # For user-provided certificates, they must be provided - # through a Kubernetes secret, where the name of the secret and its - # namespace are specified. - - certificateName: elasticsearch-exporter - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> - - certificateName: kafka-exporter - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> - - certificateName: cluster-ca-certificate - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> -``` +> [!NOTE] +> +> The telemetry router currently supports indirectly connected mode only. -## **Deployment** +### Create a Custom Configuration Profile -> [!NOTE] -> The telemetry router currently supports indirect mode only. +After setting up your Kubernetes cluster, you'll need to [create a custom configuration profile](create-custom-configuration-template.md). Next, enable a temporary feature flag that deploys the telemetry router during data controller creation. -Once you have your cluster and Azure CLI setup correctly, to deploy the telemetry router, you must create the *DataController* custom resource. Then, set the `enableOpenTelemetry` flag on its spec to `true`. This flag is a temporary feature flag that must be enabled. +### Turn on the Feature Flag -To set the feature flag, follow the [normal configuration profile instructions](create-custom-configuration-template.md). After you have created your configuration profile, add the monitoring property with the `enableOpenTelemetry` flag set to `true`. You can do set the feature flag by running the following commands in the az CLI: +After creating the custom configuration profile, you'll need to edit the profile to add the `monitoring` property with the `enableOpenTelemetry` flag set to `true`. You can set the feature flag by running the following az CLI commands (edit the --path parameter, as necessary): ```bash-az arcdata dc config add --path ./output/control.json --json-values ".spec.monitoring={}" -az arcdata dc config add --path ./output/control.json --json-values ".spec.monitoring.enableOpenTelemetry=true" +az arcdata dc config add --path ./control.json --json-values ".spec.monitoring={}" +az arcdata dc config add --path ./control.json --json-values ".spec.monitoring.enableOpenTelemetry=true" ``` -To confirm the flag was set correctly, you can open the control.json file and confirm the `monitoring` object was added to the `spec` object, as shown below. +To confirm the flag was set correctly, open the control.json file and confirm the `monitoring` object was added to the `spec` object and `enableOpenTelemetry` is set to `true`. ```yaml spec: spec: enableOpenTelemetry: true ``` -Then deploy the data controller as normal in the [Deployment Instructions](create-data-controller-indirect-cli.md?tabs=linux) +This feature flag requirement will be removed in a future release. ++### Create the Data Controller ++After creating the custom configuration profile and setting the feature flag, you're ready to [create the data controller using indirect connectivity mode](create-data-controller-indirect-cli.md?tabs=linux). Be sure to replace the `--profile-name` parameter with a `--path` parameter that points to your custom control.json file (see [use custom control.json file to deploy Azure Arc-enabled data controller](create-custom-configuration-template.md)) -When the data controller is deployed, it also deploys a default TelemetryRouter custom resource as part of the data controller creation. Note that the controller pod will only be marked ready when both custom resources have finished deploying. Use the following command to verify that the TelemetryRouter exists: +### Verify Telemetry Router Deployment ++When the data controller is created, a TelemetryRouter custom resource is also created. Data controller deployment is marked ready when both custom resources have finished deploying. After the data controller finishes deployment, you can use the following command to verify that the TelemetryRouter exists: ```bash kubectl describe telemetryrouter arc-telemetry-router -n <namespace> ``` ```yaml-apiVersion: arcdata.microsoft.com/v1beta2 +apiVersion: arcdata.microsoft.com/v1beta4 kind: TelemetryRouter metadata: name: arc-telemetry-router namespace: <namespace> spec:- collector: - customerPipelines: - logs: - exporters: - - elasticsearch/arcdata/msft/internal - exporters: - elasticsearch/arcdata/msft/internal: - caCertificateName: cluster-ca-certificate - certificateName: arcdata-msft-elasticsearch-exporter-internal - endpoint: https://logsdb-svc:9200 - settings: - index: logstash-otel credentials: certificates: - certificateName: arcdata-msft-elasticsearch-exporter-internal - certificateName: cluster-ca-certificate-``` --We are exporting logs to our deployment of Elasticsearch in the Arc cluster. When you deploy the telemetry router, two OtelCollector custom resources are created. You can see the index, service endpoint, and certificates it is using to do so. This telemetry router is provided as an example of the deployment, so you can see how to export to your own monitoring solutions. --You can run the following commands to see the detailed deployment of the child collectors that are receiving logs and exporting to Elasticsearch: --```bash -kubectl describe otelcollector collector-inbound -n <namespace> -kubectl describe otelcollector collector-outbound -n <namespace> -``` --The first of the two OtelCollector custom resources is the inbound collector, dedicated to the inbound telemetry layer. The inbound collector receives the logs and metrics, then exports them to a Kafka custom resource. --```yaml -Name: collector-inbound -Namespace: <namespace> -Labels: <none> -Annotations: <none> -Is Valid: true -API Version: arcdata.microsoft.com/v1beta2 -Kind: OtelCollector -Spec: - Collector: - Exporters: - kafka/arcdata/msft/logs: - Brokers: kafka-broker-svc:9092 - Encoding: otlp_proto - protocol_version: 2.0.0 - Tls: - ca_file: cluster-ca-certificate - cert_file: arcdata-msft-kafka-exporter-internal - key_file: arcdata-msft-kafka-exporter-internal - Topic: arcdata.microsoft.com.logs - kafka/arcdata/msft/metrics: - Brokers: kafka-broker-svc:9092 - Encoding: otlp_proto - protocol_version: 2.0.0 - Tls: - ca_file: cluster-ca-certificate - cert_file: arcdata-msft-kafka-exporter-internal - key_file: arcdata-msft-kafka-exporter-internal - Topic: arcdata.microsoft.com.metrics - Extensions: - memory_ballast: - size_mib: 683 - Limits: <nil> - Processors: - Batch: - send_batch_max_size: 500 - send_batch_size: 100 - Timeout: 10s - memory_limiter: - check_interval: 5s - limit_mib: 1500 - spike_limit_mib: 512 - Receivers: - Collectd: - Endpoint: 0.0.0.0:8003 - Fluentforward: - Endpoint: 0.0.0.0:8002 - Requests: <nil> - Service: - Extensions: - memory_ballast - Pipelines: - Logs: - Exporters: - kafka/arcdata/msft/logs - Processors: - memory_limiter - batch - Receivers: - fluentforward - Metrics: - Exporters: - kafka/arcdata/msft/metrics - Processors: - memory_limiter - batch - Receivers: - collectd - Storage: <nil> - Credentials: - Certificates: - Certificate Name: arcdata-msft-kafka-exporter-internal - Secret Name: <secret> - Secret Namespace: <secret namespace> - Update: <nil> -Events: <none> + exporters: + elasticsearch: + - caCertificateName: cluster-ca-certificate + certificateName: arcdata-msft-elasticsearch-exporter-internal + endpoint: https://logsdb-svc:9200 + index: logstash-otel + name: arcdata/msft/internal + pipelines: + logs: + exporters: + - elasticsearch/arcdata/msft/internal ``` -The second of the two OtelCollector custom resources is the outbound collector, dedicated to the outbound telemetry layer. The outbound collector receives the logs and metrics data from the Kafka custom resource. Those logs and metrics can then be exported to the customer's monitoring solutions, such as Kafka or Elasticsearch. +For the public preview, the pipeline and exporter have a default pre-configuration to Microsoft's deployment of Elasticsearch. This default deployment gives you an example of how the parameters for credentials, exporters, and pipelines are set up within the spec. You can follow this example to export to your own monitoring solutions. See [adding exporters and pipelines](adding-exporters-and-pipelines.md) for more examples. This example deployment will be removed at the conclusion of the public preview. -```yaml -Name: collector-outbound -Namespace: arc -Labels: <none> -Annotations: <none> -Is Valid: true -API Version: arcdata.microsoft.com/v1beta2 -Kind: OtelCollector -Spec: - Collector: - Exporters: - elasticsearch/arcdata/msft/internal: - Endpoints: - https://logsdb-svc:9200 - Index: logstash-otel - Tls: - ca_file: cluster-ca-certificate - cert_file: arcdata-msft-elasticsearch-exporter-internal - key_file: arcdata-msft-elasticsearch-exporter-internal - Extensions: - memory_ballast: - size_mib: 683 - Limits: <nil> - Processors: - Batch: - send_batch_max_size: 500 - send_batch_size: 100 - Timeout: 10s - memory_limiter: - check_interval: 5s - limit_mib: 1500 - spike_limit_mib: 512 - Receivers: - kafka/arcdata/msft/logs: - Auth: - Tls: - ca_file: cluster-ca-certificate - cert_file: arcdata-msft-kafka-receiver-internal - key_file: arcdata-msft-kafka-receiver-internal - Brokers: kafka-broker-svc:9092 - Encoding: otlp_proto - protocol_version: 2.0.0 - Topic: arcdata.microsoft.com.logs - kafka/arcdata/msft/metrics: - Auth: - Tls: - ca_file: cluster-ca-certificate - cert_file: arcdata-msft-kafka-receiver-internal - key_file: arcdata-msft-kafka-receiver-internal - Brokers: kafka-broker-svc:9092 - Encoding: otlp_proto - protocol_version: 2.0.0 - Topic: arcdata.microsoft.com.metrics - Requests: <nil> - Service: - Extensions: - memory_ballast - Pipelines: - Logs: - Exporters: - elasticsearch/arcdata/msft/internal - Processors: - memory_limiter - batch - Receivers: - kafka/arcdata/msft/logs - Storage: <nil> - Credentials: - Certificates: - Certificate Name: arcdata-msft-kafka-receiver-internal - Secret Name: <secret> - Secret Namespace: <secret namespace> - Certificate Name: arcdata-msft-elasticsearch-exporter-internal - Secret Name: <secret> - Secret Namespace: <secret namespace> - Certificate Name: cluster-ca-certificate - Secret Name: <secret> - Secret Namespace: <secret namespace> - Update: <nil> -Events: <none> --``` +After the TelemetryRouter is deployed, both TelemetryCollector custom resources should be in a *Ready* state. These resources are system managed and editing them isn't supported. If you look at the pods, you should see the following types of pods: -After you deploy the Telemetry Router, both OtelCollector custom resources should be in a *Ready* state. For modification, all updates should go through its parent resource, the TelemetryRouter custom resource. --If you look at the pods, you should see the two collector pods - `arctc-collector-inbound-0` and `arctc-collector-outbound-0`. You should also see the `kakfa-server-0` pod. +- Two telemetry collector pods - `arctc-collector-inbound-0` and `arctc-collector-outbound-0` +- A kakfa broker pod - `arck-arc-router-kafka-broker-0` +- A kakfa controller pod - `arck-arc-router-kafka-controller-0` ```bash kubectl get pods -n <namespace> -NAME READY STATUS RESTARTS AGE -arc-bootstrapper-job-kmrsx 0/1 Completed 0 19h -arc-webhook-job-5bd06-r6g8w 0/1 Completed 0 19h -arctc-collector-inbound-0 2/2 Running 0 19h -arctc-collector-outbound-0 2/2 Running 0 19h -bootstrapper-789b4f89-c77z6 1/1 Running 0 19h -control-xtjrr 2/2 Running 0 19h -controldb-0 2/2 Running 0 19h -kafka-server-0 2/2 Running 0 19h -logsdb-0 3/3 Running 0 19h -logsui-67hvm 3/3 Running 0 19h -metricsdb-0 2/2 Running 0 19h -metricsdc-hq25d 2/2 Running 0 19h -metricsdc-twq7r 2/2 Running 0 19h -metricsui-psnvg 2/2 Running 0 19h -``` --## **Exporting to Your Monitoring Solutions** --This next section will guide you through a series of modifications you can make on the Arc telemetry router to export to your own Elasticsearch or Kafka instances. --### **1. Add an Elasticsearch Exporter** --You can test adding your own Elasticsearch exporter to send logs to your deployment of Elasticsearch by doing the following steps: --1. Add your Elasticsearch exporter to the exporters list beneath customer pipelines -2. Declare your Elasticsearch exporter with the needed settings - certificates, endpoint, and index -3. Provide your client and CA certificates in the credentials section through Kubernetes secrets --For example: --**router.yaml** --```yaml -apiVersion: arcdata.microsoft.com/v1beta2 -kind: TelemetryRouter -metadata: - name: arc-telemetry-router - namespace: <namespace> -spec: - collector: - customerPipelines: - logs: - exporters: - - elasticsearch/arcdata/msft/internal - # 1. Add your Elasticsearch exporter to the exporters list. - - elasticsearch/example - exporters: - # 2. Declare your Elasticsearch exporter with the needed settings (certificates, endpoint, and index to export to) - elasticsearch/example: - # Provide your client and CA certificate names - # for the exporter as well as any additional settings needed - caCertificateName: <ca-certificate-name> - certificateName: <elasticsearch-client-certificate-name> - endpoint: <elasticsearch_endpoint> - settings: - # Currently supported properties include: index - # This can be the name of an index or datastream name to publish events to - index: <elasticsearch_index> - elasticsearch/arcdata/msft/internal: - caCertificateName: cluster-ca-certificate - certificateName: arcdata-msft-elasticsearch-exporter-internal - endpoint: https://logsdb-svc:9200 - settings: - index: logstash-otel - credentials: - certificates: - - certificateName: arcdata-msft-elasticsearch-exporter-internal - - certificateName: cluster-ca-certificate - # 3. Provide your client and ca certificates through Kubernetes secrets - # where the name of the secret and its namespace are specified. - - certificateName: <elasticsearch-client-certificate-name> - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> - - certificateName: <ca-certificate-name> - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> -``` --```bash -kubectl apply -f router.yaml -n <namespace> -``` --You've now added a second Elasticsearch exporter that exports to your instance of Elasticsearch on the logs pipeline. The TelemetryRouter custom resource should go into an updating state and the collector service will restart. --### **2. Add a Kafka Exporter** --You can test adding your own Kafka exporter to send logs to your deployment of Kafka by doing the following steps: --1. Add your Kafka exporter to the exporters list beneath customer pipelines -2. Declare your Kafka exporter with the needed settings - topic, broker, and encoding -3. Provide your client and CA certificates in the credentials section through Kubernetes secrets --For example: --**router.yaml** --```yaml -apiVersion: arcdata.microsoft.com/v1beta2 -kind: TelemetryRouter -metadata: - name: arc-telemetry-router - namespace: <namespace> -spec: - collector: - customerPipelines: - logs: - exporters: - - elasticsearch/arcdata/msft/internal - # 1. Add your Kafka exporter to the exporters list of a logs pipeline. - - kafka/example - exporters: - # 2. Declare your Kafka exporter with the needed settings (certificates, endpoint, topic, brokers, and encoding) - kafka/example: - # Provide your client and CA certificate names - # for the exporter as well as any additional settings needed - certificateName: <kafka-client-certificate-name> - caCertificateName: <ca-certificate-name> - settings: - # Name of the topic to export to - topic: <topic-name> - # Broker service endpoint - brokers: <broker-service-endpoint> - # Encoding for the telemetry, otlp_json or otlp_proto - encoding: otlp_json - elasticsearch/arcdata/msft/internal: - caCertificateName: cluster-ca-certificate - certificateName: arcdata-msft-elasticsearch-exporter-internal - endpoint: https://logsdb-svc:9200 - settings: - index: logstash-otel - credentials: - certificates: - - certificateName: arcdata-msft-elasticsearch-exporter-internal - - certificateName: cluster-ca-certificate - # 3. Provide your client and ca certificates through Kubernetes secrets - # where the name of the secret and its namespace are specified. - - certificateName: <kafka-client-certificate-name> - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> - - certificateName: <ca-certificate-name> - secretName: <name_of_secret> - secretNamespace: <namespace_with_secret> +NAME READY STATUS RESTARTS AGE +arc-bootstrapper-job-4z2vr 0/1 Completed 0 15h +arc-webhook-job-facc4-z7dd7 0/1 Completed 0 15h +arck-arc-router-kafka-broker-0 2/2 Running 0 15h +arck-arc-router-kafka-controller-0 2/2 Running 0 15h +arctc-collector-inbound-0 2/2 Running 0 15h +arctc-collector-outbound-0 2/2 Running 0 15h +bootstrapper-8d5bff6f7-7w88j 1/1 Running 0 15h +control-vpfr9 2/2 Running 0 15h +controldb-0 2/2 Running 0 15h +logsdb-0 3/3 Running 0 15h +logsui-fwrh9 3/3 Running 0 15h +metricsdb-0 2/2 Running 0 15h +metricsdc-bc4df 2/2 Running 0 15h +metricsdc-fm7jh 2/2 Running 0 15h +metricsdc-qgl26 2/2 Running 0 15h +metricsdc-sndjv 2/2 Running 0 15h +metricsdc-xh78q 2/2 Running 0 15h +metricsui-qqgbv 2/2 Running 0 15h ``` -```bash -kubectl apply -f router.yaml -n <namespace> -``` --You've now added a Kafka exporter that exports to the topic name at the broker service endpoint you provided on the logs pipeline. The TelemetryRouter custom resource should go into an updating state and the collector service will restart. - ## Next steps -- [Test Arc-enabled servers using an Azure VM](../servers/plan-evaluate-on-azure-virtual-machine.md)+- [Add exporters and pipelines to your telemetry router](/adding-exporters-and-pipelines.md) |
azure-arc | Privacy Data Collection And Reporting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-arc/data/privacy-data-collection-and-reporting.md | -Neither Azure Arc-enabled data services nor any of the applicable data services store any customer data. This applies to Azure Arc-enabled SQL Managed Instance, Azure Arc-enabled PostgreSQL, and Azure Arc-enabled SQL Server. +Neither Azure Arc-enabled data services nor any of the applicable data services store any customer data. This applies to Azure Arc-enabled SQL Managed Instance and Azure Arc-enabled PostgreSQL. ## Related products Azure Arc-enabled data services may use some or all of the following products: -- SQL MI – Azure Arc +- Azure Arc-enabled SQL Managed Instance - Azure Arc-enabled PostgreSQL - Azure Data Studio [!INCLUDE [use-insider-azure-data-studio](includes/use-insider-azure-data-studio.md)] - Azure CLI (az)-- Azure Data CLI (`azdata`) ## Directly connected The following table describes the type of data, how it is sent, and requirement. |Operational Data|Metrics and logs|Automatic, when configured to do so|No Billing & inventory data|Inventory such as number of instances, and usage such as number of vCores consumed|Automatic |Yes Diagnostics|Diagnostic information for troubleshooting purposes|Manually exported and provided to Microsoft Support|Only for the scope of troubleshooting and follows the standard [privacy policies](https://privacy.microsoft.com/privacystatement)-Customer Experience Improvement Program (CEIP)|[CEIP summary](/sql/sql-server/usage-and-diagnostic-data-configuration-for-sql-server)|Automatic, if allowed|No ## Indirectly connected The following table describes the type of data, how it is sent, and requirement. |Operational Data|Metrics and logs|Manual|No Billing & inventory data|Inventory such as number of instances, and usage such as number of vCores consumed|Manual |Yes Diagnostics|Diagnostic information for troubleshooting purposes|Manually exported and provided to Microsoft Support|Only for the scope of troubleshooting and follows the standard [privacy policies](https://privacy.microsoft.com/privacystatement)-Customer Experience Improvement Program (CEIP)|[CEIP summary](/sql/sql-server/usage-and-diagnostic-data-configuration-for-sql-server)|Automatic, if allowed|No + ## Detailed description of data There are three resource types: - Azure Arc-enabled SQL Managed Instance - Azure Arc-enabled PostgreSQL server -- Azure Arc-enabled SQL Server -- Data controller +- Data controller The following sections show the properties, types, and descriptions that are collected and stored about each type of resource: -### Azure Arc-enabled SQL Server -- SQL Server edition. - - `string: Edition` -- Resource ID of the container resource (Azure Arc for Servers). - - `string: ContainerResourceId` -- Time when the resource was created. - - `string: CreateTime` -- The number of logical processors used by the SQL Server instance.- - `string: VCore` -- Cloud connectivity status. - - `string: Status` -- SQL Server update level. - - `string: PatchLevel` -- SQL Server collation. - - `string: Collation` -- SQL Server current version.- - `string: CurrentVersion` -- SQL Server instance name. - - `string: InstanceName` -- Dynamic TCP ports used by SQL Server. - - `string: TcpDynamicPorts` -- Static TCP ports used by SQL Server.- - `string: TcpStaticPorts` -- SQL Server product ID.- - `string: ProductId` -- SQL Server provisioning state.- - `string: ProvisioningState` - ### Data controller - Location information - `public OnPremiseProperty OnPremiseProperty` - The raw Kubernetes information (`kubectl get datacontroller`) - - `object: K8sRaw` + - `object: K8sRaw` [Details](https://github.com/microsoft/azure_arc/tree/main/arc_data_services/crds) - Last uploaded date from on-premises cluster. - `System.DateTime: LastUploadedDate` - Data controller state The following sections show the properties, types, and descriptions that are col - Username and password for basic authentication - `public: BasicLoginInformation BasicLoginInformation` - The raw Kubernetes information (`kubectl get postgres12`) - - `object: K8sRaw` + - `object: K8sRaw` [Details](https://github.com/microsoft/azure_arc/tree/main/arc_data_services/crds) - Last uploaded date from on premises cluster. - `System.DateTime: LastUploadedDate` - Group provisioning state The following sections show the properties, types, and descriptions that are col - The instance end time - `string: EndTime` - The raw kubernetes information (`kubectl get sqlmi`) - - `object: K8sRaw` + - `object: K8sRaw` [Details](https://github.com/microsoft/azure_arc/tree/main/arc_data_services/crds) - Username and password for basic authentication. - `public: BasicLoginInformation BasicLoginInformation` - Last uploaded date from on-premises cluster. In support situations, you may be asked to provide database instance logs, Kuber ## Next steps [Upload usage data to Azure Monitor](upload-usage-data.md)+ |
azure-arc | Privacy Data Collection And Reporting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-glossary-cloud-terminology.md | Title: Azure glossary - Azure dictionary | Microsoft Docs + Title: Azure glossary - Azure dictionary description: Use the Azure glossary to understand cloud terminology on the Azure platform. This short Azure dictionary provides definitions for common cloud terms for Azure. keywords: Azure dictionary, cloud terminology, Azure glossary, terminology definitions, cloud terms- - ms.assetid: d7ac12f7-24b5-4bcd-9e4d-3d76fbd8d297 - Last updated 09/17/2021 - + # Microsoft Azure glossary: A dictionary of cloud terminology on the Azure platform The Microsoft Azure glossary is a short dictionary of cloud terminology for the Azure platform. See also: |
azure-monitor | Alerts Logic Apps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/alerts/alerts-logic-apps.md | Title: Customize alert notifications using Logic Apps description: Learn how to create a logic app to process Azure Monitor alerts. Previously updated : 09/07/2022 Last updated : 02/09/2023 # Customer intent: As an administrator I want to create a logic app that is triggered by an alert so that I can send emails or Teams messages when an alert is fired.- # Customize alert notifications using Logic Apps This article shows you how to create a Logic App and integrate it with an Azure [Azure Logic Apps](../../logic-apps/logic-apps-overview.md) allows you to build and customize workflows for integration. Use Logic Apps to customize your alert notifications. -+ Customize the alerts email, using your own email subject and body format. -+ Customize the alert metadata by looking up tags for affected resources or fetching a log query search result. For information on how to access the search result rows containing alerts data, see: - + [Azure Monitor Log Analytics API response format](../logs/api/response-format.md) - + [Query/management HTTP response](/azure/data-explorer/kusto/api/rest/response) -+ Integrate with external services using existing connectors like Outlook, Microsoft Teams, Slack and PagerDuty, or by configuring the Logic App for your own services. +- Customize the alerts email, using your own email subject and body format. +- Customize the alert metadata by looking up tags for affected resources or fetching a log query search result. For information on how to access the search result rows containing alerts data, see: + - [Azure Monitor Log Analytics API response format](../logs/api/response-format.md) + - [Query/management HTTP response](/azure/data-explorer/kusto/api/rest/response) +- Integrate with external services using existing connectors like Outlook, Microsoft Teams, Slack and PagerDuty, or by configuring the Logic App for your own services. -In this example, we'll use the following steps to create a Logic App that uses the [common alerts schema](./alerts-common-schema.md) to send details from the alert. The example uses the following steps: +In this example, the following steps create a Logic App that uses the [common alerts schema](./alerts-common-schema.md) to send details from the alert. The example uses the following steps: 1. [Create a Logic App](#create-a-logic-app) for sending an email or a Teams post. 1. [Create an alert action group](#create-an-action-group) that triggers the logic app. 1. [Create a rule](#create-a-rule-using-your-action-group) the uses the action group.+ ## Create a Logic App -1. Create a new Logic app. Set **Logic App name** , select **Consumption Plan type**. +1. In the [portal](https://portal.azure.com/), create a new Logic app. In the **Search** bar at the top of the page, enter "Logic App". +1. On the **Logic App** page, select **+Add**. +1. Select the **Subscription** and **Resource group** for your Logic App. +1. Set **Logic App name**, and select **Consumption Plan type**. 1. Select **Review + create**, then select **Create**. 1. Select **Go to resource** when the deployment is complete. :::image type="content" source="./media/alerts-logic-apps/create-logic-app.png" alt-text="A screenshot showing the create logic app page.":::-1. On the Logic Apps Designer page, select **When a HTTP request is received**. +1. On the **Logic Apps Designer** page, select **When a HTTP request is received**. :::image type="content" source="./media/alerts-logic-apps/logic-apps-designer.png" alt-text="A screenshot showing the Logic Apps designer start page."::: 1. Paste the common alert schema into the **Request Body JSON Schema** field from the following JSON: In this example, we'll use the following steps to create a Logic App that uses t } ``` -1. Select the **+** icon to insert a new step. + :::image type="content" source="./media/alerts-logic-apps/configure-http-request-received.png" alt-text="A screenshot showing the parameters for the http request received step."::: ++1. (Optional). You can customize the alert notification by extracting information about the affected resource on which the alert fired, e.g. the resourceΓÇÖs tags. You can then include those resource tags in the alert payload and use the information in your logical expressions for sending the notifications. To do this, we will: + - Create a variable for the affected resource IDs. + - Split the resource ID into in an array so we can use its various elements (e.g. subscription, resource group). + - Use the Azure Resource Manager connector to read the resourceΓÇÖs metadata. + - Fetch the resourceΓÇÖs tags which can then be used in subsequent steps of the Logic App. ++ 1. Select **+** and **Add an action** to insert a new step. + 1. In the **Search** field, search for and select **Initialize variable**. + 1. In the **Name** field, enter the name of the variable, such as 'AffectedResources'. + 1. In the **Type** field, select **Array**. + 1. In the **Value** field, select **Add dynamic Content**. Select the **Expression** tab, and enter this string: `split(triggerBody()?['data']?['essentials']?['alertTargetIDs'][0], '/')`. ++ :::image type="content" source="./media/alerts-logic-apps/initialize-variable.png" alt-text="A screenshot showing the parameters for the initializing a variable in Logic Apps."::: ++ 1. Select **+** and **Add an action** to insert another step. + 1. In the **Search** field, search for and select **Azure Resource Manager**, and then **Read a resource**. + 1. Populate the fields of the **Read a resource** action with the array values from the `AffectedResources` variable. In each of the fields, click inside the field, and scroll down to **Enter a custom value**. Select **Add dynamic content**, and then select the **Expression** tab. Enter the strings from this table: ++ |Field|String value| + ||| + |Subscription|`variables('AffectedResource')[2]`| + |Resource Group|`variables('AffectedResource')[4]`| + |Resource Provider|`variables('AffectedResource')[6]`| + |Short Resource Id|`concat(variables('AffectedResource')[7], '/', variables('AffectedResource')[8]`)| + |Client Api Version|2021-06-01| ++ The dynamic content now includes tags from the affected resource. You can use those tags when you configure your notifications as described in the following steps. 1. Send an email or post a Teams message.+1. Select **+** and **Add an action** to insert a new step. ++ :::image type="content" source="./media/alerts-logic-apps/configure-http-request-received.png" alt-text="A screenshot showing the parameters for the when http request received step."::: ## [Send an email](#tab/send-email) In this example, we'll use the following steps to create a Logic App that uses t 1. Sign into Office 365 when prompted to create a connection. 1. Create the email **Body** by entering static text and including content taken from the alert payload by choosing fields from the **Dynamic content** list. For example:- - Enter *An alert has monitoring condition:* then select **monitorCondition** from the **Dynamic content** list. - - Then enter *Date fired:* and select **firedDateTime** from the **Dynamic content** list. - - Enter *Affected resources:* and select **alterTargetIDs** from the **Dynamic content** list. - + - Enter the text: `An alert has been triggered with this monitoring condition:`. Then, select **monitorCondition** from the **Dynamic content** list. + - Enter the text: `Date fired:`. Then, select **firedDateTime** from the **Dynamic content** list. + - Enter the text: `Affected resources:`. Then, select **alertTargetIDs** from the **Dynamic content** list. + 1. In the **Subject** field, create the subject text by entering static text and including content taken from the alert payload by choosing fields from the **Dynamic content** list. For example:- - Enter *Alert:* and select **alertRule** from the **Dynamic content** list. - - Then enter *with severity:* and select **severity** from the **Dynamic content** list. - - Enter *has condition:* and select **monitorCondition** from the **Dynamic content** list. - + - Enter the text: `Alert:`. Then, select **alertRule** from the **Dynamic content** list. + - Enter the text: `with severity:`. Then, select **severity** from the **Dynamic content** list. + - Enter the text: `has condition:`. Then, select **monitorCondition** from the **Dynamic content** list. + 1. Enter the email address to send the alert to in the **To** field. 1. Select **Save**. :::image type="content" source="./media/alerts-logic-apps/configure-email.png" alt-text="A screenshot showing the parameters tab for the send email action."::: -You've created a Logic App that will send an email to the specified address, with details from the alert that triggered it. +You've created a Logic App that sends an email to the specified address, with details from the alert that triggered it. The next step is to create an action group to trigger your Logic App. ## [Post a Teams message](#tab/send-teams-message) 1. In the search field, search for *Microsoft Teams*. - 1. Select **Microsoft Teams** :::image type="content" source="./media/alerts-logic-apps/choose-operation-teams.png" alt-text="A screenshot showing add action page of the logic apps designer with Microsoft Teams selected."::: 1. Select **Post a message in a chat or channel** from the list of actions. 1. Sign into Teams when prompted to create a connection. -1. Select *User* from the **Post as** dropdown. -1. Select *Group chat* from the **Post in** dropdown. +1. Select **User** from the **Post as** dropdown. +1. Select **Group chat** from the **Post in** dropdown. 1. Select your group from the **Group chat** dropdown.-1. Create the message text in the **Message** field by entering static text and including content taken from the alert payload by choosing fields from the **Dynamic content** list. +1. Create the message text in the **Message** field by entering static text and including content taken from the alert payload by choosing fields from the **Dynamic content** list. For example:- - Enter *Alert:* then select **alertRule** from the **Dynamic content** list. - - Enter *with severity:* and select **severity** from the **Dynamic content** list. - - Enter *was fired at:* and select **firedDateTime** from the **Dynamic content** list. - - Add more fields according to your requirements. + 1. Enter `Alert:` then select **alertRule** from the **Dynamic content** list. + 1. Enter `with severity:` and select **severity** from the **Dynamic content** list. + 1. Enter `was fired at:` and select **firedDateTime** from the **Dynamic content** list. + 1. Add more fields according to your requirements. 1. Select **Save** :::image type="content" source="./media/alerts-logic-apps/configure-teams-message.png" alt-text="A screenshot showing the parameters tab for the post a message in a chat or channel action."::: -You've created a Logic App that will send a Teams message to the specified group, with details from the alert that triggered it. +You've created a Logic App that sends a Teams message to the specified group, with details from the alert that triggered it. The next step is to create an action group to trigger your Logic App. To trigger your Logic app, create an action group, then create an alert that use :::image type="content" source="./media/alerts-logic-apps/create-action-group.png" alt-text="A screenshot showing the actions tab of a create action group page."::: 1. In the **Actions** tab under **Action type**, select **Logic App**. 1. In the **Logic App** section, select your logic app from the dropdown.-1. Set **Enable common alert schema** to *Yes*. If you select *No*, the alert type will determine which alert schema is used. For more information about alert schemas, see [Context specific alert schemas](./alerts-non-common-schema-definitions.md). +1. Set **Enable common alert schema** to *Yes*. If you select *No*, the alert type determines which alert schema is used. For more information about alert schemas, see [Context specific alert schemas](./alerts-non-common-schema-definitions.md). 1. Select **OK**. 1. Enter a name in the **Name** field. 1. Select **Review + create**, the **Create**. To trigger your Logic app, create an action group, then create an alert that use :::image type="content" source="./media/alerts-logic-apps/test-action-group2.png" alt-text="A screenshot showing an action group details test page."::: -The following email will be sent to the specified account: +The following email is sent to the specified account: ## Create a rule using your action group |
azure-monitor | Autoscale Multiprofile | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/autoscale/autoscale-multiprofile.md | Autoscale transitions between profiles based on their start times. The end time In the portal, the end time field becomes the next start time for the default profile. You can't specify the same time for the end of one profile and the start of the next. The portal will force the end time to be one minute before the start time of the following profile. During this minute, the default profile will become active. If you don't want the default profile to become active between recurring profiles, leave the end time field empty. > [!TIP]-> To set up multiple contiguous profiles using the portal, leave the end time empty. The current profile will stop being used when the next profile becomes active. Only specify an end time when you want to revert to the default profile. -> Creating a recurring profile with no end time is only supported via the portal. +> To set up multiple contiguous profiles using the portal, leave the end time empty. The current profile will stop being used when the next profile becomes active. Only specify an end time when you want to revert to the default profile. +> Creating a recurring profile with no end time is only supported via the portal and ARM templates. ## Multiple profiles using templates, CLI, and PowerShell |
azure-monitor | Autoscale Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/autoscale/autoscale-overview.md | Set up schedule-based rules to trigger scale events. Use schedule-based rules wh ### Rules -Rules define the conditions needed to trigger a scale event, the direction of the scaling, and the amount to scale by. Rules can be: +Rules define the conditions needed to trigger a scale event, the direction of the scaling, and the amount to scale by. Combine multiple rules using different metrics, for example CPU usage and queue length. Define up to 10 rules per profile. ++Rules can be: * Metric-based Trigger based on a metric value, for example when CPU usage is above 50%. * Time-based Trigger based on a schedule, for example, every Saturday at 8am. -You can combine multiple rules using different metrics, for example CPU usage and queue length. + Autoscale scales out if *any* of the rules are met, whereas autoscale scales in only if *all* the rules are met. In terms of logic operators, the OR operator is used when scaling out with multiple rules. The AND operator is used when scaling in with multiple rules. |
azure-monitor | Autoscale Understanding Settings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/autoscale/autoscale-understanding-settings.md | The table below describes the elements in the above autoscale setting's JSON. | profiles | capacity.maximum | Instance limits - Maximum |The maximum capacity allowed. It ensures that autoscale doesn't scale your resource above this number when executing the profile. | | profiles | capacity.minimum | Instance limits - Minimum |The minimum capacity allowed. It ensures that autoscale doesn't scale your resource below this number when executing the profile | | profiles | capacity.default | Instance limits - Default |If there's a problem reading the resource metric, and the current capacity is below the default, autoscale scales out to the default. This ensures the availability of the resource. If the current capacity is already higher than the default capacity, autoscale doesn't scale in. |-| profiles | rules | Rules |Autoscale automatically scales between the maximum and minimum capacities, by using the rules in the profile. You can have multiple rules in a profile. Typically there are two rules: one to determine when to scale out, and the other to determine when to scale in. | +| profiles | rules | Rules |Autoscale automatically scales between the maximum and minimum capacities, by using the rules in the profile. Define up to 10 individual rules in a profile. Typically rules are defined in pairs, one to determine when to scale out, and the other to determine when to scale in. | | rule | metricTrigger | Scale rule |Defines the metric condition of the rule. | | metricTrigger | metricName | Metric name |The name of the metric. | | metricTrigger | metricResourceUri | |The resource ID of the resource that emits the metric. In most cases, it is the same as the resource being scaled. In some cases, it can be different. For example, you can scale a Virtual Machine Scale Set based on the number of messages in a storage queue. | |
azure-monitor | Data Collector Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/logs/data-collector-api.md | To use the HTTP Data Collector API, you create a POST request that includes the | Log-Type |Specify the record type of the data that's being submitted. It can contain only letters, numbers, and the underscore (_) character, and it can't exceed 100 characters. | | x-ms-date |The date that the request was processed, in RFC 7234 format. | | x-ms-AzureResourceId | The resource ID of the Azure resource that the data should be associated with. It populates the [_ResourceId](./log-standard-columns.md#_resourceid) property and allows the data to be included in [resource-context](manage-access.md#access-mode) queries. If this field isn't specified, the data won't be included in resource-context queries. |-| time-generated-field | The name of a field in the data that contains the timestamp of the data item. If you specify a field, its contents are used for **TimeGenerated**. If you don't specify this field, the default for **TimeGenerated** is the time that the message is ingested. The contents of the message field should follow the ISO 8601 format YYYY-MM-DDThh:mm:ssZ. The Time Generated value cannot be older than 2 days before received time or the time that the message is ingested will be used.| +| time-generated-field | The name of a field in the data that contains the timestamp of the data item. If you specify a field, its contents are used for **TimeGenerated**. If you don't specify this field, the default for **TimeGenerated** is the time that the message is ingested. The contents of the message field should follow the ISO 8601 format YYYY-MM-DDThh:mm:ssZ. The Time Generated value cannot be older than 2 days before received time or more than a day in the future. In such case, the time that the message is ingested will be used.| | | | ## Authorization |
azure-monitor | Log Standard Columns | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/logs/log-standard-columns.md | The **TimeGenerated** column contains the date and time that the record was cre > [!NOTE] > Tables supporting classic Application Insights resources use the **timestamp** column instead of the **TimeGenerated** column. +> [!NOTE] +> The **TimeGenerated** value cannot be older than 2 days before received time or more than a day in the future. If in some situation, the value is older than 2 days or more than a day in the future, it would be replaced with the actual recieved time. + ### Examples The following query returns the number of error events created for each day in the previous week. |
azure-monitor | Restore | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/logs/restore.md | The charge for maintaining restored logs is calculated based on the volume of da For example, if your table holds 500 GB a day and you restore 10 days of data, you'll be charged for 5000 GB a day until you dismiss the restored data. > [!NOTE]-> Billing of restore is not yet enabled. Restore can be used for free until February 1, 2023. +> Billing of restore is not yet enabled. You can restore logs for free until early 2023. For more information, see [Azure Monitor pricing](https://azure.microsoft.com/pricing/details/monitor/). |
azure-monitor | Usage Estimated Costs | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/usage-estimated-costs.md | To limit the view to Azure Monitor charges, [create a filter](../cost-management >[!NOTE] >Usage for Azure Monitor Logs (Log Analytics) can be billed with the **Log Analytics** service (for Pay-as-you-go data ingestion and data retention), or with the **Azure Monitor** service (for Commitment Tiers, Basic Logs and Data Export) or with the **Insight and Analytics** service when using the legacy Per Node pricing tier. Except for a small set of legacy resources, Application Insights data ingestion and retention are billed as the **Log Analytics** service. -Other services such as Microsoft Defender for Cloud and Microsoft Sentinel also bill their usage against Log Analytics workspace resources, so you might want to add them to your filter. See [Common cost analysis uses](../cost-management-billing/costs/cost-analysis-common-uses.md) for information on how to use this view. +Other services such as Microsoft Defender for Cloud and Microsoft Sentinel also bill their usage against Log Analytics workspace resources, so you might want to add them to your filter. ++To get the most useful view for understanding your cost trends in the **Cost analysis** view, ++1. Select the date range you want to investigate +2. Select the desired "Granularity" of "Daily" or "Monthly" (not "Accumulated") +3. Set the chart type to "Column (stacked)" in the top right above the chart +4. Set "Group by" to be "Meter" ++See [Common cost analysis uses](../cost-management-billing/costs/cost-analysis-common-uses.md) for more information on how to use this Cost analysis view.  |
azure-percept | Quickstart Percept Dk Set Up | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-percept/quickstart-percept-dk-set-up.md | To verify if your Azure account is an ΓÇ£ownerΓÇ¥ or ΓÇ£contributorΓÇ¥ within th - Select the **S1 (standard) pricing tier**. > [!NOTE]- > It may take a few minutes for your IoT Hub deployment to complete. If you need a higher [message throughput](../iot-hub/iot-hub-scaling.md#message-throughput) for your edge AI applications, you may [upgrade your IoT Hub to a higher standard tier](../iot-hub/iot-hub-upgrade.md) in the Azure Portal at any time. B and F tiers do NOT support Azure Percept. + > It may take a few minutes for your IoT Hub deployment to complete. If you need a higher [message throughput](../iot-hub/iot-hub-scaling.md#tier-editions-and-units) for your edge AI applications, you may [upgrade your IoT Hub to a higher standard tier](../iot-hub/iot-hub-upgrade.md) in the Azure Portal at any time. B and F tiers do NOT support Azure Percept. 1. When the deployment is complete, select **Register**. |
azure-percept | Quickstart Percept Dk Set Up | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/cloud-services-php-create-web-role.md | Title: Create Azure web and worker roles for PHP description: A guide to creating PHP web and worker roles in an Azure cloud service, and configuring the PHP runtime.- documentationcenter: php - ms.assetid: 9f7ccda0-bd96-4f7b-a7af-fb279a9e975b ms.devlang: PHP Last updated 04/11/2018 + # Create PHP web and worker roles ## Overview |
container-apps | Dapr Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/container-apps/dapr-overview.md | This guide provides insight into core Dapr concepts and details regarding the Da | [**Observability**](./observability.md) | Send tracing information to an Application Insights backend. | | [**Secrets**][dapr-secrets] | Access secrets from your application code or reference secure values in your Dapr components. | +> [!NOTE] +> The above table covers stable Dapr APIs. To learn more about using alpha APIs and components, [see limitations](#unsupported-dapr-capabilities). + ## Dapr concepts overview The following example based on the Pub/sub API is used to illustrate core concepts related to Dapr in Azure Container Apps. This resource defines a Dapr component called `dapr-pubsub` via ARM. - **Dapr Configuration spec**: Any capabilities that require use of the Dapr configuration spec. - **Declarative pub/sub subscriptions** - **Any Dapr sidecar annotations not listed above**+- **Alpha APIs and components**: Dapr alpha APIs and components are available to use on a self-service, opt-in basis. Alpha APIs and components are provided "as is" and "as available," and are continually evolving as they move toward stable status. Alpha APIs and components are not covered by customer support. ### Known limitations |
cost-management-billing | Understand Work Scopes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/cost-management-billing/costs/understand-work-scopes.md | Management groups allow you to organize subscriptions into a hierarchy. For exam Creating an organizational hierarchy allows cost and policy compliance to roll up organizationally. Then, each leader can view and analyze their current costs. And then they can create budgets to curb bad spending patterns and optimize costs with Advisor recommendations at the lowest level. -Granting access to view costs and optionally manage cost configuration, such as budgets and exports, is done on governance scopes using Azure RBAC. You use Azure RBAC to grant Azure AD users and groups access to do a predefined set of actions that are defined in a role on a specific scope and below. For instance, a role assigned to a management group scope also grants the same permissions to nested subscriptions and resource groups. +Granting access to view costs and optionally manage cost configuration, such as budgets and exports, is done on governance scopes using Azure RBAC. You use Azure RBAC to grant Azure AD users and groups access to do a predefined set of actions. The actions are defined in a role on a specific scope and lower. For instance, a role assigned to a management group scope also grants the same permissions to nested subscriptions and resource groups. Cost Management supports the following built-in roles for each of the following scopes: Cost Management supports the following built-in roles for each of the following - [**Cost Management Contributor**](../../role-based-access-control/built-in-roles.md#cost-management-contributor) ΓÇô Can view costs, manage cost configuration, and view recommendations. - [**Cost Management Reader**](../../role-based-access-control/built-in-roles.md#cost-management-reader) ΓÇô Can view cost data, cost configuration, and view recommendations. -Cost Management Contributor is the recommended least-privilege role. The role allows people to create and manage budgets and exports to more effectively monitor and report on costs. Cost Management Contributors might also require additional roles to support complex cost management scenarios. Consider the following scenarios: +Cost Management Contributor is the recommended least-privilege role. The role allows people to create and manage budgets and exports to more effectively monitor and report on costs. Cost Management Contributors might also require more roles to support complex cost management scenarios. Consider the following scenarios: - **Reporting on resource usage** ΓÇô Cost Management shows cost in the Azure portal. It includes usage as it pertains to cost in the full usage patterns. This report can also show API and download charges, but you may also want to drill into detailed usage metrics in Azure Monitor to get a deeper understanding. Consider granting [Monitoring Reader](../../role-based-access-control/built-in-roles.md#monitoring-reader) on any scope where you also need to report detailed usage metrics.-- **Act when budgets are exceeded** ΓÇô Cost Management Contributors also need access to create and manage action groups to automatically react to overages. Consider granting [Monitoring Contributor](../../role-based-access-control/built-in-roles.md#monitoring-contributor) to a resource group that contains the action group to use when budget thresholds are exceeded. Automating specific actions requires additional roles for the specific services used, such as Automation and Azure Functions.+- **Act when budgets are exceeded** ΓÇô Cost Management Contributors also need access to create and manage action groups to automatically react to overages. Consider granting [Monitoring Contributor](../../role-based-access-control/built-in-roles.md#monitoring-contributor) to a resource group that contains the action group to use when budget thresholds are exceeded. Automating specific actions requires more roles for the specific services used, such as Automation and Azure Functions. - **Schedule cost data export** ΓÇô Cost Management Contributors also need access to manage storage accounts to schedule an export to copy data into a storage account. Consider granting [Storage Account Contributor](../../role-based-access-control/built-in-roles.md#storage-account-contributor) to a resource group that contains the storage account where cost data is exported. - **Viewing cost-saving recommendations** ΓÇô Cost Management Readers and Cost Management Contributors have access to *view* cost recommendations by default. However, access to act on the cost recommendations requires access to individual resources. Consider granting a [service-specific role](../../role-based-access-control/built-in-roles.md#all) if you want to act on a cost-based recommendation. If you have a mix of subscriptions, move the unsupported subscriptions to a sepa ### Feature behavior for each role -The following table shows how Cost Management features are used by each role. The behavior below is applicable to all Azure RBAC scopes. +The following table shows how Cost Management features are used by each role. The following behavior is applicable to all Azure RBAC scopes. | **Feature/Role** | **Owner** | **Contributor** | **Reader** | **Cost Management Reader** | **Cost Management Contributor** | | | | | | | | EA billing scopes support the following roles: - **Enterprise admin** ΓÇô Can manage billing account settings and access, can view all costs, and can manage cost configuration. For example, budgets and exports. - **Enterprise read-only user** ΓÇô Can view billing account settings, cost data, and cost configuration. Can manage budgets and exports. - **Department admin** ΓÇô Can manage department settings, such as cost center, and can access, view all costs, and manage cost configuration. For example, budgets and exports. The **DA view charges** billing account setting must be enabled for department admins and read-only users to see costs. If **DA view charges** option is disabled, department users can't see costs at any level, even if they're an account or subscription owner.-- **Department read-only user** ΓÇô Can view department settings, cost data, and cost configuration. Can manage budgets and exports. If **DA view charges** option is disabled, department users can't see costs at any level, even if they are an account or subscription owner.+- **Department read-only user** ΓÇô Can view department settings, cost data, and cost configuration. Can manage budgets and exports. If **DA view charges** option is disabled, department users can't see costs at any level, even if they're an account or subscription owner. - **Account owner** ΓÇô Can manage enrollment account settings (such as cost center), view all costs, and manage cost configuration (such as budgets and exports) for the enrollment account. The **AO view charges** billing account setting must be enabled for account owners and Azure RBAC users to see costs. EA billing account users don't have direct access to invoices. Invoices are available from an external volume licensing system. Only the users with *Global admin* and *Admin agent* roles can manage and view c Cost Management only supports CSP partner customers if the customers have a Microsoft Customer Agreement. For CSP supported customers who aren't yet on a Microsoft Customer Agreement, see [Partner Center](/azure/cloud-solution-provider/overview/partner-center-overview). -Management groups in CSP scopes aren't supported by Cost Management. If you have a CSP subscription and you set the scope to a management group in cost analysis, you'll see an error similar to: +Management groups in CSP scopes aren't supported by Cost Management. If you have a CSP subscription and you set the scope to a management group in cost analysis, an error similar the following one is shown: `Management group <ManagementGroupName> does not have any valid subscriptions` ## Switch between scopes in Cost Management -All Cost Management views in the Azure portal include a **Scope** selection pill at the top-left of the view. Use it to quickly change scope. Select the **Scope** pill to open the scope picker. It shows billing accounts, the root management group, and any subscriptions that aren't nested under the root management group. To select a scope, select the background to highlight it and then select **Select** at the bottom. To drill-in to nested scopes, like resource groups in a subscription, select the scope name link. To select the parent scope at any nested level, select **Select this <scope>** at the top of the scope picker. +All Cost Management views in the Azure portal include a **Scope** selection pill at the top-left of the view. Use it to quickly change scope. Select the **Scope** pill to open the scope picker. It shows billing accounts, the root management group, and any subscriptions that aren't nested under the root management group. To select a scope, select the background to highlight it, and then select **Select** at the bottom. To drill-in to nested scopes, like resource groups in a subscription, select the scope name link. To select the parent scope at any nested level, select **Select this <scope>** at the top of the scope picker. ++### View historical billing scopes after migration or contract change ++If you migrated from an EA agreement to a Microsoft Customer Agreement, you still have access to your old billing scope. ++1. Sign in to the [Azure portal](https://portal.azure.com). +2. Search for and then select **Cost Management + Billing**. +3. Select **Billing Scope** to view your new and previous billing accounts. ## Identify the resource ID for a scope -When working with Cost Management APIs, knowing the scope is critical. Use the following information to build the proper scope URI for Cost Management APIs. +When you work with Cost Management APIs, knowing the scope is critical. Use the following information to build the proper scope URI for Cost Management APIs. ### Billing accounts |
cost-management-billing | Direct Ea Azure Usage Charges Invoices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/cost-management-billing/manage/direct-ea-azure-usage-charges-invoices.md | Title: View your Azure usage summary details and download reports for EA enrollm description: This article explains how enterprise administrators of direct and indirect Enterprise Agreement (EA) enrollments can view a summary of their usage data, Azure Prepayment consumed, and charges associated with other usage in the Azure portal. Previously updated : 01/11/2023 Last updated : 02/10/2023 You receive an Azure invoice when any of the following events occur during your - Visual Studio Professional (Annual) - **Marketplace charges** - Azure Marketplace purchases and usage aren't covered by your organization's credit. So, you're invoiced for Marketplace charges despite your credit balance. In the Azure portal, an Enterprise Administrator can enable and disable Marketplace purchases. -Your invoice displays Azure usage charges with costs associated to them first, followed by any Marketplace charges. If you have a credit balance, it's applied to Azure usage. Your invoice will display Azure usage and Marketplace usage without any cost last. +Your invoice displays Azure usage charges with costs associated to them first, followed by any Marketplace charges. If you have a credit balance, it's applied to Azure usage. Your invoice shows Azure usage and Marketplace usage without any cost last. ### Download your Azure invoices (.pdf) For more information about invoice documents, see [Direct EA billing invoice doc ## Update a PO number for an upcoming overage invoice -In the Azure portal, an Enterprise Administrator for a direct EA enrollment can update the purchase order (PO) for the upcoming invoices. The PO number can get updated anytime before the invoice is created during the current billing period. +In the Azure portal, an Enterprise Administrator for a direct EA enrollment can update the purchase order (PO) for the upcoming Azure Overage/Marketplace invoices. The PO number can get updated anytime before the invoice is created during the current billing period. For a new enrollment, the default PO number is the enrollment number. The EA admin receives an invoice notification email after the end of billing per If you want to update the PO number after your invoice is generated, then contact Azure support in the Azure portal. +> [!NOTE] +>PO number update is only used for Overage/Marketplace invoices. To update a PO number for other invoices such as the invoice for a prepayment purchase, contact your Software Advisor (direct customer) or your partner (indirect customer). They in-turn, can contact the Regional Operation Center to update a PO number using the Call Logging tool at the Explore.ms site. + Check out the [Manage purchase order number in the Azure portal](https://www.youtube.com/watch?v=26aanfQfjaY) video. >[!VIDEO https://www.youtube.com/embed/26aanfQfjaY] The following table lists the terms and descriptions shown on the Credits tab. | Credit applied toward charges | Total amount of the invoice or credit generated | | Ending credit | Credit end balance | -Below are the Accounting codes and description for the adjustments. +The following items are the Accounting codes and description for the adjustments. | **Accounting Code** | **Description** | | | | However, you *should* see: The formatting issue occurs because of default settings in Excel's import functionality. Excel imports all fields as *General* text and assumes that a number is separated in the mathematical standard. For example: *1,000.00*. -If your currency uses a period (**.**) for the thousandth place separator and a comma (**,**) for the decimal place separator, it will display incorrectly. For example: *1.000,00*. The import results may vary depending on your regional language setting. +If your currency uses a period (**.**) for the thousandth place separator and a comma (**,**) for the decimal place separator, it's displayed incorrectly. For example: *1.000,00*. The import results may vary depending on your regional language setting. To import the CSV file without formatting issues: To import the CSV file without formatting issues: 1. Select **Next**. 1. Scroll over to the **ResourceRate** and **ExtendedCost** columns. 1. Select the **ResourceRate** column. It appears highlighted in black.-1. Under the **Column Data Format** section, select **Text** instead of **General**. The column header will change from **General** to **Text**. +1. Under the **Column Data Format** section, select **Text** instead of **General**. The column header changes from **General** to **Text**. 1. Repeat steps 8 and 9 for the **Extended Cost** column, and then select **Finish**. > [!TIP] To import the CSV file without formatting issues: ## Next steps -- To learn about common tasks that an enterprise administrator accomplishes in the Azure portal, see [EA Billing administration on the Azure Portal](direct-ea-administration.md).+- To learn about common tasks that an enterprise administrator accomplishes in the Azure portal, see [EA Billing administration on the Azure portal](direct-ea-administration.md). |
ddos-protection | Alerts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/alerts.md | Title: 'Configure Azure DDoS Protection metric alerts through portal' description: Learn how to configure DDoS protection metric alerts for Azure DDoS Protection. Last updated 01/30/2023 |
ddos-protection | Ddos Configure Log Analytics Workspace | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-configure-log-analytics-workspace.md | Title: 'Configure Azure DDoS Protection Log Analytics workspace' description: Learn how to configure Log Analytics workspace for Azure DDoS Protection. Last updated 01/30/2023 |
ddos-protection | Ddos Diagnostic Alert Templates | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-diagnostic-alert-templates.md | Title: 'Configure Azure DDoS Protection diagnostic logging alerts' description: Learn how to configure DDoS protection diagnostic alerts for Azure DDoS Protection. Last updated 01/30/2023 |
ddos-protection | Ddos Disaster Recovery Guidance | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-disaster-recovery-guidance.md | Title: Azure DDoS Protection business continuity | Microsoft Docs + Title: Azure DDoS Protection business continuity description: Learn what to do in the event of an Azure service disruption impacting Azure DDoS Protection. Last updated 10/12/2022 -+ # Azure DDoS Protection ΓÇô business continuity |
ddos-protection | Ddos Protection Features | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-protection-features.md | Title: Azure DDoS Protection features description: Learn Azure DDoS Protection features Last updated 10/12/2022 |
ddos-protection | Ddos Protection Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-protection-overview.md | Title: Azure DDoS Protection Overview description: Learn how the Azure DDoS Protection, when combined with application design best practices, provides defense against DDoS attacks. Last updated 01/17/2023 |
ddos-protection | Ddos Protection Partner Onboarding | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-protection-partner-onboarding.md | Title: Partnering with Azure DDoS Protection description: "Understand partnering opportunities enabled by Azure DDoS Protection." Last updated 10/12/2022 |
ddos-protection | Ddos Protection Reference Architectures | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-protection-reference-architectures.md | description: Learn Azure DDoS protection reference architectures. -+ Last updated 10/12/2022 |
ddos-protection | Ddos Rapid Response | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-rapid-response.md | Title: Azure DDoS Rapid Response description: Learn how to engage DDoS experts during an active attack for specialized support. -+ Last updated 10/12/2022 |
ddos-protection | Ddos Response Strategy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-response-strategy.md | Title: Components of a DDoS response strategy description: Learn what how to use Azure DDoS Protection to respond to DDoS attacks. -+ Last updated 10/12/2022 |
ddos-protection | Ddos View Alerts Defender For Cloud | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/ddos-view-alerts-defender-for-cloud.md | Title: 'View Azure DDoS Protection alerts in Microsoft Defender for Cloud' description: Learn how to view DDoS protection alerts in Microsoft Defender for Cloud. Last updated 01/30/2023 |
ddos-protection | Diagnostic Logging | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/diagnostic-logging.md | Title: 'Tutorial: View and configure Azure DDoS Protection diagnostic logging' description: Learn how to configure reports and flow logs. -+ Last updated 10/12/2022 |
ddos-protection | Fundamental Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/fundamental-best-practices.md | Title: Azure DDoS Protection fundamental best practices description: Learn the best security practices using Azure DDoS Protection. -+ Last updated 02/08/2023 |
ddos-protection | Inline Protection Glb | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/inline-protection-glb.md | Title: Inline L7 DDoS Protection with Gateway Load Balancer and partner NVAs description: Learn how to create and enable inline L7 DDoS Protection with Gateway Load Balancer and Partner NVAs -+ Last updated 10/12/2022 |
ddos-protection | Manage Ddos Protection Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection-bicep.md | Title: 'Create and configure Azure DDoS Network Protection using Bicep' + Title: 'Quickstart: Create and configure Azure DDoS Network Protection - Bicep' description: Learn how to create and enable an Azure DDoS Protection plan using Bicep. |
ddos-protection | Manage Ddos Protection Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection-cli.md | Title: Create and configure an Azure DDoS Network Protection plan using Azure CLI + Title: 'Quickstart: Create and configure an Azure DDoS Network Protection plan - Azure CLI' description: Learn how to create a DDoS Protection Plan using Azure CLI -+ Last updated 10/12/2022 |
ddos-protection | Manage Ddos Protection Powershell Ip | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection-powershell-ip.md | Title: 'Quickstart: Create and configure Azure DDoS IP Protection Preview using PowerShell' + Title: 'Quickstart: Create and configure Azure DDoS IP Protection Preview - PowerShell' description: Learn how to create Azure DDoS IP Protection Preview using PowerShell |
ddos-protection | Manage Ddos Protection Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection-powershell.md | Title: Create and configure Azure DDoS Network Protection using Azure PowerShell + Title: 'Quickstart: Create and configure Azure DDoS Network Protection - Azure PowerShell' description: Learn how to create a DDoS Protection Plan using Azure PowerShell Last updated 10/12/2022 |
ddos-protection | Manage Ddos Protection Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection-template.md | Title: 'Quickstart: Create and configure Azure DDoS Network Protection using ARM template.' + Title: 'Quickstart: Create and configure Azure DDoS Network Protection - ARM template' description: Learn how to create and enable an Azure DDoS Protection plan using an Azure Resource Manager template (ARM template). |
ddos-protection | Manage Ddos Protection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-ddos-protection.md | Title: 'Quickstart: Create and configure Azure DDoS Network Protection using the Azure portal' + Title: 'Quickstart: Create and configure Azure DDoS Network Protection using - Azure portal' description: Learn how to use Azure DDoS Network Protection to mitigate an attack. |
ddos-protection | Manage Permissions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/manage-permissions.md | Title: Azure DDoS Protection Plan permissions description: Learn how to manage permission in a DDoS Protection plan. -+ Last updated 10/12/2022 |
ddos-protection | Monitor Ddos Protection Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/monitor-ddos-protection-reference.md | Title: 'Monitoring Azure DDoS Protection' -description: Important reference material needed when you monitor DDoS Protection +description: Important reference material needed when you monitor DDoS Protection. -+ Last updated 12/19/2022 |
ddos-protection | Policy Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/policy-reference.md | Title: Azure Policy built-in definitions for Azure DDoS Protection description: Lists Azure Policy built-in policy definitions for Azure DDoS Protection. These built-in policy definitions provide common approaches to managing your Azure resources. Last updated 01/05/2023 |
ddos-protection | Telemetry | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/telemetry.md | Title: 'Tutorial: View and configure DDoS protection telemetry for Azure DDoS Protection' description: Learn how to view and configure DDoS protection telemetry for Azure DDoS Protection. -+ Last updated 10/12/2022 |
ddos-protection | Test Through Simulations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/test-through-simulations.md | Title: Azure DDoS Protection simulation testing -description: Learn about how to test through simulations +description: Learn about how to test through simulations. -+ Last updated 02/06/2023 |
ddos-protection | Types Of Attacks | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ddos-protection/types-of-attacks.md | Title: 'Types of attacks Azure DDoS Protection mitigates' description: Learn what types of attacks Azure DDoS Protection protects against. -+ Last updated 10/12/2022 |
defender-for-cloud | Defender For Containers Introduction | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/defender-for-cloud/defender-for-containers-introduction.md | Learn more about: Defender for Containers provides real-time threat protection for your containerized environments and generates alerts for suspicious activities. You can use this information to quickly remediate security issues and improve the security of your containers. Threat protection at the cluster level is provided by the Defender agent and analysis of the Kubernetes audit logs. Examples of events at this level include exposed Kubernetes dashboards, creation of high-privileged roles, and the creation of sensitive mounts. -Defender for Containers also includes host-level threat detection with over 60 Kubernetes-aware analytics, AI, and anomaly detections based on your runtime workload. +Defender for Containers also includes host-level threat detection with over 60 Kubernetes-aware analytics, AI, and anomaly detections based on your runtime workload. For a full list of the cluster level alerts, see the [reference table of alerts](alerts-reference.md#alerts-k8scluster). Defender for Cloud monitors the attack surface of multicloud Kubernetes deployments based on the [MITRE ATT&CK® matrix for Containers](https://www.microsoft.com/security/blog/2021/04/29/center-for-threat-informed-defense-teams-up-with-microsoft-partners-to-build-the-attck-for-containers-matrix/), a framework developed by the [Center for Threat-Informed Defense](https://mitre-engenuity.org/ctid/) in close partnership with Microsoft. |
defender-for-cloud | Devops Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/defender-for-cloud/devops-faq.md | If you're having issues with Defender for DevOps these frequently asked question - [Secret scan didn't run on my code](#secret-scan-didnt-run-on-my-code) - [I donΓÇÖt see generated SARIF file in the path I chose to drop it](#i-dont-see-generated-sarif-file-in-the-path-i-chose-to-drop-it) - [I donΓÇÖt see the results for my ADO projects in Microsoft Defender for Cloud](#i-dont-see-the-results-for-my-ado-projects-in-microsoft-defender-for-cloud)+- [Why is my Azure DevOps repository not refreshing to healthy?](#why-is-my-azure-devops-repository-not-refreshing-to-healthy) - [I donΓÇÖt see Recommendations for findings](#i-dont-see-recommendations-for-findings) - [What information does Defender for DevOps store about me and my enterprise, and where is the data stored?](#what-information-does-defender-for-devops-store-about-me-and-my-enterprise-and-where-is-the-data-stored) - [Is Exemptions capability available and tracked for app sec vulnerability management](#is-exemptions-capability-available-and-tracked-for-app-sec-vulnerability-management) - [Is continuous, automatic scanning available?](#is-continuous-automatic-scanning-available) - [Is it possible to block the developers committing code with exposed secrets](#is-it-possible-to-block-the-developers-committing-code-with-exposed-secrets) - [I am not able to configure Pull Request Annotations](#i-am-not-able-to-configure-pull-request-annotations)+- [What are the programing languages that are supported by Defender for DevOps?](#what-are-the-programing-languages-that-are-supported-by-defender-for-devops) ### I'm getting an error while trying to connect Currently, OSS vulnerabilities, IaC scanning vulnerabilities, and Total code sca Azure DevOps repositories only have the total exposed secrets available and will show `N/A` for all other fields. You can learn more about how to [Review your findings](defender-for-devops-introduction.md). +### Why is my Azure DevOps repository not refreshing to healthy? ++For a previously unhealthy scan result to be healthy again, updated healthy scan results need to be from the same build definition as the one that generated the findings in the first place. A common scenario where this issue occurs is when testing with different pipelines. For results to refresh appropriately, scan results need to be for the same pipeline(s) and branch(es). ++If no scanning is performed for 14 days, the scan results would be revert to ΓÇ£N/AΓÇ¥. + ### I donΓÇÖt see Recommendations for findings Ensure that you've onboarded the project with the connector and that your repository (that build is for), is onboarded to Microsoft Defender for Cloud. You can learn how to [onboard your DevOps repository](/azure/defender-for-cloud/quickstart-onboard-devops?branch=main) to Defender for Cloud. The ability to block developers from committing code with exposed secrets is not Make sure you have write (owner/contributor) access to the subscription. +### What are the programing languages that are supported by Defender for DevOps? ++The following languages are supported by Defender for DevOps: ++- Python +- Java Script +- Type Script ++ ## Next steps |
deployment-environments | Concept Common Components | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/deployment-environments/concept-common-components.md | Last updated 01/26/2022 # Components common to Azure Deployment Environments and Microsoft Dev Box -Azure Deployment Environments and Microsoft Dev Box are complementary -services that share certain architectural components. Dev centers and -projects are common to both services and they help organize resources in -an enterprise. You can configure dev centers and projects in the Azure -portal. +> [!TIP] +> Welcome to the **Azure Deployment Environments** documentation. If you're looking for information about **Microsoft Dev Box**, follow this link: [*Components common to Microsoft Dev Box and Azure Deployment Environments*](../dev-box/concept-common-components.md). [!INCLUDE [ade-mdb-common-components](../../includes/ade-mdb-common-components/ade-mdb-common-components.md)] |
dev-box | Concept Common Components | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/dev-box/concept-common-components.md | Last updated 01/26/2022 # Components common to Microsoft Dev Box and Azure Deployment Environments -Microsoft Dev Box and Azure Deployment Environments are complementary -services that share certain architectural components. Dev centers and -projects are common to both services and they help organize resources in -an enterprise. You can configure dev centers and projects in the Azure -portal. +> [!TIP] +> Welcome to the **Microsoft Dev Box** documentation. If you're looking for information about **Azure Deployment Environments**, follow this link: [*Components common to Azure Deployment Environments and Microsoft Dev Box*](../deployment-environments/concept-common-components.md). [!INCLUDE [ade-mdb-common-components](../../includes/ade-mdb-common-components/ade-mdb-common-components.md)] |
event-hubs | Event Hubs Dedicated Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/event-hubs/event-hubs-dedicated-overview.md | -# Overview of Azure Event Hubs dedicated tier +# Overview of Azure Event Hubs Dedicated tier -Event Hubs clusters offer **single-tenant deployments** for customers with the most demanding streaming needs. This offering has a guaranteed **99.99%** SLA, which is available only in our dedicated pricing tier. An [Event Hubs cluster](event-hubs-dedicated-overview.md) can ingress millions of events per second with guaranteed capacity and subsecond latency. Namespaces and event hubs created within a cluster include all features of the premium offering and more, but without any ingress limits. The dedicated offering also includes the popular [Event Hubs Capture](event-hubs-capture-overview.md) feature at no additional cost, allowing you to automatically batch and log data streams to [Azure Blob Storage](../storage/blobs/storage-blobs-introduction.md) or [Azure Data Lake Storage Gen 1](../data-lake-store/data-lake-store-overview.md). +Event Hubs dedicated clusters are designed to meet the needs of most demanding mission-critical event streaming workloads. These clusters provide a high-performance, low-latency, scalable, and reliable event streaming service for your event streaming applications that are based on AMQP(Event Hubs SDK) or Apache Kafka APIs. -Dedicated clusters are provisioned and billed by **capacity units (CUs)**, a pre-allocated amount of CPU and memory resources. You can purchase up to 10 CUs for a cluster in the Azure portal. If you need a cluster larger than 10 CU, you can submit an Azure support request to scale up your cluster after its creation. +## Why Dedicated cluster? +The dedicated tier of Event Hubs offers several benefits to customers who need run mission-critical workloads at enterprise-level capacity. -How much you can ingest and stream per CU depends on various factors, such as the following ones: +### Low latency event streaming +These clusters are optimized for low end-to-end latency and high performance. Therefore these clusters enable businesses to handle high-velocity and high-volume data streaming. +### Streaming large volumes of data +Dedicated clusters can stream events at the gigabytes per second or millions of events per second scale for Most of the use cases. Also, these clusters can be easily scaled to accommodate changes in event streaming volume. +++### Guaranteed consistent performance +Event Hubs dedicated clusters minimize the latency jitter and ensure consistent performance with guaranteed capacity. ++### Zero interference +Event Hubs Dedicated Clusters operate on a single-tenant architecture. Therefore it ensures that the allocated resources being not shared with any other tenants. Therefore, unlike other tiers, you wouldn't see any cross tenant interference in Dedicated cluster. ++### Self-serve scaling +The dedicated cluster offers self-serve scaling capabilities that allow you to adjust the capacity of the cluster according to dynamic loads and to facilitate business operations. You can scale out during spikes in usage and scale in when the usage is low. ++### High-end features and generous quotas +Dedicated clusters include all features of the Premium tier and more. The service also manages load balancing, operating system updates, security patches, and partitioning. So, you can spend less time on infrastructure maintenance and more time on building your event streaming applications. ++## Capacity Units(CU) +Dedicated clusters are provisioned and billed by capacity units (CUs), a pre-allocated amount of CPU and memory resources. ++How much you can ingest and stream per CU depends on various factors, such as the following ones: - Number of producers and consumers-- Payload shape+- Number of partitions. +- Producer and consumer configuration. +- Payload size - Egress rate -> [!NOTE] -> All Event Hubs clusters are Kafka-enabled by default and support Kafka endpoints that can be used by your existing Kafka based applications. Having Kafka enabled on your cluster does not affect your non-Kafka use cases. There is no option or need to disable Kafka on a cluster. +Therefore, to determine the necessary number of CUs, you should carry out your anticipated event streaming workload on an Event Hubs dedicated cluster while observing the cluster's resource utilization. For more information, see [When to scale my dedicated cluster](#when-to-scale-my-dedicated-cluster). -## Why dedicated tier? -The dedicated tier of Event Hubs offers three compelling benefits to customers who need enterprise-level capacity: +## Cluster Types +Event Hubs Dedicated Clusters come in two distinct types: Self-serve scalable clusters and Legacy clusters. These two types differ in their support for the number of CUs, the amount of throughput each CU provides, and the regional and zone availability. -### Single-tenancy guarantees capacity for better performance -A dedicated cluster guarantees capacity at full scale. It can ingress up to gigabytes of streaming data with fully durable storage and subsecond latency to accommodate any burst in traffic. +As a dedicated cluster user, you can determine the type of cluster by examining the availability of the capacity scaling feature in the portal. If this capability is present, you're using a self-serve scalable cluster. Conversely, if it isn't available, you're utilizing a legacy dedicated cluster. Alternatively you can look for the [Azure Resource Manager properties](/azure/templates/microsoft.eventhub/clusters?pivots=deployment-language-arm-template) related to Dedicated clusters. -### Inclusive and exclusive access to features -The dedicated offering includes features like [Event Hubs Capture](event-hubs-capture-overview.md) at no additional cost and exclusive access to features like [Bring Your Own Key (BYOK)](configure-customer-managed-key.md). The service also manages load balancing, operating system updates, security patches, and partitioning. So, you can spend less time on infrastructure maintenance and more time on building client-side features. +### Self-serve scalable clusters +Event Hubs Self-serve scalable clusters are based on new infrastructure and allow users to easily scale the number of capacity units allocated to each cluster. By creating a dedicated cluster through the Event Hubs portal or ARM templates, you gain access to a self-service scalable cluster. To learn how to scale your dedicated cluster, see [Scale Event Hubs dedicated clusters](event-hubs-dedicated-cluster-create-portal.md). -### Self-Serve scaling capabilities  -The dedicated tier offers self-serve scaling capabilities that allow you to adjust the capacity of the cluster according to dynamic loads and to facilitate business operations. You can scale out during spikes in usage and scale in when the usage is low. To learn how to scale your dedicated cluster, see [Scale Event Hubs dedicated clusters](event-hubs-dedicated-cluster-create-portal.md). -## Quotas and limits -The Event Hubs dedicated offering is billed at a fixed monthly price, with a **minimum of 4 hours of usage**. The dedicated tier offers all the features of the premium plan, but with enterprise-scale capacity and limits for customers with demanding workloads. +Approximately, one capacity unit (CU) in a self-serve scalable cluster provides *ingress capacity ranging from 100 MB/s to 200 MB/s*, although actual throughput may fluctuate depending on various factors. -For more information about quotas and limits, see [Event Hubs quotas and limits](event-hubs-quotas.md) +With self-serve scalable clusters, you can purchase up to 10 CUs for a cluster in the Azure portal. In contrast to traditional clusters, these clusters can be scaled incrementally with CUs ranging from 1 to 10. +If you need a cluster larger than 10 CU, you can [submit a support request](event-hubs-dedicated-cluster-create-portal.md#submit-a-support-request) to scale up your cluster after its creation. ++> [!IMPORTANT] +> Self-serve scalable dedicated clusters currently don't support [availability zones](../availability-zones/az-overview.md#azure-regions-with-availability-zones). If you need to use AZ with your dedicated cluster, then you need to explicitly create a Legacy dedicated cluster. -## High availability with availability zones -Event Hubs standard, premium, and dedicated tiers offer [availability zones](../availability-zones/az-overview.md#availability-zones) support where you can run event streaming workloads in physically separate locations within each Azure region that are tolerant to local failures. +### Legacy clusters +Event Hubs dedicated clusters created prior to the availability of self-serve scalable clusters are referred to as legacy clusters. ++To use these legacy clusters, direct creation through the Azure portal or ARM templates isn't possible and you must instead [submit a support request](event-hubs-dedicated-cluster-create-portal.md#submit-a-support-request) to create one. ++Approximately, one capacity unit (CU) in a self-serve scalable cluster provides *ingress capacity ranging from 50 MB/s to 100 MB/s*, although actual throughput may fluctuate depending on various factors. ++With Legacy cluster, you can purchase up to 20 CUs. ++> [!Note] +> Event Hubs Dedicated clusters require at least 8 Capacity Units(CUs) to enable availability zones. Clusters with self-serve scaling does not support availability zones yet. Availability zone support is only available in [Azure regions with availability zones](../availability-zones/az-overview.md#azure-regions-with-availability-zones). > [!IMPORTANT] -> Event Hubs dedicated clusters require at least 8 Capacity Units(CUs) to enable availability zones. Clusters with self-serve scaling does not support availability zones yet. Availability zone support is only available in [Azure regions with availability zones](../availability-zones/az-overview.md#azure-regions-with-availability-zones). +> Migrating an existing Legacy cluster to a Self-Serve Cluster isn't currently support. For more information, see [migrating a Legacy cluster to Self-Serve Scalable cluster.](#can-i-migrate-my-standard-or-premium-namespaces-to-a-dedicated-tier-cluster). ++## Determining cluster type ++You can determine the cluster type that you are using the following methods. +| Method | Action | Self-serve scalable clusters | Legacy clusters | Notes | +| -| - | | | | +| Using Portal | Check for presence of ‘Scale’ tab under the cluster | ‘Scale’ page available in the cluster UI.| No scale page available in the cluster UI. | | +| Using Azure Resource Manager| Check for `supportsScaling` Azure Resource Manager property on cluster. | Check for presence of ‘Scale’ page under the cluster.  | No scale page available in the cluster UI. | Check this property on Portal, CLI or PowerShell. Needs API version *2022-01-01-preview* or newer. | +| Using nslookup| Run nslookup command on a namespace in cluster. | CNAME maps to `*.cloudapp.azure.com`.  | CNAME maps to `*.cloudapp.net`. | Example: `nslookup ns.servicebus.windows.net`. | ++## Quotas and limits +The Event Hubs dedicated offering is billed at a fixed monthly price, with a **minimum of 4 hours of usage**. The dedicated tier offers all the features of the premium plan, but with enterprise-scale capacity and limits for customers with demanding workloads. ++For more information about quotas and limits, see [Event Hubs quotas and limits](event-hubs-quotas.md) ## How to onboard Event Hubs dedicated tier is generally available (GA). The self-serve experience to create an Event Hubs cluster through the [Azure portal](event-hubs-dedicated-cluster-create-portal.md) is currently in Preview. You can also request for the cluster to be created by contacting the [Event Hubs team](mailto:askeventhubs@microsoft.com). Event Hubs dedicated tier is generally available (GA). The self-serve experience ## Next steps -Contact your Microsoft sales representative or Microsoft Support to get additional details about Event Hubs Dedicated. You can also create a cluster or learn more about Event Hubs pricing tiers by visiting the following links: +Contact your Microsoft sales representative or Microsoft Support to get more details about Event Hubs Dedicated. You can also create a cluster or learn more about Event Hubs pricing tiers by visiting the following links: - [Create an Event Hubs cluster through the Azure portal](https://aka.ms/eventhubsclusterquickstart) -- [Event Hubs Dedicated pricing](https://azure.microsoft.com/pricing/details/event-hubs/). You can also contact your Microsoft sales representative or Microsoft Support to get additional details about Event Hubs Dedicated capacity.+- [Event Hubs Dedicated pricing](https://azure.microsoft.com/pricing/details/event-hubs/). You can also contact your Microsoft sales representative or Microsoft Support to get more details about Event Hubs Dedicated capacity. - The [Event Hubs FAQ](event-hubs-faq.yml) contains pricing information and answers some frequently asked questions about Event Hubs. |
frontdoor | Apex Domain | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/apex-domain.md | description: Learn about apex domains when using Azure Front Door. -+ Last updated 02/07/2023 |
frontdoor | Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/best-practices.md | Title: Azure Front Door - Best practices description: This page provides information about how to configure Azure Front Door based on Microsoft's best practices. -+ Last updated 12/05/2022 |
frontdoor | Billing | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/billing.md | description: Learn how you're billed when you use Azure Front Door. -+ Last updated 09/06/2022 |
frontdoor | Classic Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/classic-overview.md | Title: Azure Front Door (classic) | Microsoft Docs + Title: Azure Front Door (classic) description: This article provides an overview of Azure Front Door (classic). Last updated 06/15/2022 - # customer intent: As an IT admin, I want to learn about Front Door and what I can use it for. - # What is Azure Front Door (classic)? |
frontdoor | Create Front Door Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-bicep.md | Title: 'Quickstart: Create an Azure Front Door Standard/Premium using Bicep' + Title: 'Quickstart: Create an Azure Front Door Standard/Premium - Bicep' description: This quickstart describes how to create an Azure Front Door Standard/Premium using Bicep. Last updated 07/08/2022 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Create Front Door Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-cli.md | Title: Create an Azure Front Door Standard/Premium with the Azure CLI -description: Learn how to create an Azure Front Door Standard/Premium with Azure CLI. Use Azure Front Door to deliver content to your global user base and protect your web apps against vulnerabilities. -+ Title: 'Quickstart: Create an Azure Front Door Standard/Premium - the Azure CLI' +description: Learn how to create an Azure Front Door Standard/Premium using Azure CLI. Use Azure Front Door to deliver content to your global user base and protect your web apps against vulnerabilities. + Last updated 6/13/2022 - # Quickstart: Create an Azure Front Door Standard/Premium - Azure CLI |
frontdoor | Create Front Door Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-portal.md | |
frontdoor | Create Front Door Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-powershell.md | Title: 'Create an Azure Front Door Standard/Premium with Azure PowerShell' -description: Learn how to create an Azure Front Door Standard/Premium with Azure PowerShell. Use Azure Front Door to deliver content to your global user base and protect your web apps against vulnerabilities. + Title: 'Quickstart: Create an Azure Front Door Standard/Premium - Azure PowerShell' +description: Learn how to create an Azure Front Door Standard/Premium using Azure PowerShell. Use Azure Front Door to deliver content to your global user base and protect your web apps against vulnerabilities. Last updated 06/28/2022 - # Quickstart: Create an Azure Front Door Standard/Premium - Azure PowerShell |
frontdoor | Create Front Door Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-template.md | Title: 'Quickstart: Create an Azure Front Door Standard/Premium by using an Azure Resource Manager template (ARM template)' -description: This quickstart describes how to create an Azure Front Door Standard/Premium by using Azure Resource Manager template (ARM template). + Title: 'Quickstart: Create an Azure Front Door Standard/Premium - ARM template' +description: This quickstart describes how to create an Azure Front Door Standard/Premium using Azure Resource Manager template (ARM template). Last updated 07/12/2022 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Create Front Door Terraform | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/create-front-door-terraform.md | Title: 'Quickstart: Create an Azure Front Door Standard/Premium profile using Terraform' + Title: 'Quickstart: Create an Azure Front Door Standard/Premium profile - Terraform' description: This quickstart describes how to create an Azure Front Door Standard/Premium using Terraform. Last updated 10/25/2022 # Create a Front Door Standard/Premium profile using Terraform |
frontdoor | Domain | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/domain.md | description: Learn about custom domains when using Azure Front Door. -+ Last updated 02/07/2023 |
frontdoor | Edge Locations By Abbreviation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/edge-locations-by-abbreviation.md | description: This article lists Azure Front Door edge locations, sorted by edge -+ Last updated 11/10/2021 |
frontdoor | Edge Locations By Region | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/edge-locations-by-region.md | description: This article lists Azure Front Door edge locations, sorted by regio -+ Last updated 06/01/2022 |
frontdoor | End To End Tls | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/end-to-end-tls.md | description: Learn about end-to-end TLS encryption when using Azure Front Door. -+ Last updated 02/07/2023 |
frontdoor | Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/endpoint.md | description: Learn about endpoints when using Azure Front Door. -+ Last updated 06/22/2022 |
frontdoor | Front Door Application Security | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-application-security.md | Title: Azure Front Door - Application layer security | Microsoft Docs + Title: Azure Front Door - Application layer security description: This article helps you understand how Azure Front Door enables to protect and secure your application backends -+ Last updated 09/10/2018 |
frontdoor | Front Door Custom Domain Https | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-custom-domain-https.md | Title: Tutorial - Configure HTTPS on a custom domain for Azure Front Door (classic) | Microsoft Docs + Title: 'Tutorial: Configure HTTPS on a custom domain for Azure Front Door (classic)' description: In this tutorial, you learn how to enable and disable HTTPS on your Azure Front Door (classic) configuration for a custom domain. Last updated 06/06/2022 |
frontdoor | Front Door Custom Domain | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-custom-domain.md | Title: Tutorial - Add custom domain to your Azure Front Door configuration + Title: 'Tutorial: Add custom domain to your Azure Front Door configuration' description: In this tutorial, you learn how to onboard a custom domain to Azure Front Door. Last updated 04/12/2021 |
frontdoor | Front Door Ddos | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-ddos.md | Title: DDoS protection on Azure Front Door -description: This page provides information about how Azure Front Door helps to protect against DDoS attacks +description: This page provides information about how Azure Front Door helps to protect against DDoS attacks. -+ Last updated 10/31/2022 |
frontdoor | Front Door Diagnostics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-diagnostics.md | Title: Monitoring metrics and logs in - Azure Front Door (classic) + Title: Monitor metrics and logs in Azure Front Door (classic) description: This article describes the different metrics and access logs that Azure Front Door (classic) supports -+ Last updated 03/22/2022 -# Monitoring metrics and logs in Azure Front Door (classic) +# Monitor metrics and logs in Azure Front Door (classic) When using Azure Front Door (classic), you can monitor resources in the following ways: |
frontdoor | Front Door How To Redirect Https | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-how-to-redirect-https.md | Title: Create a Front Door with HTTP to HTTPS redirection using the Azure portal + Title: Create a Front Door with HTTP to HTTPS redirection - Azure portal description: Learn how to create a Front Door with redirected traffic from HTTP to HTTPS using the Azure portal. |
frontdoor | Front Door Http Headers Protocol | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-http-headers-protocol.md | Title: Protocol support for HTTP headers in Azure Front Door | Microsoft Docs + Title: Protocol support for HTTP headers in Azure Front Door description: This article describes HTTP header protocols that Front Door supports. -+ Last updated 01/16/2023 |
frontdoor | Front Door Http2 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-http2.md | Title: Azure Front Door - HTTP2 support | Microsoft Docs + Title: HTTP/2 support in Azure Front Door description: This article helps you learn about HTTP/2 support in Azure Front Door -+ Last updated 09/28/2020 |
frontdoor | Front Door Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-overview.md | Title: Azure Front Door | Microsoft Docs + Title: Azure Front Door description: This article provides an overview of Azure Front Door. |
frontdoor | Front Door Quickstart Template Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-quickstart-template-samples.md | Title: Azure Resource Manager template samples - Azure Front Door + Title: Azure Resource Manager template samples + description: Learn about Resource Manager template samples for Azure Front Door, including templates for creating a basic Front Door profile and configuring Front Door rate limiting. Last updated 03/10/2022 |
frontdoor | Front Door Route Matching | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-route-matching.md | Title: Azure Front Door - Routing rule matching + Title: Routing rule matching + description: This article helps you understand how Azure Front Door matches incoming requests to a routing rule. -+ Last updated 03/08/2022 |
frontdoor | Front Door Routing Architecture | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-routing-architecture.md | Title: Azure Front Door - routing architecture | Microsoft Docs + Title: Routing architecture + description: This article helps you understand the global view aspect of Front Door's architecture. -+ Last updated 01/27/2022 |
frontdoor | Front Door Routing Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-routing-limits.md | Title: Azure Front Door - routing limits | Microsoft Docs + Title: Routing limits + description: This article helps you understand the composite limits around routing for Azure Front Door. -+ Last updated 12/08/2022 |
frontdoor | Front Door Rules Engine Actions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-rules-engine-actions.md | description: This article provides a list of various actions you can do with Azu -+ Last updated 03/22/2022 |
frontdoor | Front Door Rules Engine | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-rules-engine.md | description: This article provides an overview of the Azure Front Door Rules Eng -+ Last updated 03/22/2022 |
frontdoor | Front Door Security Headers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-security-headers.md | |
frontdoor | Front Door Traffic Acceleration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-traffic-acceleration.md | Title: Azure Front Door - traffic acceleration | Microsoft Docs + Title: Traffic acceleration + description: This article helps you understand how Front Door accelerates traffic. -+ Last updated 05/05/2022 |
frontdoor | Front Door Tutorial Rules Engine | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-tutorial-rules-engine.md | Title: 'Tutorial: Configure Rules Engine - Azure Front Door' + Title: 'Tutorial: Configure Rules Engine' + description: This article provides a tutorial on how to configure Rules Engine in both the Azure portal and CLI. Last updated 09/09/2020 |
frontdoor | Front Door Url Redirect | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-url-redirect.md | Title: Azure Front Door - URL Redirect | Microsoft Docs + Title: URL Redirect + description: This article helps you understand how Azure Front Door supports URL redirection for their routing rules. -+ Last updated 03/09/2022 |
frontdoor | Front Door Url Rewrite | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-url-rewrite.md | Title: Azure Front Door - URL Rewrite + Title: URL Rewrite + description: This article helps you understand how URL rewrites works in Azure Front Door. |
frontdoor | Front Door Waf | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-waf.md | Title: 'Tutorial: Scale and protect a web app by using Azure Front Door and Azure Web Application Firewall (WAF)' description: This tutorial will show you how to use Azure Web Application Firewall with the Azure Front Door service. Last updated 10/01/2020 |
frontdoor | Front Door Wildcard Domain | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/front-door-wildcard-domain.md | Title: Support for wildcard domains - Azure Front Door + Title: Support for wildcard domains + description: This article helps you understand how Azure Front Door supports mapping and managing wildcard domains in the list of custom domains. Last updated 02/07/2023 |
frontdoor | Health Probes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/health-probes.md | Title: Backend health monitoring - Azure Front Door + Title: Backend health monitoring + description: This article helps you understand how Azure Front Door monitors the health of your origins. Last updated 03/17/2022 |
frontdoor | How To Configure Caching | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/how-to-configure-caching.md | Title: 'Configure caching - Azure Front Door' + Title: Configure caching + description: This article shows you how to configure caching on Azure Front Door. |
frontdoor | How To Configure Endpoints | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/how-to-configure-endpoints.md | Title: 'Configure an endpoint with Front Door manager - Azure Front Door' + Title: Configure an endpoint with Front Door manager + description: This article shows you how to configure an endpoint for an existing Azure Front Door profile with Front Door manager. |
frontdoor | How To Configure Origin | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/how-to-configure-origin.md | Title: How to configure origins - Azure Front Door + Title: How to configure origins + description: This article shows how to configure origins in an origin group to use with your Azure Front Door profile. |
frontdoor | Manager | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/manager.md | Title: 'Front Door manager - Azure Front Door' + Title: Azure Front Door manager description: This article is about concepts of the Front Door manager. You'll learn about routes and security policies in an endpoint. |
frontdoor | Origin Security | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/origin-security.md | Title: Secure traffic to origins - Azure Front Door + Title: Secure traffic to origins + description: This article explains how to restrict traffic to your origins to ensure it's been processed by Azure Front Door. |
frontdoor | Origin | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/origin.md | Title: Origins and origin groups - Azure Front Door + Title: Origins and origin groups + description: This article explains the concept of what an origin and origin group is in a Front Door configuration. |
frontdoor | Private Link | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/private-link.md | Title: 'Secure your Origin with Private Link in Azure Front Door Premium' description: This page provides information about how to secure connectivity to your origin using Private Link. |
frontdoor | Quickstart Create Front Door Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door-bicep.md | Title: 'Quickstart: Create an Azure Front Door Service using Bicep' + Title: 'Quickstart: Create an Azure Front Door Service - Bicep' description: This quickstart describes how to create an Azure Front Door Service using Bicep. Last updated 03/30/2022 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Quickstart Create Front Door Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door-cli.md | |
frontdoor | Quickstart Create Front Door Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door-powershell.md | Title: 'Quickstart: Set up high availability with Azure Front Door - Azure PowerShell' description: This quickstart will show you how to use Azure Front Door to create a high availability and high-performance global web application using Azure PowerShell. Last updated 04/19/2021 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Quickstart Create Front Door Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door-template.md | Title: 'Quickstart: Create an Azure Front Door Service by using an Azure Resource Manager template (ARM template)' + Title: 'Quickstart: Create an Azure Front Door Service - ARM template' description: This quickstart describes how to create an Azure Front Door Service by using Azure Resource Manager template (ARM template). Last updated 09/14/2020 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Quickstart Create Front Door Terraform | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door-terraform.md | Title: 'Quickstart: Create an Azure Front Door (classic) using Terraform' + Title: 'Quickstart: Create an Azure Front Door (classic) - Terraform' description: This quickstart describes how to create an Azure Front Door Service using Terraform. Last updated 10/25/2022 # Create a Front Door (classic) using Terraform |
frontdoor | Quickstart Create Front Door | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/quickstart-create-front-door.md | Title: 'Quickstart: Set up high availability with Azure Front Door Service - Azure portal' description: This quickstart shows how to use Azure Front Door Service for your highly available and high-performance global web application by using the Azure portal. Last updated 10/28/2022 #Customer intent: As an IT admin, I want to direct user traffic to ensure high availability of web applications. |
frontdoor | Routing Methods | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/routing-methods.md | Title: Traffic routing methods to origin - Azure Front Door | Microsoft Docs + Title: Traffic routing methods to origin + description: This article explains the four different traffic routing methods used by Azure Front Door to origin. -+ Last updated 11/08/2022 |
frontdoor | Rule Set Server Variables | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/rule-set-server-variables.md | Title: Server variables - Azure Front Door + Title: Server variables + description: This article provides a list of the server variables available in Azure Front Door rule sets. |
frontdoor | Scenario Storage Blobs | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/scenario-storage-blobs.md | Title: Use Azure Front Door with Azure Storage blobs - Azure Front Door | Microsoft Docs + Title: Use Azure Front Door with Azure Storage blobs description: Learn how to use Front Door with storage blobs for accelerating content delivery of static content, enabling a secure and scalable architecture. -+ Last updated 12/08/2022 |
frontdoor | Scenarios | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/scenarios.md | Title: Accelerate and secure your web application with Azure Front Door - Azure Front Door | Microsoft Docs + Title: Accelerate and secure your web application with Azure Front Door description: This article explains how Front Door can help you to build a well architected solution on Azure. -+ Previously updated : 02/07/2023 Last updated : 02/13/2023 Front Door's security capabilities help to protect your application servers from - **Managed TLS certificates:** Front Door can [issue and manage certificates](domain.md#https-for-custom-domains), ensuring that your applications are protected by strong encryption and trust. - **Custom TLS certificates:** If you need to bring your own TLS certificates, Front Door enables you to use a [managed identity to access the key vault](managed-identity.md) that contains the certificate. - **Web application firewall:** Front Door's web application firewall (WAF) provides a range of security capabilities to your application. [Managed rule sets](../web-application-firewall/afds/waf-front-door-drs.md) scan incoming requests for suspicious content. [Bot protection rules](../web-application-firewall/afds/afds-overview.md#bot-protection-rule-set) identify and respond to traffic from bots. [Geo-filtering](../web-application-firewall/afds/waf-front-door-geo-filtering.md) and [rate limiting](../web-application-firewall/afds/waf-front-door-rate-limit.md) features protect your application servers from unexpected traffic.+- **Protocol blocking:** Front Door only accepts traffic on the HTTP and HTTPS protocols, and will only process valid requests with a known `Host` header. Because of this behavior, your application is protected against many types of attacks across a range of protocols. - **DDoS protection:** Because of Front Door's architecture, it can also absorb large [distributed denial of service (DDoS) attacks](front-door-ddos.md) and prevent the traffic from reaching your application. - **Private Link origins:** [Private Link integration](private-link.md) helps you to protect your backend applications, ensuring that traffic can only reach your application by passing through Front Door and its security protections. |
frontdoor | Terraform Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/frontdoor/terraform-samples.md | Title: Terraform samples - Azure Front Door description: Learn about Terraform samples for Azure Front Door, including samples for creating a basic Front Door profile. Last updated 11/22/2022 |
healthcare-apis | Release Notes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/healthcare-apis/release-notes.md | Azure Health Data Services is a set of managed API services based on open standa ## January 2023 -### Azure Health Data Services +#### Azure Health Data Services **Azure Health Data services General Available (GA) in new regions** General availability (GA) of Azure Health Data services in France Central, North Central US and Qatar Central Regions. -### DICOM service +#### DICOM service **Added support for `ModalitiesInStudy` attribute** The DICOM service now supports `ModalitiesInStudy` as a [searchable attribute](d Two new attributes for returning the count of Instances in a Study or Series are available in Search [responses](dicom/dicom-services-conformance-statement.md#additional-series-tags). -### Toolkit and Samples Open Source +#### Toolkit and Samples (Open Source) **New sample app has been released** One new sample app has been released in the [Health Data Services samples repo](https://github.com/Azure-Samples/azure-health-data-services-samples) Azure Health Data Services [Events](events/events-overview.md) now include a pub **Fixed the Error generated when resource is updated using if-match header and PATCH** -Bug is now fixed and Resource will be updated if matches the Etag header. For details , see [#2877](https://github.com/microsoft/fhir-server/issues/2877) +Bug is now fixed and Resource will be updated if matches the Etag header. For details, see [#2877](https://github.com/microsoft/fhir-server/issues/2877) -#### Toolkit and Samples Open Source +#### Toolkit and Samples (Open Source) **Azure Health Data Services Toolkit is released** Customers can now determine if their mappings are working as intended, as they c **Fixed issue where Querying with :not operator was returning more results than expected** -The issue is now fixed and querying with :not operator should provide correct results. For more information, see [#2790](https://github.com/microsoft/fhir-server/pull/2785). | +The issue is now fixed and querying with :not operator should provide correct results. For more information, see [#2790](https://github.com/microsoft/fhir-server/pull/2785). The service will now accept the following: * IS, DS, SV, and UV VRs that are not valid numbers * Invalid private creator tags -#### Toolkit and Samples Open Source +#### Toolkit and Samples (Open Source) **The [Azure Health Data Services Toolkit](https://github.com/microsoft/azure-health-data-services-toolkit) is now in the public preview.** -The toolkit is open-source and allows to easily customize and extend the functionality of their Azure Health Data Services implementations. +The toolkit is open-source and allows you to easily customize and extend the functionality of their Azure Health Data Services implementations. ## **August 2022** Analytics pipeline can process FHIR extensions to generate parquet data. See [FH **Fixed issue related to History bundles being sorted with the oldest version first.** -We've recently identified an issue with the sorting order of history bundles on FHIR® server. History bundles were sorted with the oldest version first. Per FHIR specification, the sorting of versions defaults to the oldest version last.This bug fix, addresses FHIR server behavior for sorting history bundle. <br><br>We understand if you would like to keep the sorting per existing behavior (oldest version first). To support existing behavior, we recommend you append `_sort=_lastUpdated` to the HTTP GET command utilized for retrieving history. <br><br>For example: `<server URL>/_history?_sort=_lastUpdated` <br><br>For more information, see [#2689](https://github.com/microsoft/fhir-server/pull/2689). +We've recently identified an issue with the sorting order of history bundles on FHIR® server. History bundles were sorted with the oldest version first. Per FHIR specification, the sorting of versions defaults to the oldest version last. This bug fix, addresses FHIR server behavior for sorting history bundle. <br><br>We understand if you would like to keep the sorting per existing behavior (oldest version first). To support existing behavior, we recommend you append `_sort=_lastUpdated` to the HTTP GET command utilized for retrieving history. <br><br>For example: `<server URL>/_history?_sort=_lastUpdated` <br><br>For more information, see [#2689](https://github.com/microsoft/fhir-server/pull/2689). **Fixed issue where Queries were not providing consistent result count after appended with `_sort` operator.** The issue is now fixed and queries should provide consistent result count, with and without sort operator. The modality worklists (UPS-RS) service is now generally available. Learn more a We've recently identified an issue with the sorting order of history bundles on FHIR® server. History bundles were sorted with the oldest version first. Per [FHIR specification](https://hl7.org/fhir/http.html#history), the sorting of versions defaults to the oldest version last. This bug fix, addresses FHIR server behavior for sorting history bundle.<br /><br />We understand if you would like to keep the sorting per existing behavior (oldest version first). To support existing behavior, we recommend you append `_sort=_lastUpdated` to the HTTP `GET` command utilized for retrieving history. <br /><br />For example: `<server URL>/_history?_sort=_lastUpdated` <br /><br />For more information, see [#2689](https://github.com/microsoft/fhir-server/pull/2689). -### MedTech service +#### MedTech service **Improvements to documentations for Events and MedTech and availability zones.** Tested and enhanced usability and functionality. Added new documents to enable c #### DICOM service -#### **Features** **DICOM Service availability expands to new regions.** Attributes that are defined to have a single value but have specified multiple v #### FHIR service -** Added FHIRPath Patch** +**Added FHIRPath Patch** FHIRPath Patch was added as a feature to both the Azure API for FHIR. This implements FHIRPath Patch as defined on the [HL7](http://hl7.org/fhir/fhirpatch.html) website. Currently, WADO with Accept: multipart/related; type=application/dicom will thro Handle race conditions during parallel instance inserts in the same study. For more information, see [PR #1491](https://github.com/microsoft/dicom-server/pull/1491) and [PR #1496](https://github.com/microsoft/dicom-server/pull/1496). ++ ## March 2022 + #### Azure Health Data Services **Private Link is now available** With Private Link, you can access Azure Health Data Services securely from your VNet as a first-party service without having to go through a public Domain Name System (DNS). For more information, see [Configure Private Link for Azure Health Data Services](./../healthcare-apis/healthcare-apis-configure-private-link.md). -### FHIR service +#### FHIR service **FHIRPath Patch operation available** |This new feature enables you to use the FHIRPath Patch operation on FHIR resources. For more information, see [FHIR REST API capabilities for Azure Health Data Services FHIR service](./../healthcare-apis/fhir/fhir-rest-api-capabilities.md). Enables easier deployment and use of MedTech service for customers without the n ## January 2022 +#### FHIR service + **Export FHIR data behind firewalls** This new feature enables exporting FHIR data to storage accounts behind firewalls. For more information, see [Configure export settings and set up a storage account](./././fhir/configure-export-data.md). If SQL Server timed out, the PUT `/resource{id}` returned a 500 error. Now we ha #### FHIR service -#### **Feature enhancements** **Process Patient-everything links** We've updated Azure Health Data Services GitHub samples repo to include a  #### **DICOM service** -**Regions** **South Brazil and Central Canada.** For more information about Azure regions and availability zones, see [Azure services that support availability zones](https://azure.microsoft.com/global-infrastructure/services/). Enabled DICOM service to work with workspaces that have names beginning with a l #### FHIR service -|Enhancements | | -| :- | :- | -|Added support for conditional patch | [Conditional patch](./././azure-api-for-fhir/fhir-rest-api-capabilities.md#patch-and-conditional-patch)| -|Conditional patch | [#2163](https://github.com/microsoft/fhir-server/pull/2163) | -|Added conditional patch audit event. | [#2213](https://github.com/microsoft/fhir-server/pull/2213) | --|Allow JSON patch in bundles | | -| :- | :-| -|Allows for search history bundles with Patch requests. |[#2156](https://github.com/microsoft/fhir-server/pull/2156) | -|Enabled JSON patch in bundles using Binary resources. |[#2143](https://github.com/microsoft/fhir-server/pull/2143) | -|Added new audit event [OperationName subtypes](./././azure-api-for-fhir/enable-diagnostic-logging.md#audit-log-details)| [#2170](https://github.com/microsoft/fhir-server/pull/2170) | --| Running a reindex job | | -| :- | :-| -|Added [boundaries for reindex](./././azure-api-for-fhir/how-to-run-a-reindex.md#performance-considerations) parameters. |[#2103](https://github.com/microsoft/fhir-server/pull/2103)| -|Updated error message for reindex parameter boundaries. |[#2109](https://github.com/microsoft/fhir-server/pull/2109)| -|Added final reindex count check. |[#2099](https://github.com/microsoft/fhir-server/pull/2099)| --|Bug fixes | | -| :- | :-- | -| Wider catch for exceptions during applying patch | [#2192](https://github.com/microsoft/fhir-server/pull/2192)| -|Fix history with PATCH in STU3 |[#2177](https://github.com/microsoft/fhir-server/pull/2177) | --|Custom search bugs | | -| :- | :- | -|Addresses the delete failure with Custom Search parameters |[#2133](https://github.com/microsoft/fhir-server/pull/2133) | -|Added retry logic while Deleting Search parameter | [#2121](https://github.com/microsoft/fhir-server/pull/2121)| -|Set max item count in search options in SearchParameterDefinitionManager |[#2141](https://github.com/microsoft/fhir-server/pull/2141) | -|Better exception if there's a bad expression in a search parameter |[#2157](https://github.com/microsoft/fhir-server/pull/2157) | --|Resolved SQL batch reindex if one resource fails | | -| :- | :- | -|Updates SQL batch reindex retry logic |[#2118](https://github.com/microsoft/fhir-server/pull/2118) | --|GitHub issues closed | | -| :- | :- | -|Unclear error message for conditional create with no ID |[#2168](https://github.com/microsoft/fhir-server/issues/2168) | ++**Added support for conditional patch [Conditional patch](./././azure-api-for-fhir/fhir-rest-api-capabilities.md#patch-and-conditional-patch)** +++Conditional patch [#2163](https://github.com/microsoft/fhir-server/pull/2163) +++Added conditional patch audit event. [#2213](https://github.com/microsoft/fhir-server/pull/2213) +++**Allow JSON patch in bundles** +++Allows for search history bundles with Patch requests. [#2156](https://github.com/microsoft/fhir-server/pull/2156) +++Enabled JSON patch in bundles using Binary resources.[#2143](https://github.com/microsoft/fhir-server/pull/2143) +++Added new audit event [OperationName subtypes](./././azure-api-for-fhir/enable-diagnostic-logging.md#audit-log-details) [#2170](https://github.com/microsoft/fhir-server/pull/2170) ++**Running a reindex job** ++Added [boundaries for reindex](./././azure-api-for-fhir/how-to-run-a-reindex.md#performance-considerations) parameters.[#2103](https://github.com/microsoft/fhir-server/pull/2103) +++Updated error message for reindex parameter boundaries.[#2109](https://github.com/microsoft/fhir-server/pull/2109) +++Added final reindex count check. [#2099](https://github.com/microsoft/fhir-server/pull/2099) ++**Bug Fixes** +++Provided Wider catch for exceptions during applying patch [#2192](https://github.com/microsoft/fhir-server/pull/2192) +++Fixed history with PATCH in STU3 [#2177](https://github.com/microsoft/fhir-server/pull/2177) +++Addressed the delete failure with Custom Search parameters [#2133](https://github.com/microsoft/fhir-server/pull/2133) +++Added retry logic while Deleting Search parameter [#2121](https://github.com/microsoft/fhir-server/pull/2121) +++Set max item count in search options in SearchParameterDefinitionManager [#2141](https://github.com/microsoft/fhir-server/pull/2141) +++Better exception if there's a bad expression in a search parameter [#2157](https://github.com/microsoft/fhir-server/pull/2157) +++Resolved SQL batch reindex if one resource fails ++Updated SQL batch reindex retry logic [#2118](https://github.com/microsoft/fhir-server/pull/2118) ++**GitHub issues closed** ++Unclear error message for conditional create with no ID [#2168](https://github.com/microsoft/fhir-server/issues/2168) #### **DICOM service** |
internet-peering | Faqs | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/faqs.md | Title: Internet peering - FAQs- description: Internet peering - FAQs |
internet-peering | How To Exchange Route Server Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/how-to-exchange-route-server-portal.md | Title: Create or modify an Exchange peering with Route Server - Azure portal -description: Create or modify an Exchange peering with Route Server using the Azure portal +description: Create or modify an Exchange peering with Route Server using the Azure portal. |
internet-peering | Howto Direct Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-direct-portal.md | Title: Create or modify a Direct peering - Azure portal -description: Create or modify a Direct peering using the Azure portal +description: Create or modify a Direct peering using the Azure portal. |
internet-peering | Howto Direct Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-direct-powershell.md | Title: Create or modify a Direct peering - PowerShell -description: Create or modify a Direct peering using PowerShell +description: Create or modify a Direct peering using PowerShell. |
internet-peering | Howto Exchange Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-exchange-portal.md | Title: Create or modify an Exchange peering - Azure portal -description: Create or modify an Exchange peering using the Azure portal +description: Create or modify an Exchange peering using the Azure portal. |
internet-peering | Howto Exchange Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-exchange-powershell.md | Title: Create or modify an Exchange peering - PowerShell -description: Create or modify an Exchange peering using PowerShell +description: Create or modify an Exchange peering using PowerShell. |
internet-peering | Howto Legacy Direct Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-legacy-direct-portal.md |  Title: Convert a legacy Direct peering to an Azure resource - Azure portal -description: Convert a legacy Direct peering to an Azure resource using the Azure portal +description: Convert a legacy Direct peering to an Azure resource using the Azure portal. |
internet-peering | Howto Legacy Direct Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-legacy-direct-powershell.md | Title: Convert a legacy Direct peering to an Azure resource - PowerShell -description: Convert a legacy Direct peering to an Azure resource using PowerShell +description: Convert a legacy Direct peering to an Azure resource using PowerShell. |
internet-peering | Howto Legacy Exchange Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-legacy-exchange-portal.md |  Title: Convert a legacy Exchange peering to an Azure resource - Azure portal -description: Convert a legacy Exchange peering to an Azure resource using the Azure portal +description: Convert a legacy Exchange peering to an Azure resource using the Azure portal. |
internet-peering | Howto Legacy Exchange Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-legacy-exchange-powershell.md | Title: Convert a legacy Exchange peering to an Azure resource - PowerShell -description: Convert a legacy Exchange peering to an Azure resource using PowerShell +description: Convert a legacy Exchange peering to an Azure resource using PowerShell. |
internet-peering | Howto Peering Service Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-peering-service-portal.md | Title: Enable Azure Peering Service on a Direct peering - Azure portal -description: Enable Azure Peering Service on a Direct peering using the Azure portal +description: Enable Azure Peering Service on a Direct peering using the Azure portal. |
internet-peering | Howto Peering Service Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-peering-service-powershell.md | Title: Enable Azure Peering Service on a Direct peering - PowerShell -description: Enable Azure Peering Service on a Direct peering using PowerShell +description: Enable Azure Peering Service on a Direct peering using PowerShell. |
internet-peering | Howto Subscription Association Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-subscription-association-portal.md | Title: Associate peer ASN to Azure subscription - Azure portal -description: Associate peer ASN to Azure subscription using the Azure portal +description: Associate peer ASN to Azure subscription using the Azure portal. |
internet-peering | Howto Subscription Association Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/howto-subscription-association-powershell.md | Title: Associate peer ASN to Azure subscription - PowerShell -description: Associate peer ASN to Azure subscription using PowerShell +description: Associate peer ASN to Azure subscription using PowerShell. |
internet-peering | Overview Peering Service | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/overview-peering-service.md | Title: Internet peering vs. Peering Service- -description: Internet peering vs. Peering Service +description: Internet peering vs. Peering Service. Last updated 5/22/2020 + # Internet peering vs. Peering Service |
internet-peering | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/overview.md | Title: Set up peering with Microsoft- -description: Overview of peering +description: Overview of peering. Last updated 12/15/2020 + # Internet peering overview |
internet-peering | Policy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/policy.md | Title: Microsoft peering policy- -description: Microsoft peering policy +description: Microsoft peering policy. Last updated 12/15/2020 + # Peering policy |
internet-peering | Prerequisites | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/prerequisites.md | Title: Prerequisites to set up peering with Microsoft -description: Prerequisites to set up peering with Microsoft +description: Learn about the prerequisites to set up peering with Microsoft. |
internet-peering | Walkthrough Communications Services Partner | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/walkthrough-communications-services-partner.md | Title: Azure Internet peering for Communications Services walkthrough- -description: Azure Internet peering for Communications Services walkthrough +description: Azure Internet peering for Communications Services walkthrough. Last updated 10/10/2022 + # Azure Internet peering for Communications Services walkthrough |
internet-peering | Walkthrough Direct All | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/walkthrough-direct-all.md | Title: Direct peering walkthrough- -description: Direct peering walkthrough +description: Direct peering walkthrough. Last updated 12/15/2020 + # Direct peering walkthrough |
internet-peering | Walkthrough Exchange All | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/walkthrough-exchange-all.md | Title: Exchange peering walkthrough- -description: Exchange peering walkthrough +description: Exchange peering walkthrough. Last updated 12/15/2020 + |
internet-peering | Walkthrough Peering Service All | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/internet-peering/walkthrough-peering-service-all.md | Title: Peering Service partner walkthrough- -description: Peering Service partner walkthrough +description: Peering Service partner walkthrough. Last updated 12/15/2020 + # Peering Service partner walkthrough |
iot-hub-device-update | Create Update Group | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/iot-hub-device-update/create-update-group.md | You can schedule a job on multiple devices to add or update a Device Update tag. For more information, see [Schedule and broadcast jobs](../iot-hub/iot-hub-csharp-csharp-schedule-jobs.md). > [!NOTE]-> This action counts against your IoT Hub messages quota. We recommend only changing up to 50,000 device or module twin tags at a time, otherwise you may need to buy more IoT Hub units if you exceed your daily IoT Hub message quota. For more information, see [Quotas and throttling](../iot-hub/iot-hub-devguide-quotas-throttling.md#quotas-and-throttling). +> This action counts against your IoT Hub messages quota. We recommend only changing up to 50,000 device or module twin tags at a time, otherwise you may need to buy more IoT Hub units if you exceed your daily IoT Hub message quota. For more information, see [Quotas and throttling](../iot-hub/iot-hub-devguide-quotas-throttling.md). ### Add tags by updating twins az iot du device group show \ ## Deleting device groups -While device groups are automatically created, groups, device classes and deployments are not automatically cleaned up so as to retain them for historical records or other user needs. Device groups can be deleted through Azure Portal by individually selecting and deleting the desired groups, or by calling the DELETE API on the group. [Learn more](/cli/azure/iot/du/device/group#az-iot-du-device-group-delete) +While device groups are automatically created, groups, device classes and deployments are not automatically cleaned up so as to retain them for historical records or other user needs. Device groups can be deleted through Azure portal by individually selecting and deleting the desired groups, or by calling the DELETE API on the group. [Learn more](/cli/azure/iot/du/device/group#az-iot-du-device-group-delete) If a device is ever connected again for this group after the group is deleted, while the group will be automatically re-created there will be no associated device or deployment history. To be deleted, a group must meet the following requirements: * The group must have NO member devices. This means that no device provisioned in the Device Update instance should have a ADUGroup tag with a value matching the selected group's name. * The group must NOT be a default group. -* The group must have NO active or cancelled deployments associated with it. +* The group must have NO active or canceled deployments associated with it. > [!NOTE] > If you are still unable to delete a group after meeting the above requirements, then validate whether you have any Unhealthy devices that are tagged as part of the group. Unhealthy devices are devices that cannot receive a deployment, and as a result don't show up directly in the list of member devices within a group. You can validate whether you have any unhealthy devices by going to "Find missing devices" within the Diagnostics tab in the Device Update Portal experience. In case you have Unhealthy devices that are tagged as part of the group, you will need to modify the tag value or delete the device entirely before attempting to delete your group. |
iot-hub | Iot Hub Devguide Pricing | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/iot-hub/iot-hub-devguide-pricing.md | Title: Understand Azure IoT Hub pricing | Microsoft Docs + Title: Understand Azure IoT Hub pricing description: This article provides information about how metering and pricing works with IoT Hub including worked examples. -# Azure IoT Hub pricing information +# Azure IoT Hub billing information -[Azure IoT Hub pricing](https://azure.microsoft.com/pricing/details/iot-hub) provides the general information on different SKUs and pricing for IoT Hub. This article contains additional details on how the various IoT Hub functionalities are metered as messages by IoT Hub. +[Azure IoT Hub pricing](https://azure.microsoft.com/pricing/details/iot-hub) provides the general information on different SKUs and pricing for IoT Hub. This article contains details on how the various IoT Hub functionalities are metered as messages by IoT Hub. [!INCLUDE [iot-hub-basic](../../includes/iot-hub-basic-partial.md)] Use the following table to help determine which operations are charged. All bill - A link to the REST API documentation if it exists. - The operation endpoint if REST API documentation isn't available, or if the operation is only available over MQTT and/or AMQP. The endpoint value omits the leading reference to the target IoT hub; `{fully-qualified-iothubname}.azure-devices.net`. - One or more terms in *italics* following each operation (or endpoint). These terms represent billable operations that are charged against quota for your IoT hub. You may see these terms supplied as part of a quota usage insight when you initiate a support request on Azure portal. They may also be returned by customer support. You can use the table below to cross-reference these terms with the corresponding operation to help you understand quota usage and billing for your IoT solution. For more information, see [Example 4](#example-4).- | Operation category | Billing information | | | - | | Identity registry operations <br/> (create, update, get, list, delete, bulk update, statistics) | Not charged. |-| Device-to-cloud messages | Successfully sent messages are charged in 4-KB chunks on ingress into IoT Hub. For example, a 100-byte message is charged as one message, and a 6-KB message is charged as two messages. <br/><br/> [Send Device Event](/rest/api/iothub/device/send-device-event), Either *Device to Cloud Telemetry* or *Device to Cloud Telemetry Routing* depending on whether the IoT hub has message routing features configured. In either case, messages are only charged on ingress into IoT Hub. | -| Cloud-to-device messages | Successfully sent messages are charged in 4-KB chunks. For example, a 6-KB message is charged as 2 messages. <br/><br/> [Receive Device Bound Notification](/rest/api/iothub/device/receive-device-bound-notification), *Cloud To Device Command* | -| File uploads | File transfer to Azure Storage is not metered by IoT Hub. File transfer initiation and completion messages are charged as messaged metered in 4-KB increments. For example, transferring a 10-MB file is charged as two messages in addition to the Azure Storage cost. <br/><br/> [Create File Upload Sas Uri](/rest/api/iothub/device/create-file-upload-sas-uri), *Device To Cloud File Upload* <br/> [Update File Upload Status](/rest/api/iothub/device/update-file-upload-status), *Device To Cloud File Upload* | -| Direct methods | Successful method requests are charged in 4-KB chunks, and responses are charged in 4-KB chunks as additional messages. Requests or responses with no payload are charged as one message. For example, a method with a 4-KB body that results in a response with no payload from the device is charged as two messages. A method with a 6-KB body that results in a 1-KB response from the device is charged as two messages for the request plus another message for the response. Requests to disconnected devices are charged as messages in 4-KB chunks plus one message for a response that indicates the device is not online. <br/><br/> [Device - Invoke Method](/rest/api/iothub/service/devices/invoke-method), *Device Direct Invoke Method*, <br/> [Module - Invoke Method](/rest/api/iothub/service/modules/invoke-method), *Module Direct Invoke Method* | -| Device and module twin reads | Twin reads from the device or module and from the solution back end are charged as messages in 4-KB chunks. For example, reading an 8-KB twin is charged as 2 messages. <br/><br/> [Get Twin](/rest/api/iothub/service/devices/get-twin), *Get Twin* <br/> [Get Module Twin](/rest/api/iothub/service/modules/get-twin), *Get Module Twin* <br/><br/> Read device and module twins from a device: <br/> **Endpoint**: `/devices/{id}/twin` ([MQTT](iot-hub-mqtt-support.md#retrieving-a-device-twins-properties), AMQP only), *D2C Get Twin* <br/> **Endpoint**: `/devices/{deviceid}/modules/{moduleid}/twin` (MQTT, AMQP only), *Module D2C Get Twin* | -| Device and module twin updates (tags and properties) | Twin updates from the device or module and from the solution back end are charged as messages in 4-KB chunks. For example, a 12-KB update to a twin is charged as 3 messages. <br/><br/> [Update Twin](/rest/api/iothub/service/devices/update-twin), *Update Twin* <br/> [Update Module Twin](/rest/api/iothub/service/modules/update-twin), *Update Module Twin* <br/> [Replace Twin](/rest/api/iothub/service/devices/replace-twin), *Replace Twin* <br/> [Replace Module Twin](/rest/api/iothub/service/modules/replace-twin), *Replace Module Twin* <br/><br/> Update device or module twin reported properties from a device: <br/> **Endpoint**: `/twin/PATCH/properties/reported/` ([MQTT](iot-hub-mqtt-support.md#update-device-twins-reported-properties), AMQP only), *D2 Patch ReportedProperties* or *Module D2 Patch ReportedProperties* <br/><br/> Receive desired properties update notifications on a device: <br/> **Endpoint**: `/twin/PATCH/properties/desired/` ([MQTT](iot-hub-mqtt-support.md#receiving-desired-properties-update-notifications), AMQP only), *D2C Notify DesiredProperties* or *Module D2C Notify DesiredProperties* | -| Device and module twin queries | Queries are charged as messages depending on the result size in 4-KB chunks. <br/><br/> [Get Twins](/rest/api/iothub/service/query/get-twins) (query against **devices** or **devices.modules** collections), *Query Devices* <br/><br/> Queries against **jobs** collection are not charged. | -| Digital twin reads | Digital twin reads from the solution back end are charged as messages in 4-KB chunks. For example, reading an 8-KB twin is charged as 2 messages. <br/><br/> [Get Digital Twin](/rest/api/iothub/service/digital-twin/get-digital-twin), *Get Digital Twin* | -| Digital twin updates | Digital twin updates from the solution back end are charged as messages in 4-KB chunks. For example, a 12-KB update to a twin is charged as 3 messages. <br/><br/> [Update Digital Twin](/rest/api/iothub/service/digital-twin/update-digital-twin), *Patch Digital Twin* | -| Digital twin commands | Successful commands are charged in 4-KB chunks, and responses are charged in 4-KB chunks as additional messages. Requests or responses with no body are charged as one message. For example, a command with a 4-KB body that results in a response with no body from the device is charged as two messages. A command with a 6-KB body that results in a 1-KB response from the device is charged as two messages for the command plus another message for the response. Commands to disconnected devices are charged as messages in 4-KB chunks plus one message for a response that indicates the device is not online. <br/><br/> [Invoke Component Command](/rest/api/iothub/service/digital-twin/invoke-component-command), *Digital Twin Component Command* <br/> [Invoke Root Level Command](/rest/api/iothub/service/digital-twin/invoke-root-level-command), *Digital Twin Root Command* | +| Device-to-cloud messages | Successfully sent messages are charged in 4-KB chunks on ingress into IoT Hub. For example, a 100-byte message is charged as one message, and a 6-KB message is charged as two messages. <br/><br/> [Send Device Event](/rest/api/iothub/device/send-device-event): either *Device to Cloud Telemetry* or *Device to Cloud Telemetry Routing* depending on whether the IoT hub has message routing features configured. | +| Cloud-to-device messages | Successfully sent messages are charged in 4-KB chunks. For example, a 6-KB message is charged as two messages. <br/><br/> [Receive Device Bound Notification](/rest/api/iothub/device/receive-device-bound-notification): *Cloud To Device Command* | +| File uploads | File transfer to Azure Storage isn't metered by IoT Hub. File transfer initiation and completion messages are charged as messaged metered in 4-KB increments. For example, transferring a 10-MB file is charged as two messages in addition to the Azure Storage cost. <br/><br/> [Create File Upload Sas Uri](/rest/api/iothub/device/create-file-upload-sas-uri): *Device To Cloud File Upload* <br/> [Update File Upload Status](/rest/api/iothub/device/update-file-upload-status): *Device To Cloud File Upload* | +| Direct methods | Successful method requests are charged in 4-KB chunks, and responses are charged in 4-KB chunks as additional messages. Requests or responses with no payload are charged as one message. For example, a method with a 4-KB body that results in a response with no payload from the device is charged as two messages. A method with a 6-KB body that results in a 1-KB response from the device is charged as two messages for the request plus another message for the response. Requests to disconnected devices are charged as messages in 4-KB chunks plus one message for a response that indicates the device isn't online. <br/><br/> [Device - Invoke Method](/rest/api/iothub/service/devices/invoke-method): *Device Direct Invoke Method*, <br/> [Module - Invoke Method](/rest/api/iothub/service/modules/invoke-method): *Module Direct Invoke Method* | +| Device and module twin reads | Twin reads from the device or module and from the solution back end are charged as messages in 4-KB chunks. For example, reading an 8-KB twin is charged as two messages. <br/><br/> [Get Twin](/rest/api/iothub/service/devices/get-twin): *Get Twin* <br/> [Get Module Twin](/rest/api/iothub/service/modules/get-twin): *Get Module Twin* <br/><br/> Read device and module twins from a device: <br/> **Endpoint**: `/devices/{id}/twin` ([MQTT](iot-hub-mqtt-support.md#retrieving-a-device-twins-properties), AMQP only): *D2C Get Twin* <br/> **Endpoint**: `/devices/{deviceid}/modules/{moduleid}/twin` (MQTT, AMQP only): *Module D2C Get Twin* | +| Device and module twin updates (tags and properties) | Twin updates from the device or module and from the solution back end are charged as messages in 4-KB chunks. For example, a 12-KB update to a twin is charged as three messages. <br/><br/> [Update Twin](/rest/api/iothub/service/devices/update-twin): *Update Twin* <br/> [Update Module Twin](/rest/api/iothub/service/modules/update-twin): *Update Module Twin* <br/> [Replace Twin](/rest/api/iothub/service/devices/replace-twin): *Replace Twin* <br/> [Replace Module Twin](/rest/api/iothub/service/modules/replace-twin): *Replace Module Twin* <br/><br/> Update device or module twin reported properties from a device: <br/> **Endpoint**: `/twin/PATCH/properties/reported/` ([MQTT](iot-hub-mqtt-support.md#update-device-twins-reported-properties), AMQP only): *D2 Patch ReportedProperties* or *Module D2 Patch ReportedProperties* <br/><br/> Receive desired properties update notifications on a device: <br/> **Endpoint**: `/twin/PATCH/properties/desired/` ([MQTT](iot-hub-mqtt-support.md#receiving-desired-properties-update-notifications), AMQP only): *D2C Notify DesiredProperties* or *Module D2C Notify DesiredProperties* | +| Device and module twin queries | Queries against **devices** or **devices.modules** are charged as messages depending on the result size in 4-KB chunks. Queries against **jobs** aren't charged. <br/><br/> [Get Twins](/rest/api/iothub/service/query/get-twins) (query against **devices** or **devices.modules** collections): *Query Devices* | +| Digital twin reads | Digital twin reads from the solution back end are charged as messages in 4-KB chunks. For example, reading an 8-KB twin is charged as two messages. <br/><br/> [Get Digital Twin](/rest/api/iothub/service/digital-twin/get-digital-twin): *Get Digital Twin* | +| Digital twin updates | Digital twin updates from the solution back end are charged as messages in 4-KB chunks. For example, a 12-KB update to a twin is charged as three messages. <br/><br/> [Update Digital Twin](/rest/api/iothub/service/digital-twin/update-digital-twin): *Patch Digital Twin* | +| Digital twin commands | Successful commands are charged in 4-KB chunks, and responses are charged in 4-KB chunks as additional messages. Requests or responses with no body are charged as one message. For example, a command with a 4-KB body that results in a response with no body from the device is charged as two messages. A command with a 6-KB body that results in a 1-KB response from the device is charged as two messages for the command plus another message for the response. Commands to disconnected devices are charged as messages in 4-KB chunks plus one message for a response that indicates the device isn't online. <br/><br/> [Invoke Component Command](/rest/api/iothub/service/digital-twin/invoke-component-command): *Digital Twin Component Command* <br/> [Invoke Root Level Command](/rest/api/iothub/service/digital-twin/invoke-root-level-command): *Digital Twin Root Command* | | Jobs operations <br/> (create, cancel, get, query) | Not charged. |-| Jobs per-device operations | Jobs operations (such as twin updates, and methods) are charged as normal in 4-KB chunks. For example, a job resulting in 1000 method calls with 1-KB requests and empty-payload responses is charged 2000 messages (one message each for the request and response * 1000). <br/><br/> *Update Twin Device Job* <br/> *Invoke Method Device Job* | +| Jobs per-device operations | Jobs operations (such as twin updates, and methods) are charged in 4-KB chunks. For example, a job resulting in 1000 method calls with 1-KB requests and empty-payload responses is charged 2000 messages (one message for each request and response). <br/><br/> *Update Twin Device Job* <br/> *Invoke Method Device Job* | | Configuration operations <br/> (create, update, get, list, delete, test query) | Not charged.|-| Configuration per-device operations | Configuration operations are charged as messages in 4-KB chunks. Responses are not charged. For example, an apply configuration operation with a 6-KB body is charged as two messages. <br/><br/> [Apply on Edge Device](/rest/api/iothub/service/configuration/apply-on-edge-device), *Configuration Service Apply*. | -| Keep-alive messages | When using AMQP or MQTT protocols, messages exchanged to establish the connection and messages exchanged in the negotiation or to keep the connection open and alive are not charged. | -| Device streams (preview) | Device streams is in preview and operations are not yet charged. <br/><br/> **Endpoint**: `/twins/{deviceId}/streams/{streamName}`, *Device Streams* <br/> **Endpoint**: `/twins/{deviceId}/modules/{moduleId}/streams/{streamName}`, *Device Streams Module* | +| Configuration per-device operations | Configuration operations are charged as messages in 4-KB chunks. Responses aren't charged. For example, an apply configuration operation with a 6-KB body is charged as two messages. <br/><br/> [Apply on Edge Device](/rest/api/iothub/service/configuration/apply-on-edge-device): *Configuration Service Apply*. | +| Keep-alive messages | When using AMQP or MQTT protocols, messages exchanged to establish the connection and messages exchanged in the negotiation, or to keep the connection open and alive, aren't charged. | +| Device streams (preview) | Device streams is in preview and operations aren't charged yet. <br/><br/> **Endpoint**: `/twins/{deviceId}/streams/{streamName}`: *Device Streams* <br/> **Endpoint**: `/twins/{deviceId}/modules/{moduleId}/streams/{streamName}`: *Device Streams Module* | > [!NOTE] > All sizes are computed considering the payload size in bytes (protocol framing is ignored). For messages, which have properties and body, the size is computed in a protocol-agnostic way. For more information, see [IoT Hub message format](iot-hub-devguide-messages-construct.md). For example, consider a device that has a sensor that only generates 100 bytes o - If the device sends a device-to-cloud message with a 100-byte payload for each sensor read, then it consumes 40 messages against quota for the same amount of data. If the device reads the sensor 40 times each hour and sends each message individually, it would send 960 messages/day (40 messages * 24). -Your batching strategy will depend on your scenario and on how time-critical the data is. If you're sending large amounts of data, you can also consider implementing data compression to further reduce the impact on message quota. +Your batching strategy depends on your scenario and on how time-critical the data is. If you're sending large amounts of data, you can also consider implementing data compression to further reduce the impact on message quota. ## Example #4 -When you open a support request on Azure portal, diagnostics specific to your reported issue are run. The result is displayed as an insight on the **Solutions** tab of your request. One such insight reports quota usage for your IoT hub using the terms in italics in the table above. Whether this particular insight is returned will depend on the results of the diagnostics performed on your IoT hub for the problem you're reporting. If the quota usage insight is reported, you can use the table above to cross-reference the reported usage term or terms with the operation(s) that they refer to. +When you open a support request on Azure portal, diagnostics specific to your reported issue are run. The result is displayed as an insight on the **Solutions** tab of your request. One such insight reports quota usage for your IoT hub using the terms in italics in the table earlier. Whether this particular insight is returned will depend on the results of the diagnostics performed on your IoT hub for the problem you're reporting. If the quota usage insight is reported, you can use the table to cross-reference the reported usage term or terms with the operation(s) that they refer to. For example, the following screenshot shows a support request initiated for a problem with device-to-cloud telemetry. |
iot-hub | Iot Hub Devguide Quotas Throttling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/iot-hub/iot-hub-devguide-quotas-throttling.md | -## Quotas and throttling - Each Azure subscription can have at most 50 IoT hubs, and at most 1 Free hub. -Each IoT hub is provisioned with a certain number of units in a specific tier. The tier and number of units determine the maximum daily quota of messages that you can send. The message size used to calculate the daily quota is 0.5 KB for a free tier hub and 4KB for all other tiers. For more information, see [Azure IoT Hub Pricing](https://azure.microsoft.com/pricing/details/iot-hub/). +Each IoT hub is provisioned with units in a specific tier. The tier and number of units determine the maximum daily quota of messages that you can send in your hub per day. The message size used to calculate the daily quota is 0.5 KB for a free tier hub and 4KB for all other tiers. For more information, see [Azure IoT Hub pricing](https://azure.microsoft.com/pricing/details/iot-hub/) or [Choose the right IoT Hub tier for your solution]. ++You can find your hub's quota limit under the column **Total number of messages /day** on the [IoT Hub pricing page](https://azure.microsoft.com/pricing/details/iot-hub/) in the Azure portal. The tier also determines the throttling limits that IoT Hub enforces on all operations. The tier also determines the throttling limits that IoT Hub enforces on all oper Operation throttles are rate limitations that are applied in minute ranges and are intended to prevent abuse. They're also subject to [traffic shaping](#traffic-shaping). -The following table shows the enforced throttles. Values refer to an individual hub. +It's a good practice to throttle your calls so that you don't hit/exceed the throttling limits. If you do hit the limit, IoT Hub responds with error code 429 and the client should back-off and retry. These limits are per hub (or in some cases per hub/unit). For more information, see [Manage connectivity and reliable messaging/Retry patterns](iot-hub-reliability-features-in-sdks.md#retry-patterns). ++### Basic and standard tier operations -| Throttle | Free, B1, and S1 | B2 and S2 | B3 and S3 | +The following table shows the enforced throttles for operations that are available in all IoT Hub tiers. Values refer to an individual hub. ++| Throttle | Free, B1, and S1 | B2 and S2 | B3 and S3 | | -- | - | - | - | | [Identity registry operations](#identity-registry-operations-throttle) (create, retrieve, list, update, delete) | 1.67/sec/unit (100/min/unit) | 1.67/sec/unit (100/min/unit) | 83.33/sec/unit (5,000/min/unit) |-| [New device connections](#device-connections-throttle) (this limit applies to the rate of _new connections_, not the total number of connections) | Higher of 100/sec or 12/sec/unit <br/> For example, two S1 units are 2\*12 = 24 new connections/sec, but you have at least 100 new connections/sec across your units. With nine S1 units, you have 108 new connections/sec (9\*12) across your units. | 120 new connections/sec/unit | 6,000 new connections/sec/unit | +| [New device connections](#device-connections-throttle) (this limit applies to the rate of *new connections*, not the total number of connections) | Higher of 100/sec or 12/sec/unit <br/> For example, two S1 units are 2\*12 = 24 new connections/sec, but you have at least 100 new connections/sec across your units. With nine S1 units, you have 108 new connections/sec (9\*12) across your units. | 120 new connections/sec/unit | 6,000 new connections/sec/unit | | Device-to-cloud sends | Higher of 100 send operations/sec or 12 send operations/sec/unit <br/> For example, two S1 units are 2\*12 = 24/sec, but you have at least 100 send operations/sec across your units. With nine S1 units, you have 108 send operations/sec (9\*12) across your units. | 120 send operations/sec/unit | 6,000 send operations/sec/unit |-| Cloud-to-device sends<sup>1</sup> | 1.67 send operations/sec/unit (100 messages/min/unit) | 1.67 send operations/sec/unit (100 send operations/min/unit) | 83.33 send operations/sec/unit (5,000 send operations/min/unit) | -| Cloud-to-device receives<sup>1</sup> <br/> (only when device uses HTTPS)| 16.67 receive operations/sec/unit (1,000 receive operations/min/unit) | 16.67 receive operations/sec/unit (1,000 receive operations/min/unit) | 833.33 receive operations/sec/unit (50,000 receive operations/min/unit) | | File upload | 1.67 file upload initiations/sec/unit (100/min/unit) | 1.67 file upload initiations/sec/unit (100/min/unit) | 83.33 file upload initiations/sec/unit (5,000/min/unit) |-| Direct methods<sup>1</sup> | 160KB/sec/unit<sup>2</sup> | 480KB/sec/unit<sup>2</sup> | 24MB/sec/unit<sup>2</sup> | | Queries | 20/min/unit | 20/min/unit | 1,000/min/unit |-| Twin (device and module) reads<sup>1</sup> | 100/sec | Higher of 100/sec or 10/sec/unit | 500/sec/unit | -| Twin updates (device and module)<sup>1</sup> | 50/sec | Higher of 50/sec or 5/sec/unit | 250/sec/unit | -| Jobs operations<sup>1</sup> <br/> (create, update, list, delete) | 1.67/sec/unit (100/min/unit) | 1.67/sec/unit (100/min/unit) | 83.33/sec/unit (5,000/min/unit) | -| Jobs device operations<sup>1</sup> <br/> (update twin, invoke direct method) | 10/sec | Higher of 10/sec or 1/sec/unit | 50/sec/unit | -| Configurations and edge deployments<sup>1</sup> <br/> (create, update, list, delete) | 0.33/sec/unit (20/min/unit) | 0.33/sec/unit (20/min/unit) | 0.33/sec/unit (20/min/unit) | -| Device stream initiation rate<sup>1</sup> | 5 new streams/sec | 5 new streams/sec | 5 new streams/sec | -| Maximum number of concurrently connected device streams<sup>1</sup> | 50 | 50 | 50 | -| Maximum device stream data transfer<sup>1</sup> (aggregate volume per day) | 300 MB | 300 MB | 300 MB | -<sup>1</sup>This feature is not available in the basic tier of IoT Hub. For more information, see [How to choose the right IoT Hub](iot-hub-scaling.md). <br/><sup>2</sup>Throttling meter size is 4 KB. Throttling is based on request payload size only. +### Standard tier operations -### Throttling details +The following table shows the enforced throttles for operations that are available in standard tiers only. Values refer to an individual hub. -* The meter size determines at what increments your throttling limit is consumed. If your direct call's payload is between 0 and 4 KB, it is counted as 4 KB. You can make up to 40 calls per second per unit before hitting the limit of 160 KB/sec/unit. +| Throttle | Free and S1 | S2 | S3 | +| -- | - | - | - | +| Cloud-to-device sends | 1.67 send operations/sec/unit (100 messages/min/unit) | 1.67 send operations/sec/unit (100 send operations/min/unit) | 83.33 send operations/sec/unit (5,000 send operations/min/unit) | +| Cloud-to-device receives <br/> (only when device uses HTTPS)| 16.67 receive operations/sec/unit (1,000 receive operations/min/unit) | 16.67 receive operations/sec/unit (1,000 receive operations/min/unit) | 833.33 receive operations/sec/unit (50,000 receive operations/min/unit) | +| Direct methods | 160KB/sec/unit<sup>1</sup> | 480KB/sec/unit<sup>1</sup> | 24MB/sec/unit<sup>1</sup> | +| Twin (device and module) reads | 100/sec | Higher of 100/sec or 10/sec/unit | 500/sec/unit | +| Twin updates (device and module) | 50/sec | Higher of 50/sec or 5/sec/unit | 250/sec/unit | +| Jobs operations <br/> (create, update, list, delete) | 1.67/sec/unit (100/min/unit) | 1.67/sec/unit (100/min/unit) | 83.33/sec/unit (5,000/min/unit) | +| Jobs device operations <br/> (update twin, invoke direct method) | 10/sec | Higher of 10/sec or 1/sec/unit | 50/sec/unit | +| Configurations and edge deployments <br/> (create, update, list, delete) | 0.33/sec/unit (20/min/unit) | 0.33/sec/unit (20/min/unit) | 0.33/sec/unit (20/min/unit) | +| Device stream initiation rate | 5 new streams/sec | 5 new streams/sec | 5 new streams/sec | +| Maximum number of concurrently connected device streams | 50 | 50 | 50 | +| Maximum device stream data transfer (aggregate volume per day) | 300 MB | 300 MB | 300 MB | ++<sup>1</sup>Throttling meter size is 4 KB. Throttling is based on request payload size only. - Similarly, if your payload is between 4 KB and 8 KB, each call accounts for 8 KB and you can make up to 20 calls per second per unit before hitting the max limit. +### Throttling details - Finally, if your payload size is between 156KB and 160 KB, you'll be able to make only 1 call per second per unit in your hub before hitting the limit of 160 KB/sec/unit. +* The meter size determines at what increments your throttling limit is consumed. If your direct call's payload is between 0 KB and 4 KB, it's counted as 4 KB. You can make up to 40 calls per second per unit before hitting the limit of 160 KB/sec/unit. -* For *Jobs device operations (update twin, invoke direct method)* for tier S3, 50/sec/unit only applies to when you invoke methods using jobs. If you invoke direct methods directly, the original throttling limit of 24 MB/sec/unit (for S3) applies. + Similarly, if your payload is between 4 KB and 8 KB, each call accounts for 8 KB and you can make up to 20 calls per second per unit before hitting the max limit. -* **Quota** is the aggregate number of messages you can send in your hub *per day*. You can find your hub's quota limit under the column **Total number of messages /day** on the [IoT Hub pricing page](https://azure.microsoft.com/pricing/details/iot-hub/). + Finally, if your payload size is between 156 KB and 160 KB, you can make only one call per second per unit in your hub before hitting the limit of 160 KB/sec/unit. -* Your cloud-to-device and device-to-cloud throttles determine the maximum *rate* at which you can send messages -- number of messages irrespective of 4 KB chunks. D2C messages can be up to 256 KB; C2D messages can be up to 64 KB. These are the [maximum message sizes] for each type of message. +* For *Jobs device operations (update twin, invoke direct method)* for tier S3, 50/sec/unit only applies to when you invoke methods using jobs. If you invoke direct methods directly, the original throttling limit of 24 MB/sec/unit (for S3) applies. -* It's a good practice to throttle your calls so that you don't hit/exceed the throttling limits. If you do hit the limit, IoT Hub responds with error code 429 and the client should back-off and retry. These limits are per hub (or in some cases per hub/unit). For more information, refer to [Manage connectivity and reliable messaging/Retry patterns](iot-hub-reliability-features-in-sdks.md#retry-patterns). +* Your cloud-to-device and device-to-cloud throttles determine the maximum *rate* at which you can send messages irrespective of 4 KB chunks. Device-to-cloud messages can be up to 256 KB; cloud-to-device messages can be up to 64 KB. These are the maximum message sizes for each type of message. ### Traffic shaping To accommodate burst traffic, IoT Hub accepts requests above the throttle for a limited time. The first few of these requests are processed immediately. However, if the number of requests continues to violate the throttle, IoT Hub starts placing the requests in a queue and requests are processed at the limit rate. This effect is called *traffic shaping*. Furthermore, the size of this queue is limited. If the throttle violation continues, eventually the queue fills up, and IoT Hub starts rejecting requests with `429 ThrottlingException`. -For example, you use a simulated device to send 200 device-to-cloud messages per second to your S1 IoT Hub (which has a limit of 100/sec D2C sends). For the first minute or two, the messages are processed immediately. However, since the device continues to send more messages than the throttle limit, IoT Hub begins to only process 100 messages per second and puts the rest in a queue. You start noticing increased latency. Eventually, you start getting `429 ThrottlingException` as the queue fills up, and the ["Number of throttling errors" IoT Hub metric](monitor-iot-hub-reference.md#device-telemetry-metrics) starts increasing. To learn how to create alerts and charts based on metrics, see [Monitor IoT Hub](monitor-iot-hub.md). +For example, you use a simulated device to send 200 device-to-cloud messages per second to your S1 IoT Hub (which has a limit of 100/sec device-to-cloud sends). For the first minute or two, the messages are processed immediately. However, since the device continues to send more messages than the throttle limit, IoT Hub begins to only process 100 messages per second and puts the rest in a queue. You start noticing increased latency. Eventually, you start getting `429 ThrottlingException` as the queue fills up, and the ["Number of throttling errors" IoT Hub metric](monitor-iot-hub-reference.md#device-telemetry-metrics) starts increasing. To learn how to create alerts and charts based on metrics, see [Monitor IoT Hub](monitor-iot-hub.md). ### Identity registry operations throttle Device identity registry operations are intended for run-time use in device management and provisioning scenarios. Reading or updating a large number of device identities is supported through [import and export jobs](iot-hub-devguide-identity-registry.md#import-and-export-device-identities). -When initiating identity operations through [bulk registry update operations](/rest/api/iothub/service/bulkregistry/updateregistry) (*not* bulk import and export jobs), the same throttle limits apply. For example, if you want to submit bulk operation to create 50 devices, and you have a S1 IoT Hub with 1 unit, only two of these bulk requests are accepted per minute. This because the identity operation throttle for an S1 IoT Hub with 1 unit is 100/min/unit. Also in this case, a third request (and beyond) in the same minute would be rejected because the limit had already been reached. +When initiating identity operations through [bulk registry update operations](/rest/api/iothub/service/bulkregistry/updateregistry) (*not* bulk import and export jobs), the same throttle limits apply. For example, if you want to submit bulk operation to create 50 devices, and you have a S1 IoT Hub with one unit, only two of these bulk requests are accepted per minute. This limitation is because the identity operation throttle for an S1 IoT Hub with one unit is 100/min/unit. Also in this case, a third request (and beyond) in the same minute would be rejected because the limit has been reached. ### Device connections throttle -The *device connections* throttle governs the rate at which new device connections can be established with an IoT hub. The *device connections* throttle does not govern the maximum number of simultaneously connected devices. The *device connections* rate throttle depends on the number of units that are provisioned for the IoT hub. +The *device connections* throttle governs the rate at which new device connections can be established with an IoT hub. The *device connections* throttle doesn't govern the maximum number of simultaneously connected devices. The *device connections* rate throttle depends on the number of units that are provisioned for the IoT hub. For example, if you buy a single S1 unit, you get a throttle of 100 connections per second. Therefore, to connect 100,000 devices, it takes at least 1,000 seconds (approximately 16 minutes). However, you can have as many simultaneously connected devices as you have devices registered in your identity registry. IoT Hub enforces other operational limits: | | -- | | Devices | The total number of devices plus modules that can be registered to a single IoT hub is capped at 1,000,000. The only way to increase this limit is to contact [Microsoft Support](https://azure.microsoft.com/support/options/).| | File uploads | 10 concurrent file uploads per device. |-| Jobs<sup>1</sup> | Maximum concurrent jobs is 1 (for Free and S1), 5 (for S2), and 10 (for S3). However, the max concurrent [device import/export jobs](iot-hub-bulk-identity-mgmt.md) is 1 for all tiers. <br/>Job history is retained up to 30 days. | -| Additional endpoints | Paid SKU hubs may have 10 additional endpoints. Free SKU hubs may have one additional endpoint. | -| Message routing queries | Paid SKU hubs may have 100 routing queries. Free SKU hubs may have five routing queries. | -| Message enrichments | Paid SKU hubs can have up to 10 message enrichments. Free SKU hubs can have up to 2 message enrichments.| +| Jobs<sup>1</sup> | Maximum concurrent jobs are 1 (for Free and S1), 5 (for S2), and 10 (for S3). However, the max concurrent [device import/export jobs](iot-hub-bulk-identity-mgmt.md) is 1 for all tiers. <br/>Job history is retained up to 30 days. | +| Additional endpoints | Basic and standard SKU hubs may have 10 additional endpoints. Free SKU hubs may have one additional endpoint. | +| Message routing queries | Basic and standard SKU hubs may have 100 routing queries. Free SKU hubs may have five routing queries. | +| Message enrichments | Basic and standard SKU hubs can have up to 10 message enrichments. Free SKU hubs can have up to two message enrichments.| | Device-to-cloud messaging | Maximum message size 256 KB | | Cloud-to-device messaging<sup>1</sup> | Maximum message size 64 KB. Maximum pending messages for delivery is 50 per device. | | Direct method<sup>1</sup> | Maximum direct method payload size is 128 KB for the request and 128 KB for the response. |-| Automatic device and module configurations<sup>1</sup> | 100 configurations per paid SKU hub. 10 configurations per free SKU hub. | -| IoT Edge automatic deployments<sup>1</sup> | 50 modules per deployment. 100 deployments (including layered deployments) per paid SKU hub. 10 deployments per free SKU hub. | +| Automatic device and module configurations<sup>1</sup> | 100 configurations per basic or standard SKU hub. 10 configurations per free SKU hub. | +| IoT Edge automatic deployments<sup>1</sup> | 50 modules per deployment. 100 deployments (including layered deployments) per basic or standard SKU hub. 10 deployments per free SKU hub. | | Twins<sup>1</sup> | Maximum size of desired properties and reported properties sections are 32 KB each. Maximum size of tags section is 8 KB. Maximum size of each individual property in every section is 4 KB. | | Shared access policies | Maximum number of shared access policies is 16. | | Restrict outbound network access | Maximum number of allowed FQDNs is 20. | | x509 CA certificates | Maximum number of x509 CA certificates that can be registered on IoT Hub is 25. | -<sup>1</sup>This feature is not available in the basic tier of IoT Hub. For more information, see [How to choose the right IoT Hub](iot-hub-scaling.md). +<sup>1</sup>This feature isn't available in the basic tier of IoT Hub. For more information, see [How to choose the right IoT Hub](iot-hub-scaling.md). ## Increasing the quota or throttle limit At any given time, you can increase quotas or throttle limits by [increasing the ## Latency -IoT Hub strives to provide low latency for all operations. However, due to network conditions and other unpredictable factors it cannot guarantee a certain latency. When designing your solution, you should: +IoT Hub strives to provide low latency for all operations. However, due to network conditions and other unpredictable factors it can't guarantee a certain latency. When designing your solution, you should: * Avoid making any assumptions about the maximum latency of any IoT Hub operation. * Provision your IoT hub in the Azure region closest to your devices. * Consider using Azure IoT Edge to perform latency-sensitive operations on the device or on a gateway close to the device. -Multiple IoT Hub units affect throttling as described previously, but do not provide any additional latency benefits or guarantees. +Multiple IoT Hub units affect throttling as described previously, but don't provide any additional latency benefits or guarantees. If you see unexpected increases in operation latency, contact [Microsoft Support](https://azure.microsoft.com/support/options/). ## Next steps For an in-depth discussion of IoT Hub throttling behavior, see the blog post [IoT Hub throttling and you](https://azure.microsoft.com/blog/iot-hub-throttling-and-you/).--Other reference topics in this IoT Hub developer guide include: --* [IoT Hub endpoints](iot-hub-devguide-endpoints.md) -* [Monitor IoT Hub](monitor-iot-hub.md) |
iot-hub | Iot Hub Scaling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/iot-hub/iot-hub-scaling.md | Title: Azure IoT Hub scaling | Microsoft Docs -description: How to scale your IoT hub to support your anticipated message throughput and desired features. Includes a summary of the supported throughput for each tier and options for sharding. + Title: Azure IoT Hub scaling +description: How to choose the correct IoT hub tier and size to support your anticipated message throughput and desired features. -+ Previously updated : 11/21/2022 Last updated : 02/09/2023 -# Choose the right IoT Hub tier for your solution ++# Choose the right IoT Hub tier and size for your solution Every IoT solution is different, so Azure IoT Hub offers several options based on pricing and scale. This article is meant to help you evaluate your IoT Hub needs. For pricing information about IoT Hub tiers, see [Azure IoT Hub pricing](https://azure.microsoft.com/pricing/details/iot-hub). Azure IoT Hub offers two tiers, basic and standard, that differ in the number of **How much data do I plan to move daily?** -Each IoT Hub tier is available in three sizes, based around how much data throughput they can handle in any given day. These sizes are numerically identified as 1, 2, and 3. For example, each unit of a level 1 IoT hub can handle 400 thousand messages a day, while a level 3 unit can handle 300 million. For more details about the data guidelines, continue to [Message throughput](#message-throughput). +Each IoT Hub tier is available in three sizes, based around how much data throughput they can handle in any given day. These sizes are numerically identified as 1, 2, and 3. For example, each unit of a level 1 IoT hub can handle 400 thousand messages a day, while a level 3 unit can handle 300 million. For more details about the data guidelines, continue to [Tier editions and units](#tier-editions-and-units). ## Basic and standard tiers The standard tier of IoT Hub enables all features, and is required for any IoT solutions that want to make use of the bi-directional communication capabilities. The basic tier enables a subset of the features and is intended for IoT solutions that only need uni-directional communication from devices to the cloud. Both tiers offer the same security and authentication features. -Only one type of [IoT Hub edition](https://azure.microsoft.com/pricing/details/iot-hub/) within a tier can be chosen per IoT hub. For example, you can create an IoT hub with multiple units of S1. However, you can't create an IoT hub with a mix of units from different editions, such as S1 and B3 or S1 and S2. --| Capability | Basic tier | Standard/Free tier | +| Capability | Basic tier | Standard tier | | - | - | - | | [Device-to-cloud telemetry](iot-hub-devguide-messaging.md) | Yes | Yes | | [Per-device identity](iot-hub-devguide-identity-registry.md) | Yes | Yes | Only one type of [IoT Hub edition](https://azure.microsoft.com/pricing/details/i IoT Hub also offers a free tier that is meant for testing and evaluation. It has all the capabilities of the standard tier, but includes limited messaging allowances. You can't upgrade from the free tier to either the basic or standard tier. -## Partitions --Azure IoT hubs contain many core components from [Azure Event Hubs](../event-hubs/event-hubs-features.md), including [partitions](../event-hubs/event-hubs-features.md#partitions). Event streams for IoT hubs are populated with incoming telemetry data that is reported by various IoT devices. The partitioning of the event stream is used to reduce contentions that occur when concurrently reading and writing to event streams. --The partition limit is chosen when an IoT hub is created, and can't be changed. The maximum limit of device-to-cloud partitions for basic tier and standard tier IoT hubs is 32. Most IoT hubs only need four partitions. For more information on determining the partitions, see the [How many partitions do I need?](../event-hubs/event-hubs-faq.yml#how-many-partitions-do-i-need-) question in the [FAQ](../event-hubs/event-hubs-faq.yml) for [Azure Event Hubs](../event-hubs/index.yml). --## Tier upgrade --Once you create your IoT hub, you can upgrade from the basic tier to the standard tier without interrupting your existing operations. For more information, see [How to upgrade your IoT hub](iot-hub-upgrade.md). --The partition configuration remains unchanged when you migrate from basic tier to standard tier. --> [!NOTE] -> The free tier does not support upgrading to basic or standard tier. --## IoT Hub REST APIs +### IoT Hub REST APIs The difference in supported capabilities between the basic and standard tiers of IoT Hub means that some API calls don't work with basic tier IoT hubs. The following table shows which APIs are available: -| API | Basic tier | Standard/Free tier | +| API | Basic tier | Standard tier | | | - | - |-| [Delete device](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-deletedevice) | Yes | Yes | -| [Get device](/rest/api/iothub/service/devices/get-identity) | Yes | Yes | -| [Delete module](/rest/api/iothub/service/modules/delete-identity) | Yes | Yes | -| [Get module](/java/api/com.microsoft.azure.sdk.iot.service.registrymanager.getmodule) | Yes | Yes | +| [Create or update device](/rest/api/iothub/service/devices/create-or-update-identity), [Get device](/rest/api/iothub/service/devices/get-identity), [Delete device](/rest/api/iothub/service/devices/delete-identity) | Yes | Yes | +| [Create or update module](/rest/api/iothub/service/modules/create-or-update-identity), [Get module](/rest/api/iothub/service/modules/get-identity), [Delete module](/rest/api/iothub/service/modules/delete-identity) | Yes | Yes | | [Get registry statistics](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-getdevicestatistics) | Yes | Yes | | [Get services statistics](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-getservicestatistics) | Yes | Yes |-| [Create or update device](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-createorupdatedevice-1) | Yes | Yes | -| [Create or update module](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-createorupdatemodule) | Yes | Yes | | [Query IoT Hub](/dotnet/api/microsoft.azure.devices.registrymanager) | Yes | Yes | | [Create file upload SAS URI](/rest/api/iothub/device/createfileuploadsasuri) | Yes | Yes | | [Receive device bound notification](/rest/api/iothub/device/receivedeviceboundnotification) | Yes | Yes | The difference in supported capabilities between the basic and standard tiers of | Send module event | AMQP and MQTT only | AMQP and MQTT only | | [Update file upload status](/rest/api/iothub/device/updatefileuploadstatus) | Yes | Yes | | [Bulk device operation](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-bulkdevicecrud) | Yes, except for IoT Edge capabilities | Yes |-| [Cancel import export job](/rest/api/iothub/service/jobs/cancelimportexportjob) | Yes | Yes | -| [Create import export job](/rest/api/iothub/service/jobs/createimportexportjob) | Yes | Yes | -| [Get import export job](/rest/api/iothub/service/jobs/getimportexportjob) | Yes | Yes | -| [Get import export jobs](/rest/api/iothub/service/jobs/getimportexportjobs) | Yes | Yes | +| [Create import export job](/rest/api/iothub/service/jobs/createimportexportjob), [Get import export job](/rest/api/iothub/service/jobs/getimportexportjob), [Cancel import export job](/rest/api/iothub/service/jobs/cancelimportexportjob) | Yes | Yes | | [Purge command queue](/javascript/api/azure-iot-digitaltwins-service/registrymanager#azure-iot-digitaltwins-service-registrymanager-purgecommandqueue) | | Yes |-| [Get device twin](/java/api/com.microsoft.azure.sdk.iot.device.deviceclient.getdevicetwin) | | Yes | -| [Get module twin](/rest/api/iothub/service/modules/get-twin) | | Yes | +| [Get device twin](/rest/api/iothub/service/devices/get-twin), [Update device twin](/rest/api/iothub/service/devices/update-twin) | | Yes | +| [Get module twin](/rest/api/iothub/service/modules/get-twin), [Update module twin](/rest/api/iothub/service/modules/update-twin) | | Yes | | [Invoke device method](./iot-hub-devguide-direct-methods.md) | | Yes |-| [Update device twin](./iot-hub-devguide-device-twins.md) | | Yes | -| [Update module twin](/rest/api/iothub/service/modules/update-twin) | | Yes | | [Abandon device bound notification](/rest/api/iothub/device/abandondeviceboundnotification) | | Yes | | [Complete device bound notification](/rest/api/iothub/device/completedeviceboundnotification) | | Yes |-| [Cancel job](/rest/api/media/jobs/canceljob) | | Yes | -| [Create job](/rest/api/media/jobs/create) | | Yes | -| [Get job](/java/api/com.microsoft.azure.sdk.iot.service.jobs.jobclient.getjob) | | Yes | +| [Create job](/rest/api/media/jobs/create), [Get job](/java/api/com.microsoft.azure.sdk.iot.service.jobs.jobclient.getjob), [Cancel job](/rest/api/media/jobs/canceljob) | | Yes | | [Query jobs](/javascript/api/azure-iot-digitaltwins-service/jobclient#azure-iot-digitaltwins-service-jobclient-queryjobs-2) | | Yes | -## Message throughput +### Partitions ++Azure IoT hubs contain many core components from [Azure Event Hubs](../event-hubs/event-hubs-features.md), including [partitions](../event-hubs/event-hubs-features.md#partitions). Event streams for IoT hubs are populated with incoming telemetry data that is reported by various IoT devices. The partitioning of the event stream is used to reduce contentions that occur when concurrently reading and writing to event streams. -The best way to size an IoT Hub solution is to evaluate the traffic on a per-unit basis. In particular, consider the required peak throughput for the following categories of operations: +The partition limit is chosen when an IoT hub is created, and can't be changed. The maximum limit of device-to-cloud partitions for basic tier and standard tier IoT hubs is 32. Most IoT hubs only need four partitions. For more information on determining the partitions, see the [How many partitions do I need?](../event-hubs/event-hubs-faq.yml#how-many-partitions-do-i-need-) question in the FAQ for [Azure Event Hubs](../event-hubs/index.yml). -* Device-to-cloud messages -* Cloud-to-device messages -* Identity registry operations +### Upgrade tiers -Traffic is measured for your IoT hub on a per-unit basis. When you create an IoT hub, you choose its tier and edition, and set the number of units available. You can purchase up to 200 units for the B1, B2, S1, or S2 edition, or up to 10 units for the B3 or S3 edition. After you create your IoT hub, without interrupting your existing operations, you can: +After you create your IoT hub, you can upgrade from the basic tier to the standard tier without interrupting your existing operations. You can't downgrade from standard tier to basic tier. For more information, see [How to upgrade your IoT hub](iot-hub-upgrade.md). -- Change the number of units available within its edition (for example, upgrading from one to three units of B1)-- Upgrade or downgrade between editions within its tier (for example, upgrading from B1 to B2)-- Upgrade from the basic to the standard tier (for example, upgrading from B1 to S1)- -For more information, see [How to upgrade your IoT hub](iot-hub-upgrade.md). +The partition configuration remains unchanged when you migrate from basic tier to standard tier. ++> [!NOTE] +> The free tier does not support upgrading to basic or standard tier. -As an example of each tier's traffic capabilities, device-to-cloud messages follow these sustained throughput guidelines: +## Tier editions and units -| Tier edition | Sustained throughput | Sustained send rate | -| | | | -| B1, S1 |Up to 1111 KB/minute per unit<br/>(1.5 GB/day/unit) |Average of 278 messages/minute per unit<br/>(400,000 messages/day per unit) | -| B2, S2 |Up to 16 MB/minute per unit<br/>(22.8 GB/day/unit) |Average of 4,167 messages/minute per unit<br/>(6 million messages/day per unit) | -| B3, S3 |Up to 814 MB/minute per unit<br/>(1144.4 GB/day/unit) |Average of 208,333 messages/minute per unit<br/>(300 million messages/day per unit) | +Once you've chosen the tier that provides the best features for your solution, determine the size that provides the best data capacity for your solution. -Device-to-cloud throughput is only one of the metrics you need to consider when designing an IoT solution. For more comprehensive information, see [IoT Hub quotas and throttling](iot-hub-devguide-quotas-throttling.md). +Each IoT Hub tier is available in three sizes, based around how much data throughput they can handle in any given day. These sizes are numerically identified as 1, 2, and 3. -### Identity registry operation throughput +Tiers and sizes are represented as *editions*. A basic tier IoT hub of size 2 is represented by the edition **B2**. Similarly, a standard tier IoT hub of size 3 is represented by the edition **S3**. ++Only one type of [IoT Hub edition](https://azure.microsoft.com/pricing/details/iot-hub/) within a tier can be chosen per IoT hub. For example, you can create an IoT hub with multiple units of S1. However, you can't create an IoT hub with a mix of units from different editions, such as S1 and B3 or S1 and S2. -IoT Hub identity registry operations aren't supposed to be run-time operations, as they're mostly related to device provisioning. +The following table shows the capacity for device-to-cloud messages for each size. -For more information about specific burst performance numbers, see [IoT Hub quotas and throttling](iot-hub-devguide-quotas-throttling.md). +| Size | Messages per day per unit | Data per day per unit | +| - | - | | +| 1 | 400,000 | 1.5 GB | +| 2 | 6,000,000 | 22.8 GB | +| 3 | 300,000,000 | 1144.4 GB | ++You can purchase up to 200 units for a size 1 or 2 IoT hub, or up to 10 units for a size 3 IoT hub. Your daily message limit and throttling limits are based on the combined capacity of all units. For example, buying one unit of size 2 gives you the same daily message limit as fifteen units of size 1. ++For more information on the capacity and limits of each IoT Hub edition, see [IoT Hub quotas and throttling](iot-hub-devguide-quotas-throttling.md). ++### Upgrade or downgrade editions ++After you create your IoT hub, without interrupting your existing operations, you can: ++* Change the number of units available within its edition (for example, upgrading from one to three units of B1) +* Upgrade or downgrade between editions within its tier (for example, upgrading from B1 to B2) ++For more information, see [How to upgrade your IoT hub](iot-hub-upgrade.md). ## Auto-scale |
iot-hub | Iot Hub Upgrade | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/iot-hub/iot-hub-upgrade.md | Title: Upgrade Azure IoT Hub | Microsoft Docs + Title: Upgrade Azure IoT Hub description: Change the pricing and scale tier for IoT Hub to get more messaging and device management capabilities. Previously updated : 11/08/2022 Last updated : 02/07/2023 When you have more devices and need more capabilities, there are three ways to a * Add units within the IoT hub to increase the daily message limit for that hub. For example, each extra unit in a B1 IoT hub allows for an extra 400,000 messages per day. -- Change the size of the IoT hub. For example, migrate a hub from the B1 tier to the B2 tier to increase the number of messages that each unit can support per day from 400,000 to 6 million. Both these changes can occur without interrupting existing operations.+* Change the size of the IoT hub. For example, migrate a hub from the B1 tier to the B2 tier to increase the number of messages that each unit can support per day from 400,000 to 6 million. Both these changes can occur without interrupting existing operations. -- Upgrade to a higher tier. For example, upgrade a hub from the B1 tier to the S1 tier for access to advanced features with the same messaging capacity.+* Upgrade to a higher tier. For example, upgrade a hub from the B1 tier to the S1 tier for access to advanced features with the same messaging capacity. > [!Warning]- > You cannot upgrade from a Free Hub to a Paid Hub through our upgrade function. You must create a Paid hub and migrate the configurations and devices from the Free hub to the Paid hub. This process is documented at [How to clone an IoT Hub](/azure/iot-hub/iot-hub-how-to-clone). - > [!Tip] + > You cannot upgrade from a Free Hub to a Paid Hub through our upgrade function. You must create a Paid hub and migrate the configurations and devices from the Free hub to the Paid hub. This process is documented at [How to clone an IoT Hub](/azure/iot-hub/iot-hub-how-to-clone). + > [!Tip] > When you are upgrading your IoT Hub to a higher tier, some messages may be received out of order for a short period of time. If your business logic relies on the order of messages, we recommend upgrading during non-business hours. -If you want to downgrade your IoT hub, you can remove units and reduce the size of the IoT hub but you can't downgrade to a lower tier. For example, you can move from the S2 tier to the S1 tier, but not from the S2 tier to the B1 tier. Only one type of [Iot Hub edition](https://azure.microsoft.com/pricing/details/iot-hub/) within a tier can be chosen per IoT hub. For example, you can create an IoT hub with multiple units of S1. However, you can't create an IoT hub with a mix of units from different editions, such as S1 and B3 or S1 and S2. +If you want to downgrade your IoT hub, you can remove units and reduce the size of the IoT hub but you can't downgrade to a lower tier. For example, you can move from the S2 tier to the S1 tier, but not from the S2 tier to the B1 tier. Only one type of [IoT Hub edition](https://azure.microsoft.com/pricing/details/iot-hub/) within a tier can be chosen per IoT hub. For example, you can create an IoT hub with multiple units of S1. However, you can't create an IoT hub with a mix of units from different editions, such as S1 and B3 or S1 and S2. These examples are meant to help you understand how to adjust your IoT hub as your solution changes. For specific information about each tier's capabilities, you should always refer to [Azure IoT Hub pricing](https://azure.microsoft.com/pricing/details/iot-hub/). ## Upgrade your existing IoT hub +If you want to upgrade an existing IoT hub, you can do so from the Azure portal. + 1. Sign in to the [Azure portal](https://portal.azure.com/) and navigate to your IoT hub. -1. To upgrade the tier for your hub, select **Overview**, then select the value for **Tier** from the **Essentials** section of the details pane as shown in the following picture. Choose the new tier, select **I agree** to agree to the updated tier and pricing, then click **Upgrade**. - - :::image type="content" source="./media/iot-hub-upgrade/iot-hub-upgrade-overview-tier.png" alt-text="Screenshot that shows how to upgrade the tier of your IoT hub."::: - -1. To change the size or units for your hub, select **Overview**, then select the value for **Daily message limit** from the **Essentials** section of the details pane as shown in the following picture. Choose the new daily message limit, then click **Adjust**. - - :::image type="content" source="./media/iot-hub-upgrade/iot-hub-upgrade-overview-message-limit.png" alt-text="Screenshot that shows how to upgrade the size or units of your IoT hub."::: - -Your IoT hub is now adjusted, and your configurations are unchanged. +1. Select **Pricing and scale** from the navigation menu. ++ :::image type="content" source="./media/iot-hub-upgrade/pricing-scale.png" alt-text="Screenshot that shows the pricing and scale page for an IoT hub."::: ++1. To upgrade the tier for your hub, select **Upgrade** on the tier tile. You can only upgrade from the basic tier to the standard tier. You can't change the tier of a free or standard hub. ++1. To change the size or units for your hub, select **Adjust** on the daily message limit tile. ++ On the **Message and pricing options** page, choose the new daily message limit that you want for your IoT hub. Or, if you prefer to choose the specific tier and units combination, select **Advanced options**. For more information, see [Choose the right IoT Hub for your solution](iot-hub-scaling.md). ++ :::image type="content" source="./media/iot-hub-upgrade/message-pricing-advanced-options.png" alt-text="Screenshot that shows how to upgrade the size or units of your IoT hub."::: The maximum limit of device-to-cloud partitions for basic tier and standard tier IoT hubs is 32. Most IoT hubs only need four partitions. You choose the number of partitions when you create the IoT hub. The number of partitions relates the device-to-cloud messages to the number of simultaneous readers of these messages. The number of partitions remains unchanged when you migrate from the basic tier to the standard tier. |
load-balancer | Backend Pool Management | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/backend-pool-management.md | Title: Backend Pool Management -description: Get started learning how to configure and manage the backend pool of an Azure Load Balancer +description: Get started learning how to configure and manage the backend pool of an Azure Load Balancer. Last updated 02/03/2023 -+ + # Backend pool management The backend pool is a critical component of the load balancer. The backend pool defines the group of resources that will serve traffic for a given load-balancing rule. |
load-balancer | Cli Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/cli-samples.md | Title: Azure CLI Samples for Load Balancer -description: Azure CLI Samples +description: Azure CLI Samples. documentationcenter: load-balancer -+ Last updated 06/14/2018 - + # Azure CLI Samples for Load Balancer The following table includes links to bash scripts built using the Azure CLI. |
load-balancer | Components | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/components.md | Title: Azure Load Balancer components -description: Overview of Azure Load Balancer components +description: Overview of Azure Load Balancer components. Last updated 12/27/2021 -+ + # Azure Load Balancer components Azure Load Balancer includes a few key components. These components can be configured in your subscription through the Azure portal, Azure CLI, Azure PowerShell, Resource Manager Templates or appropriate alternatives. |
load-balancer | Concepts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/concepts.md | Title: Azure Load Balancer concepts -description: Overview of Azure Load Balancer concepts +description: Overview of Azure Load Balancer concepts. Last updated 11/29/2021 -+ # Azure Load Balancer algorithm |
load-balancer | Configure Vm Scale Set Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/configure-vm-scale-set-cli.md | Title: Configure Virtual Machine Scale Set with an existing Azure Load Balancer - Azure CLI -description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer by using the Azure CLI. +description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer using the Azure CLI. Last updated 12/15/2022-+ # Configure a Virtual Machine Scale Set with an existing Azure Load Balancer using the Azure CLI |
load-balancer | Configure Vm Scale Set Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/configure-vm-scale-set-portal.md | Title: Configure Virtual Machine Scale Set with an existing Azure Load Balancer - Azure portal -description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer by using the Azure portal. +description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer using the Azure portal. Last updated 12/15/2022-+ # Configure a Virtual Machine Scale Set with an existing Azure Load Balancer using the Azure portal |
load-balancer | Configure Vm Scale Set Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/configure-vm-scale-set-powershell.md | Title: Configure Virtual Machine Scale Set with an existing Azure Load Balancer - Azure PowerShell -description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer. +description: Learn how to configure a Virtual Machine Scale Set with an existing Azure Load Balancer using Azure PowerShell. Last updated 12/15/2022-+ ms.devlang: azurecli |
load-balancer | Cross Region Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/cross-region-overview.md | Title: Cross-region load balancer (preview) description: Overview of cross region load balancer tier for Azure Load Balancer. Last updated 10/31/2022 --+ + # Cross-region load balancer (Preview) Azure Standard Load Balancer supports cross-region load balancing enabling geo-redundant High Availability scenarios such as: |
load-balancer | Distribution Mode Concepts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/distribution-mode-concepts.md | description: Get started learning about the different distribution modes of Azur -+ Last updated 05/24/2022 #Customer intent: As a administrator, I want to learn about the different distribution modes of Azure Load Balancer so that I can configure the distribution mode for my application. |
load-balancer | Egress Only | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/egress-only.md | Title: Outbound-only load balancer configuration -description: In this article, learn about how to create an internal load balancer with outbound NAT +description: In this article, learn about how to create an internal load balancer with outbound NAT. - Last updated 12/27/2022 + # Outbound-only load balancer configuration |
load-balancer | Gateway Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/gateway-overview.md | |
load-balancer | Gateway Partners | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/gateway-partners.md | Title: Azure Gateway Load Balancer partners description: Learn about partners offering their network appliances for use with this service. -+ Last updated 05/11/2022 -+ + # Gateway Load Balancer partners Azure has a growing ecosystem of partners offering their network appliances for use with Gateway Load Balancer. |
load-balancer | Howto Load Balancer Imds | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/howto-load-balancer-imds.md | |
load-balancer | Inbound Nat Rules | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/inbound-nat-rules.md | description: Overview of what is inbound NAT rule, why to use inbound NAT rule, - Last updated 2/17/2022 + #Customer intent: As a administrator, I want to create an inbound NAT rule so that I can forward a port to a virtual machine in the backend pool of an Azure Load Balancer. |
load-balancer | Instance Metadata Service Load Balancer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/instance-metadata-service-load-balancer.md | |
load-balancer | Ipv6 Add To Existing Vnet Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/ipv6-add-to-existing-vnet-cli.md | Title: Add IPv6 to an IPv4 application in Azure virtual network - Azure CLI description: This article shows how to deploy IPv6 addresses to an existing application in Azure virtual network using Azure CLI. Last updated 03/31/2020 -+ ms.devlang: azurecli -# Add IPv6 to an IPv4 application in Azure virtual network - Azure CLI +# Add IPv6 to an IPv4 application in Azure virtual network using Azure CLI This article shows you how to add IPv6 addresses to an application that is using IPv4 public IP address in an Azure virtual network for a Standard Load Balancer using Azure CLI. The in-place upgrade includes a virtual network and subnet, a Standard Load Balancer with IPv4 + IPV6 frontend configurations, VMs with NICs that have a IPv4 + IPv6 configurations, network security group, and public IPs. |
load-balancer | Ipv6 Add To Existing Vnet Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/ipv6-add-to-existing-vnet-powershell.md | Title: Add an IPv4 application to IPv6 in Azure Virtual Network - PowerShell description: This article shows how to deploy IPv6 addresses to an existing application in Azure virtual network using Azure PowerShell. Last updated 03/31/2020 -+ -# Add an IPv4 application to IPv6 in Azure virtual network - PowerShell +# Add an IPv4 application to IPv6 in Azure virtual network using PowerShell This article shows you how to add IPv6 connectivity to an existing IPv4 application in an Azure virtual network with a Standard Load Balancer and Public IP. The in-place upgrade includes: - IPv6 address space for the virtual network and subnet |
load-balancer | Ipv6 Configure Standard Load Balancer Template Json | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/ipv6-configure-standard-load-balancer-template-json.md | Title: Deploy an IPv6 dual stack application in Azure virtual network - Resource description: This article shows how to deploy an IPv6 dual stack application with Standard Load Balancer in Azure virtual network using Azure Resource Manager VM templates. |
load-balancer | Ipv6 Dual Stack Standard Internal Load Balancer Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/ipv6-dual-stack-standard-internal-load-balancer-powershell.md | Title: Deploy an IPv6 dual stack application using Standard Internal Load Balan description: This article shows how to deploy an IPv6 dual stack application with Standard Internal Load Balancer in Azure virtual network using Azure PowerShell. Last updated 10/14/2019 -+ -# Deploy an IPv6 dual stack application using Standard Internal Load Balancer in Azure - PowerShell +# Deploy an IPv6 dual stack application using Standard Internal Load Balancer in Azure using PowerShell This article shows you how to deploy a dual stack (IPv4 + IPv6) application in Azure that includes a dual stack virtual network and subnet, a Standard Internal Load Balancer with dual (IPv4 + IPv6) front-end configurations, VMs with NICs that have a dual IP configuration, network security group, and public IPs. |
load-balancer | Load Balancer Basic Upgrade Guidance | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-basic-upgrade-guidance.md | Title: Upgrading from basic Load Balancer - Guidance -description: Upgrade guidance for migrating basic Load Balancer to standard Load Balancer +description: Upgrade guidance for migrating basic Load Balancer to standard Load Balancer. -+ Last updated 09/19/2022+ #customer-intent: As an cloud engineer with basic Load Balancer services, I need guidance and direction on migrating my workloads off basic to standard SKUs |
load-balancer | Load Balancer Common Deployment Errors | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-common-deployment-errors.md | Title: Troubleshoot common deployment errors -description: Describes how to resolve common errors when you deploy Azure Load Balancers +description: Describes how to resolve common errors when you deploy Azure Load Balancers. tags: top-support-issue |
load-balancer | Load Balancer Custom Probe Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-custom-probe-overview.md | Title: Azure Load Balancer health probes -description: Learn about the different types of health probes and configuration for Azure Load Balancer +description: Learn about the different types of health probes and configuration for Azure Load Balancer. Last updated 02/10/2022 + # Azure Load Balancer health probes |
load-balancer | Load Balancer Distribution Mode | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-distribution-mode.md | Title: Configure Azure Load Balancer distribution mode description: In this article, get started configuring the distribution mode for Azure Load Balancer to support source IP affinity. -+ Last updated 12/05/2022 |
load-balancer | Load Balancer Floating Ip | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-floating-ip.md | Title: Azure Load Balancer Floating IP configuration -description: Overview of Azure Load Balancer Floating IP +description: Overview of Azure Load Balancer Floating IP. Last updated 12/2/2021 -+ # Azure Load Balancer Floating IP configuration |
load-balancer | Load Balancer Ha Ports Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ha-ports-overview.md | |
load-balancer | Load Balancer Insights | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-insights.md | Title: Insights for Azure Load Balancer -description: Use the load balancer insights to achieve rapid fault localization and informed design decisions +description: Use the load balancer insights to achieve rapid fault localization and informed design decisions. -+ Last updated 10/27/2020 + # Using Insights to monitor and configure your Azure Load Balancer |
load-balancer | Load Balancer Ipv6 For Linux | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ipv6-for-linux.md | Title: Configure DHCPv6 for Linux VMs description: In this article, learn how to configure DHCPv6 for Linux VMs. keywords: ipv6, azure load balancer, dual stack, public ip, native ipv6, mobile, iot --+ Last updated 12/02/2022 + # Configure DHCPv6 for Linux VMs |
load-balancer | Load Balancer Ipv6 Internet Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ipv6-internet-cli.md | Title: Create a public load balancer with IPv6 - Azure CLI description: With this learning path, get started creating a public load balancer with IPv6 using Azure CLI. keywords: ipv6, azure load balancer, dual stack, public ip, native ipv6, mobile, iot - Last updated 06/25/2018 + # Create a public load balancer with IPv6 using Azure CLI |
load-balancer | Load Balancer Ipv6 Internet Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ipv6-internet-ps.md |  Title: Create an Internet-facing load balancer with IPv6 - Azure PowerShell -description: Learn how to create an Internet facing load balancer with IPv6 using PowerShell for Resource Manager +description: Learn how to create an Internet facing load balancer with IPv6 using PowerShell for Resource Manager. keywords: ipv6, azure load balancer, dual stack, public ip, native ipv6, mobile, iot - Last updated 09/25/2017 + # Get started creating an Internet facing load balancer with IPv6 using PowerShell for Resource Manager |
load-balancer | Load Balancer Ipv6 Internet Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ipv6-internet-template.md | Title: Deploy an Internet-facing load-balancer with IPv6 - Azure template description: Learn how to deploy IPv6 support for Azure Load Balancer and load-balanced VMs using an Azure template. keywords: ipv6, azure load balancer, dual stack, public ip, native ipv6, mobile, iot - Last updated 09/25/2017 + # Deploy an Internet-facing load-balancer solution with IPv6 using a template |
load-balancer | Load Balancer Ipv6 Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-ipv6-overview.md | Title: Overview of IPv6 - Azure Load Balancer description: With this learning path, get started with IPv6 support for Azure Load Balancer and load-balanced VMs. keywords: ipv6, azure load balancer, dual stack, public ip, native ipv6, mobile, iot --+ Last updated 08/24/2018 + # Overview of IPv6 for Azure Load Balancer |
load-balancer | Load Balancer Monitor Metrics Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-monitor-metrics-cli.md | Last updated 06/09/2022 -<!-- -Remove all the comments in this template before you sign-off or merge to the -main branch. >- # Get Load Balancer metrics with Azure Monitor CLI In this article, you'll learn some examples to list Load Balancer metrics using Azure Monitor CLI. |
load-balancer | Load Balancer Multiple Ip Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-multiple-ip-cli.md | Title: Load balancing on multiple IP configurations using Azure CLI description: Learn how to assign multiple IP addresses to a virtual machine using Azure CLI. - Last updated 06/25/2018 -+ + # Load balancing on multiple IP configurations using Azure CLI > [!div class="op_single_selector"] |
load-balancer | Load Balancer Multiple Ip Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-multiple-ip-powershell.md | Title: Load balancing on multiple IP configurations - Azure CLI + Title: Load balancing on multiple IP configurations - PowerShell -description: In this article, learn about load balancing across primary and secondary IP configurations using Azure CLI. +description: In this article, learn about load balancing across primary and secondary IP configurations using Azure PowerShell. - Last updated 09/25/2017 + # Load balancing on multiple IP configurations using PowerShell |
load-balancer | Load Balancer Multiple Ip | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-multiple-ip.md | |
load-balancer | Load Balancer Multiple Virtual Machine Scale Set | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-multiple-virtual-machine-scale-set.md | Title: Add multiple Virtual Machine Scale Set instances behind one Azure Load Balancer -description: learn how to configure multiple Virtual Machine Scale Set instances behind a single Azure load Balancer +description: learn how to configure multiple Virtual Machine Scale Set instances behind a single Azure load Balancer. |
load-balancer | Load Balancer Multivip Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-multivip-overview.md | Title: Multiple frontends - Azure Load Balancer -description: This article describes the fundamentals of load balancing across multiple IP addresses using the same port and protocol using multiple frontends on Azure Load Balancer + Title: Multiple frontends ++description: This article describes the fundamentals of load balancing across multiple IP addresses using the same port and protocol using multiple frontends on Azure Load Balancer. --+ Last updated 09/19/2022 + # Multiple frontends for Azure Load Balancer |
load-balancer | Load Balancer Outbound Connections | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-outbound-connections.md | |
load-balancer | Load Balancer Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-overview.md | Title: What is Azure Load Balancer? description: Overview of Azure Load Balancer features, architecture, and implementation. Learn how the Load Balancer works and how to use it in the cloud. # Customer intent: As an IT administrator, I want to learn more about the Azure Load Balancer service and what I can use it for. - Last updated 11/30/2022 -+ # What is Azure Load Balancer? |
load-balancer | Load Balancer Query Metrics Rest Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-query-metrics-rest-api.md | |
load-balancer | Load Balancer Standard Availability Zones | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-standard-availability-zones.md | Title: Azure Load Balancer and Availability Zones description: With this learning path, get started with Azure Standard Load Balancer and Availability Zones. -+ Last updated 05/07/2020 + # Load Balancer and Availability Zones |
load-balancer | Load Balancer Standard Diagnostics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-standard-diagnostics.md | Title: Diagnostics with metrics, alerts, and resource health description: Use the available metrics, alerts, and resource health information to diagnose your load balancer. - -+ Last updated 01/26/2022 + # Standard load balancer diagnostics with metrics, alerts, and resource health |
load-balancer | Load Balancer Standard Virtual Machine Scale Sets | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-standard-virtual-machine-scale-sets.md | Title: Add rules for Azure Standard Load Balancer and virtual machine scale sets- -description: With this learning path, get started with Azure Standard Load Balancer and virtual machine scale sets. + Title: Guidance for virtual machine scale sets with Azure Standard Load Balancer +description: Learn about working with virtual machine scale sets and Azure Standard Load Balancer. - -+ Last updated 07/17/2020 + -# Add rules for Azure Load Balancer with virtual machine scale sets ++# Guidance for virtual machine scale sets with Azure Load Balancer When you work with virtual machine scale sets and Azure Load Balancer, consider the following guidelines. Each virtual machine scale set must have at least one inbound NAT pool. An inbou When you use the virtual machine scale set in the back-end pool of the load balancer, the default load-balancing rule is created automatically. -## Virtual Machine Scale Set Instance-level IPs +## Virtual Machine Scale Set instance-level IPs When virtual machine scale sets with [public IPs per instance](../virtual-machine-scale-sets/virtual-machine-scale-sets-networking.md) are created with a load balancer in front, the SKU of the instance IPs is determined by the SKU of the Load Balancer (i.e. Basic or Standard). |
load-balancer | Load Balancer Tcp Idle Timeout | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-tcp-idle-timeout.md | Title: Configure load balancer TCP reset and idle timeout description: In this article, learn how to configure Azure Load Balancer TCP idle timeout and reset. - Last updated 12/05/2022 + # Configure TCP reset and idle timeout for Azure Load Balancer |
load-balancer | Load Balancer Tcp Reset | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-tcp-reset.md | Title: Load Balancer TCP Reset and idle timeout in Azure description: With this article, learn about Azure Load Balancer with bidirectional TCP RST packets on idle timeout. - -+ Last updated 12/19/2022 + # Load Balancer TCP Reset and Idle Timeout |
load-balancer | Load Balancer Troubleshoot Backend Traffic | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-troubleshoot-backend-traffic.md | Title: Troubleshoot Azure Load Balancer description: Learn how to troubleshoot known issues with Azure Load Balancer. - Last updated 03/02/2022 + # Troubleshoot Azure Load Balancer backend traffic responses |
load-balancer | Load Balancer Troubleshoot Health Probe Status | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-troubleshoot-health-probe-status.md | Title: Troubleshoot Azure Load Balancer health probe status description: Learn how to troubleshoot known issues with Azure Load Balancer health probe status. - Last updated 12/02/2020 + # Troubleshoot Azure Load Balancer health probe status For the backend servers to participate in the load balancer set, they must pass The Load Balancer backend pool VMs may not be responding to the probes due to any of the following reasons: - Load Balancer backend pool VM is unhealthy -- Load Balancer backend pool VM is not listening on the probe port +- Load Balancer backend pool VM isn't listening on the probe port - Firewall, or a network security group is blocking the port on the Load Balancer backend pool VMs - Other misconfigurations in Load Balancer |
load-balancer | Load Balancer Troubleshoot | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/load-balancer-troubleshoot.md | Title: Troubleshoot common issues Azure Load Balancer description: Learn how to troubleshoot common issues with Azure Load Balancer. Last updated 12/05/2022 -+ # Troubleshoot Azure Load Balancer |
load-balancer | Manage Inbound Nat Rules | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/manage-inbound-nat-rules.md | |
load-balancer | Manage Probes How To | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/manage-probes-how-to.md | Title: Manage health probes for Azure Load Balancer - Azure portal -description: In this article, learn how to manage health probes for Azure Load Balancer using the Azure portal +description: In this article, learn how to manage health probes for Azure Load Balancer using the Azure portal. |
load-balancer | Manage Rules How To | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/manage-rules-how-to.md | Title: Manage rules for Azure Load Balancer - Azure portal -description: In this article, learn how to manage rules for Azure Load Balancer using the Azure portal +description: In this article, learn how to manage rules for Azure Load Balancer using the Azure portal. Last updated 12/13/2022-+ # Manage rules for Azure Load Balancer using the Azure portal |
load-balancer | Manage | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/manage.md | Title: Azure Load Balancer portal settings -description: Get started learning about Azure Load Balancer portal settings +description: Get started learning about Azure Load Balancer portal settings. Last updated 12/06/2022 -+ # Azure Load Balancer portal settings |
load-balancer | Monitor Load Balancer Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/monitor-load-balancer-reference.md | Title: Monitoring Load Balancer data reference -description: Important reference material needed when you monitor Load Balancer +description: Important reference material needed when you monitor Load Balancer. - Last updated 06/29/2021+ # Monitoring load balancer data reference |
load-balancer | Monitor Load Balancer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/monitor-load-balancer.md | |
load-balancer | Move Across Regions External Load Balancer Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/move-across-regions-external-load-balancer-portal.md | Title: Move an Azure external load balancer to another Azure region by using the Azure portal -description: Use an Azure Resource Manager template to move an external load balancer from one Azure region to another by using the Azure portal. + Title: Move an Azure external load balancer to another Azure region - Azure portal +description: Use an Azure Resource Manager template to move an external load balancer from one Azure region to another using the Azure portal. Last updated 09/17/2019 + -# Move an external load balancer to another region by using the Azure portal +# Move an external load balancer to another region using the Azure portal There are various scenarios in which you'd want to move an external load balancer from one region to another. For example, you might want to create another external load balancer with the same configuration for testing. You also might want to move an external load balancer to another region as part of disaster recovery planning. |
load-balancer | Move Across Regions External Load Balancer Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/move-across-regions-external-load-balancer-powershell.md | Title: Move Azure external Load Balancer to another Azure region using Azure PowerShell + Title: Move Azure external Load Balancer to another Azure region - Azure PowerShell description: Use Azure Resource Manager template to move Azure external Load Balancer from one Azure region to another using Azure PowerShell. Last updated 09/17/2019 -+ # Move Azure external Load Balancer to another region using Azure PowerShell |
load-balancer | Move Across Regions Internal Load Balancer Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/move-across-regions-internal-load-balancer-portal.md | Title: Move Azure internal Load Balancer to another Azure region using the Azure portal -description: Use Azure Resource Manager template to move Azure internal Load Balancer from one Azure region to another using the Azure portal + Title: Move Azure internal Load Balancer to another Azure region - Azure portal +description: Use Azure Resource Manager template to move Azure internal Load Balancer from one Azure region to another using the Azure portal. Last updated 09/18/2019 + # Move Azure internal Load Balancer to another region using the Azure portal |
load-balancer | Move Across Regions Internal Load Balancer Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/move-across-regions-internal-load-balancer-powershell.md | Title: Move Azure internal Load Balancer to another Azure region using Azure PowerShell + Title: Move Azure internal Load Balancer to another Azure region - Azure PowerShell description: Use Azure Resource Manager template to move Azure internal Load Balancer from one Azure region to another using Azure PowerShell Last updated 09/17/2019 -+ # Move Azure internal Load Balancer to another region using PowerShell |
load-balancer | Outbound Rules | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/outbound-rules.md | |
load-balancer | Powershell Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/powershell-samples.md | Title: Azure PowerShell Samples - Azure Load Balancer + Title: Azure PowerShell Samples + description: With these samples, load balance traffic to multiple websites on VMs and traffic to VMs for HA with Azure Load Balancer. documentationcenter: load-balancer - -+ Last updated 12/10/2018 -+ + # Azure PowerShell Samples for Load Balancer The following table includes links to scripts built using Azure PowerShell. |
load-balancer | Python Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/python-samples.md | documentationcenter: load-balancer -+ Last updated 08/20/2021 |
load-balancer | Quickstart Load Balancer Standard Internal Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-internal-bicep.md | Title: 'Quickstart: Create an internal Azure load balancer using Bicep' + Title: 'Quickstart: Create an internal Azure load balancer - Bicep' description: This quickstart shows how to create an internal Azure load balancer using Bicep. - Last updated 04/29/2022+ -# Quickstart: Create an internal load balancer to load balance VMs by using Bicep +# Quickstart: Create an internal load balancer to load balance VMs using Bicep This quickstart describes how to use Bicep to create an internal Azure load balancer. |
load-balancer | Quickstart Load Balancer Standard Internal Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-internal-cli.md | Title: 'Quickstart: Create an internal load balancer - Azure CLI' -description: This quickstart shows how to create an internal load balancer by using the Azure CLI. +description: This quickstart shows how to create an internal load balancer using the Azure CLI. Last updated 03/23/2022 -+ #Customer intent: I want to create a load balancer so that I can load balance internal traffic to VMs. -# Quickstart: Create an internal load balancer to load balance VMs by using the Azure CLI ++# Quickstart: Create an internal load balancer to load balance VMs using the Azure CLI Get started with Azure Load Balancer by using the Azure CLI to create an internal load balancer and two virtual machines. |
load-balancer | Quickstart Load Balancer Standard Internal Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-internal-portal.md | Title: "Quickstart: Create an internal load balancer - Azure portal" -description: This quickstart shows how to create an internal load balancer by using the Azure portal. +description: This quickstart shows how to create an internal load balancer using the Azure portal. Last updated 07/18/2022 -+ #Customer intent: I want to create a internal load balancer so that I can load balance internal traffic to VMs. |
load-balancer | Quickstart Load Balancer Standard Internal Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-internal-powershell.md | |
load-balancer | Quickstart Load Balancer Standard Internal Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-internal-template.md | Title: 'Quickstart: Create an internal load balancer by using a template' -description: This quickstart shows how to create an internal Azure load balancer by using an Azure Resource Manager template (ARM template). + Title: 'Quickstart: Create an internal load balancer - ARM template' +description: This quickstart shows how to create an internal Azure load balancer using an Azure Resource Manager template (ARM template). - Last updated 12/15/2022+ -# Quickstart: Create an internal load balancer to load balance VMs by using an ARM template +# Quickstart: Create an internal load balancer to load balance VMs using an ARM template This quickstart describes how to use an Azure Resource Manager template (ARM template) to create an internal Azure load balancer. |
load-balancer | Quickstart Load Balancer Standard Public Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-public-bicep.md | Title: "Quickstart: Create a public load balancer - Bicep" -description: This quickstart shows how to create a load balancer by using a Bicep file. +description: This quickstart shows how to create a load balancer using a Bicep file. Last updated 08/17/2022 -+ #Customer intent: I want to create a load balancer by using a Bicep file so that I can load balance internet traffic to VMs. -# Quickstart: Create a public load balancer to load balance VMs by using a Bicep file +# Quickstart: Create a public load balancer to load balance VMs using a Bicep file Load balancing provides a higher level of availability and scale by spreading incoming requests across multiple virtual machines (VMs). |
load-balancer | Quickstart Load Balancer Standard Public Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-public-cli.md | Title: "Quickstart: Create a public load balancer - Azure CLI" -description: This quickstart shows how to create a public load balancer using the Azure CLI +description: This quickstart shows how to create a public load balancer using the Azure CLI. Last updated 03/16/2022 -+ #Customer intent: I want to create a load balancer so that I can load balance internet traffic to VMs. |
load-balancer | Quickstart Load Balancer Standard Public Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-public-portal.md | Title: "Quickstart: Create a public load balancer - Azure portal" -description: This quickstart shows how to create a load balancer by using the Azure portal. +description: This quickstart shows how to create a load balancer using the Azure portal. Last updated 12/27/2022 -+ #Customer intent: I want to create a load balancer so that I can load balance internet traffic to VMs. |
load-balancer | Quickstart Load Balancer Standard Public Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-public-powershell.md | Title: 'Quickstart: Create a public load balancer - Azure PowerShell' -description: This quickstart shows how to create a load balancer using Azure PowerShell +description: This quickstart shows how to create a load balancer using Azure PowerShell. Last updated 03/17/2022 -+ #Customer intent: I want to create a load balancer so that I can load balance internet traffic to VMs. |
load-balancer | Quickstart Load Balancer Standard Public Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/quickstart-load-balancer-standard-public-template.md | Title: "Quickstart: Create a public load balancer - Azure template" + Title: "Quickstart: Create a public load balancer - ARM template" description: This quickstart shows how to create a load balancer by using an Azure Resource Manager template. Last updated 12/13/2022 -+ #Customer intent: I want to create a load balancer by using an Azure Resource Manager template so that I can load balance internet traffic to VMs. -# Quickstart: Create a public load balancer to load balance VMs by using an ARM template +# Quickstart: Create a public load balancer to load balance VMs using an ARM template Load balancing provides a higher level of availability and scale by spreading incoming requests across multiple virtual machines (VMs). |
load-balancer | Skus | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/skus.md | Title: Azure Load Balancer SKUs -description: Overview of Azure Load Balancer SKUs +description: Overview of Azure Load Balancer SKUs. Last updated 12/22/2021 - + # Azure Load Balancer SKUs >[!Important] |
load-balancer | Troubleshoot Load Balancer Imds | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/troubleshoot-load-balancer-imds.md | Title: Common error codes for Azure Instance Metadata Service (IMDS) -description: Overview of common error codes and corresponding mitigation methods for Azure Instance Metadata Service (IMDS) +description: Overview of common error codes and corresponding mitigation methods for Azure Instance Metadata Service (IMDS). Last updated 02/12/2021 - + # Error codes: Common error codes when using IMDS to retrieve load balancer information This article describes common deployment errors and how to resolve those errors while using the Azure Instance Metadata Service (IMDS). |
load-balancer | Troubleshoot Outbound Connection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/troubleshoot-outbound-connection.md | |
load-balancer | Troubleshoot Rhc | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/troubleshoot-rhc.md | description: Use the available metrics to diagnose your degraded or unavailable -+ Last updated 08/14/2020 |
load-balancer | Tutorial Add Lb Existing Scale Set Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-add-lb-existing-scale-set-portal.md | |
load-balancer | Tutorial Cross Region Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-cross-region-cli.md | Title: 'Tutorial: Create a cross-region load balancer using Azure CLI' + Title: 'Tutorial: Create a cross-region load balancer - Azure CLI' description: Get started with this tutorial deploying a cross-region Azure Load Balancer using Azure CLI. |
load-balancer | Tutorial Cross Region Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-cross-region-portal.md | Title: 'Tutorial: Create a cross-region load balancer using the Azure portal' + Title: 'Tutorial: Create a cross-region load balancer - Azure portal' description: Get started with this tutorial deploying a cross-region Azure Load Balancer with the Azure portal. |
load-balancer | Tutorial Cross Region Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-cross-region-powershell.md | Title: 'Tutorial: Create a cross-region load balancer using Azure PowerShell' + Title: 'Tutorial: Create a cross-region load balancer - Azure PowerShell' description: Get started with this tutorial deploying a cross-region Azure Load Balancer using Azure PowerShell. |
load-balancer | Tutorial Gateway Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-gateway-cli.md | |
load-balancer | Tutorial Load Balancer Ip Backend Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-load-balancer-ip-backend-portal.md | Title: 'Tutorial: Create a public load balancer with an IP-based backend - Azure portal' -description: In this tutorial, learn how to create a public load balancer with an IP based backend pool. +description: In this tutorial, learn how to create a public load balancer with an IP based backend pool using the Azure portal. Last updated 12/16/2022-+ # Tutorial: Create a public load balancer with an IP-based backend using the Azure portal |
load-balancer | Tutorial Load Balancer Port Forwarding Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-load-balancer-port-forwarding-portal.md | Title: "Tutorial: Create a single virtual machine inbound NAT rule - Azure portal" -description: This tutorial shows how to configure port forwarding using Azure Load Balancer to create a connection to a single virtual machine in an Azure virtual network. +description: In this tutorial, learn how to configure port forwarding using Azure Load Balancer to create a connection to a single virtual machine in an Azure virtual network. |
load-balancer | Tutorial Load Balancer Standard Public Zonal Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-load-balancer-standard-public-zonal-portal.md | Title: "Tutorial: Load balance VMs within an availability zone - Azure portal" -description: This tutorial demonstrates how to create a Standard Load Balancer with zonal frontend to load balance VMs within an availability zone by using Azure portal +description: This tutorial demonstrates how to create a Standard Load Balancer with zonal frontend to load balance VMs within an availability zone by using Azure portal. # Customer intent: As an IT administrator, I want to create a load balancer that load balances incoming internet traffic to virtual machines within a specific zone in a region. |
load-balancer | Tutorial Multi Availability Sets Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-multi-availability-sets-portal.md | |
load-balancer | Tutorial Nat Rule Multi Instance Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-nat-rule-multi-instance-portal.md | Title: "Tutorial: Create a multiple virtual machines inbound NAT rule - Azure portal" -description: This tutorial shows how to configure port forwarding using Azure Load Balancer to create a connection to multiple virtual machines in an Azure virtual network. +description: In this tutorial, learn how to configure port forwarding using Azure Load Balancer to create a connection to multiple virtual machines in an Azure virtual network. |
load-balancer | Tutorial Protect Load Balancer Ddos | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/tutorial-protect-load-balancer-ddos.md | |
load-balancer | Upgrade Basic Standard Virtual Machine Scale Sets | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/upgrade-basic-standard-virtual-machine-scale-sets.md | |
load-balancer | Upgrade Basic Standard | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/upgrade-basic-standard.md | |
load-balancer | Upgrade Basicinternal Standard | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/upgrade-basicInternal-standard.md | Title: Upgrade from Basic Internal to Standard Internal - Azure Load Balancer -description: This article shows you how to upgrade Azure Internal Load Balancer from Basic SKU to Standard SKU + Title: Upgrade an internal basic load balancer - No outbound connections required ++description: This article shows you how to upgrade Azure Internal Load Balancer from Basic SKU to Standard SKU. Last updated 12/15/2022 -+ -# Upgrade Azure Internal Load Balancer- No Outbound Connection Required +# Upgrade an internal basic load balancer - No outbound connections required >[!Important] >On September 30, 2025, Basic Load Balancer will be retired. For more information, see the [official announcement](https://azure.microsoft.com/updates/azure-basic-load-balancer-will-be-retired-on-30-september-2025-upgrade-to-standard-load-balancer/). If you are currently using Basic Load Balancer, make sure to upgrade to Standard Load Balancer prior to the retirement date. This article will help guide you through the upgrade process. |
load-balancer | Upgrade Internalbasic To Publicstandard | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/upgrade-internalbasic-to-publicstandard.md | |
load-balancer | Virtual Network Ipv4 Ipv6 Dual Stack Standard Load Balancer Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-cli.md | Title: Deploy IPv6 dual stack application - Standard Load Balancer - CLI description: This article shows how deploy an IPv6 dual stack application in Azure virtual network using Azure CLI. - Last updated 03/31/2020 + -# Deploy an IPv6 dual stack application in Azure virtual network - CLI +# Deploy an IPv6 dual stack application in Azure virtual network using Azure CLI This article shows you how to deploy a dual stack (IPv4 + IPv6) application using Standard Load Balancer in Azure that includes a dual stack virtual network with a dual stack subnet, a Standard Load Balancer with dual (IPv4 + IPv6) front-end configurations, VMs with NICs that have a dual IP configuration, dual network security group rules, and dual public IPs. |
load-balancer | Virtual Network Ipv4 Ipv6 Dual Stack Standard Load Balancer Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-powershell.md | Title: Deploy IPv6 dual stack application - Standard Load Balancer - PowerShell description: This article shows how deploy an IPv6 dual stack application with Standard Load Balancer in Azure virtual network using Azure PowerShell. - Last updated 04/01/2020 -+ -# Deploy an IPv6 dual stack application in Azure - PowerShell +# Deploy an IPv6 dual stack application in Azure virtual network using PowerShell This article shows you how to deploy a dual stack (IPv4 + IPv6) application using Standard Load Balancer in Azure that includes a dual stack virtual network and subnet, a Standard Load Balancer with dual (IPv4 + IPv6) front-end configurations, VMs with NICs that have a dual IP configuration, network security group, and public IPs. |
load-balancer | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/load-balancer/whats-new.md | |
machine-learning | Concept Endpoints | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/concept-endpoints.md | The following table highlights the key differences between managed online endpoi | | Managed online endpoints | Kubernetes online endpoints | | -- | | -- | | **Recommended users** | Users who want a managed model deployment and enhanced MLOps experience | Users who prefer Kubernetes and can self-manage infrastructure requirements |-| **Infrastructure management** | Managed compute provisioning, scaling, host OS image updates, and security hardening | User responsibility | -| **Compute type** | Managed (AmlCompute) | Kubernetes cluster (Kubernetes) | -| **Out-of-box monitoring** | [Azure Monitoring](how-to-monitor-online-endpoints.md) <br> (includes key metrics like latency and throughput) | Supported | -| **Out-of-box logging** | [Azure Logs and Log Analytics at endpoint level](how-to-deploy-managed-online-endpoints.md#optional-integrate-with-log-analytics) | Unsupported | -| **Application Insights** | Supported | Supported | +| **Node provisioning** | Managed compute provisioning, update, removal | User responsibility | +| **Node maintenance** | Managed host OS image updates, and security hardening | User responsibility | +| **Cluster sizing (scaling)** | [Managed manual and autoscale](how-to-autoscale-endpoints.md), supporting additional nodes provisioning | [Manual and autoscale](v1/how-to-deploy-azure-kubernetes-service.md#autoscaling), supporting scaling the number of replicas within fixed cluster boundaries | +| **Compute type** | Managed by the service | Customer-managed Kubernetes cluster (Kubernetes) | | **Managed identity** | [Supported](how-to-access-resources-from-endpoints-managed-identities.md) | Supported |-| **Virtual Network (VNET)** | [Supported](how-to-secure-online-endpoint.md) | Supported | -| **View costs** | [Endpoint and deployment level](how-to-view-online-endpoints-costs.md) | Cluster level | +| **Virtual Network (VNET)** | [Supported via managed network isolation](how-to-secure-online-endpoint.md) | User responsibility | +| **Out-of-box monitoring & logging** | [Azure Monitor and Log Analytics powered](how-to-monitor-online-endpoints.md) (includes key metrics and log tables for endpoints and deployments) | User responsibility | +| **Logging with Application Insights (legacy)** | Supported | Supported | +| **View costs** | [Detailed to endpoint / deployment level](how-to-view-online-endpoints-costs.md) | Cluster level | +| **Cost applied to** | VMs assigned to the deployments | VMs assigned to the cluster | | **Mirrored traffic** | [Supported](how-to-safely-rollout-online-endpoints.md#test-the-deployment-with-mirrored-traffic-preview) (preview) | Unsupported | | **No-code deployment** | Supported ([MLflow](how-to-deploy-mlflow-models-online-endpoints.md) and [Triton](how-to-deploy-with-triton.md) models) | Supported ([MLflow](how-to-deploy-mlflow-models-online-endpoints.md) and [Triton](how-to-deploy-with-triton.md) models) | |
machine-learning | How To Deploy Online Endpoints | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/how-to-deploy-online-endpoints.md | For supported general-purpose and GPU instance types, see [Managed online endpoi ### Use more than one model -Currently, you can specify only one model per deployment in the YAML. If you've more than one model, when you register the model, copy all the models as files or subdirectories into a folder that you use for registration. In your scoring script, use the environment variable `AZUREML_MODEL_DIR` to get the path to the model root folder. The underlying directory structure is retained. For an example of deploying multiple models to one deployment, see [Deploy multiple models to one deployment](https://github.com/Azure/azureml-examples/blob/main/cli/endpoints/online/custom-container/minimal/multimodel). +Currently, you can specify only one model per deployment in the YAML. If you have more than one model, when you register the model, copy all the models as files or subdirectories into a folder that you use for registration. In your scoring script, use the environment variable `AZUREML_MODEL_DIR` to get the path to the model root folder. The underlying directory structure is retained. For an example of deploying multiple models to one deployment, see [Deploy multiple models to one deployment](https://github.com/Azure/azureml-examples/blob/main/cli/endpoints/online/custom-container/minimal/multimodel). ++> [!TIP] +> If you have more than 1500 files to register, you may consider compressing the files or subdirectories as .tar.gz when registering the model. To consume the models, you can uncompress the files or subdirectories in the init() function from the scoring script. In this case, uncompression happens once in the initialization stage. ## Understand the scoring script |
machine-learning | How To Label Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/how-to-label-data.md | title.suffix: Azure Machine Learning description: Use data labeling tools to rapidly label text or label images for a Machine Learning in a data labeling project. -+ Previously updated : 03/18/2022 Last updated : 02/10/2023 # Labeling images and text documents -After your project administrator creates an [image data labeling project](./how-to-create-image-labeling-projects.md) or [text data labeling project](./how-to-create-text-labeling-projects.md) in Azure Machine Learning, you can use the labeling tool to rapidly prepare data for a Machine Learning project. This article describes: +After your project administrator creates an Azure Machine Learning [image data labeling project](./how-to-create-image-labeling-projects.md) or an Azure Machine Learning [text data labeling project](./how-to-create-text-labeling-projects.md), you can use the labeling tool to rapidly prepare data for a Machine Learning project. This article describes: > [!div class="checklist"] > * How to access your labeling projects After your project administrator creates an [image data labeling project](./how- ## Prerequisites -* A [Microsoft account](https://account.microsoft.com/account) or an Azure Active Directory account for the organization and project. -* Contributor level access to the workspace that contains the labeling project. +* A [Microsoft account](https://account.microsoft.com/account), or an Azure Active Directory account, for the organization and project. +* Contributor-level access to the workspace containing the labeling project. ## Sign in to the studio 1. Sign in to [Azure Machine Learning studio](https://ml.azure.com). -1. Select the subscription and the workspace that contains the labeling project. Get this information from your project administrator. +1. Select the subscription and the workspace containing the labeling project. Your project administrator has this information. -1. Depending on your access level, you may see multiple sections on the left. If so, select **Data labeling** on the left-hand side to find the project. +1. You may see multiple sections on the left, depending on your access level. If you do, select **Data labeling** on the left-hand side to find the project. ## Understand the labeling task -In the table of data labeling projects, select the **Label data** link for your project. +In the data labeling project table, select the **Label data** link for your project. -You see instructions that are specific to your project. They explain the type of data that you're facing, how you should make your decisions, and other relevant information. After you read this information, at the top of the page select **Tasks**. Or at the bottom of the page, select **Start labeling**. +You see instructions, specific to your project. They explain the type of data involved, how you should make your decisions, and other relevant information. Read the information, and select **Tasks** at the top of the page. You can also select **Start labeling** at the bottom of the page. ## Selecting a label -In all data labeling tasks, you choose an appropriate tag or tags from a set that's specified by the project administrator. You can select the first nine tags by using the number keys on your keyboard. +In all data labeling tasks, you choose an appropriate tag or tags from a set specified by the project administrator. You can use the keyboard number keys to select the first nine tags. ## Assisted machine learning -Machine learning algorithms may be triggered during your labeling. If these algorithms are enabled in your project, you may see the following: +Machine learning algorithms may be triggered during your labeling. If your project has these algorithms enabled, you may see: * Images - * After some amount of data have been labeled, you may see **Tasks clustered** at the top of your screen next to the project name. This means that images are grouped together to present similar images on the same page. If so, switch to one of the multiple image views to take advantage of the grouping. + * After some amount of data is labeled, you might see **Tasks clustered** at the top of your screen, next to the project name. Images are grouped together to present similar images on the same page. If so, switch to one of the multiple image views to take advantage of the grouping. - * At a later point, you may see **Tasks prelabeled** next to the project name. Items will then appear with a suggested label that comes from a machine learning classification model. No machine learning model has 100% accuracy. While we only use data for which the model is confident, these data might still be incorrectly prelabeled. When you see labels, correct any wrong labels before submitting the page. + * Later on, you might see **Tasks prelabeled** next to the project name. Items appear with a suggested label produced by a machine learning classification model. No machine learning model has 100% accuracy. While we only use data for which the model is confident, these data values might still have incorrect pre-labels. When you see labels, correct any wrong labels before you submit the page. - * For object identification models, you may see bounding boxes and labels already present. Correct any that are incorrect before submitting the page. + * For object identification models, you may see bounding boxes and labels already present. Correct all mistakes with them before you submit the page. - * For segmentation models, you may see polygons and labels already present. Correct any that are incorrect before submitting the page. + * For segmentation models, you may see polygons and labels already present. Correct all mistakes with them before you submit the page. * Text - * At some point, you may see **Tasks prelabeled** next to the project name. Items will then appear with a suggested label that comes from a machine learning classification model. No machine learning model has 100% accuracy. While we only use data for which the model is confident, these data might still be incorrectly prelabeled. When you see labels, correct any wrong labels before submitting the page. + * You may eventually see **Tasks prelabeled** next to the project name. Items appear with a suggested label that a machine learning classification model produces. No machine learning model has 100% accuracy. While we only use data for which the model is confident, these data values might still be incorrectly prelabeled. When you see labels, correct any wrong labels before submitting the page. -Especially early in a labeling project, the machine learning model may only be accurate enough to prelabel a small subset of images. Once these images are labeled, the labeling project will return to manual labeling to gather more data for the next round of model training. Over time, the model will become more confident about a higher proportion of images, resulting in more prelabel tasks later in the project. +Early in a labeling project, the machine learning model may only have enough accuracy to pre-label a small image subset. Once these images are labeled, the labeling project will return to manual labeling to gather more data for the next model training round. Over time, the model will become more confident about a higher proportion of images. Later in the project, its confidence results in more pre-label tasks. -When there are no more prelabled tasks, you'll stop confirming or correcting labels and go back to manually tagging the items. +When there are no more pre-labeled tasks, you stop confirming or correcting labels, and go back to manual item tagging. ## <a name="image-tasks"></a> Image tasks For image-classification tasks, you can choose to view multiple images simultaneously. Use the icons above the image area to select the layout. -To select all the displayed images simultaneously, use **Select all**. To select individual images, use the circular selection button in the upper-right corner of the image. You must select at least one image to apply a tag. If you select multiple images, any tag that you select will be applied to all the selected images. +To select all the displayed images simultaneously, use **Select all**. To select individual images, use the circular selection button in the upper-right corner of the image. You must select at least one image to apply a tag. If you select multiple images, any tag that you select applies to all the selected images. -Here we've chosen a two-by-two layout and are about to apply the tag "Mammal" to the images of the bear and orca. The image of the shark was already tagged as "Cartilaginous fish," and the iguana hasn't been tagged yet. +Here, we chose a two-by-two layout, and applied the tag "Mammal" to the bear and orca images. The shark image was already tagged as "Cartilaginous fish," and the iguana doesn't yet have a tag.  > [!Important]-> Only switch layouts when you have a fresh page of unlabeled data. Switching layouts clears the page's in-progress tagging work. +> Switch layouts only when you have a fresh page of unlabeled data. Switching layouts clears the in-progress tagging work of the page. -Azure enables the **Submit** button when you've tagged all the images on the page. Select **Submit** to save your work. +Once you tag all the images on the page, Azure enables the **Submit** button. Select **Submit** to save your work. After you submit tags for the data at hand, Azure refreshes the page with a new set of images from the work queue. Image projects support DICOM image format for X-ray file images. :::image type="content" source="media/how-to-label-data/x-ray-image.png" alt-text="X-ray DICOM image to be labeled."::: -While you label the medical images with the same tools as any other images, there is an additional tool for DICOM images. Select the **Window and level** tool to change the intensity of the image. This tool is available only for DICOM images. +While you label the medical images with the same tools as any other images, you can use a different tool for DICOM images. Select the **Window and level** tool to change the intensity of the image. This tool is available only for DICOM images. :::image type="content" source="media/how-to-label-data/window-level-tool.png" alt-text="Window and level tool for DICOM images."::: ## Tag images for multi-class classification -If your project is of type "Image Classification Multi-Class," you'll assign a single tag to the entire image. To review the directions at any time, go to the **Instructions** page and select **View detailed instructions**. +Assign a single tag to the entire image for an "Image Classification Multi-Class" project type. To review the directions at any time, go to the **Instructions** page, and select **View detailed instructions**. -If you realize that you made a mistake after you assign a tag to an image, you can fix it. Select the "**X**" on the label that's displayed below the image to clear the tag. Or, select the image and choose another class. The newly selected value will replace the previously applied tag. +If you realize that you made a mistake after you assign a tag to an image, you can fix it. Select the "**X**" on the label displayed below the image, to clear the tag. You can also select the image and choose another class. The newly selected value replaces the previously applied tag. ## Tag images for multi-label classification -If you're working on a project of type "Image Classification Multi-Label," you'll apply one *or more* tags to an image. To see the project-specific directions, select **Instructions** and go to **View detailed instructions**. +If your project is of type "Image Classification Multi-Label," you apply one *or more* tags to an image. To see the project-specific directions, select **Instructions**, and go to **View detailed instructions**. -Select the image that you want to label and then select the tag. The tag is applied to all the selected images, and then the images are deselected. To apply more tags, you must reselect the images. The following animation shows multi-label tagging: +Select the image that you want to label, and then select the tag. The tag is applied to all the selected images, and then the images are deselected. To apply more tags, you must reselect the images. The following animation shows multi-label tagging: 1. **Select all** is used to apply the "Ocean" tag. 1. A single image is selected and tagged "Closeup." Select the image that you want to label and then select the tag. The tag is appl  -To correct a mistake, select the "**X**" to clear an individual tag or select the images and then select the tag, which clears the tag from all the selected images. This scenario is shown here. Selecting "Land" will clear that tag from the two selected images. +To correct a mistake, select the "**X**" to clear an individual tag, or select the images and then select the tag, to clear the tag from all the selected images. This scenario is shown here. Selecting "Land" clears that tag from the two selected images.  -Azure will only enable the **Submit** button after you've applied at least one tag to each image. Select **Submit** to save your work. +Azure will only enable the **Submit** button after you apply at least one tag to each image. Select **Submit** to save your work. ## Tag images and specify bounding boxes for object detection -If your project is of type "Object Identification (Bounding Boxes)," you'll specify one or more bounding boxes in the image and apply a tag to each box. Images can have multiple bounding boxes, each with a single tag. Use **View detailed instructions** to determine if multiple bounding boxes are used in your project. +If your project is of type "Object Identification (Bounding Boxes)," you specify one or more bounding boxes in the image, and apply a tag to each box. Images can have multiple bounding boxes, each with a single tag. Use **View detailed instructions** to determine if your project uses multiple bounding boxes. -1. Select a tag for the bounding box that you plan to create. -1. Select the **Rectangular box** tool  or select "R." -3. Select and drag diagonally across your target to create a rough bounding box. To adjust the bounding box, drag the edges or corners. +1. Select a tag for the bounding box you plan to create. +1. Select the **Rectangular box** tool , or select "R." +3. Select and diagonally drag across your target, to create a rough bounding box. Drag the edges or corners to adjust the bounding box.  To delete a bounding box, select the X-shaped target that appears next to the bounding box after creation. -You can't change the tag of an existing bounding box. If you make a tag-assignment mistake, you have to delete the bounding box and create a new one with the correct tag. +You can't change the tag of an existing bounding box. To fix a tag-assignment mistake, you must delete the bounding box, and create a new one with the correct tag. By default, you can edit existing bounding boxes. The **Lock/unlock regions** tool  or "L" toggles that behavior. If regions are locked, you can only change the shape or location of a new bounding box. -Use the **Regions manipulation** tool  or "M" to adjust an existing bounding box. Drag the edges or corners to adjust the shape. Select in the interior to be able to drag the whole bounding box. If you can't edit a region, you've probably toggled the **Lock/unlock regions** tool. +Use the **Regions manipulation** tool , or "M", to adjust an existing bounding box. Drag the edges or corners to adjust the shape. Select in the interior if you want to drag the whole bounding box. If you can't edit a region, you probably toggled the **Lock/unlock regions** tool. -Use the **Template-based box** tool  or "T" to create multiple bounding boxes of the same size. If the image has no bounding boxes and you activate template-based boxes, the tool will produce 50-by-50-pixel boxes. If you create a bounding box and then activate template-based boxes, any new bounding boxes will be the size of the last box that you created. Template-based boxes can be resized after placement. Resizing a template-based box only resizes that particular box. +Use the **Template-based box** tool , or "T", to create multiple bounding boxes of the same size. If the image has no bounding boxes, and you activate template-based boxes, the tool produces 50-by-50-pixel boxes. If you create a bounding box, and then activate template-based boxes, the size of any new bounding boxes matches the size of the last box that you created. Template-based boxes can be resized after placement. Resizing a template-based box only resizes that particular box. To delete *all* bounding boxes in the current image, select the **Delete all regions** tool . After you create the bounding boxes for an image, select **Submit** to save your ## Tag images and specify polygons for image segmentation -If your project is of type "Instance Segmentation (Polygon)," you'll specify one or more polygons in the image and apply a tag to each polygon. Images can have multiple bounding polygons, each with a single tag. Use **View detailed instructions** to determine if multiple bounding polygons are used in your project. +If your project is of type "Instance Segmentation (Polygon)," specify one or more polygons in the image, and apply a tag to each polygon. Images can have multiple bounding polygons, each with a single tag. Use **View detailed instructions** to determine if your project uses multiple bounding polygons. 1. Select a tag for the polygon that you plan to create.-1. Select the **Draw polygon region** tool  or select "P." -1. Select for each point in the polygon. When you've completed the shape, double-click to finish. +1. Select the **Draw polygon region** tool , or select "P." +1. Select for each point in the polygon. When you complete the shape, double-click to finish. :::image type="content" source="media/how-to-label-data/polygon.gif" alt-text="Create polygons for Cat and Dog"::: To delete a polygon, select the X-shaped target that appears next to the polygon after creation. -If you want to change the tag for a polygon, select the **Move region** tool, select the polygon, and select the correct tag. +To change the tag for a polygon, select the **Move region** tool, select the polygon, and select the correct tag. -You can edit existing polygons. The **Lock/unlock regions** tool  or "L" toggles that behavior. If regions are locked, you can only change the shape or location of a new polygon. +You can edit existing polygons. The **Lock/unlock regions** tool , or "L", toggles that behavior. If regions are locked, you can only change the shape or location of a new polygon. -Use the **Add or remove polygon points** tool  or "U" to adjust an existing polygon. Select the polygon to add or remove a point. If you can't edit a region, you've probably toggled the **Lock/unlock regions** tool. +Use the **Add or remove polygon points** tool , or "U", to adjust an existing polygon. Select the polygon to add or remove a point. If you can't edit a region, you probably toggled the **Lock/unlock regions** tool. To delete *all* polygons in the current image, select the **Delete all regions** tool . There are three text project types: |Project type | Description | |||-| Classification Multi-Class | Assign a single tag to the entire text entry. You can only select one tag for each text item. Select a tag and then select **Submit** to move to the next entry. | -| Classification Multi-Label | Assign one *or more* tags to each text entry. You can select multiple tags for each text item. Select all the tags that apply and then select **Submit** to move to the next entry. | -| Named entity recognition | Tag different words or phrases in each text entry. See directions in the section below. +| Classification Multi-Class | Assign a single tag to the entire text entry. You can only select one tag for each text item. Select a tag, and then select **Submit** to move to the next entry. | +| Classification Multi-Label | Assign one *or more* tags to each text entry. You can select multiple tags for each text item. Select all the tags that apply, and then select **Submit** to move to the next entry. | +| Named entity recognition | Tag different words or phrases in each text entry. See directions in the next section. +To see the project-specific directions, select **Instructions**, and go to **View detailed instructions**. -To see the project-specific directions, select **Instructions** and go to **View detailed instructions**. --### Tag words and phrases +### Tag words and phrases If your project is set up for named entity recognition, you tag different words or phrases in each text item. To label text: -1. Select the label or type the number corresponding to the appropriate label +1. Select the label, or type the number corresponding to the appropriate label 1. Double-click on a word, or use your mouse to select multiple words. :::image type="content" source="media/how-to-label-data/named-entity-labeling.png" alt-text="Screenshot: Named entity recognition."::: To change a label, you can: -* Delete the label and start again. -* Change the value for all or some of a specific label in your current item: - * Select the label itself, which will select all instances of that label. - * Select again on the instances of this label to unselect any instances you don't want to change. +* Delete the label and start over. +* Change the value for some or all of a specific label in your current item: + * Select the label itself, which selects all instances of that label. + * Select again on the instances of this label, to unselect any instances you want to keep. * Finally, select a new label to change all the labels that are still selected. -When you've tagged all the items in an entry, select **Submit** to move to the next entry. +Once you tag all the items in an entry, select **Submit** to move to the next entry. ## Finish up -When you submit a page of tagged data, Azure assigns new unlabeled data to you from a work queue. If there's no more unlabeled data available, you'll get a message noting this along with a link to the portal home page. +When you submit a page of tagged data, Azure assigns new unlabeled data to you from a work queue. If there's no more unlabeled data available, a new message says so, along with a link to the portal home page. -When you're done labeling, select your image inside a circle in the upper-right corner of the studio and then select **sign-out**. If you don't sign out, eventually Azure will "time you out" and assign your data to another labeler. +When you finish labeling, select your image inside a circle in the upper-right corner of the studio, and then select **sign-out**. If you don't sign out, eventually Azure will "time you out" and assign your data to another labeler. ## Next steps |
machine-learning | How To Manage Workspace | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/how-to-manage-workspace.md | As your needs change or requirements for automation increase you can also manage [!INCLUDE [register-namespace](../../includes/machine-learning-register-namespace.md)] +* If you're using Azure Container Registry (ACR), Storage Account, Key Vault, or Application Insights in the different subscription than the workspace, you cannot use network isolation with managed online endpoints. If you want to use network isolation with managed online endpoints, you must have ACR, Storage Account, Key Vault, and Application Insights in the same subscription with the workspace. For limitations that apply to network isolation with managed online endpoints, see [How to secure online endpoint](how-to-secure-online-endpoint.md#limitations). + * By default, creating a workspace also creates an Azure Container Registry (ACR). Since ACR doesn't currently support unicode characters in resource group names, use a resource group that doesn't contain these characters. * Azure Machine Learning doesn't support hierarchical namespace (Azure Data Lake Storage Gen2 feature) for the workspace's default storage account. |
machine-learning | How To Secure Online Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/how-to-secure-online-endpoint.md | The following diagram shows how communications flow through private endpoints to * You can configure public access to a __managed online endpoint__ (_inbound_ and _outbound_). You can also configure [public access to an Azure Machine Learning workspace](how-to-configure-private-link.md#enable-public-access). Outbound communication from a managed online endpoint deployment is to the _workspace API_. When the endpoint is configured to use __public outbound__, then the workspace must be able to accept that public communication (allow public access).+ +* When you use network isolation with a deployment, you can use Azure Container Registry (ACR), Storage account, Key Vault and Application Insights from a different resource group in the same subscription, but you cannot use them if they are in a different subscription. > [!NOTE] > Requests to create, update, or retrieve the authentication keys are sent to the Azure Resource Manager over the public network. az group delete --resource-group <resource-group-name> - [How to autoscale managed online endpoints](how-to-autoscale-endpoints.md) - [View costs for an Azure Machine Learning managed online endpoint](how-to-view-online-endpoints-costs.md) - [Access Azure resources with a online endpoint and managed identity](how-to-access-resources-from-endpoints-managed-identities.md)-- [Troubleshoot online endpoints deployment](how-to-troubleshoot-online-endpoints.md)+- [Troubleshoot online endpoints deployment](how-to-troubleshoot-online-endpoints.md) |
machine-learning | How To Use Batch Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/machine-learning/how-to-use-batch-endpoint.md | Invoking a batch endpoint triggers a batch scoring job. A job `name` will be ret ```python job = ml_client.batch_endpoints.invoke( endpoint_name=endpoint_name,- inputs=Input(path="https://pipelinedata.blob.core.windows.net/sampledata/mnist", type=AssetTypes.URI_FOLDER) + inputs=Input(path="https://azuremlexampledata.blob.core.windows.net/data/mnist/sample/", type=AssetTypes.URI_FOLDER) ) ``` job = ml_client.batch_endpoints.invoke( :::image type="content" source="./media/how-to-use-batch-endpoints-studio/job-setting-batch-scoring.png" alt-text="Screenshot of using the deployment to submit a batch job."::: 1. Select __Next__.-1. On __Select data source__, select the data input you want to use. For this example, select __Datastore__ and in the section __Path__ enter the full URL `https://pipelinedata.blob.core.windows.net/sampledat) for details. +1. On __Select data source__, select the data input you want to use. For this example, select __Datastore__ and in the section __Path__ enter the full URL `https://azuremlexampledata.blob.core.windows.net/dat) for details. :::image type="content" source="./media/how-to-use-batch-endpoints-studio/select-datastore-job.png" alt-text="Screenshot of selecting datastore as an input option."::: Use `output-path` to configure any folder in an Azure Machine Learning registere # [Python](#tab/python) -Use `output_path` to configure any folder in an Azure Machine Learning registered datastore. The syntax for the `--output-path` is the same as `--input` when you're specifying a folder, that is, `azureml://datastores/<datastore-name>/paths/<path-on-datastore>/`. Use `output_file_name=<your-file-name>` to configure a new output file name. +Use `params_override` to configure any folder in an Azure Machine Learning registered data store. Only registered data stores are supported as output paths. In this example we will use the default data store: ++```python +batch_ds = ml_client.datastores.get_default() +``` ++Once you identified the data store you want to use, configure the output as follows: ```python job = ml_client.batch_endpoints.invoke( endpoint_name=endpoint_name,- inputs={ - "input": Input(path="https://pipelinedata.blob.core.windows.net/sampledata/mnist", type=AssetTypes.URI_FOLDER) - }, - output_path={ - "score": Input(path=f"azureml://datastores/workspaceblobstore/paths/{endpoint_name}") - }, - output_file_name="predictions.csv" + input=Input( + path="https://azuremlexampledata.blob.core.windows.net/data/mnist/sample/", + type=AssetTypes.URI_FOLDER + ), + params_override=[ + { "output_dataset.datastore_id": f"azureml:{batch_ds.id}" }, + { "output_dataset.path": "/mnist-batch-results" } + { "output_file_name": "mnist-predictions.csv" }, + ] ) ``` # [Studio](#tab/azure-studio) 1. Navigate to the __Endpoints__ tab on the side menu.+ 1. Select the tab __Batch endpoints__.+ 1. Select the batch endpoint you just created.+ 1. Select __Create job__. :::image type="content" source="./media/how-to-use-batch-endpoints-studio/create-batch-job.png" alt-text="Screenshot of the create job option to start batch scoring."::: 1. On __Deployment__, select the deployment you want to execute.+ 1. Select __Next__.+ 1. Check the option __Override deployment settings__. :::image type="content" source="./media/how-to-use-batch-endpoints-studio/overwrite-setting.png" alt-text="Screenshot of the overwrite setting when starting a batch job."::: 1. You can now configure __Output file name__ and some extra properties of the deployment execution. Just this execution will be affected.+ 1. On __Select data source__, select the data input you want to use.+ 1. On __Configure output location__, check the option __Enable output configuration__. :::image type="content" source="./media/how-to-use-batch-endpoints-studio/configure-output-location.png" alt-text="Screenshot of optionally configuring output location."::: Some settings can be overwritten when invoke to make best use of the compute res ```python job = ml_client.batch_endpoints.invoke( endpoint_name=endpoint_name,- input=Input(path="https://pipelinedata.blob.core.windows.net/sampledata/mnist"), + input=Input( + path="https://azuremlexampledata.blob.core.windows.net/data/mnist/sample/" + ), params_override=[ { "mini_batch_size": "20" }, { "compute.instance_count": "5" } |
machine-learning | How To Use Batch Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/nodejs-use-node-modules-azure-apps.md | Title: Working with Node.js Modules description: Learn how to work with Node.js modules when using Azure App Service or Cloud Services.- documentationcenter: nodejs - ms.assetid: c0e6cd3d-932d-433e-b72d-e513e23b4eb6 ms.prod: azure-nodejs- ms.devlang: javascript Last updated 08/17/2016 - + # Using Node.js Modules with Azure applications This document provides guidance on using Node.js modules with applications hosted on Azure. It provides guidance on ensuring that your application uses a specific version of a module as well as using native modules with Azure. |
peering-service | About | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/about.md | Title: Azure Peering Service overview -description: Learn about Azure Peering Service +description: Learn about Azure Peering Service. - Last updated 01/19/2023 |
peering-service | Azure Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/azure-portal.md | Title: Create, change, or delete a Peering Service connection - Azure portal -description: Learn how to create, change, or delete a Peering Service connection using the Azure portal +description: Learn how to create, change, or delete a Peering Service connection using the Azure portal. |
peering-service | Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/cli.md | Title: Create, change, or delete a Peering Service connection - Azure CLI -description: Learn how to create, change, or delete a Peering Service connection using the Azure CLI +description: Learn how to create, change, or delete a Peering Service connection using the Azure CLI. |
peering-service | Connection Telemetry | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/connection-telemetry.md | Title: 'Azure Peering Service: How to access connection telemetry ' -description: In this tutorial learn how to access connection telemetry. + Title: Access connection telemetry ++description: Learn how to access Azure Peering Service connection telemetry. -+ Last updated 04/06/2021 + # Customer intent: Customer wants to access their connection telemetry per prefix to Microsoft services with Azure Peering Service. -# Tutorial: Accessing Peering Service connection telemetry ++# Access Peering Service connection telemetry In this tutorial, you'll learn how to access telemetry for your Peering Service connections. |
peering-service | Connection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/connection.md | Title: Azure Peering Service connection -description: Learn about Microsoft Azure Peering Service connection +description: Learn about Microsoft Azure Peering Service connection. -+ Last updated 04/07/2021 + # Peering Service connection |
peering-service | Location Partners | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/location-partners.md | Title: Azure Peering Service locations and partners -description: Learn about Azure Peering Service locations and partners +description: Learn about Azure Peering Service available locations and partners. |
peering-service | Measure Connection Telemetry | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/measure-connection-telemetry.md | Title: 'Azure Peering Service: How to measure connection telemetry ' -description: In this tutorial learn how to measure connection telemetry. + Title: Measure connection telemetry ++description: Learn how to measure Azure Peering Service connection telemetry. -+ Last updated 05/18/2020 + # Customer intent: Customer wants to measure their connection telemetry per prefix to Microsoft services with Azure Peering Service. -# Tutorial: Measure Peering Service connection telemetry +# Measure Peering Service connection telemetry In this tutorial, you'll learn how to measure telemetry for your Peering Service connections. |
peering-service | Onboarding Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/peering-service/onboarding-model.md | Title: Azure Peering Service onboarding model -description: Learn about on how to onboard Azure Peering Service +description: Get started to onboard Azure Peering Service. -+ Last updated 05/18/2020 + # Onboarding Peering Service model |
postgresql | Concepts Extensions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/postgresql/flexible-server/concepts-extensions.md | Using the [Azure portal](https://portal.azure.com/): 6. After the notification, **restart** the server to apply these changes. -You can now enable TimescaleDB in your Postgres database. Connect to the database and issue the following command: +You can now enable pg_hint_plan your Postgres database. Connect to the database and issue the following command: ```sql-CREATE EXTENSION IF NOT EXISTS pg_hint_plan CASCADE; +CREATE EXTENSION pg_hint_plan ; ```-> [!TIP] -> If you see an error, confirm that you [restarted your server](how-to-restart-server-portal.md) after saving shared_preload_libraries. + ## Next steps |
postgresql | Concepts Security | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/postgresql/flexible-server/concepts-security.md | When you're running Azure Database for PostgreSQL - Flexible Server, you have tw ## Access management -While you're creating the Azure Database for PostgreSQL server, you provide credentials for an administrator role. This administrator role can be used to create more [PostgreSQL roles](https://www.postgresql.org/docs/current/user-manag.html). +Best way to manage PostgreSQL database access permissions at scale is using the concept of [roles](https://www.postgresql.org/docs/current/user-manag.html). A role can be either a database user or a group of database users, moreover roles can own the database objects and assign privileges on those objects to other roles to control who has access to which objects. It is also possible to grant membership in a role to another role, thus allowing the member role to use privileges assigned to another role. +PostgreSQL lets you grant permissions directly to the database users. As a good security practice, it can be recommended that you create roles with specific sets of permissions based on minimum application and access requirements and then assign the appropriate roles to each user. The roles should be used to enforce a *least privilege model* for accessing database objects. -For example, +While you're creating the Azure Database for PostgreSQL server, you provide credentials for an **administrator role**. This administrator role can be used to create more [PostgreSQL roles](https://www.postgresql.org/docs/current/user-manag.html). The administrator role should never be used by the application. ++For example, below we can create an example role called *demouser*, ```SQL postgres=> create role demouser with password 'password123'; |
private-link | Create Private Endpoint Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-endpoint-bicep.md | Title: 'Quickstart: Create a private endpoint using Bicep' + Title: 'Quickstart: Create a private endpoint - Bicep' description: In this quickstart, you'll learn how to create a private endpoint using Bicep. - Last updated 05/02/2022 + #Customer intent: As someone who has a basic network background but is new to Azure, I want to create a private endpoint using Bicep. |
private-link | Create Private Endpoint Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-endpoint-cli.md | Title: 'Quickstart: Create a private endpoint by using the Azure CLI' -description: In this quickstart, you'll learn how to create a private endpoint by using the Azure CLI. + Title: 'Quickstart: Create a private endpoint - Azure CLI' +description: In this quickstart, you'll learn how to create a private endpoint using the Azure CLI. Last updated 05/24/2022 -+ #Customer intent: As someone who has a basic network background but is new to Azure, I want to create a private endpoint by using the Azure CLI. + # Quickstart: Create a private endpoint by using the Azure CLI Get started with Azure Private Link by using a private endpoint to connect securely to an Azure web app. |
private-link | Create Private Endpoint Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-endpoint-portal.md | Title: 'Quickstart: Create a private endpoint by using the Azure portal' + Title: 'Quickstart: Create a private endpoint - Azure portal' -description: In this quickstart, you'll learn how to create a private endpoint by using the Azure portal. +description: In this quickstart, you'll learn how to create a private endpoint using the Azure portal. Last updated 12/06/2022 -+ #Customer intent: As someone who has a basic network background but is new to Azure, I want to create a private endpoint on a SQL server so that I can securely connect to it. |
private-link | Create Private Endpoint Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-endpoint-powershell.md | Title: 'Quickstart: Create a private endpoint by using Azure PowerShell' -description: In this quickstart, you'll learn how to create a private endpoint by using Azure PowerShell. + Title: 'Quickstart: Create a private endpoint - Azure PowerShell' +description: In this quickstart, you'll learn how to create a private endpoint using Azure PowerShell. Last updated 05/24/2022 -+ #Customer intent: As someone who has a basic network background but is new to Azure, I want to create a private endpoint by using Azure PowerShell. + # Quickstart: Create a private endpoint by using Azure PowerShell Get started with Azure Private Link by using a private endpoint to connect securely to an Azure web app. |
private-link | Create Private Endpoint Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-endpoint-template.md | Title: 'Quickstart: Create a private endpoint by using an ARM template' -description: In this quickstart, you'll learn how to create a private endpoint by using an Azure Resource Manager template (ARM template). + Title: 'Quickstart: Create a private endpoint - ARM template' +description: In this quickstart, you'll learn how to create a private endpoint using an Azure Resource Manager template (ARM template). - Last updated 07/18/2022 + #Customer intent: As someone who has a basic network background but is new to Azure, I want to create a private endpoint by using an ARM template. |
private-link | Create Private Link Service Bicep | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-link-service-bicep.md | Title: 'Quickstart: Create a private link service in Azure Private Link using Bicep' + Title: 'Quickstart: Create a private link service - Bicep' + description: In this quickstart, you use Bicep to create a private link service. - Last updated 04/29/2022 + # Quickstart: Create a private link service using Bicep |
private-link | Create Private Link Service Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-link-service-cli.md | Title: 'Quickstart - Create an Azure Private Link service using Azure CLI' -description: In this quickstart, learn how to create an Azure Private Link service using Azure CLI + Title: 'Quickstart - Create an Azure Private Link service - Azure CLI' +description: In this quickstart, learn how to create an Azure Private Link service using Azure CLI. Last updated 02/03/2023 - ms.devlang: azurecli+ #Customer intent: As someone with a basic network background, but is new to Azure, I want to create an Azure private link service using Azure CLI + # Quickstart: Create a Private Link service using Azure CLI Get started creating a Private Link service that refers to your service. Give Private Link access to your service or resource deployed behind an Azure Standard Load Balancer. Users of your service have private access from their virtual network. |
private-link | Create Private Link Service Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-link-service-portal.md | Title: 'Quickstart - Create a Private Link service by using the Azure portal' + Title: 'Quickstart - Create a Private Link service - Azure portal' -description: Learn how to create a Private Link service by using the Azure portal in this quickstart +description: Learn how to create a Private Link service using the Azure portal in this quickstart. Last updated 11/17/2022 -+ #Customer intent: As someone with a basic network background who's new to Azure, I want to create an Azure Private Link service by using the Azure portal + # Quickstart: Create a Private Link service by using the Azure portal Get started creating a Private Link service that refers to your service. Give Private Link access to your service or resource deployed behind an Azure Standard Load Balancer. Users of your service have private access from their virtual network. |
private-link | Create Private Link Service Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-link-service-powershell.md | Title: 'Quickstart: Create an Azure private link service using Azure PowerShell' -description: In this quickstart, learn how to create an Azure private link service using Azure PowerShell + Title: 'Quickstart: Create an Azure private link service - Azure PowerShell' +description: In this quickstart, learn how to create an Azure private link service using Azure PowerShell. Last updated 02/02/2023 -+ #Customer intent: As someone with a basic network background, but is new to Azure, I want to create an Azure private link service + # Quickstart: Create a Private Link service using Azure PowerShell Get started creating a Private Link service that refers to your service. Give Private Link access to your service or resource deployed behind an Azure Standard Load Balancer. Users of your service have private access from their virtual network. |
private-link | Create Private Link Service Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/create-private-link-service-template.md | Title: 'Quickstart: Create a private link service in Azure Private Link' + Title: 'Quickstart: Create a private link service - ARM template' + description: In this quickstart, you use an Azure Resource Manager template (ARM template) to create a private link service. - Last updated 05/29/2020 + -# Quickstart: Create a private link service by using an ARM template +# Quickstart: Create a private link service using an ARM template In this quickstart, you use an Azure Resource Manager template (ARM template) to create a private link service. |
private-link | Disable Private Endpoint Network Policy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/disable-private-endpoint-network-policy.md | |
private-link | Disable Private Link Service Network Policy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/disable-private-link-service-network-policy.md | Title: 'Disable network policies for Azure Private Link service source IP address ' + Title: 'Disable network policies for Azure Private Link service source IP address' description: Learn how to disable network policies for Azure private Link |
private-link | Inspect Traffic With Azure Firewall | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/inspect-traffic-with-azure-firewall.md | |
private-link | Manage Private Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/manage-private-endpoint.md | |
private-link | Private Endpoint Dns | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/private-endpoint-dns.md | Title: Azure Private Endpoint DNS configuration -description: Learn Azure Private Endpoint DNS configuration +description: Learn about Azure Private Endpoint DNS configuration. Last updated 05/31/2022 --+ + # Azure Private Endpoint DNS configuration It's important to correctly configure your DNS settings to resolve the private endpoint IP address to the fully qualified domain name (FQDN) of the connection string. |
private-link | Private Endpoint Export Dns | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/private-endpoint-export-dns.md | Title: Export DNS records for a private endpoint using the Azure portal + Title: Export DNS records for a private endpoint - Azure portal description: In this tutorial, learn how to export the DNS records for a private endpoint in the Azure portal. |
private-link | Private Endpoint Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/private-endpoint-overview.md | |
private-link | Private Link Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/private-link-overview.md | |
private-link | Private Link Service Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/private-link-service-overview.md | |
private-link | Troubleshoot Private Endpoint Connectivity | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/troubleshoot-private-endpoint-connectivity.md | Title: Troubleshoot Azure Private Endpoint connectivity problems description: Step-by-step guidance to diagnose private endpoint connectivity - - Last updated 01/31/2020 + # Troubleshoot Azure Private Endpoint connectivity problems |
private-link | Troubleshoot Private Link Connectivity | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/troubleshoot-private-link-connectivity.md | Title: Troubleshoot Azure Private Link Service connectivity problems description: Step-by-step guidance to diagnose private link connectivity - - Last updated 01/31/2020 + # Troubleshoot Azure Private Link Service connectivity problems |
private-link | Tutorial Private Endpoint Sql Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/tutorial-private-endpoint-sql-cli.md | -# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint - Azure CLI ++# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint using Azure CLI Azure Private endpoint is the fundamental building block for Private Link in Azure. It enables Azure resources, like virtual machines (VMs), to communicate with Private Link resources privately. |
private-link | Tutorial Private Endpoint Sql Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/tutorial-private-endpoint-sql-portal.md |  Title: 'Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint - Azure portal' -description: Get started with this tutorial to learn how to connect to a storage account privately via Azure Private Endpoint using Azure portal. +description: Get started with this tutorial to learn how to connect to a storage account privately via Azure Private Endpoint using the Azure portal. Last updated 06/22/2022 -+ # Customer intent: As someone with a basic network background, but is new to Azure, I want to create a private endpoint on a SQL server so that I can securely connect to it. -# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint - Azure portal +# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint using the Azure portal Azure Private endpoint is the fundamental building block for Private Link in Azure. It enables Azure resources, like virtual machines (VMs), to privately and securely communicate with Private Link resources such as Azure SQL server. |
private-link | Tutorial Private Endpoint Sql Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/private-link/tutorial-private-endpoint-sql-powershell.md | -# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint - Azure PowerShell ++# Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint using Azure PowerShell Azure Private endpoint is the fundamental building block for Private Link in Azure. It enables Azure resources, like virtual machines (VMs), to communicate with Private Link resources privately. |
route-server | Anycast | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/anycast.md | Title: 'Propagating anycast routes to on-premises' -description: Learn about how to advertise the same route from different regions with Azure Route Server. + Title: Propagating anycast routes to on-premises +description: Learn about advertising the same route from different regions with Azure Route Server. Last updated 02/03/2022 + # Anycast routing with Azure Route Server |
route-server | Expressroute Vpn Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/expressroute-vpn-support.md | Title: 'Azure Route Server support for ExpressRoute and Azure VPN' + Title: Azure Route Server support for ExpressRoute and Azure VPN description: Learn about how Azure Route Server interacts with ExpressRoute and Azure VPN gateways. |
route-server | Monitor Route Server | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/monitor-route-server.md | Title: 'Monitoring Azure Route Server' -description: Learn Azure Route Server monitoring using Azure Monitor. + Title: Monitor Azure Route Server +description: Learn how to monitor Azure Route Server metrics using Azure Monitor. Last updated 05/16/2022+ + # Monitor Azure Route Server This article helps you understand Azure Route Server monitoring and metrics using Azure Monitor. Azure Monitor is one stop shop for all metrics, alerting and diagnostic logs across all of Azure. |
route-server | Multiregion | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/multiregion.md | Title: 'Multi-region designs with Azure Route Server' + Title: Multi-region designs with Azure Route Server description: Learn about how Azure Route Server enables multi-region designs. |
route-server | Next Hop Ip | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/next-hop-ip.md | Title: 'Next Hop IP Support' + Title: Next Hop IP Support description: Learn about Next Hop IP support for Azure Route Server. |
route-server | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/overview.md | Title: 'What is Azure Route Server?' + Title: What is Azure Route Server? description: Learn how Azure Route Server can simplify routing between your network virtual appliance (NVA) and your virtual network. |
route-server | Path Selection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/path-selection.md | Title: 'Path selection with Azure Route Server' + Title: Path selection with Azure Route Server description: Learn about how Azure Route Server enables path selection for your network virtual appliance. |
route-server | Quickstart Configure Route Server Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/quickstart-configure-route-server-cli.md | Title: 'Quickstart: Create and configure Route Server using Azure CLI' -description: In this quickstart, you learn how to create and configure a Route Server using Azure CLI. + Title: 'Quickstart: Create and configure Route Server - Azure CLI' +description: In this quickstart, you learn how to create and configure an Azure Route Server using Azure CLI. Last updated 09/01/2021 -+ ms.devlang: azurecli |
route-server | Quickstart Configure Route Server Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/quickstart-configure-route-server-portal.md | Title: 'Quickstart: Create and configure Route Server using the Azure portal' -description: In this quickstart, you learn how to create and configure a Route Server using the Azure portal. + Title: 'Quickstart: Create and configure Route Server - Azure portal' +description: In this quickstart, you learn how to create and configure an Azure Route Server using the Azure portal. Last updated 07/19/2022 -+ # Quickstart: Create and configure Route Server using the Azure portal |
route-server | Quickstart Configure Route Server Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/quickstart-configure-route-server-powershell.md | Title: 'Quickstart: Create and configure Route Server using Azure PowerShell' -description: In this quickstart, you learn how to create and configure a Route Server using Azure PowerShell. + Title: 'Quickstart: Create and configure Route Server - Azure PowerShell' +description: In this quickstart, you learn how to create and configure an Azure Route Server using Azure PowerShell. Last updated 07/28/2022 -+ # Quickstart: Create and configure Route Server using Azure PowerShell |
route-server | Quickstart Configure Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/quickstart-configure-template.md | Title: 'Quickstart: Create an Azure Route Server by using an Azure Resource Manager template (ARM template)' -description: This quickstart shows you how to create an Azure Route Server by using Azure Resource Manager template (ARM template). + Title: 'Quickstart: Create an Azure Route Server - ARM template' +description: This quickstart shows you how to create an Azure Route Server using Azure Resource Manager template (ARM template). - Last updated 04/05/2021 + # Quickstart: Create an Azure Route Server using an ARM template |
route-server | Resource Manager Template Samples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/resource-manager-template-samples.md | Title: Resource Manager template samples - Azure Route Server + Title: Resource Manager template samples + description: Information about sample Azure Resource Manager templates provided for Azure Route Server. |
route-server | Route Server Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/route-server-faq.md | description: Find answers to frequently asked questions about Azure Route Server -+ Last updated 12/06/2022 + # Azure Route Server frequently asked questions (FAQs) |
route-server | Troubleshoot Route Server | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/troubleshoot-route-server.md | |
route-server | Tutorial Configure Route Server With Quagga | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/tutorial-configure-route-server-with-quagga.md | Title: "Tutorial: Configure peering between Azure Route Server and Network Virtual Appliance" + Title: 'Tutorial: Configure peering between Azure Route Server and Network Virtual Appliance' description: This tutorial shows you how to configure an Azure Route Server and peer it with a Network Virtual Appliance (NVA) using the Azure portal. |
route-server | Tutorial Protect Route Server Ddos | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/tutorial-protect-route-server-ddos.md | Title: 'Tutorial: Protect your Route Server with Azure DDoS protection' -description: Learn how to set up a route server and protect it with Azure DDoS protection --+description: Learn how to set up a route server and protect it with Azure DDoS protection. ++ Last updated 12/21/2022 |
route-server | Vmware Solution Default Route | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/route-server/vmware-solution-default-route.md | Title: 'Injecting routes to Azure VMware Solution' + Title: Injecting routes to Azure VMware Solution description: Learn about how to advertise routes to Azure VMware Solution with Azure Route Server. |
sap | Sap On Azure Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/sap/sap-on-azure-overview.md | You can run SAP workloads on the Azure platform using different Azure Virtual Ma For more information, see the [SAP on Azure VM workloads](workloads/get-started.md) documentation. +## SAP Integration with Microsoft Services ++In addition to the capabilities to run SAP IaaS and SaaS workloads on Azure, Microsoft offers a variety of capabilities, scenarios, best-practice guides, and tutorials to integrate SAP workloads running anywhere with other Microsoft products and services. Among them are popular services such as Azure Active Directory, Exchange Online, Power Platform and Power BI, Azure Integration Services, Excel, SAP Business Technology Platform, SAP Analytics Cloud, SAP Data Warehouse Cloud, and SAP Success Factors to name a few. ++For more information, see the [SAP Integration with Microsoft Services](workloads/integration-get-started.md) documentation. + ### SAP HANA on Azure (Large Instances) SAP HANA on Azure (Large Instances) is a solution that provides VMs for deploying and running SAP HANA. For more information, see the [Azure Monitor for SAP solutions](monitor/about-az ## Next steps - [SAP solutions on Azure](https://azure.microsoft.com/solutions/sap/)+- [Get started with SAP and Azure integration scenarios](workloads/integration-get-started.md) |
sentinel | Define Playbook Access Restrictions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/sentinel/define-playbook-access-restrictions.md | Last updated 12/27/2022 This article shows how to define an [access restriction policy](../app-service/overview-access-restrictions.md) for Microsoft Sentinel Standard-plan playbooks, so that they can support private endpoints. Defining this policy will ensure that **only Microsoft Sentinel will have access** to the Standard logic app containing your playbook workflows. +Learn more about [using private endpoints to secure traffic between Standard logic apps and Azure virtual networks](../logic-apps/secure-single-tenant-workflow-virtual-network-private-endpoint.md). + ## Define an access restriction policy 1. From the Microsoft Sentinel navigation menu, select **Automation**. Select the **Active playbooks** tab. This article shows how to define an [access restriction policy](../app-service/o :::image type="content" source="media/define-playbook-access-restrictions/select-networking.png" alt-text="Screenshot showing how to select networking settings from the logic app menu."::: -1. In the **Inbound traffic** area, select **Access restriction (preview)**. - (You **must** select the **preview** version.) +1. In the **Inbound traffic** area, select **Access restriction**. :::image type="content" source="media/define-playbook-access-restrictions/select-access-restriction.png" alt-text="Screenshot showing how to select access restriction policy for configuration."::: |
sentinel | Sentinel Content Centralize | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/sentinel/sentinel-content-centralize.md | + + Title: Out-of-the-box (OOTB) content centralization changes ++description: This article describes the centralization changes about to take place for out-of-the-box content in Microsoft Sentinel. ++ Last updated : 01/30/2023++#Customer intent: As a SIEM decision maker or implementer, I want to know about changes to out of the box content, and how to centralize the management, discovery and inventory of content in Microsoft Sentinel. +++# Microsoft Sentinel out-of-the-box content centralization changes ++Microsoft Sentinel Content hub enables discovery and on-demand installation of out-of-the-box (OOTB) content and solutions in a single step. Previously, some of this OOTB content only existed in various gallery sections of Sentinel. We're excited to announce *all* of the following gallery content templates are now available in content hub as standalone items or part of packaged solutions. ++- **Data connectors** +- **Hunting queries** +- **Analytics rule templates** +- **Playbook templates** +- **Workbook templates** ++## Content hub changes +In order to centralize all out-of-the-box content, we're planning to retire the gallery-only content templates. The legacy gallery content templates are no longer being updated consistently, and the content hub is where OOTB content is kept up to date. Content hub also provides update workflows for solutions and automatic updates for standalone content. To facilitate this transition, we're going to publish a central tool to reinstate corresponding **IN USE** retired templates from corresponding Content hub solutions. ++## Sentinel GitHub changes +Microsoft Sentinel has an official [GitHub repository](https://github.com/Azure/Azure-Sentinel) for community contributions vetted by Microsoft and the community. It's the source for most of the content items in Content hub. For consistent discovery of this content, the OOTB content centralization changes have already been extended to the Sentinel GitHub repo. ++ - All OOTB content packaged from content hub solutions is now stored in the GitHub repo [Solutions folder](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions). + - All standalone OOTB content will continue to remain in their respective locations. + +Together, these Content hub and Sentinel GitHub repo changes will complete the journey towards centralizing Sentinel content. ++## When is this change coming? +> [!IMPORTANT] +> The following timeline is tentative and subject to change. +> ++The centralization change in the Sentinel portal is expected to go live in all Sentinel workspaces Q2 2023. The Microsoft Sentinel GitHub changes have already been done. Standalone content is available in existing GitHub folders and solutions content has been moved to the solutions folder. ++## Scope of change +This change is only scoped to *gallery content* type templates. All these same templates and more OOTB content are available in *Content hub* as solutions or standalone content. ++For Microsoft Sentinel GitHub, OOTB content packaged in solutions in content hub is now only listed under the GitHub repo [Solutions folder](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions). The other existing GitHub content is scoped to the following folders and only contains standalone content items. Content in the remaining GitHub folders not called out in this list don't have any changes. ++- [DataConnectors folder](https://github.com/Azure/Azure-Sentinel/tree/master/DataConnectors) +- [Detections folder](https://github.com/Azure/Azure-Sentinel/tree/master/Detections) (Analytics rules) +- [Hunting queries folder](https://github.com/Azure/Azure-Sentinel/tree/master/Hunting%20Queries) +- [Parsers folder](https://github.com/Azure/Azure-Sentinel/tree/master/Parsers) +- [Playbooks folder](https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks) +- [Workbooks folder](https://github.com/Azure/Azure-Sentinel/tree/master/Workbooks) +++### What's not changing? +The active or custom items created in any manner (from templates or otherwise) are **NOT** impacted by this change. More specifically, the following are **NOT** affected by this change: ++- Data Connectors with *Status = Connected*. +- Alert rules or detections (enabled or disabled) in the **'Active rules'** tab in the Analytics gallery. +- Saved workbooks in the **'My workbooks'** tab in the Workbooks gallery. +- Cloned content or *Content source = Custom* in the Hunting gallery. +- Active playbooks (enabled or disabled) in the **'Active playbooks'** tab in the Automation gallery. ++Any OOTB content templates installed from content hub (identifiable as *Content source = Content hub*) are NOT affected by this change. ++### What's changing? +All template galleries will display an in-product warning banner. This banner will contain a link to a tool that will run within the Microsoft Sentinel portal. Activating the tool will initiate a guided experience to reinstate the content templates for the **IN USE** retired templates from the Content hub. This tool only needs to be run once per workspace, so be sure to plan with your organization. Once the tool runs successfully, the warning banner will resolve and no longer be visible from the template galleries of that workspace. ++Specific impact to the gallery content templates for each of these galleries are detailed in the following table. Expect these changes when the OOTB content centralization goes live. ++| Content Type | Impact | +| - | - | +| [Data connectors](connect-data-sources.md) | The templates identifiable as `content source = "Gallery content"` and `Status = "Not connected"` will no longer appear in the data connectors gallery. | +| [Analytics templates](detect-threats-built-in.md#view-built-in-detections) | The templates identifiable as `source name = "Gallery content"` will no longer appear in the Analytics template gallery. | +| [Hunting](hunting.md#use-built-in-queries) | The templates with `Content source = "Gallery content"` will no longer appear in the Hunting gallery. | +| [Workbooks templates](get-visibility.md#use-built-in-workbooks) | The templates with `Content source = "Gallery content"` will no longer appear in the Workbooks template gallery. | +| [Playbooks templates](use-playbook-templates.md#explore-playbook-templates) | The templates identifiable as `source name = "Gallery content"` will no longer appear in the Automation Playbook templates gallery. | ++Here's an example of an Analytics rule before and after the centralization changes and the tool has run. +- The active Analytics rule won't change at all. We can see it's based on an Analytics rule template that will be retired. + :::image type="content" source="media/sentinel-content-centralize/before-tool-analytic-rule-active-2.png" alt-text="This screenshot shows an active Analytics rule before centralization changes."::: ++- This screenshot shows an Analytics rule template that will be retired. + :::image type="content" source="media/sentinel-content-centralize/before-tool-analytic-rule-templates-2.png" alt-text="This screenshot shows the Analytics rule template that will be retired."::: ++- After the tool has been run to reinstate the Analytics rule template, the source changes to the solution it's reinstated from. + :::image type="content" source="media/sentinel-content-centralize/after-tool-analytic-rule-template-2.png" alt-text="This screenshot shows the Analytics rule template after being reinstated from the Content hub Azure Active Directory solution."::: ++## Action needed +- Starting now, install new OOTB content from Content hub and update solutions as needed to have the latest version of templates. +- For existing gallery content templates in use, get future updates by installing the respective solutions or standalone content items from Content hub. The gallery content in the feature galleries may be out-of-date. +- If you have applications or processes that directly get OOTB content from the Microsoft Sentinel GitHub repository, update the locations to include getting OOTB content from the solutions folder in addition to existing content folders. +- Plan with your organization who and when will run the tool when you see the warning banner and the change goes live in Q2 2023. The tool needs to be run once in a workspace to reinstate all **IN USE** retired templates from the Content hub. +- Review the FAQs section to learn more details that may be applicable to your environment. ++## Content centralization FAQs +#### Will my SOC alert generation or incidents generation and management be impacted by this change? +No, there's no impact to active alert rules or detections, or active playbooks, or cloned hunting queries, or saved workbooks. The OOTB content centralization change won't impact your current incident generation and management processes. ++#### Are there any gallery content exceptions? +Yes, the following Analytics rule template types are exempt from this change. ++- Anomalies rule templates +- Fusion rule templates +- ML (Machine Learning) Behavior Analytics rule templates +- Microsoft Security (incident creation) rule templates +- Threat Intelligence rule template ++#### Will any of the APIs be impacted with this change? +Yes. Currently the only Sentinel REST API calls that exist for content template management are the `Get` and `List` operations for alert rule templates. These operations only surface gallery content templates and won't be updated. For more information on these operations see the current [Alert Rule Templates REST API reference](/rest/api/securityinsights/stable/alert-rule-templates). ++New content hub REST API operations will be available soon to enable OOTB content management scenarios more broadly. This API update will include operations for the same content types scoped in the centralization changes (data connectors, playbook templates, workbook templates, analytic rule templates, hunting queries). A mechanism to update Analytics rule templates installed on the workspace is also on the roadmap. ++**Action needed:** Plan to update your applications and processes to utilize the new content hub OOTB content management API operations when those are available in Q2 2023. ++#### How will the central tool identify my in-use OOTB content templates? +The tool builds a list of solutions based on two criteria: data connectors with `Status = "Connected"` and **IN USE** Playbook templates. Once the proposed list of solutions is generated, the tool will present them for approval. If approved, the tool installs all those solutions. Because the OOTB content is reinstated based on solutions you may get more templates than you might actually be using. ++Please note that this central tool is a best-effort to get your **IN USE** OOTB content templates reinstated from Content hub. You can install OOTB content omitted directly from Content hub. ++#### What if I'm using APIs to connect data sources in my Sentinel workspace? +Currently, if an API data connection matches the data connector data type, it will show up as `Status = "Connected"` in the Data connectors gallery. After the centralization changes go live, the specific data connector needs to be installed from a respective solution to get the same behavior. ++**Action needed:** Plan to update processes or tooling for your data connector deployments to install from Content hub solution(s) before the connecting with data ingestion APIs. The REST API operator for installing a solution will be coming in Q2 2023 with the OOTB content management APIs. ++#### What if I'm working with content using Repositories feature in Microsoft Sentinel? +Repositories specifically deploy custom or active content in Microsoft Sentinel. Content deployed through the Repositories feature won't be impacted by the OOTB content centralization changes. ++## Next steps +Take a look at these other resources for OOTB content and Content hub. ++- [About OOTB content and solutions in Microsoft Sentinel](sentinel-solutions.md) +- [Discover OOTB content and solutions in Content hub](sentinel-solutions-deploy.md) +- [How to install and update OOTB content and solutions in Content hub](sentinel-solutions-deploy.md#install-or-update-content) +- [Bulk install and update solutions and standalone content in Content hub](sentinel-solutions-deploy.md#bulk-install-and-update-content) +- [How to enable OOTB content and solutions in Content hub](sentinel-solutions-deploy.md#enable-content-items-in-a-solution) +- Video: [Using content hub to manage your SIEM content](https://www.youtube.com/watch?v=OtHs4dnR0yA&list=PL3ZTgFEc7LyvY90VTpKVFf70DXM7--47u&index=10) |
spring-apps | Access App Virtual Network | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/spring-apps/access-app-virtual-network.md | When **Assign Endpoint** on applications in an Azure Spring Apps service instanc 3. In the filtered result, find the **Device** connected to the service runtime **Subnet** of the service instance, and copy its **IP Address**. In this sample, the IP Address is *10.1.0.7*. - [  ](media/spring-cloud-access-app-vnet/create-dns-record.png#lightbox) + :::image type="content" source="media/spring-cloud-access-app-vnet/create-dns-record.png" alt-text="Screenshot of the Azure portal showing the Connected devices page for a virtual network, filtered for kubernetes-internal devices, with the IP Address for the service runtime subnet highlighted." lightbox="media/spring-cloud-access-app-vnet/create-dns-record.png"::: #### [CLI](#tab/azure-CLI) |
virtual-desktop | Create Host Pools Azure Marketplace | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-desktop/create-host-pools-azure-marketplace.md | To set up your virtual machine within the Azure portal host pool setup process: 2. After that, provide a **Name prefix** to name the virtual machines the setup process creates. The suffix will be `-` with numbers starting from 0. + >[!NOTE] + >The name you choose for the prefix needs to be a unique name. + 3. Choose the **Virtual machine location** where you want to create the virtual machines. They can be the same or different from the region you selected for the host pool. Keep in mind that VM prices vary by region, and the VM locations should be near their users when possible to maximize performance. Learn more at [Data locations for Azure Virtual Desktop](data-locations.md). 4. Next, choose the availability option that best suit your needs. To learn more about which option is right for you, see [Availability options for virtual machines in Azure](../virtual-machines/availability.md) and [our FAQ](./faq.yml#which-availability-option-is-best-for-me-). |
virtual-network | Add Dual Stack Ipv6 Vm Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/add-dual-stack-ipv6-vm-powershell.md | |
virtual-network | Create Custom Ip Address Prefix Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-custom-ip-address-prefix-cli.md | |
virtual-network | Create Custom Ip Address Prefix Ipv6 Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-custom-ip-address-prefix-ipv6-cli.md | |
virtual-network | Create Custom Ip Address Prefix Ipv6 Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-custom-ip-address-prefix-ipv6-powershell.md | |
virtual-network | Create Custom Ip Address Prefix Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-custom-ip-address-prefix-portal.md | |
virtual-network | Create Custom Ip Address Prefix Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-custom-ip-address-prefix-powershell.md | |
virtual-network | Create Public Ip Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-public-ip-cli.md | |
virtual-network | Create Public Ip Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-public-ip-powershell.md | Last updated 10/01/2021 + # Quickstart: Create a public IP address using PowerShell In this quickstart, you'll learn how to create an Azure public IP address. Public IP addresses in Azure are used for public connections to Azure resources. Public IP addresses are available in two SKUs: basic, and standard. Two tiers of public IP addresses are available: regional, and global. The routing preference of a public IP address is set when created. Internet routing and Microsoft Network routing are the available choices. |
virtual-network | Create Public Ip Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/create-public-ip-template.md | Last updated 10/01/2021 + # Quickstart: Create a public IP address using a Resource Manager template This article shows how to create a public IP address resource within a Resource Manager template. |
virtual-network | Custom Ip Address Prefix | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/custom-ip-address-prefix.md | |
virtual-network | Ipv6 Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/ipv6-overview.md | Title: Overview of IPv6 for Azure Virtual Network description: IPv6 description of IPv6 endpoints and data paths in an Azure virtual network. |
virtual-network | Ipv6 Virtual Machine Scale Set | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/ipv6-virtual-machine-scale-set.md | Title: Deploy virtual machine scale sets with IPv6 in Azure description: This article shows how to deploy virtual machine scale sets with IPv6 in an Azure virtual network. Last updated 03/31/2020 |
virtual-network | Private Ip Addresses | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/private-ip-addresses.md | Title: Private IP addresses in Azure description: Learn about private IP addresses in Azure. Last updated 05/28/2020 |
virtual-network | Public Ip Address Prefix | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/public-ip-address-prefix.md | |
virtual-network | Public Ip Basic Upgrade Guidance | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/public-ip-basic-upgrade-guidance.md | - Title: Upgrading a basic public IP address to standard SKU - Guidance description: Overview of upgrade options and guidance for migrating basic public IP to standard public IP for future basic public IP address retirement |
virtual-network | Routing Preference Cli | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/routing-preference-cli.md | Title: Configure routing preference for a public IP address using Azure CLI description: Learn how to create a public IP with an Internet traffic routing preference by using the Azure CLI. Last updated 02/22/2021 -- + # Configure routing preference for a public IP address using Azure CLI This article shows you how to configure routing preference via ISP network (**Internet** option) for a public IP address using Azure CLI. After creating the public IP address, you can associate it with the following Azure resources for inbound and outbound traffic to the internet: |
virtual-network | Routing Preference Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/routing-preference-overview.md | Title: Routing preference in Azure description: Learn about how you can choose how your traffic routes between Azure and the Internet with routing preference. # Customer intent: As an Azure customer, I want to learn more about routing choices for my internet egress traffic. Last updated 02/01/2021 |
virtual-network | Routing Preference Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/routing-preference-portal.md | Title: Configure routing preference for a public IP address - Azure portal description: Learn how to create a public IP with an Internet traffic routing preference Last updated 02/22/2021 - + # Configure routing preference for a public IP address using the Azure portal This article shows you how to configure [routing preference](routing-preference-overview.md) via ISP network (**Internet** option) for a public IP address. After creating the public IP address, you can associate it with the following Azure resources for inbound and outbound traffic to the internet: |
virtual-network | Routing Preference Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/routing-preference-powershell.md | Title: Configure routing preference for a public IP address - Azure PowerShell description: Learn how to Configure routing preference for a public IP address using Azure PowerShell. Last updated 02/22/2021 + # Configure routing preference for a public IP address using Azure PowerShell This article shows you how to configure routing preference via ISP network (**Internet** option) for a public IP address using Azure PowerShell. After creating the public IP address, you can associate it with the following Azure resources for inbound and outbound traffic to the internet: |
virtual-network | Routing Preference Unmetered | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/routing-preference-unmetered.md | Title: Routing Preference Unmetered in Azure description: Learn about how you can configure routing preference for your resources egressing data to CDN provider. # Customer intent: As an Azure customer, I want to learn more about enabling routing preference for my CDN origin resources.-+ Last updated 02/22/2021 |
virtual-network | Virtual Networks Static Private Ip Classic Pportal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/virtual-networks-static-private-ip-classic-pportal.md | Title: Configure private IP addresses for VMs (Classic) - Azure portal | Microsoft Docs + Title: Configure private IP addresses for VMs (Classic) - Azure portal description: Learn how to configure private IP addresses for virtual machines (Classic) using the Azure portal. Last updated 02/04/2016 - + # Configure private IP addresses for a virtual machine (Classic) using the Azure portal [!INCLUDE [virtual-networks-static-private-ip-selectors-classic-include](../../../includes/virtual-networks-static-private-ip-selectors-classic-include.md)] |
virtual-network | Virtual Networks Static Private Ip Classic Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/virtual-network/ip-services/virtual-networks-static-private-ip-classic-ps.md | Title: Configure private IP addresses for VMs (Classic) - Azure PowerShell | Microsoft Docs + Title: Configure private IP addresses for VMs (Classic) - Azure PowerShell description: Learn how to configure private IP addresses for virtual machines (Classic) using PowerShell. Last updated 02/02/2016 - + # Configure private IP addresses for a virtual machine (Classic) using PowerShell [!INCLUDE [virtual-networks-static-private-ip-selectors-classic-include](../../../includes/virtual-networks-static-private-ip-selectors-classic-include.md)] |
virtual-network | Virtual Networks Static Private Ip Classic Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/vs-azure-tools-storage-explorer-accessibility.md | Title: Azure Storage Explorer Accessibility | Microsoft Docs + Title: Azure Storage Explorer Accessibility description: Understand accessibility in Azure Storage Explorer. Review what screen readers are available, the zoom capability, high contrast themes, and shortcut keys. - ms.assetid: 1ed0f096-494d-49c4-ab71-f4164ee19ec8 - Last updated 02/20/2018 |
virtual-network | Virtual Networks Static Private Ip Classic Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/vs-azure-tools-storage-explorer-blobs.md | Title: Manage Azure Blob Storage resources with Storage Explorer | Microsoft Docs + Title: Manage Azure Blob Storage resources with Storage Explorer description: Manage Azure Blob Storage resources with Storage Explorer. Create a blob container, view blob container contents, delete or copy a blob container, and more. - ms.assetid: 2f09e545-ec94-4d89-b96c-14783cc9d7a9 Last updated 05/21/2019 - # Manage Azure Blob Storage resources with Storage Explorer |
virtual-network | Virtual Networks Static Private Ip Classic Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/vs-azure-tools-storage-explorer-files.md | Title: Using Storage Explorer with Azure Files | Microsoft Docs + Title: Using Storage Explorer with Azure Files description: Learn how learn how to use Storage Explorer to work with file shares and files. - ms.assetid: - Last updated 03/09/2017 |
virtual-network | Virtual Networks Static Private Ip Classic Ps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/vs-azure-tools-storage-manage-with-storage-explorer.md | Title: Get started with Storage Explorer | Microsoft Docs + Title: Get started with Storage Explorer description: Start managing Azure storage resources with Storage Explorer. Download and install Azure Storage Explorer, connect to a storage account or service, and more. - Last updated 11/08/2019 |
web-application-firewall | Application Gateway Waf Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/web-application-firewall/ag/application-gateway-waf-metrics.md | New WAF metrics are only available for Core Rule Set 3.2 or greater, or with bot |**Metrics**|**Description**|**Dimension**| | :| :-| :--|-|**WAF Total Requests**|Count of successful requests that WAF engine has served| Action, Country/Region, Method, Mode| -|**WAF Managed Rule Matches**|Count of total managed rule matches| Action, Country/Region, Mode, Rule Group, Rule Id | -|**WAF Custom Rule Matches**|Count of custom rule matches| Action, Country/Region, Mode, Rule Group, Rule Name| -|**WAF Bot Protection Matches**|Count of total bot protection rule matches that have been blocked or logged from malicious IP addresses. The IP addresses are sourced from the Microsoft Threat Intelligence feed.| Action, Country/Region, Bot Type, Mode| +|**WAF Total Requests**|Count of successful requests that WAF engine has served| Action, Country/Region, Method, Mode, Policy Name, Policy Scope| +|**WAF Managed Rule Matches**|Count of total managed rule matches| Action, Country/Region, Mode, Policy Name, Policy Scope, Rule Group, Rule ID, Rule Set Name| +|**WAF Custom Rule Matches**|Count of custom rule matches| Action, Country/Region, Mode, Policy Name, Policy Scope, Rule Name| +|**WAF Bot Protection Matches**<sup>1</sup>|Count of total bot protection rule matches that have been blocked or logged from malicious IP addresses. The IP addresses are sourced from the Microsoft Threat Intelligence feed.| Action, Country/Region, Bot Type, Mode, Policy Name, Policy Scope| ++<sup>1</sup> Only Bot Manager Rule Set 0.1 will be displayed under ΓÇ£WAF Bot Protection MatchesΓÇ¥. Requests matching Bot Manager Rule Set 1.0 will increase ΓÇ£WAF Total RequestsΓÇ¥ metrics, not ΓÇ£WAF Bot Protection MatchesΓÇ¥. For metrics supported by Application Gateway V2 SKU, see [Application Gateway v2 metrics](../../application-gateway/application-gateway-metrics.md#metrics-supported-by-application-gateway-v2-sku) |