Updates from: 04/05/2021 03:04:01
Service Microsoft Docs article Related commit history on GitHub Change details
app-service App Service Web Tutorial Custom Domain https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/app-service/app-service-web-tutorial-custom-domain.md
To map a custom DNS name to a web app, the web app's [App Service plan](https://
[!INCLUDE [app-service-dev-test-note](../../includes/app-service-dev-test-note.md)]
+ > [!NOTE]
+ > Removing or adding a custom domain to your web app will cause your site to be restarted.
### Sign in to Azure Open the [Azure portal](https://portal.azure.com), and sign in with your Azure account.
automation Automation Linux Hrw Install https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/automation/automation-linux-hrw-install.md
Title: Deploy a Linux Hybrid Runbook Worker in Azure Automation
description: This article tells how to install an Azure Automation Hybrid Runbook Worker to run runbooks on Linux-based machines in your local datacenter or cloud environment. Previously updated : 02/26/2021 Last updated : 04/02/2021
For networking requirements for the Hybrid Runbook Worker, see [Configuring your
## Install a Linux Hybrid Runbook Worker
+There are two methods to deploy a Hybrid Runbook Worker. You can import and run a runbook from the Runbook Gallery in the Azure portal, or you can manually run a series of PowerShell commands to accomplish the same task.
+
+### Importing a runbook from the Runbook Gallery
+
+The import procedure is described in detail in [Import a PowerShell runbook from GitHub with the Azure portal](automation-runbook-gallery.md#import-a-powershell-runbook-from-github-with-the-azure-portal). The name of the runbook to import is **Create Automation Linux HybridWorker**.
+
+The runbook uses the following parameters.
+
+| Parameter | Status | Description |
+| - | -- | -- |
+| `Location` | Mandatory | The location for the Log Analytics workspace. |
+| `ResourceGroupName` | Mandatory | The resource group for your Automation account. |
+| `AccountName` | Mandatory | The Automation account name in which the Hybrid Run Worker will be registered. |
+| `CreateLA` | Mandatory | If true, uses the value of `WorkspaceName` to create a Log Analytics workspace. If false, the value of `WorkspaceName` must refer to an existing workspace. |
+| `LAlocation` | Optional | The location where the Log Analytics workspace will be created, or where it already exists. |
+| `WorkspaceName` | Optional | The name of the Log Analytics workspace to be created or used. |
+| `CreateVM` | Mandatory | If true, use the value of `VMName` as the name of a new VM. If false, use `VMName` to find and register existing VM. |
+| `VMName` | Optional | The name of the virtual machine that's either created or registered, depending on the value of `CreateVM`. |
+| `VMImage` | Optional | The name of the VM image to be created. |
+| `VMlocation` | Optional | Location of the VM that's either created or registered. If this location is not specified, the value of `LAlocation` is used. |
+| `RegisterHW` | Mandatory | If true, register the VM as a hybrid worker. |
+| `WorkerGroupName` | Mandatory | Name of the Hybrid Worker Group. |
+
+### Manually run PowerShell commands
+ To install and configure a Linux Hybrid Runbook Worker, perform the following steps. 1. Enable the Azure Automation solution in your Log Analytics workspace by running the following command in an elevated PowerShell command prompt or in Cloud Shell in the [Azure portal](https://portal.azure.com):
automation Automation Runbook Gallery https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/automation/automation-runbook-gallery.md
The list below contains a few runbooks that support common scenarios. For a full
* [Copy-ItemFromAzureVM](https://www.powershellgallery.com/packages/Copy-ItemFromAzureVM/) - Copies a remote file from a Windows Azure virtual machine. * [Copy-ItemToAzureVM](https://www.powershellgallery.com/packages/Copy-ItemToAzureVM/) - Copies a local file to an Azure virtual machine.
-## Import a PowerShell runbook from the runbook gallery with the Azure portal
+## Import a PowerShell runbook from GitHub with the Azure portal
1. In the Azure portal, open your Automation account. 1. Select **Runbooks gallery** under **Process Automation**.
-1. Select **Source: PowerShell Gallery**. This shows a list of available runbooks that you can browse.
-1. You can use the search box above the list to narrow the list, or you can use the filters to narrow the display by publisher, type, and sort. Locate the gallery item you want and select it to view its details.
+1. Select **Source: GitHub**.
+1. You can use the filters above the list to narrow the display by publisher, type, and sort. Locate the gallery item you want and select it to view its details.
- :::image type="content" source="media/automation-runbook-gallery/browse-gallery-sm.png" alt-text="Browsing the runbook gallery." lightbox="media/automation-runbook-gallery/browse-gallery-lg.png":::
+ :::image type="content" source="media/automation-runbook-gallery/browse-gallery-github-sm.png" alt-text="Browsing the GitHub gallery." lightbox="media/automation-runbook-gallery/browse-gallery-github-lg.png":::
1. To import an item, click **Import** on the details blade.
- :::image type="content" source="media/automation-runbook-gallery/gallery-item-detail-sm.png" alt-text="Show a runbook gallery item detail." lightbox="media/automation-runbook-gallery/gallery-item-detail-lg.png":::
+ :::image type="content" source="media/automation-runbook-gallery/gallery-item-details-blade-github-sm.png" alt-text="Detailed view of a runbook from the GitHub gallery." lightbox="media/automation-runbook-gallery/gallery-item-details-blade-github-lg.png":::
1. Optionally, change the name of the runbook and then click **OK** to import the runbook. 1. The runbook appears on the **Runbooks** tab for the Automation account.
-## Import a PowerShell runbook from GitHub with the Azure portal
+## Import a PowerShell runbook from the runbook gallery with the Azure portal
1. In the Azure portal, open your Automation account. 1. Select **Runbooks gallery** under **Process Automation**.
-1. Select **Source: GitHub**.
-1. You can use the filters above the list to narrow the display by publisher, type, and sort. Locate the gallery item you want and select it to view its details.
+1. Select **Source: PowerShell Gallery**. This shows a list of available runbooks that you can browse.
+1. You can use the search box above the list to narrow the list, or you can use the filters to narrow the display by publisher, type, and sort. Locate the gallery item you want and select it to view its details.
- :::image type="content" source="media/automation-runbook-gallery/browse-gallery-github-sm.png" alt-text="Browsing the GitHub gallery." lightbox="media/automation-runbook-gallery/browse-gallery-github-lg.png":::
+ :::image type="content" source="media/automation-runbook-gallery/browse-gallery-sm.png" alt-text="Browsing the runbook gallery." lightbox="media/automation-runbook-gallery/browse-gallery-lg.png":::
1. To import an item, click **Import** on the details blade.
- :::image type="content" source="media/automation-runbook-gallery/gallery-item-details-blade-github-sm.png" alt-text="Detailed view of a runbook from the GitHub gallery." lightbox="media/automation-runbook-gallery/gallery-item-details-blade-github-lg.png":::
+ :::image type="content" source="media/automation-runbook-gallery/gallery-item-detail-sm.png" alt-text="Show a runbook gallery item detail." lightbox="media/automation-runbook-gallery/gallery-item-detail-lg.png":::
1. Optionally, change the name of the runbook and then click **OK** to import the runbook. 1. The runbook appears on the **Runbooks** tab for the Automation account.
You can send requests to [User Voice](https://feedback.azure.com/forums/246290-a
* To get started with a PowerShell runbook, see [Tutorial: Create a PowerShell runbook](learn/automation-tutorial-runbook-textual-powershell.md). * To work with runbooks, see [Manage runbooks in Azure Automation](manage-runbooks.md). * For details of PowerShell, see [PowerShell Docs](/powershell/scripting/overview).
-* For a PowerShell cmdlet reference, see [Az.Automation](/powershell/module/az.automation).
+* For a PowerShell cmdlet reference, see [Az.Automation](/powershell/module/az.automation).
automation Automation Windows Hrw Install https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/automation/automation-windows-hrw-install.md
Title: Deploy a Windows Hybrid Runbook Worker in Azure Automation
description: This article tells how to deploy a Hybrid Runbook Worker that you can use to run runbooks on Windows-based machines in your local datacenter or cloud environment. Previously updated : 11/24/2020 Last updated : 04/02/2021 # Deploy a Windows Hybrid Runbook Worker
To install and configure a Windows user Hybrid Runbook Worker, you can use one o
## Automated deployment
-The automated deployment method uses the PowerShell script **New-OnPremiseHybridWorker.ps1** to automate and configure the Windows Hybrid Runbook Worker role. It performs the following:
+There are two methods to automatically deploy a Hybrid Runbook Worker. You can import a runbook from the Runbook Gallery in the Azure portal and run it, or you can manually download a script from the PowerShell Gallery.
+
+### Importing a runbook from the Runbook Gallery
+
+The import procedure is described in detail in [Import a PowerShell runbook from GitHub with the Azure portal](automation-runbook-gallery.md#import-a-powershell-runbook-from-github-with-the-azure-portal). The name of the runbook to import is **Create Automation Windows HybridWorker**.
+
+The runbook uses the following parameters.
+
+| Parameter | Status | Description |
+| - | -- | -- |
+| `Location` | Mandatory | The location for the Log Analytics workspace. |
+| `ResourceGroupName` | Mandatory | The resource group for your Automation account. |
+| `AccountName` | Mandatory | The Automation account name in which the Hybrid Run Worker will be registered. |
+| `CreateLA` | Mandatory | If true, uses the value of `WorkspaceName` to create a Log Analytics workspace. If false, the value of `WorkspaceName` must refer to an existing workspace. |
+| `LAlocation` | Optional | The location where the Log Analytics workspace will be created, or where it already exists. |
+| `WorkspaceName` | Optional | The name of the Log Analytics workspace to use. |
+| `CreateVM` | Mandatory | If true, use the value of `VMName` as the name of a new VM. If false, use `VMName` to find and register existing VM. |
+| `VMName` | Optional | The name of the virtual machine that's either created or registered, depending on the value of `CreateVM`. |
+| `VMImage` | Optional | The name of the VM image to be created. |
+| `VMlocation` | Optional | Location of the VM that's either created or registered. If this location is not specified, the value of `LAlocation` is used. |
+| `RegisterHW` | Mandatory | If true, register the VM as a hybrid worker. |
+| `WorkerGroupName` | Mandatory | Name of the Hybrid Worker Group. |
+
+### Download a script from the PowerShell Gallery
+
+This automated deployment method uses the PowerShell script **New-OnPremiseHybridWorker.ps1** to automate and configure the Windows Hybrid Runbook Worker role. It performs the following:
* Installs the necessary modules * Signs in with your Azure account
The automated deployment method uses the PowerShell script **New-OnPremiseHybrid
Perform the following steps to install the role on your Windows machine using the script.
-1. Download the **New-OnPremiseHybridWorker.ps1** script from the [PowerShell Gallery](https://www.powershellgallery.com/packages/New-OnPremiseHybridWorker). After you have downloaded the script, copy or run it on the target machine. The **New-OnPremiseHybridWorker.ps1** script uses the following parameters during execution.
+1. Download the **New-OnPremiseHybridWorker.ps1** script from the [PowerShell Gallery](https://www.powershellgallery.com/packages/New-OnPremiseHybridWorker). After you have downloaded the script, copy or run it on the target machine. The script uses the following parameters.
| Parameter | Status | Description | | | | -- |
Perform the following steps to install the role on your Windows machine using th
| `TenantID` | Optional | The identifier of the tenant organization associated with your Automation account. | | `WorkspaceName` | Optional | The Log Analytics workspace name. If you don't have a Log Analytics workspace, the script creates and configures one. |
-2. Open an elevated 64-bit PowerShell command prompt.
+1. Open an elevated 64-bit PowerShell command prompt.
-3. From the PowerShell command prompt, browse to the folder that contains the script that you downloaded. Change the values for the parameters `AutomationAccountName`, `AAResourceGroupName`, `OMSResourceGroupName`, `HybridGroupName`, `SubscriptionID`, and `WorkspaceName`. Then run the script.
+1. From the PowerShell command prompt, browse to the folder that contains the script that you downloaded. Change the values for the parameters `AutomationAccountName`, `AAResourceGroupName`, `OMSResourceGroupName`, `HybridGroupName`, `SubscriptionID`, and `WorkspaceName`. Then run the script.
You're prompted to authenticate with Azure after you run the script. You must sign in with an account that's a member of the **Subscription Admins** role and co-administrator of the subscription.
Perform the following steps to install the role on your Windows machine using th
.\New-OnPremiseHybridWorker.ps1 @NewOnPremiseHybridWorkerParameters ```
-4. You're prompted to agree to install NuGet, and to authenticate with your Azure credentials. If you don't have the latest NuGet version, you can download it from [Available NuGet Distribution Versions](https://www.nuget.org/downloads).
+1. You're prompted to agree to install NuGet, and to authenticate with your Azure credentials. If you don't have the latest NuGet version, you can download it from [Available NuGet Distribution Versions](https://www.nuget.org/downloads).
-5. Verify the deployment after the script is finished. From the **Hybrid Runbook Worker Groups** page in your Automation account, under the **User hybrid runbook workers group** tab, it shows the new group and the number of members. If it's an existing group, the number of members is incremented. You can select the group from the list on the page, from the left-hand menu choose **Hybrid Workers** . On the **Hybrid Workers** page, you can see each member of the group listed.
+1. Verify the deployment after the script is finished. From the **Hybrid Runbook Worker Groups** page in your Automation account, under the **User hybrid runbook workers group** tab, it shows the new group and the number of members. If it's an existing group, the number of members is incremented. You can select the group from the list on the page, from the left-hand menu choose **Hybrid Workers** . On the **Hybrid Workers** page, you can see each member of the group listed.
## Manual deployment
To install and configure a Windows Hybrid Runbook Worker, perform the following
Set-AzOperationalInsightsIntelligencePack -ResourceGroupName <resourceGroupName> -WorkspaceName <workspaceName> -IntelligencePackName "AzureAutomation" -Enabled $true ```
-2. Deploy the Log Analytics agent to the target machine.
+1. Deploy the Log Analytics agent to the target machine.
* For Azure VMs, install the Log Analytics agent for Windows using the [virtual machine extension for Windows](../virtual-machines/extensions/oms-windows.md). The extension installs the Log Analytics agent on Azure virtual machines, and enrolls virtual machines into an existing Log Analytics workspace. You can use an Azure Resource Manager template, PowerShell, or Azure Policy to assign the [Deploy Log Analytics agent for *Linux* or *Windows* VMs](../governance/policy/samples/built-in-policies.md#monitoring) built-in policy. Once the agent is installed, the machine can be added to a Hybrid Runbook Worker group in your Automation account.
To install and configure a Windows Hybrid Runbook Worker, perform the following
We recommend installing the Log Analytics agent for Windows or Linux using Azure Policy.
-3. Verify agent is reporting to workspace
+1. Verify agent is reporting to workspace
The Log Analytics agent for Windows connects machines to an Azure Monitor Log Analytics workspace. When you install the agent on your machine and connect it to your workspace, it automatically downloads the components that are required for the Hybrid Runbook Worker.
To install and configure a Windows Hybrid Runbook Worker, perform the following
In the search results, you should see heartbeat records for the machine, indicating that it is connected and reporting to the service. By default, every agent forwards a heartbeat record to its assigned workspace. Use the following steps to complete the agent installation and setup.
-4. Confirm the version of the Hybrid Runbook Worker on the machine hosting the Log Analytics agent, browse to `C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomation\` and note the **version** subfolder. This folder will appear on the machine several minutes after the solution is enabled in the workspace.
+1. Confirm the version of the Hybrid Runbook Worker on the machine hosting the Log Analytics agent, browse to `C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomation\` and note the **version** subfolder. This folder will appear on the machine several minutes after the solution is enabled in the workspace.
-5. Install the runbook environment and connect to Azure Automation. When you configure an agent to report to a Log Analytics workspace and import the **Automation** solution, the solution pushes down the `HybridRegistration` PowerShell module. This module contains the `Add-HybridRunbookWorker` cmdlet. Use this cmdlet to install the runbook environment on the machine and register it with Azure Automation.
+1. Install the runbook environment and connect to Azure Automation. When you configure an agent to report to a Log Analytics workspace and import the **Automation** solution, the solution pushes down the `HybridRegistration` PowerShell module. This module contains the `Add-HybridRunbookWorker` cmdlet. Use this cmdlet to install the runbook environment on the machine and register it with Azure Automation.
Open a PowerShell session in Administrator mode and run the following commands to import the module.
To install and configure a Windows Hybrid Runbook Worker, perform the following
Import-Module .\HybridRegistration.psd1 ```
-6. Run the `Add-HybridRunbookWorker` cmdlet specifying the values for the parameters `Url`, `Key`, and `GroupName`.
+1. Run the `Add-HybridRunbookWorker` cmdlet specifying the values for the parameters `Url`, `Key`, and `GroupName`.
```powershell-interactive Add-HybridRunbookWorker ΓÇôGroupName <String> -Url <Url> -Key <String>
To install and configure a Windows Hybrid Runbook Worker, perform the following
* If required, set the `Verbose` parameter to receive details about the installation.
-7. Verify the deployment after the command is completed. From the **Hybrid Runbook Worker Groups** page in your Automation account, under the **User hybrid runbook workers group** tab, it shows the new or existing group and the number of members. If it's an existing group, the number of members is incremented. You can select the group from the list on the page, from the left-hand menu choose **Hybrid Workers**. On the **Hybrid Workers** page, you can see each member of the group listed.
+1. Verify the deployment after the command is completed. From the **Hybrid Runbook Worker Groups** page in your Automation account, under the **User hybrid runbook workers group** tab, it shows the new or existing group and the number of members. If it's an existing group, the number of members is incremented. You can select the group from the list on the page, from the left-hand menu choose **Hybrid Workers**. On the **Hybrid Workers** page, you can see each member of the group listed.
## Install PowerShell modules
Modules that are installed must be in a location referenced by the `PSModulePath
1. In the Azure portal, go to your Automation account.
-2. Under **Account Settings**, select **Keys** and note the values for **URL** and **Primary Access Key**.
+1. Under **Account Settings**, select **Keys** and note the values for **URL** and **Primary Access Key**.
-3. Open a PowerShell session in Administrator mode and run the following command with your URL and primary access key values. Use the `Verbose` parameter for a detailed log of the removal process. To remove stale machines from your Hybrid Worker group, use the optional `machineName` parameter.
+1. Open a PowerShell session in Administrator mode and run the following command with your URL and primary access key values. Use the `Verbose` parameter for a detailed log of the removal process. To remove stale machines from your Hybrid Worker group, use the optional `machineName` parameter.
```powershell-interactive Remove-HybridRunbookWorker -Url <URL> -Key <primaryAccessKey> -MachineName <computerName>
To remove a Hybrid Runbook Worker group, you first need to remove the Hybrid Run
1. Open the Automation account in the Azure portal.
-2. Select **Hybrid worker groups** under **Process Automation**. Select the group that you want to delete. The properties page for that group appears.
+1. Select **Hybrid worker groups** under **Process Automation**. Select the group that you want to delete. The properties page for that group appears.
![Properties page](media/automation-hybrid-runbook-worker/automation-hybrid-runbook-worker-group-properties.png)
-3. On the properties page for the selected group, select **Delete**. A message asks you to confirm this action. Select **Yes** if you're sure that you want to continue.
+1. On the properties page for the selected group, select **Delete**. A message asks you to confirm this action. Select **Yes** if you're sure that you want to continue.
![Confirmation message](media/automation-hybrid-runbook-worker/automation-hybrid-runbook-worker-confirm-delete.png)
backup Monitor Azure Backup With Backup Explorer https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/backup/monitor-azure-backup-with-backup-explorer.md
Title: Monitor your backups with Backup Explorer description: This article describes how to use Backup Explorer to perform real-time monitoring of backups across vaults, subscriptions, regions, and tenants.- Last updated 02/03/2020
backup Security Controls Policy https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/backup/security-controls-policy.md
Title: Azure Policy Regulatory Compliance controls for Azure Backup
description: Lists Azure Policy Regulatory Compliance controls available for Azure Backup. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources. Last updated 03/31/2021 --++
cloud-services-extended-support Deploy Prerequisite https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/cloud-services-extended-support/deploy-prerequisite.md
To ensure a successful Cloud Services (extended support) deployment review the below steps and complete each item prior to attempting any deployments.
-## Register the CloudServices feature
-Register the feature for your subscription. The registration may take several minutes to complete.
-
-```powershell
-Register-AzProviderFeature -FeatureName CloudServices -ProviderNamespace Microsoft.Compute
-```
-
-Check the status of registration using the following:
-```powershell
-Get-AzProviderFeature
-
-#Sample output
-FeatureName ProviderName RegistrationState
-CloudServices Microsoft.Compute Registered
-```
- ## Required Service Configuration (.cscfg) file updates ### 1) Virtual Network
cloud-services-extended-support Overview https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/cloud-services-extended-support/overview.md
# About Azure Cloud Services (extended support)
-> [!IMPORTANT]
-> Cloud Services (extended support) is currently in public preview.
-> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
-> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
-Cloud Services (extended support) is a new [Azure Resource Manager](../azure-resource-manager/management/overview.md) based deployment model for [Azure Cloud Services](https://azure.microsoft.com/services/cloud-services/) product and is currently in public preview. Cloud Services (extended support) has the primary benefit of providing regional resiliency along with feature parity with Azure Cloud Services deployed using Azure Service Manager. It also offers some ARM capabilities such as role-based access and control (RBAC), tags, policy and supports deployment templates.
+Cloud Services (extended support) is a new [Azure Resource Manager](../azure-resource-manager/management/overview.md) based deployment model for [Azure Cloud Services](https://azure.microsoft.com/services/cloud-services/) product and is now generally available. Cloud Services (extended support) has the primary benefit of providing regional resiliency along with feature parity with Azure Cloud Services deployed using Azure Service Manager. It also offers some ARM capabilities such as role-based access and control (RBAC), tags, policy, and supports deployment templates.
With this change, the Azure Service Manager based deployment model for Cloud Services will be renamed [Cloud Services (classic)](../cloud-services/cloud-services-choose-me.md). You will retain the ability to build and rapidly deploy your web and cloud applications and services. You will be able to scale your cloud services infrastructure based on current demand and ensure that the performance of your applications can keep up while simultaneously reducing costs.
cloud-services-extended-support Role Startup Failure https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/cloud-services-extended-support/role-startup-failure.md
+
+ Title: Role instance startup failure for Azure Cloud Services (extended support)
+description: Troubleshoot Role instance startup failure for Azure Cloud Services (extended support)
+++++ Last updated : 04/01/2021+++
+# Troubleshoot Azure Cloud Service (extended support) roles that fail to start
+Here are some common problems and solutions related to Cloud Services (extended support) roles that fail to start.
+
+## Cloud Service Operation failed with RoleInstanceStartupTimeoutError
+One or more role instances of your could service (extended support) may not start in the stipulated time. These role instances might be taking time to start or might be recycling and the role instance might fail with a RoleInstanceStartupTimeoutError
+This is a role application error. The role application contains two major parts: 'Startup Tasks' and 'Role code (Implementation of RoleEntryPoint)', both of which could cause the role recycling. If the role is crashed, the PaaS Agent will always re-launch it.
+
+To get the current state and details of the role instances in case of errors, use :
+
+* PowerShell: Use the [Get-AzCloudServiceRoleInstanceView](https://docs.microsoft.com/powershell/module/az.cloudservice/get-azcloudserviceroleinstanceview) cmdlet to retrieve information about the run-time state of a role instance in a cloud service.
+```powershell
+Get-AzCloudServiceRoleInstanceView -ResourceGroupName "ContosOrg" -CloudServiceName "ContosoCS" -RoleInstanceName "WebRole1_IN_0"
+
+Statuses PlatformFaultDomain PlatformUpdateDomain
+-- - --
+{RoleStateStarting} 0 0
+```
+
+* Azure portal: Go to your cloud service and select Roles and Instances tab. Click on the role instance to get its status details
+ :::image type="content" source="media/role-startup-failure-1.png" alt-text="Image shows role startup failure on portal.":::
+
+Here are some common problems and solutions related to Azure Cloud Services (extended support) roles that fail to start or it cycles between the initializing, busy, and stopping states.
+
+## Missing DLLs or dependencies
+Unresponsive roles and roles that are cycling between Initializing, Busy, and Stopping states can be caused by missing DLLs or assemblies.
+Symptoms of missing DLLs or assemblies can be:
+
+* Your role instance is cycling through **Initializing**, **Busy**, and **Stopping** states.
+* Your role instance has moved to **Ready** but if you navigate to your web application, the page does not appear.
+
+There are several recommended methods for investigating these issues.
+
+## Diagnose missing DLL issues in a web role
+When you navigate to a website that is deployed in a web role, and the browser displays a server error similar to the following, it may indicate that a DLL is missing.
++
+## Diagnose issues by turning off custom errors
+More complete error information can be viewed by configuring the web.config for the web role to set the custom error mode to Off and redeploying the service.
+To view more complete errors without using Remote Desktop:
+1. Open the solution in Microsoft Visual Studio.
+2. In the Solution Explorer, locate the web.config file and open it.
+3. In the web.config file, locate the system.web section and add the following line:
+ ```xml
+<customErrors mode="Off" />
+```
+4. Save the file.
+5. Repackage and redeploy the service.
+Once the service is redeployed, you will see an error message with the name of the missing assembly or DLL.
+
+## Diagnose issues by viewing the error remotely
+You can use Remote Desktop to access the role and view more complete error information remotely. Use the following steps to view the errors by using Remote Desktop:
+1. Enable remote desktop extension for Cloud Service (extended support). For more information, see [Apply Remote Desktop extension to Cloud Services (extended support) using Azure portal](enable-rdp.md)
+2. On the Azure portal, once the instance shows a status of Ready, remote into the instance. For more information on using the remote desktop with Cloud Services (extended support), see [Connect to role instances with Remote Desktop](https://docs.microsoft.com/azure/cloud-services-extended-support/enable-rdp#connect-to-role-instances-with-remote-desktop-enabled)
+3. Sign in to the virtual machine by using the credentials that were specified during the Remote Desktop configuration.
+4. Open a command window.
+5. Type IPconfig.
+6. Note the IPv4 Address value.
+7. Open Internet Explorer.
+8. Type the address and the name of the web application. For example, http://<IPV4 Address>/default.aspx.
+Navigating to the website will now return more explicit error messages:
+* Server Error in '/' Application.
+* Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
+* Exception Details: System.IO.FIleNotFoundException: Could not load file or assembly ΓÇÿMicrosoft.WindowsAzure.StorageClient, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf856ad364e35ΓÇÖ or one of its dependencies. The system cannot find the file specified.
+For example:
+
+ :::image type="content" source="media/role-startup-failure-3.png" alt-text="Image shows exception on role startup failure":::
+
+## Diagnose issues by using the compute emulator
+You can use the Azure Compute Emulator to diagnose and troubleshoot issues of missing dependencies and web.config errors.
+For best results in using this method of diagnosis, you should use a computer or virtual machine that has a clean installation of Windows.
+1. Install the [Azure SDK](https://azure.microsoft.com/downloads/)
+2. On the development machine, build the cloud service project.
+3. In Windows Explorer, navigate to the bin\debug folder of the cloud service project.
+4. Copy the .csx folder and .cscfg file to the computer that you are using to debug the issues.
+5. On the clean machine, open an Azure SDK Command Prompt window and type csrun.exe /devstore:start.
+6. At the command prompt, type run csrun <path to .csx folder> <path to .cscfg file> /launchBrowser.
+7. When the role starts, you will see detailed error information in Internet Explorer. You can also use standard Windows troubleshooting tools to further diagnose the problem.
+
+## Diagnose issues by using IntelliTrace
+For worker and web roles that use .NET Framework 4, you can use [IntelliTrace](https://docs.microsoft.com/visualstudio/debugger/intellitrace), which is available in Microsoft Visual Studio Enterprise.
+Follow these steps to deploy the service with IntelliTrace enabled:
+1. Confirm that Azure SDK 1.3 or later is installed.
+2. Deploy the solution by using Visual Studio. During deployment, check the Enable IntelliTrace for .NET 4 roles check box.
+3. Once the instance starts, open the Server Explorer.
+4. Expand the Azure\Cloud Services node and locate the deployment.
+5. Expand the deployment until you see the role instances. Right-click on one of the instances.
+6. Choose View IntelliTrace logs. The IntelliTrace Summary will open.
+7. Locate the exceptions section of the summary. If there are exceptions, the section will be labeled Exception Data.
+8. Expand the Exception Data and look for System.IO.FileNotFoundException errors similar to the following:
+
+ :::image type="content" source="media/role-startup-failure-4.png" alt-text="Image shows exception data on role startup failure" lightbox="media/role-startup-failure-4.png":::
+
+## Address missing DLLs and assemblies
+To address missing DLL and assembly errors, follow these steps:
+1. Open the solution in Visual Studio.
+2. In Solution Explorer, open the References folder.
+3. Click the assembly identified in the error.
+4. In the Properties pane, locate Copy Local property and set the value to True.
+5. Redeploy the cloud service.
+Once you have verified that all errors have been corrected, you can deploy the service without checking the Enable IntelliTrace for .NET 4 roles check box.
+
+## Next steps
+- To learn how to troubleshoot cloud service role issues by using Azure PaaS computer diagnostics data, see [Kevin Williamson's blog series](https://docs.microsoft.com/archive/blogs/kwill/windows-azure-paas-compute-diagnostics-data).
cloud-services-extended-support Swap Cloud Service https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/cloud-services-extended-support/swap-cloud-service.md
+
+ Title: Swap/Switch between two Azure Cloud Services (Extended Support)
+description: Swap/Switch between two Azure Cloud Services (Extended Support)
+++++ Last updated : 04/01/2021+++
+# Swap/Switch between two Azure Cloud Services (Extended Support)
+With cloud services (extended support) you can swap between two independent cloud service deployments. Unlike cloud services (classic), the concept of slots does not exist with the Azure Resource Manager model. When you decide to deploy a new release of a cloud service (extended support), you can make it ΓÇ£swappableΓÇ¥ with another existing cloud service (extended support) enabling you to stage and test your new release using this deployment. A cloud service can be made ΓÇÿswappableΓÇÖ with another cloud service only at the time of deploying the second cloud service (of the pair). When using the ARM template-based deployment method, this is done by setting the SwappableCloudService property within the Network Profile of the Cloud Service object to the ID of the paired cloud service.
+
+```
+"networkProfile": {
+ "SwappableCloudService": {
+ "id": "[concat(variables('swappableResourcePrefix'), 'Microsoft.Compute/cloudServices/', parameters('cloudServicesToBeSwappedWith'))]"
+ },
+```
+> [!Note]
+> You cannot swap between a cloud service (classic) and a cloud service (extended support)
+
+Use **Swap** to switch the URLs by which the two cloud services are addressed, in effect promoting a new cloud service (staged) to production release.
+You can swap deployments from the Cloud Services page or the dashboard.
+
+1. In the [Azure portal](https://portal.azure.com), select the cloud service you want to update. This step opens the cloud service instance blade.
+2. On the blade, select **Swap**
+ :::image type="content" source="media/swap-cloud-service-1.png" alt-text="Image shows the swap option the cloud service":::
+
+3. The following confirmation prompt opens
+
+ :::image type="content" source="media/swap-cloud-service-2.png" alt-text="Image shows swapping the cloud service":::
+
+4. After you verify the deployment information, select OK to swap the deployments.
+The swap happens quickly because the only thing that changes is the virtual IP addresses (VIPs) for the two cloud services.
+
+To save compute costs, you can delete one of the cloud services (designated as a staging environment for your application deployment) after you verify that your swapped cloud service is working as expected.
+
+The rest API to perform a ΓÇÿswapΓÇÖ between two cloud services extended support deployments is below:
+```http
+POST https://management.azure.com/subscriptions/subId/providers/Microsoft.Network/locations/region/setLoadBalancerFrontendPublicIpAddresses?api-version=2020-11-01
+```
+```
+{
+ "frontendIPConfigurations": [
+ {
+ "id": "#LBFE1#",
+ "properties": {
+ "publicIPAddress": {
+ "id": "#PIP2#"
+ }
+ }
+ },
+ {
+ "id": "#LBFE2#",
+ "properties": {
+ "publicIPAddress": {
+ "id": "#PIP1#"
+ }
+ }
+ }
+ ]
+ }
+```
+## Common questions about swapping deployments
+
+### What are the prerequisites for swapping between two cloud services?
+There are two key prerequisites for a successful cloud service (extended support) swap:
+* If you want to use a static / reserved IP address for one of the swappable cloud services, the other cloud service must also use a reserved IP. Otherwise, the swap fails.
+* All instances of your roles must be running before you can perform the swap. You can check the status of your instances on the Overview blade of the Azure portal. Alternatively, you can use the Get-AzRole command in Windows PowerShell.
+
+Guest OS updates and service healing operations also can cause deployment swaps to fail. For more information, see Troubleshoot cloud service deployment problems.
+
+### Can I perform a VIP Swap in parallel with another mutating operation?
+No. VIP Swap is a networking only change that needs to complete before any other compute operation is performed on the cloud service(s). Performing an update, delete or autoscale operation on the cloud service(s) while a VIP Swap is in progress or triggering a VIP Swap while another compute operation is in progress can leave the cloud service in an undesired state from which recovery might not be possible.
+
+### Does a swap incur downtime for my application? How should I handle it?
+As described in the previous section, a cloud service swap is typically fast because it's just a configuration change in the Azure load balancer. In some cases, it can take 10 or more seconds and result in transient connection failures. To limit impact to your customers, consider implementing client retry logic.
+
+## Next steps
+- Review the [deployment prerequisites](deploy-prerequisite.md) for Cloud Services (extended support).
+- Review [frequently asked questions](faq.md) for Cloud Services (extended support).
+- Deploy a Cloud Service (extended support) using the [Azure portal](deploy-portal.md), [PowerShell](deploy-powershell.md), [Template](deploy-template.md) or [Visual Studio](deploy-visual-studio.md).
ddos-protection Ddos Protection Reference Architectures https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/ddos-protection/ddos-protection-reference-architectures.md
We recommend that you configure the Application Gateway WAF SKU (prevent mode) t
For more information about this reference architecture, see [this article](/azure/architecture/reference-architectures/app-service-web-app/multi-region).
+## Protecting on-premises resources
+
+You can leverage the scale, capacity, and efficiency of Azure DDoS Protection Standard to protect your on-premises resources, by hosting a public IP address in Azure and redirecting the traffic to the backend origin to your on-premises environment.
+
+![Protecting on-prem resources](./media/reference-architectures/ddos-on-prem.png)
+
+If you have a web application that receives traffic from the Internet, you can host the web application behind Application Gateway, then protect it with WAF against Layer 7 web attacks such as SQL injection and Slowloris. The backend origins of your application will be in your on-premises environment, which is connected over the VPN.
+
+The backend resources in the on-premises environment will not be exposed to the public internet. Only the AppGW/WAF public IP is exposed to the internet and the DNS name of your application maps to that public IP address.
+
+When DDoS Protection Standard is enabled on the virtual network which contains the AppGW/WAF, DDoS Protection Standard will defend your application by mitigating bad traffic and routing the supposed clean traffic to your application.
+
+This [article](https://docs.microsoft.com/azure/azure-vmware/protect-azure-vmware-solution-with-application-gateway) shows you how you can use DDoS Protection Standard alongside Application Gateway to protect a web app running on Azure VMware Solution.
+ ## Mitigation for non-web PaaS services ### HDInsight on Azure
purview Register Scan Amazon S3 https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/purview/register-scan-amazon-s3.md
Previously updated : 03/21/2021 Last updated : 04/04/2021 # Customer intent: As a security officer, I need to understand how to use the Azure Purview connector for Amazon S3 service to set up, configure, and scan my Amazon S3 buckets.
For more information, see the documented Purview limits at:
- [Manage and increase quotas for resources with Azure Purview](how-to-manage-quotas.md) - [Supported data sources and file types in Azure Purview](sources-and-scans.md)
+- [Use private endpoints for your Purview account](catalog-private-link.md)
### Storage and scanning regions The following table maps the regions where you data is stored to the region where it would be scanned by Azure Purview.
storage Storage Files Migration Nas Cloud Databox https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/storage/files/storage-files-migration-nas-cloud-databox.md
The following RoboCopy command will copy only the differences (updated files and
When you run the RoboCopy command for the first time, your users and applications are still accessing files on the NAS and potentially change them. It is possible, that RoboCopy has processed a directory, moves on to the next and then a user on the source location (NAS) adds, changes, or deletes a file that will now not be processed in this current RoboCopy run. This behavior is expected.
-The first run is about moving the bulk of the churned data to your Azure file share. This first copy can take a long time, depending on:
-
-* the upload bandwidth
-* the local network speed and number of how optimally the number of RoboCopy threads matches it
-* the number of items (files and folders), that need to be processed by RoboCopy and Azure File Sync
+The first run is about moving the bulk of the churned data to your Azure file share. This first copy can take a while. Check out the [Troubleshooting section](#troubleshoot) for more insight into what can affect RoboCopy speeds.
Once the initial run is complete, run the command again.
synapse-analytics Get Started Add Admin https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/synapse-analytics/get-started-add-admin.md
+
+ Title: 'Tutorial: Get started add an Administrator'
+description: In this tutorial, you'll learn how to add another administrative user to your workspace.
++++++++ Last updated : 04/02/2021 ++
+# Add an administrator to your Synapse workspace
+
+In this tutorial, you'll learn how to add an administrator to your Synapse workspace. This user will have full control over the workspace.
+
+## Assign the user to the Azure RBAC Owner role at the Synapse workspace level
+
+1. Open the Azure portal.
+1. Navigate to your workspace.
+1. On the left side, select **Access Control (IAM)**.
+1. Click **Add > Add role assignment**.
+1. For **Role**, select **Owner**.
+1. Pick the user you want to assign. In this example, we will use `ryan@contoso.com`.
+1. Click Save.
+
+
+## Assign the user to the Synapse Administrator role in the Synapse workspace
+1. Open your workspace in Synapse Studio.
+1. On the left side, click **Manage** to open the Manage hub.
+1. Under **Security**, click **Access control**.
+1. Click **Add**.
+1. Leave **Scope** set to Workspace.
+1. For **Role**, choose **Synapse Administrator**.
+1. Then select the user `ryan@contoso.com`.
+1. Then click **Apply**.
+
+## Assign storage permissions on the Workspace's default storage account
+You need to grant access to the Administrator to use that filesystem
+
+1. Open the workspace's primary storage account in the Azure portal.
+1. On the left side, click **Access Control (IAM)**.
+1. Add `ryan@contoso.com` to the **Owner** role.
+3. Add `ryan@contoso.com` to the **Azure Storage Blob Data Contributor** role
+
+## Add the user to the dbowner role for all dedicated SQL pools
+
+For all dedicated SQL pools, run the following T-SQL script against the corresponding SQL database.
+
+```
+CREATE USER [ryan@contoso.com] FROM EXTERNAL PROVIDER;
+EXEC sp_addrolemember 'db_owner', 'ryan@contoso.com'
+```
+
+## Next steps
+
+* [Get started with Azure Synapse Analytics](get-started.md)
+* [Create a workspace](quickstart-create-workspace.md)
+* [Use serverless SQL pool](quickstart-sql-on-demand.md)
synapse-analytics Get Started Analyze Sql On Demand https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/synapse-analytics/get-started-analyze-sql-on-demand.md
Last updated 12/31/2020
# Analyze data with a serverless SQL pool
-In this tutorial, you'll learn how to analyze data with serverless SQL pool using data located in Spark databases.
+In this tutorial, you'll learn how to analyze data with serverless SQL pool.
## The Built-in serverless SQL pool
virtual-machines Backup Azure Sql Server Running Azure Vm https://github.com/MicrosoftDocs/azure-docs/commits/master/articles/virtual-machines/extensions/backup-azure-sql-server-running-azure-vm.md
description: In this article, learn how to register Azure Backup in SQL Server r
--++ Last updated 07/05/2019