-3. Azure AD B2C shows a sign-in journey that the user can sign in to normally and issues a token to the application that is set to include **legalAgeGroupClassification = "minorWithParentalConsent"**. The application collects the email address of the parent and verifies that the parent is an adult. To do so, it uses a trusted source, such as a national ID office, license verification, or credit card proof. If verification is successful, the application prompts the minor to sign in by using the Azure AD B2C user flow. If consent is denied (for example, if **legalAgeGroupClassification = "minorWithoutParentalConsent"**), Azure AD B2C returns a JSON token (not a login) to the application to restart the consent process. It is optionally possible to customize the user flow so that a minor or an adult can regain access to a minor's account by sending a registration code to the minor's email address or the adult's email address on record.

-

-> [Register an app](quickstart-register-app.md) to integrate with Microsoft identity platform.

-* Credit card, passport, national-ID numbers

-> [!NOTE]

-> This connector is currently in public preview. For information about terms of use, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).

-The HIPAA Security Rule (HSR) establishes national standards to protect individualsΓÇÖ electronic personal health information that is created, received, used, or maintained by a covered entity. The HSR is managed by the U.S. Department of Health and Human Services (HHS) and requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

- 1. Design validation logic to include attributes that are more likely to have an exact match against the HR system. Common attributes include street address, date of birth, nationality, national identification number (if applicable), in addition to first and last name.

- STORAGE_KEY=$(az storage account keys list --resource-group $AKS_PERS_RESOURCE_GROUP --account-name $AKS_PERS_STORAGE_ACCOUNT_NAME --query "[0].value" -o tsv)

- echo Storage account name: $AKS_PERS_STORAGE_ACCOUNT_NAME

-kubectl create secret generic azure-secret --from-literal=azurestorageaccountname=$AKS_PERS_STORAGE_ACCOUNT_NAME --from-literal=azurestorageaccountkey=$STORAGE_KEY

-| `containerLogMaxSizeMB` | Size in megabytes (MB) | 10 | The maximum size (for example, 10 MB) of a container log file before it's rotated. |

-| `net.ipv4.tcp_keepalive_intvl` | 1 - 75 | 75 | How frequently the probes are sent out. Multiplied by `tcp_keepalive_probes` it makes up the time to kill a connection that isn't responding, after probes started. |

-description: Learn how to deploy Azure container offers from Azure Marketplace on an Azure Kubernetes Service (AKS) cluster.

-# Deploy a container offer from Azure Marketplace (preview)

-Kubernetes application-based container offers cannot be deployed on AKS for Azure Stack HCI or AKS Edge Essentials.

-1. You will see several Kubernetes application offers displayed on the page. To view all of the Kubernetes application offers, select **See more**.

- :::image type="content" source="./media/deploy-marketplace/see-more-inline.png" alt-text="Screenshot of Azure Marketplace K8s offers in the Azure portal" lightbox="./media/deploy-marketplace/see-more.png":::

-1. Verify the deployment by using the following command to list the extensions that are running on your cluster:

-Purchasing an offer from Azure Marketplace creates a new instance of the extension on your AKS cluster. You can view the extension instance from the cluster by using the following command:

-You can delete a purchased plan for an Azure container offer by deleting the extension instance on the cluster. For example:

-As part of the application and cluster lifecycle, you may want to upgrade to the latest available version of Kubernetes. You can upgrade your Azure Kubernetes Service (AKS) cluster by using the Azure CLI, Azure PowerShell, or the Azure portal.

-In previous tutorials, an application was packaged into a container image, and this container image was uploaded to Azure Container Registry (ACR). You also created an AKS cluster. The application was then deployed to the AKS cluster. If you have not done these steps and would like to follow along, start with [Tutorial 1: Prepare an application for AKS][aks-tutorial-prepare-app].

-* If you're using Azure CLI, this tutorial requires that you're running Azure CLI version 2.34.1 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].

-* If you're using Azure PowerShell, this tutorial requires that you're running Azure PowerShell version 5.9.0 or later. Run `Get-InstalledModule -Name Az` to find the version. If you need to install or upgrade, see [Install Azure PowerShell][azure-powershell-install].

-Before you upgrade a cluster, use the [az aks get-upgrades][] command to check which Kubernetes releases are available.

-```azurecli

-az aks get-upgrades --resource-group myResourceGroup --name myAKSCluster

-```

-In the following example output, the current version is *1.18.10*, and the available versions are shown under *upgrades*.

-```output

-{

- "agentPoolProfiles": null,

- "controlPlaneProfile": {

- "kubernetesVersion": "1.18.10",

- ...

- "upgrades": [

- {

- "isPreview": null,

- "kubernetesVersion": "1.19.1"

- {

- "isPreview": null,

- "kubernetesVersion": "1.19.3"

- }

- ]

- },

- ...

-}

-```

-Before you upgrade a cluster, use the [Get-AzAksCluster][get-azakscluster] cmdlet to check which Kubernetes version you're running and the region in which it resides.

-```azurepowershell

-Get-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster |

- Select-Object -Property Name, KubernetesVersion, Location

-```

-In the following example output, the current version is *1.19.9*.

-```output

-Name KubernetesVersion Location

-myAKSCluster 1.19.9 eastus

-```

-Use the [Get-AzAksVersion][get-azaksversion] cmdlet to check which Kubernetes upgrade releases are available in the region where your AKS cluster resides.

-```azurepowershell

-Get-AzAksVersion -Location eastus | Where-Object OrchestratorVersion -gt 1.19.9

-```

-The available versions are shown under *OrchestratorVersion*.

-```output

-Default IsPreview OrchestratorType OrchestratorVersion

- Kubernetes 1.20.2

- Kubernetes 1.20.5

-```

-To check which Kubernetes releases are available for your cluster:

-AKS nodes are carefully cordoned and drained to minimize any potential disruptions to running applications. The following steps are performed during this process:

-1. The Kubernetes scheduler prevents additional pods from being scheduled on a node that is to be upgraded.

-1. Running pods on the node are scheduled on other nodes in the cluster.

-1. A new node is created that runs the latest Kubernetes components.

-1. When the new node is ready and joined to the cluster, the Kubernetes scheduler begins to run pods on the new node.

-1. The old node is deleted, and the next node in the cluster begins the cordon and drain process.

-Use the [az aks upgrade][] command to upgrade your AKS cluster.

-```azurecli

-az aks upgrade \

- --resource-group myResourceGroup \

- --name myAKSCluster \

- --kubernetes-version KUBERNETES_VERSION

-```

-> [!NOTE]

-> You can only upgrade one minor version at a time. For example, you can upgrade from *1.14.x* to *1.15.x*, but you cannot upgrade from *1.14.x* to *1.16.x* directly. To upgrade from *1.14.x* to *1.16.x*, you must first upgrade from *1.14.x* to *1.15.x*, then perform another upgrade from *1.15.x* to *1.16.x*.

-The following example output shows the result of upgrading to *1.19.1*. Notice the *kubernetesVersion* now reports *1.19.1*.

-```output

-{

- "agentPoolProfiles": [

- "count": 3,

- "maxPods": 110,

- "name": "nodepool1",

- "osType": "Linux",

- "storageProfile": "ManagedDisks",

- "vmSize": "Standard_DS1_v2",

- ],

- "dnsPrefix": "myAKSClust-myResourceGroup-19da35",

- "enableRbac": false,

- "fqdn": "myaksclust-myresourcegroup-19da35-bd54a4be.hcp.eastus.azmk8s.io",

- "id": "/subscriptions/<Subscription ID>/resourcegroups/myResourceGroup/providers/Microsoft.ContainerService/managedClusters/myAKSCluster",

- "kubernetesVersion": "1.19.1",

- "location": "eastus",

- "name": "myAKSCluster",

- "type": "Microsoft.ContainerService/ManagedClusters"

-}

-```

-Use the [Set-AzAksCluster][set-azakscluster] cmdlet to upgrade your AKS cluster.

-```azurepowershell

-Set-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster -KubernetesVersion <KUBERNETES_VERSION>

-```

-> [!NOTE]

-> You can only upgrade one minor version at a time. For example, you can upgrade from *1.14.x* to *1.15.x*, but you cannot upgrade from *1.14.x* to *1.16.x* directly. To upgrade from *1.14.x* to *1.16.x*, first upgrade from *1.14.x* to *1.15.x*, then perform another upgrade from *1.15.x* to *1.16.x*.

-The following example output shows the result of upgrading to *1.19.9*. Notice the *kubernetesVersion* now reports *1.20.2*.

-```output

-ProvisioningState : Succeeded

-MaxAgentPools : 100

-KubernetesVersion : 1.20.2

-PrivateFQDN :

-AgentPoolProfiles : {default}

-Name : myAKSCluster

-Type : Microsoft.ContainerService/ManagedClusters

-Location : eastus

-Tags : {}

-```

-To upgrade your AKS cluster:

-When you upgrade your cluster, the following Kubernetes events may occur on the nodes:

-* **Surge**: Create surge node.

-* **Drain**: Pods are being evicted from the node. Each pod has a *5 minute timeout* to complete the eviction.

-* **Update**: Update of a node has succeeded or failed.

-* **Delete**: Delete a surge node.

-Use `kubectl get events` to show events in the default namespaces while running an upgrade.

-```azurecli-interactive

-kubectl get events

-```

-The following example output shows some of the above events listed during an upgrade.

-```output

-...

-default 2m1s Normal Drain node/aks-nodepool1-96663640-vmss000001 Draining node: [aks-nodepool1-96663640-vmss000001]

-...

-default 9m22s Normal Surge node/aks-nodepool1-96663640-vmss000002 Created a surge node [aks-nodepool1-96663640-vmss000002 nodepool1] for agentpool %!s(MISSING)

-...

-```

-Confirm that the upgrade was successful using the [az aks show][] command.

-```azurecli

-az aks show --resource-group myResourceGroup --name myAKSCluster --output table

-```

-The following example output shows the AKS cluster runs *KubernetesVersion 1.19.1*:

-```output

-Name Location ResourceGroup KubernetesVersion CurrentKubernetesVersion ProvisioningState Fqdn

- - - - -

-myAKSCluster eastus myResourceGroup 1.19.1 1.19.1 Succeeded myaksclust-myresourcegroup-19da35-bd54a4be.hcp.eastus.azmk8s.io

-```

-Confirm that the upgrade was successful using the [Get-AzAksCluster][get-azakscluster] cmdlet.

-```azurepowershell

-Get-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster |

- Select-Object -Property Name, Location, KubernetesVersion, ProvisioningState

-```

-The following example output shows the AKS cluster runs *KubernetesVersion 1.20.2*:

-```output

-Name Location KubernetesVersion ProvisioningState

-myAKSCluster eastus 1.20.2 Succeeded

-```

-To confirm that the upgrade was successful, navigate to your AKS cluster in the Azure portal. On the **Overview** page, select the **Kubernetes version** and ensure it's the latest version you installed in the previous step.

-Use the [az group delete][az-group-delete] command to remove the resource group, container service, and all related resources.

-```azurecli-interactive

-az group delete --name myResourceGroup --yes --no-wait

-```

-Use the [Remove-AzResourceGroup][remove-azresourcegroup] cmdlet to remove the resource group, container service, and all related resources.

-```azurepowershell-interactive

-Remove-AzResourceGroup -Name myResourceGroup

-```

-To delete your AKS cluster:

-> When you delete the cluster, the Azure Active Directory (AAD) service principal used by the AKS cluster isn't removed. For steps on how to remove the service principal, see [AKS service principal considerations and deletion][sp-delete]. If you used a managed identity, the identity is managed by the platform and it doesn't require that you provision or rotate any secrets.

-For more information on AKS, see [AKS overview][aks-intro]. For guidance on how to create full solutions with AKS, see [AKS solution guidance][aks-solution-guidance].

-[az aks show]: /cli/azure/aks#az_aks_show

-[az aks get-upgrades]: /cli/azure/aks#az_aks_get_upgrades

-[az aks upgrade]: /cli/azure/aks#az_aks_upgrade

-| `AZURE_LOGGING_DIR` | Native Windows apps only. Added to Java args as `-Dsite.logdir`. The default is `%HOME%\LogFiles\`. ||

-> In addition to specifying the IdDocument model, you can designate the ID type for (driver license, passport, national identity card, residence permit, or US social security card ).

-|`DocumentNumber`|`string`|National identity card number|WDLABCD456DG|

-|`DocumentDiscriminator`|`string`|National identity card document discriminator|12645646464554646456464544|

- * Receipt model now has added language support for 18 languages and three language dialects (English, French, Portuguese).

- * United Kingdom ID cards and documents (national identity card)

-The self-signed certificate that you have created for the Run As account expires one year from the date of creation. At some point before your Run As account expires, you must renew the certificate. You can renew it any time before it expires.

-Connecting an Azure Kubernetes Service (AKS) cluster to Azure Arc is only required for running Azure Arc-enabled services like App Services and Data Services on top of the cluster. This can be done using the [custom locations](custom-locations.md) feature of Azure Arc-enabled Kubernetes. This is a point in time limitation for now till cluster extensions and custom locations are introduced natively on top of AKS clusters.

-If you don't want to use custom locations and just want to use management features like Azure Monitor and Azure Policy (Gatekeeper), they are available natively on AKS and connection to Azure Arc is not required in such cases.

-Yes, connecting your AKS-HCI cluster or Kubernetes clusters on Azure Stack Edge to Azure Arc provides clusters with resource representation in Azure Resource Manager. This resource representation extends capabilities like Cluster Configuration, Azure Monitor, and Azure Policy (Gatekeeper) to connected Kubernetes clusters.

-Yes, you can still use configurations on a cluster receiving deployments via a CI/CD pipeline. Compared to traditional CI/CD pipelines, GitOps configurations feature some extra benefits:

-CI/CD pipelines are useful for event-driven deployments to your Kubernetes cluster (for example, a push to a Git repository). However, if you want to deploy the same configuration to all of your Kubernetes clusters, you would need to manually configure each Kubernetes cluster's credentials to the CI/CD pipeline.

-For Azure Arc-enabled Kubernetes, since Azure Resource Manager manages your GitOps configurations, you can automate creating the same configuration across all Azure Arc-enabled Kubernetes and AKS resources using Azure Policy, within scope of a subscription or a resource group. This capability is even applicable to Azure Arc-enabled Kubernetes and AKS resources created after the policy assignment.

-* Explore the [Cloud Adoption Framework for hybrid and multicloud](/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-kubernetes/eslz-arc-kubernetes-identity-access-management)

-* [Connect an existing Kubernetes cluster to Azure Arc](quickstart-connect-cluster.md)

-For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enabled Kubernetes agent overview](./conceptual-agent-overview.md).

-* Learn about best practices and design patterns trough the various [Azure Arc Landing Zone Accelerators](https://aka.ms/ArcLZAcceleratorReady).

-## Azure-Arc enabled VMs on Azure Stack HCI issues

-For general help resolving issues related to Azure-Arc enabled VMs on Azure Stack HCI, see [Troubleshoot Azure Arc-enabled virtual machines](/azure-stack/hci/manage/troubleshoot-arc-enabled-vms).

- > In the portal, you can also reach the page for adding servers by searching for and selecting "Servers - Azure Arc" and then selecting **+Add**.

-To disconnect using a service principal, run the command below. Be sure to specify a service principal that has the required roles for disconnecting servers; this will not be the same service principal that was used to onboard the server:

-1. Review the [prerequisites](prerequisites.md) and verify that your subscription and resources meet the requirements. You will need to have the **Azure Connected Machine Onboarding** role or the **Contributor** role for the resource group of the machine.

-```

-```

- a. Choose the **virtual network** and **subnet** that you want to connect to your Azure-Arc enabled server.

-description: This article tells how to troubleshoot and resolve issues with the SSH access to Arc-enabled servers.

-# Troubleshoot SSH access to Azure Arc enabled servers

-This article provides information on troubleshooting and resolving issues that may occur while attempting to connect to Azure Arc enabled servers via SSH.

-For general information, see [SSH access to Arc enabled servers overview](./ssh-arc-overview.md).

-This occurs when the active subscription for Azure CLI isn't the same as the server that is being connected to.

-Possible errors:

-This issue occurs when the client side SSH binaries required to connect cannot be found.

-Error:

-### SSH traffic is not allowed on the server

-This issue occurs when SSHD isn't running on the server, or SSH traffic isn't allowed on the server.

-Possible errors:

-

-This issue occurs when the current user does not have the proper role assignment on the target resource, specifically a lack of "read" permissions.

-Possible errors:

-### HybridConnectiviry RP was not registered

-This issue occurs when the HybridConnectivity RP has not been registered for the subscription.

-Error:

- ## Disable SSH to Arc-enabled servers

- This functionality can be disabled by completing the following actions:

- - Remove the SSH port from the allowedincoming ports: ```azcmagent config set incomingconnections.ports <other open ports,...>```

- - Delete the default connectivity endpoint: ```az rest --method delete --uri https://management.azure.com/subscriptions/<subscription>/resourceGroups/<resourcegroup>/providers/Microsoft.HybridCompute/machines/<arc enabled server name>/providers/Microsoft.HybridConnectivity/endpoints/default?api-version=2021-10-06-preview```

- The guest agent is the [Azure Arc connected machine agent](../servers/agent-overview.md). You can install this agent later by selecting the VM in the VM inventory view on your vCenter and selecting **Enable guest management**. For information on the prerequisites of enabling guest management, see [Manage VMware VMs through Arc enabled VMware vSphere](manage-vmware-vms-in-azure.md).

-Once your VMware vCenter resources have been enabled in Azure, the final step in setting up a self-service experience for your teams is to provide them access. This article describes how to use built-in roles to manage granular access to VMware resources through Azure and allow your teams to deploy and manage VMs.

-The **Azure Arc VMware Administrator** role is a built-in role that provides permissions to perform all possible operations for the `Microsoft.ConnectedVMwarevSphere` resource provider. Assign this role to users or groups that are administrators managing Azure Arc enabled VMware vSphere deployment.

-We recommend assigning this role at the individual resource pool (or host or cluster), virtual network, or template that you want the user to deploy VMs using.

-We recommend assigning this role at the subscription or resource group you want the user to deploy VMs using:

-[Create a VM using Azure Arc-enabled vSphere](quick-start-create-a-vm.md)

-A defined boundary for data residency that typically contains two or more regions. The boundaries may be within or beyond national borders and are influenced by tax regulation. Every geo has at least one region. Examples of geos are Asia Pacific and Japan. Also called *geography*.

-An area within a geo that does not cross national borders and contains one or more datacenters. Pricing, regional services, and offer types are exposed at the region level. A region is typically paired with another region, which can be up to several hundred miles away. Regional pairs can be used as a mechanism for disaster recovery and high availability scenarios. Also referred to as *location*.

- style: 'satellite_with_roads'

- style: 'satellite_with_roads',

-The linux Troubleshooter requires Python 2.6+ or any Python3 installed on the machine. In addition, the following Python packages are required to run (all should be present on a default install of Python2 or Python3):

-[Suppressing specific autocollected telemetry](./java-standalone-config.md#suppress-specific-auto-collected-telemetry).

-> Only the .NET and .NET Core SDKs have a `GetMetric()` method. If you're using Java, see [Sending custom metrics using micrometer](./java-standalone-config.md#auto-collected-micrometer-metrics-including-spring-boot-actuator-metrics). For JavaScript and Node.js, you would still use `TrackMetric()`, but keep in mind the caveats that were outlined in the previous section. For Python, you can use [OpenCensus.stats](./opencensus-python.md#metrics) to send custom metrics, but the metrics implementation is different.

-You'll find more information and configuration options in the following sections.

-If you specify a relative path, it will be resolved relative to the directory where `applicationinsights-agent-3.4.12.jar` is located.

-If you have multiple applications deployed in the same JVM and want them to send telemetry to different instrumentation keys, see [Instrumentation key overrides (preview)](#instrumentation-key-overrides-preview).

-(approximately) 5 requests per second, along with all the dependencies and logs on those requests.

-This example shows how to set the sampling to capture at most (approximately) 1 request per second:

-Note that `requestsPerSecond` can be a decimal, so you can configure it to capture less than 1 request per second if you want. For example, a value of `0.5` means capture at most 1 request every 2 seconds.

-* `name` is the metric name that will be assigned to this JMX metric (can be anything).

-If the JMX metric's `objectName` is dynamic and changes on each restart, you can specify it using an

-[object name pattern](https://docs.oracle.com/javase/8/docs/api/javax/management/ObjectName.html),

-e.g. `kafka.consumer:type=consumer-fetch-manager-metrics,client-id=*`.

-and have it inherited by dependency and log telemetry which are captured in the context of that request:

-## Instrumentation key overrides (preview)

-This feature is in preview, starting from 3.2.3.

-Instrumentation key overrides allow you to override the [default instrumentation key](#connection-string). For example, you can:

-* Set one instrumentation key for one HTTP path prefix `/myapp1`.

-* Set another instrumentation key for another HTTP path prefix `/myapp2/`.

-```json

-{

- "preview": {

- "instrumentationKeyOverrides": [

- {

- "httpPathPrefix": "/myapp1",

- "instrumentationKey": "12345678-0000-0000-0000-0FEEDDADBEEF"

- },

- {

- "httpPathPrefix": "/myapp2",

- "instrumentationKey": "87654321-0000-0000-0000-0FEEDDADBEEF"

- }

- ]

- }

-}

-```

-Yu can use telemetry processors to configure rules that will be applied to request, dependency, and trace telemetry. For example, you can:

-## Auto-collected logging

-Log4j, Logback, JBoss Logging, and java.util.logging are auto-instrumented. Logging performed via these logging frameworks is auto-collected.

-For example, if your logging framework is configured to log `WARN` (and above) from the package `com.example`,

-and Application Insights is configured to capture `INFO` (and above), Application Insights will only capture `WARN` (and above) from the package `com.example`.

-### Additional log attributes for Logback (preview)

-## Auto-collected Micrometer metrics (including Spring Boot Actuator metrics)

-If your application uses [Micrometer](https://micrometer.io), metrics that are sent to the Micrometer global registry are auto-collected.

-Also, if your application uses [Spring Boot Actuator](https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-features.html), metrics configured by Spring Boot Actuator are also auto-collected.

-1. The metrics will be ingested into the

-To disable auto-collection of Micrometer metrics and Spring Boot Actuator metrics:

-The preceding examples will be captured under the property names `http.request.header.my_header_a` and

-Again, the header names are case insensitive. The preceding examples will be captured under the property names

-## Suppress specific auto-collected telemetry

-Starting from version 3.0.3, specific auto-collected telemetry can be suppressed by using these configuration options:

-* **Micrometer metrics**: [See the Auto-collected Micrometer metrics section](#auto-collected-micrometer-metrics-including-spring-boot-actuator-metrics)

-If your application is behind a firewall and can't connect directly to Application Insights (see [IP addresses used by Application Insights](./ip-addresses.md)), you can configure Application Insights Java 3.x to use an HTTP proxy:

-```

-There are typically no code changes when upgrading to 3.x. The 3.x SDK dependencies are just no-op API versions of the

-2.x SDK dependencies, but when used along with the 3.x Java agent, the 3.x Java agent provides the implementation

-for them, and your custom instrumentation will be correlated with all the new

-auto-instrumentation which is provided by the 3.x Java agent.

-| `applicationinsights-logging-log4j1_2` | Remove the dependency and remove the Application Insights appender from your log4j configuration. | No longer needed since Log4j 1.2 is auto-instrumented in the 3.x Java agent. |

-| `applicationinsights-logging-log4j2` | Remove the dependency and remove the Application Insights appender from your log4j configuration. | No longer needed since Log4j 2 is auto-instrumented in the 3.x Java agent. |

-| `applicationinsights-logging-log4j1_2` | Remove the dependency and remove the Application Insights appender from your logback configuration. | No longer needed since Logback is auto-instrumented in the 3.x Java agent. |

-If you were using the Application Insights 2.x Java agent, just replace your existing `-javaagent:...` with the above.

-## Additional notes

-when upgrading from 2.x to 3.x, as well as some workarounds that you may find helpful.

-2.x SDK TelemetryInitializers will not be run when using the 3.x agent.

-2.x SDK TelemetryProcessors will not be run when using the 3.x agent.

-This use case is supported in Application Insights Java 3.x using [Instrumentation key overrides (preview)](./java-standalone-config.md#instrumentation-key-overrides-preview).

-However, for some applications, you may still prefer the aggregated view in the U/X

-that was provided by the previous operation names, in which case you can use the

-[telemetry processors](./java-standalone-telemetry-processors.md) (preview) feature in 3.x

-to replicate the previous behavior.

-The snippet below configures 3 telemetry processors that combine to replicate the previous behavior.

- It will match any telemetry that has attributes named `http.method` and `http.url`.

- Then it will extract the path portion of the `http.url` attribute into a new attribute named `tempName`.

- It will match any span that has an attribute named `tempPath`.

- Then it will update the span name from the attribute `tempPath`.

- It will match any telemetry that has an attribute named `tempPath`.

- Then it will delete the attribute named `tempPath`, so that it won't be reported as a custom dimension.

-```

-Alerts|[Create and manage action groups in the Azure portal](alerts/action-groups.md)|Added list of countries supported by voice notifications.|

- > [!NOTE]

- > The sub-command (`--restore revertvolume`) is only available for Azure Large Instance and is not available for Azure NetApp Files.

-For restore options to work successfully, the AzAcSnap service principal also needs to be able to create volumes. In this case the role definition needs an additional action, therefore the complete service principal should look like the following example.

-It is common practice on Unix/Linux systems to use `cron` to automate running commands on a

-An example of a `crontab` for the user `azacsnap` to automate snapshots is below.

-AzAcSnap writes output of its operation to log files to assist with debugging and to validate correct operation. These log files will continue to grow unless actively managed. Fortunately UNIX based systems have a tool to manage and archive log files called logrotate.

-This is an example configuration for logrotate. This configuration will keep a maximum of 31 logs (approximately one month), and when the log files are larger than 10k it will rotate and compress them.

-After creating the logrotate.conf file, logrotate should be run on a regular basis to archive AzAcSnap log files accordingly. This can be done using cron. The following is the line of the azacsnap user's crontab which will run logrotate on a daily schedule using the configuration file described above.

-After several days the azacsnap log files should look similar to the following directory listing.

-1. Available disk space. Snapshots will slowly consume disk space as keeping older disk blocks

- are retained in the snapshot.

- 1. To help automate disk space management, use the `--retention` and `--trim` options to automatically clean up the old snapshots and database log files.

-To delete a snapshot, use the command `azacsnap -c delete`. It's not possible to delete

-snapshots from the OS level. You must use the correct command (`azacsnap -c delete`) to delete the storage snapshots.

-> Be vigilant when you delete a snapshot. Once deleted, it is **IMPOSSIBLE** to recover

-the deleted snapshots.

-If you decide to perform the disaster recovery failover, the `azacsnap -c restore --restore revertvolume` command at the DR site will automatically make available the most recent (`/hana/data` and `/hana/logbackups`) volume snapshots to allow for an SAP HANA recovery. Use this command with caution as it breaks replication between production and DR sites.

-In some cases, customers already have tools to protect SAP HANA and only want to configure 'boot' volume snapshots. In this case only the following steps need to completed.

-1. Get the list of volumes to be added to the azacsnap configuration file, in this example the Storage User Name is `cl25h50backup` and the Storage IP Address is `10.1.1.10`

-1. The customer will need to shut down the server.

-1. Microsoft will restore the Operating System LUN using the specified Machine ID and Snapshot, and then boot the Server.

-1. The customer will then need to confirm Server is booted and healthy.

-No additional steps to be performed after the restore.

- command will keep a maximum number of snapshots for the prefix based on the retention

- set on the command line, and will delete the oldest snapshot if it goes beyond the

- maximum number to retain.

-During the move, your networking resources will operate without interruption.

-> [!NOTE]

-> Any resource, including a VPN Gateway, that is associated with a public IP Standard SKU address can't be moved across subscriptions. For virtual machines, you can [disassociate the public IP address](../../../virtual-network/ip-services/remove-public-ip-address-vm.md) before moving across subscriptions.

-When moving a resource, you must also move its dependent resources (for example - public IP addresses, virtual network gateways, all associated connection resources). The virtual network assigned to the AKS instance can also be moved, and local network gateways can be in a different resource group.

-> [!WARNING]

-> Please refrain from moving the virtual network for an AKS cluster. The AKS cluster will stop working if its virtual network is moved.

-To move a virtual machine with a network interface card to a new subscription, you must move all dependent resources. Move the virtual network for the network interface card, all other network interface cards for the virtual network, and the VPN gateways.

-You cannot move VPN Gateways across resource groups or subscriptions if they are of Basic SKU. Basic SKU is only meant for test environment usage and doesn't support resource move operation.

-* The function can't use the [dateTimeAdd](template-functions-date.md#datetimeadd) function.

- Azure Video Indexer APIs now support STT in Arabic Levantine (ar-SY), English UK dialect (en-GB), and English Australian dialect (en-AU).

-description: A tutorial to walk through how to using Azure Web PubSub service and Azure Functions to build a serverless chat app with client authentication.

-* [Azure Functions Core Tools](https://github.com/Azure/azure-functions-core-tools#installing) (v3 or higher preferred) to run Azure Function apps locally and deploy to Azure.

-* (Optional)[ngrok](https://ngrok.com/download) to expose local function as event handler for Web PubSub service. This is optional only for running the function app locally.

-# [C#](#tab/csharp)

-* [Azure Functions Core Tools](https://github.com/Azure/azure-functions-core-tools#installing) (v3 or higher preferred) to run Azure Function apps locally and deploy to Azure.

-* (Optional)[ngrok](https://ngrok.com/download) to expose local function as event handler for Web PubSub service. This is optional only for running the function app locally.

- # [C#](#tab/csharp)

- # [C#](#tab/csharp)

- # [C#](#tab/csharp)

- - Update `negotiate/function.json` and copy following json codes.

- - Update `negotiate/index.js` and copy following codes.

- # [C#](#tab/csharp)

- - Update `negotiate.cs` and replace `Run` function with following codes.

- - Add below `using` statements in header to resolve required dependencies.

- # [C#](#tab/csharp)

- - Update `message.cs` and replace `Run` function with following codes.

- - Add below `using` statements in header to resolve required dependencies.

-6. Add the client single page `https://docsupdatetracker.net/index.html` in the project root folder and copy content as below.

- # [C#](#tab/csharp)

- Since C# project will compile files to a different output folder, you need to update your `*.csproj` to make the content page go with it.

- ``

-Before you can deploy your function code to Azure, you need to create 3 resources:

-1. Create a resource group or you can skip by re-using the one of Azure Web PubSub service:

- az functionapp create --resource-group WebPubSubFunction --consumption-plan-location <REGION> --runtime node --runtime-version 14 --functions-version 3 --name <FUNCIONAPP_NAME> --storage-account <STORAGE_NAME>

- > If you're running the function version other than v3.0, please check [Azure Functions runtime versions documentation](../azure-functions/functions-versions.md#languages) to set `--runtime-version` parameter to supported value.

- # [C#](#tab/csharp)

- az functionapp create --resource-group WebPubSubFunction --consumption-plan-location <REGION> --runtime dotnet --functions-version 3 --name <FUNCIONAPP_NAME> --storage-account <STORAGE_NAME>

- After you've successfully created your function app in Azure, you're now ready to deploy your local functions project by using the [func azure functionapp publish](./../azure-functions/functions-run-local.md) command.

-Set `Event Handler` in Azure Web PubSub service. Go to **Azure portal** -> Find your Web PubSub resource -> **Settings**. Add a new hub settings mapping to the one function in use as below. Replace the `<FUNCTIONAPP_NAME>` and `<APP_KEY>` to yours.

-> [!NOTE]

-> If you're running the functions in local. You can expose the function url with [ngrok](https://ngrok.com/download) by command `ngrok http 7071` after function start. And configure the Web PubSub service `Event Handler` with url: `https://<NGROK_ID>.ngrok.io/runtime/webhooks/webpubsub`.

-Go to **Azure portal** -> Find your Function App resource -> **Authentication**. Click **`Add identity provider`**. Set **App Service authentication settings** to **Allow unauthenticated access**, so you client index page can be visited by anonymous users before redirect to authenticate. Then **Save**.

-Here we choose `Microsoft` as identify provider which will use `x-ms-client-principal-name` as `userId` in the `negotiate` function. Besides, You can configure other identity providers following below links, and don't forget update the `userId` value in `negotiate` function accordingly.

-Now you're able to test your page from your function app: `https://<FUNCTIONAPP_NAME>.azurewebsites.net/api/index`. See snapshot below.

-In the message function, we will broadcast caller's message to all clients and return caller with message `[SYSTEM] ack`. So we can know in sample chat snapshot below, first 4 messages are from current client and last 2 messages are from another client.

-* [Azure Functions Core Tools](https://github.com/Azure/azure-functions-core-tools#installing) (v3 or higher preferred) to run Azure Function apps locally and deploy to Azure.

-# [C#](#tab/csharp)

-* [Azure Functions Core Tools](https://github.com/Azure/azure-functions-core-tools#installing) (v3 or higher preferred) to run Azure Function apps locally and deploy to Azure.

-* [Python](https://www.python.org/downloads/) (v3.6 ~ v3.9). See [supported Python versions](../azure-functions/functions-reference-python.md#python-version).

-* [Azure Functions Core Tools](https://github.com/Azure/azure-functions-core-tools#installing) (v3 or higher preferred) to run Azure Function apps locally and deploy to Azure.

- # [C#](#tab/csharp)

- # [C#](#tab/csharp)

- # [JavaScript](#tab/javascript)

- - Update `index/function.json` and copy following json codes.

- - Update `index/index.js` and copy following codes.

- # [C#](#tab/csharp)

- - Update `index.cs` and replace `Run` function with following codes.

- # [Python](#tab/python)

- - Update `index/function.json` and copy following json codes.

- - Update `index/__init__.py` and copy following codes.

- # [C#](#tab/csharp)

- - Update `negotiate.cs` and replace `Run` function with following codes.

- - Add below `using` statements in header to resolve required dependencies.

- using Microsoft.Azure.WebJobs.Extensions.WebPubSub;

- ```

- # [Python](#tab/python)

- - Update `negotiate/function.json` and copy following json codes.

- ```json

- "scriptFile": "__init__.py",

- "bindings": [

- {

- "authLevel": "anonymous",

- "type": "httpTrigger",

- "direction": "in",

- "name": "req"

- },

- {

- "type": "http",

- "direction": "out",

- "name": "$return"

- },

- {

- "type": "webPubSubConnection",

- "name": "connection",

- "hub": "notification",

- "direction": "in"

- }

- ]

- - Update `negotiate/__init__.py` and copy following codes.

- ```py

- import logging

- import azure.functions as func

- def main(req: func.HttpRequest, connection) -> func.HttpResponse:

- return func.HttpResponse(connection)

- ```

- # [C#](#tab/csharp)

- - Add below `using` statements in header to resolve required dependencies.

-6. Add the client single page `https://docsupdatetracker.net/index.html` in the project root folder and copy content as below.

- # [C#](#tab/csharp)

- Since C# project will compile files to a different output folder, you need to update your `*.csproj` to make the content page go with it.

- Run command below in the function folder to set the service connection string. Replace `<connection-string>` with your value as needed.

- Now you're able to run your local function by command below.

- func start

- > Some browers will automatically redirect to `https` that leads to wrong url. Suggest to use `Edge` and double check the url if rendering is not success.

-Before you can deploy your function code to Azure, you need to create 3 resources:

-Use the following commands to create these item.

-1. Create a resource group or you can skip by re-using the one of Azure Web PubSub service:

- az functionapp create --resource-group WebPubSubFunction --consumption-plan-location <REGION> --runtime node --runtime-version 14 --functions-version 3 --name <FUNCIONAPP_NAME> --storage-account <STORAGE_NAME>

- > If you're running the function version other than v3.0, please check [Azure Functions runtime versions documentation](../azure-functions/functions-versions.md#languages) to set `--runtime-version` parameter to supported value.

- # [C#](#tab/csharp)

- az functionapp create --resource-group WebPubSubFunction --consumption-plan-location <REGION> --runtime dotnet --functions-version 3 --name <FUNCIONAPP_NAME> --storage-account <STORAGE_NAME>

- az functionapp create --resource-group WebPubSubFunction --consumption-plan-location <REGION> --runtime python --runtime-version 3.9 --functions-version 3 --name <FUNCIONAPP_NAME> --os-type linux --storage-account <STORAGE_NAME>

- After you've successfully created your function app in Azure, you're now ready to deploy your local functions project by using the [func azure functionapp publish](../azure-functions/functions-run-local.md) command.

-**Domain** | DPM/MABS should be joined to a domain. Install first, and then join DPM/MABS to a domain. Moving DPM/MABS to a new domain after deployment isn't supported.

-Microsoft Azure & Azure Backup offer a comprehensive set of certifications and attestations that help organizations to comply with national, regional, and industry-specific requirements governing the collection and use of individuals' data.

-To help organizations comply with national, regional, and industry-specific requirements governing the collection and use of individuals' data, Microsoft Azure & Azure Backup offer a comprehensive set of certifications and attestations. [See the list of compliance certifications](compliance-offerings.md)

-| Asia | Hong Kong<br />Jakarta, Indonesia<br />Osaka, Japan<br />Tokyo, Japan<br />Singapore<br />Kaohsiung, Taiwan<br />Taipei, Taiwan <br />Manila, Philippines | Hong Kong<br />Indonesia<br />Israel<br />Japan<br />Macao<br />Malaysia<br />Philippines<br />Singapore<br />South Korea<br />Taiwan<br />Thailand<br />T├╝rkiye<br />Vietnam |

-## Stop Windows service

-| Supported OS Types | Windows |

-| Description | Uses the Windows Service Controller APIs to stop a Windows service during the fault, restarting it at the end of the duration or if the experiment is canceled. |

-| serviceName | The name of the Windows service you want to stop. You can run `sc.exe query` in command prompt to explore service names, Windows service friendly names aren't supported. |

-| Supported OS Types | Windows |

-| Prerequisites | Agent must be run as administrator. If the agent is installed as a VM extension, it runs as administrator by default. |

-| Supported OS Types | Windows |

-| Prerequisites | Agent must be run as administrator. If the agent is installed as a VM extension, it runs as administrator by default. |

-| Prerequisites | The target Azure Cache for Redis resource must be a Redis Cluster, which requires that the cache must be a Premium Tier cache. Standard and Basic Tiers aren't supported. |

-| shardId | The ID of the shard to be rebooted. |

-1. The VNet where Chaos Studio resources will be injected needs to have two subnets, named `ChaosStudioContainerSubnet` and `ChaosStudioRelaySubnet`. Other subnet names can't be used.

- 1. `ChaosStudioContainerSubnet` must be delegated to `Microsoft.ContainerInstance/containerGroups`.

-1. When enabling the desired resource as a target so you can use it in Chaos Studio experiments, the following properties must be set:

- 1. Set `properties.subnets.containerSubnetId` to the ID for `ChaosStudioContainerSubnet`.

- 1. Set `properties.subnets.relaySubnetId` to the ID for `ChaosStudioRelaySubnet`.

- - `ChaosStudioContainerSubnet`

- - `ChaosStudioRelaySubnet`

-The Chaos Studio API provides support for starting experiments programmatically. You can also use the armclient and the Azure CLI to execute these commands from the console. Examples below are for the Azure CLI.

-The Squall REST APIs can be used to start and stop experiments, query target status, query experiment status, and query and delete subscription configurations. The `AZ CLI` utility can be used to perform these actions from the command line.

-> To get more verbose output with the AZ CLI, append **--verbose** to the end of each command. This will return more metadata when commands execute, including **x-ms-correlation-request-id** which aids in debugging.

-#### Enumerate details about the Microsoft.Chaos Resource Provider

-#### List Chaos Provider Configurations

-#### Create Chaos Provider Configuration

-#### List All the Targets or Agents Under a Subscription

-#### Get an experiment configuration details by name

-#### Get statuses (History) of an experiment

-#### Cancel (Stop) an experiment

-| {experimentId} | Azure Resource Id for the experiment | Can be found in the [Chaos Studio Experiment Portal Blade](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.chaos%2Fchaosexperiments) |

-| {subscriptionId} | Subscription Id where the target resource is located | Can be found in the [Subscriptions Portal Blade](https://portal.azure.com/#blade/Microsoft_Azure_Billing/SubscriptionsBlade) |

-| {resourceGroupName} | Name of the resource group where the target resource is located | Can be fond in the [Resource Groups Portal Blade](https://portal.azure.com/#blade/HubsExtension/BrowseResourceGroups) |

-| {executionDetailsId} | Execution Id of an experiment execution | Can be found in the [Chaos Studio Experiment Portal Blade](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.chaos%2Fchaosexperiments) |

-* Requests that use the REST API for short audio and transmit audio directly can contain no more than 30 seconds of audio. The input [audio formats](#audio-formats) are more limited compared to the [Speech SDK](speech-sdk.md).

- * **Bashkir**. A Turkic language spoken by approximately 1.4 million native speakers. It has three dialect groups: Southern, Eastern, and Northwestern.

-### [Text and document translation support for two Kurdish dialects](https://www.microsoft.com/translator/blog/2020/08/20/translator-adds-two-kurdish-dialects-for-text-translation/)

-| Oriya | `or` | |

-| Oriya | `or` | 2022-10-01 |

-|Oriya|`or`| | |

-zone_pivot_groups: openai-quickstart

-You can also get more features by thinking of unexplored attributes that can be derived from information you already have. For example, in a fictitious movie list personalization, is it possible that a weekend vs weekday elicits different behavior from users? Time could be expanded to have a "weekend" or "weekday" attribute. Do national cultural holidays drive attention to certain movie types? For example, a "Halloween" attribute is useful in places where it's relevant. Is it possible that rainy weather has significant impact on the choice of a movie for many people? With time and place, a weather service could provide that information and you can add it as an extra feature.

-Closed captions are only available during the call or meeting for the participant that has selected to enable captions, ACS doesn't store these captions anywhere. Many countries and states have laws and regulations that apply to storing of data. It is your responsibility to use the closed captions in compliance with the law should you choose to store any of the data generated through closed captions. You must obtain consent from the parties involved in a manner that complies with the laws applicable to each participant.

-\* In some countries, number purchases are only allowed for own use. Reselling or suballcoating to another parties is not allowed. Due to this, purchases for CSP and LSP customers is not allowed.

-### Can I receive messages from any country on toll-free numbers?

-Toll-free numbers are not capable of sending or receiving messages to/from countries outside of US, CA, and PR.

-### Can I receive messages from any country on short codes?

-Short codes are domestic numbers and are not capable of sending or receiving messages to/from outside of the country it was registered for. *Example: US short code can only send and receive messages to/from US recipients.*

- 1. On the overview page, check that the value of **Object ID** is `8502a0ec-c76d-412f-836c-398018e2312b`.

-For more information, see a list of [all metrics supported in Azure Monitor](/azure/azure-monitor/platform/metrics-supported).

-1. Ask your onboarding team for the name of the Calling Profile that you must use for these test numbers. The name has the suffix `azcog`. This Calling Profile has been created for you during the Azure Communications Gateway deployment process.

-1. If you don't have the Azure Active Directory module installed, install it:

- ```azurepowershell

- Install-Module AzureAD

- ```

-1. If you didn't install the Azure Active Directory module as part of [1. Add the Project Synergy application to your Azure tenancy](#1-add-the-project-synergy-application-to-your-azure-tenancy), install it:

- ```azurepowershell

- Install-Module AzureAD

- ```

-Many countries have strict privacy laws about gathering and using data on peopleΓÇÖs presence and movements inside buildings. This may include data that is directly personally identifiable data from CCTV or security badge scans. Or, indirectly identifiable where different sets of sensor data could be considered personally identifiable when grouped together.

-"containers": [

- {

- "name": "main",

- "image": "[parameters('container_image')]",

- "env": [

- {

- "name": "HTTP_PORT",

- "value": "80"

- },

- {

- "name": "SECRET_VAL",

- "secretRef": "mysecret"

- }

- ],

- "resources": {

- "cpu": 0.5,

- "memory": "1Gi"

- },

- "volumeMounts": [

- {

- "mountPath": "/myfiles",

- "volumeName": "azure-files-volume"

- }

- ]

- "probes":[

- "type":"liveness",

- "httpGet":{

- "path":"/health",

- "port":8080,

- "httpHeaders":[

- {

- "name":"Custom-Header",

- "value":"liveness probe"

- }]

- "initialDelaySeconds":7,

- "periodSeconds":3

- },

- {

- "type":"readiness",

- "tcpSocket":

- {

- "port": 8081

- },

- "initialDelaySeconds": 10,

- "periodSeconds": 3

- },

- {

- "type": "startup",

- "httpGet": {

- "path": "/startup",

- {

- "name": "Custom-Header",

- "value": "startup probe"

- }]

- "initialDelaySeconds": 3,

- "periodSeconds": 3

- }]

-],

-In the Consumption plan, the total CPU and memory allocations requested for all the containers in a container app must add up to one of the following combinations.

-| vCPUs (cores) | Memory |

-|||

-| `0.25` | `0.5Gi` |

-| `0.5` | `1.0Gi` |

-| `0.75` | `1.5Gi` |

-| `1.0` | `2.0Gi` |

-| `1.25` | `2.5Gi` |

-| `1.5` | `3.0Gi` |

-| `1.75` | `3.5Gi` |

-| `2.0` | `4.0Gi` |

-Alternatively, the Consumption workload profile in the Consumption + Dedicated plan structure, the total CPU and memory allocations requested for all the containers in a container app must add up to one of the following combinations.

-| vCPUs (cores) | Memory |

-|||

-| `0.25` | `0.5Gi` |

-| `0.5` | `1.0Gi` |

-| `0.75` | `1.5Gi` |

-| `1.0` | `2.0Gi` |

-| `1.25` | `2.5Gi` |

-| `1.5` | `3.0Gi` |

-| `1.75` | `3.5Gi` |

-| `2.0` | `4.0Gi` |

-| `2.25` | `4.5Gi` |

-| `2.5` | `5.0Gi` |

-| `2.75` | `5.5Gi` |

-| `3.0` | `6.0Gi` |

-| `3.25` | `6.5Gi` |

-| `3.5` | `7.0Gi` |

-| `3.75` | `7.5Gi` |

-| `4.0` | `8.0Gi` |

-You can define multiple containers in a single container app to implement the [sidecar pattern](/azure/architecture/patterns/sidecar). The containers in a container app share hard disk and network resources and experience the same [application lifecycle](./application-lifecycle-management.md).

-Examples of sidecar containers include:

-To run multiple containers in a container app, add more than one container in the containers array of the container app template.

- "secrets": [

- {

- "name": "acr-password",

- "value": "my-acr-password"

- }

- ],

-...

- "registries": [

- {

- "server": "myacr.azurecr.io",

- "username": "someuser",

- "passwordSecretRef": "acr-password"

- }

- ]

-> If you're using [UDR With Azure Firewall](./networking.md#user-defined-routes-udrpreview), you will need to add the `AzureKeyVault` service tag and the *login.microsoft.com* FQDN to the allow list for your firewall. To learn more, see [configuring UDR with Azure Firewall](./networking.md#configuring-udr-with-azure-firewallpreview).

-UDR is only supported on the workload profiles architecture. For a guide on how to setup UDR with Container Apps to restrict outbound traffic with Azure Firewall, visit the [how to for Container Apps and Azure Firewall](./user-defined-routes.md).

-The following FQDNs and service tags must be added to the allowlist for your firewall depending on which resources you are using:

-> When using UDR with Azure Firewall in Azure Container Apps, you will need to add certain FQDN's and service tags to the allowlist for the firewall. For example, the FQDNs *mcr.microsoft.com* and **.data.mcr.microsoft.com* are required for all scenarios. To learn more, see [configuring UDR with Azure Firewall](./networking.md#configuring-udr-with-azure-firewallpreview).

-Always Encrypted is a feature designed to protect sensitive data, such as credit card numbers or national identification numbers (for example, U.S. social security numbers), stored in Azure Cosmos DB. Always Encrypted allows clients to encrypt sensitive data inside client applications and never reveal the encryption keys to the database.

- | [Azure Blob](connector-azure-blob-storage.md) | [Delimited text](format-delimited-text.md) | Account key authentication, shared access signature authentication, service principal authentication, managed identity authentication |

- | [Azure Data Lake Storage Gen2](connector-azure-data-lake-storage.md) | [Delimited text](format-delimited-text.md)<br/>[Parquet](format-parquet.md)<br/>[ORC](format-orc.md) | Account key authentication, service principal authentication, managed identity authentication |

- | [Azure Blob](connector-azure-blob-storage.md) | Account key authentication, managed identity authentication |

- | [Azure Data Lake Storage Gen2](connector-azure-data-lake-storage.md) | Account key authentication, managed identity authentication |

-SAP CDC datasets can be used as source in mapping data flow. The raw SAP ODP change feed is difficult to interpret and updating it correctly to a sink can be a challenge. Mapping data flow takes care of this complexity by automatically evaluating technical attributes that are provided by the ODP framework (like ODQ_CHANGEMODE). Users can therefore concentrate on the required transformation logic without having to bother with the internals of the SAP ODP change feed, the right order of changes, etc.

-## Current limitations

-Here are current limitations of the SAP CDC connector in Data Factory:

- |VM generation |Choose Gen 1 or Gen 2 as the generation of the image you'll use to create the VM. |

-* In lieu of using the provided AC/DC power supply, this system also has the option to use a field provided Type 2590 Battery. In this case, the end user shall verify that it meets all applicable safety, transportation, environmental, and any other national/local regulations.

-This device may operate in all member states of the EU. Observe national and local regulations where the device is used. This device is restricted to indoor use only when operating in the 5150-5350 MHz frequency range in the following countries:

-This device may operate in all member states of the EU. Observe national and local regulations where the device is used. This device is restricted to indoor use only when operating in the 5150 - 5350 MHz frequency range in the following countries:

-Azure DNS Private Resolver is available in the following regions:

-| Americas | Europe | Asia & Africa |

-|||-|

-| East US | West Europe | East Asia |

-| East US 2 | North Europe | Southeast Asia |

-| Central US | UK South | Japan East |

-| South Central US | France Central | Korea Central |

-| North Central US | Sweden Central | South Africa North|

-| West Central US | Switzerland North| Australia East |

-| West US 2 | | Central India |

-| West US 3 | | |

-| Canada Central | | |

-| Brazil South | | |

- 1. For **Serialization type**, pick **Avro** serialization format that applies to all schemas in the schema group. The **JSON** serialization is not supported yet.

- 1. Select a **compatibility mode** for all schemas in the group. For **Avro**, forward and backward compatibility modes are supported.

- 1. Then, select **Create** to create the schema group.

-> It can take several minutes for this to take effect. Run the following Azure PowerShell command to see the `ResistratonState`:

->When the `ResistratonState` is *Registered*, consider performing an update on Azure Firewall for the change to take effect immediately.

-* [HDInsight 4.0 deep dive](https://azure.microsoft.com/blog/deep-dive-into-azure-hdinsight-4-0/)

-description: Learn how to use CalculatedContent mappings with the MedTech service device mappings.

-# How to use CalculatedContent mappings

-description: This article describes how to use custom functions with MedTech service device mappings.

-# How to use custom functions with device mappings

-Many functions are available when using **JMESPath** as the expression language. Besides the functions available as part of the JMESPath specification, many more custom functions may also be used. This article describes the MedTech service-specific custom functions for use with the MedTech service [device mapping](overview-of-device-mapping.md) during the device message [normalization](overview-of-device-data-processing-stages.md#normalize) process.

-The signature indicates the valid types for the arguments. If an invalid type is passed in for an argument, an error will occur.

-> [!NOTE]

-> When math-related functions are done, the end result **must** be able to fit within a [C# long](/dotnet/csharp/language-reference/builtin-types/integral-numeric-types#characteristics-of-the-integral-types) value. If the end result is unable to fit within a C# long value, then a mathematical error will occur.

-Exceptions may occur at various points within the event processing lifecycle. Here are the various points where they can occur:

-|Action|When|Exceptions that may occur during template parsing|Outcome|

-||-|-|-|

-|**Template parsing**|Each time a new batch of messages is received the Device mapping template is loaded and parsed.|Failure to parse the template.|System will attempt to reload and parse the latest device mapping template until parsing succeeds. No new messages will be processed until parsing is successful.|

-|**Template parsing**|Each time a new batch of messages is received the Device mapping template is loaded and parsed.|Failure to parse any expressions.|System will attempt to reload and parse the latest device mapping template until parsing succeeds. No new messages will be processed until parsing is successful.|

-|**Function Execution**|Each time a function is executed against data within a message.|Input data doesn't match that of the function signature.|System stops processing that message. The message isn't retried.|

-|**Function execution**|Each time a function is executed against data within a message.|Any other exceptions listed in the description of the function.|System stops processing that message. The message isn't retried.|

-Returns the result of adding the left argument to the right.

-Returns the result of dividing the left argument by the right.

-Returns the result of multiplying the left argument with the right.

-Returns the result of raising the left argument to the power of the right.

-Returns the result of subtracting the right argument from the left.

-Produces a new string by inserting the value of *toInsert* into the string *original*. The string will be inserted at position *pos* within the string *original*.

-If the positional argument provided is out of range of the length of *original*, then an error will occur.

-> See the MedTech service article [Troubleshoot MedTech service errors](troubleshoot-errors.md) for assistance fixing MedTech service errors.

-In this article, you learned how to use the MedTech service custom functions with the device mappings.

-To learn how to configure the MedTech service device mappings, see

-description: This article describes how to use IotJsonPathContent mappings with the MedTech service device mappings.

-# How to use IotJsonPathContent mappings

-## IotJsonPathContent

- openssl x509 -in certs\iot-device-<device name>-primary.cert.pem -text -thumbprint

-The Azure Internet of Things (IoT) is a collection of Microsoft-managed cloud services that let you connect, monitor, and control your IoT assets at scale. In simpler terms, an IoT solution is made up of IoT devices that communicate with cloud services.

-To learn more, see [IoT device development](iot-overview-device-development.md).

-Typically, IoT devices send telemetry from the sensors to cloud services in your solution. However, other types of communication are possible such as a cloud service sending commands to your devices. The following are some examples of device-to-cloud and cloud-to-device communication:

-* A device sends alerts based on the values read from its sensors. For example, a device monitoring a batch reactor in a chemical plant, sends an alert when the temperature exceeds a certain value.

-* Your devices send information to display on a dashboard for viewing by human operators. For example, a control room in a refinery may show the temperature, pressure, and flow volumes in each pipe, enabling operators to monitor the facility.

-The [IoT Device SDKs](../iot-hub/iot-hub-devguide-sdks.md) and IoT Hub support common [communication protocols](../iot-hub/iot-hub-devguide-protocols.md) such as HTTP, MQTT, and AMQP.

-IoT devices have different characteristics when compared to other clients such as browsers and mobile apps. The device SDKs help you address the challenges of connecting devices securely and reliably to your cloud services. Specifically, IoT devices:

-To learn more, see [Device infrastructure and connectivity](iot-overview-device-connectivity.md).

-* Receive telemetry at scale from your devices, and determining how to process and store that data.

-* Send commands from the cloud to a specific device.

-* Provision devices and controlling which devices can connect to your infrastructure.

-* Control the state of your devices and monitoring their activities.

-For example, in a remote monitoring solution for an oil pumping station, the services use telemetry from the pumps to identify anomalous behavior. When a cloud service identifies an anomaly, it can automatically send a command back to the device to take a corrective action. This process generates an automated feedback loop between the device and the cloud that greatly increases the solution efficiency.

-Some cloud services, such as IoT Hub and the Device Provisioning Service, are IoT specific. Other cloud services can provide generic services to your solution such as storage and visualizations.

-Any IoT solution has to address the following solution-wide concerns:

-* Solution management including deployment and monitoring.

-# As a solution builder, I want a high-level overview of the options for extensing an IoT solution so that I can easily find relevant content for my scenario.

-* Use Azure IoT platform services such as [Azure IoT Hub](../iot-hub/about-iot-hub.md) and the [Azure IoT device SDKs](../iot-hub/iot-hub-devguide-sdks.md) to build a custom IoT solution from scratch.

-

-## Azure IoT Central

-[IoT Central](https://apps.azureiotcentral.com) is an IoT application platform as a service (aPaaS) that reduces the burden and cost of developing, managing, and maintaining IoT solutions. Use IoT Central to quickly evaluate your IoT scenario and assess the opportunities it can create for your business. IoT Central streamlines the development of a complex and continually evolving IoT infrastructure by letting you to focus on determining the business impact you can create with your IoT data.

-The web UI lets you quickly connect devices, monitor device conditions, create rules, and manage devices and their data throughout their life cycle. Furthermore, it enables you to act on device insights by extending IoT intelligence into line-of-business applications. Once you've used IoT Central to evaluate your IoT scenario, you can then build your enterprise ready solutions by using the power of Azure IoT platform.

-Choose devices from the [Azure Certified for IoT device catalog](https://devicecatalog.azure.com) to quickly connect to your solution. Use the IoT Central web UI to monitor and manage your devices to keep them healthy and connected. Use connectors and APIs to integrate your IoT Central application with other business applications.

-As a fully managed application platform, IoT Central has a simple, predictable pricing model.

-## Custom solutions

-To build an IoT solution from scratch, use one or more of the following Azure IoT technologies and

-### Devices

-Develop your IoT devices using one of the [Azure IoT Starter Kits](/samples/azure-samples/azure-iot-starter-kits/azure-iot-starter-kits/) or choose a device to use from the [Azure Certified for IoT device catalog](https://devicecatalog.azure.com). Implement your embedded code using the open-source [device SDKs](../iot-hub/iot-hub-devguide-sdks.md). The device SDKs support multiple operating systems, such as Linux, Windows, and real-time operating systems. There are SDKs for multiple programming languages, such as [C](https://github.com/Azure/azure-iot-sdk-c), [Node.js](https://github.com/Azure/azure-iot-sdk-node), [Java](https://github.com/Azure/azure-iot-sdk-java), [.NET](https://github.com/Azure/azure-iot-sdk-csharp), and [Python](https://github.com/Azure/azure-iot-sdk-python).

-You can further simplify how you create the embedded code for your devices by following the [IoT Plug and Play](../iot-develop/overview-iot-plug-and-play.md) conventions. IoT Plug and Play enables solution developers to integrate devices with their solutions without writing any embedded code. At the core of IoT Plug and Play, is a _device capability model_ schema that describes device capabilities. Use the device capability model to generate your embedded device code and configure a cloud-based solution such as an IoT Central application.

-[Azure IoT Edge](../iot-edge/about-iot-edge.md) lets you offload parts of your IoT workload from your Azure cloud services to your devices. IoT Edge can reduce latency in your solution, reduce the amount of data your devices exchange with the cloud, and enable off-line scenarios. You can manage IoT Edge devices from IoT Central.

-[Azure Sphere](/azure-sphere/product-overview/what-is-azure-sphere) is a secured, high-level application platform with built-in communication and security features for internet-connected devices. It includes a secured microcontroller unit, a custom Linux-based operating system, and a cloud-based security service that provides continuous, renewable security.

-IoT devices typically generate large amounts of time series data, such as temperature readings from sensors. [Azure Time Series Insights](../time-series-insights/time-series-insights-overview.md) can connect to an IoT hub, read the telemetry stream from your devices, store that data, and enable you to query and visualize it.

-description: Guidance on using platform services and a managed app platform when you're evaluating and building an IoT solution. Platform services, such as IoT Hub and Digital Twins, are building blocks for your IoT solutions. A managed app platform, such as IoT Central, lets you quickly get started evaluating an IoT solution.

-# What is the right IoT solution for your business?

-To build an IoT solution for your business, you typically evaluate your solution by using the *managed app platform* approach and build your enterprise solution by using the *platform services*.

-Platform services provide all the building blocks for customized and flexible IoT applications. You have more options to choose and code when you connect devices, and ingest, store, and analyze your data. Azure IoT platform services include the products Azure IoT Hub and Azure Digital Twins.

-A managed app platform lets you quickly evaluate your IoT solution by reducing the number of decisions needed to achieve results. The managed app platform takes care of most infrastructure elements in your solution, so you can focus on adding industry knowledge, and evaluating the solution. Azure IoT Central is a managed app platform.

-## Management

-The platform services give you full control over the underlying services in your solution. For example:

-A managed app platform lets you take advantage of a platform that handles the security and management of your IoT applications and devices.

-## Control

-Platform services let you fully customize and control the solution architecture.

-A managed app platform lets you customize branding, dashboards, user roles, devices, and telemetry. However, you don't handle the underlying IoT system management.

-## Pricing

-Platform services let you fine-tune services and control overall costs.

-A managed app platform gives you a simple, predictable pricing structure.

-## Summary

-Platform services approach let you:

-A managed app platform is useful when you're evaluating an IoT solution and:

-## Next steps

-For a more comprehensive explanation of the different services and platforms, and how they're used, see [Azure IoT services and technologies](iot-services-and-technologies.md).

-To learn more about the key attributes of successful IoT solutions, see the [8 attributes of successful IoT solutions](https://aka.ms/8attributes) white paper.

-For an in-depth discussion of IoT architecture, see the [Microsoft Azure IoT Reference Architecture](/azure/architecture/reference-architectures/iot).

-To learn about the device migration tool, see [Migrate devices from Azure IoT Central to Azure IoT Hub](../iot-central/core/howto-migrate-to-iot-hub.md).

-If you choose to install and use PowerShell locally, you need Azure AZ PowerShell module 1.0.0 or later to complete the procedures here. Type `$PSVersionTable.PSVersion` to determine the version. If you need to upgrade, see [Install Azure AZ PowerShell module](/powershell/azure/install-az-ps). If you're running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure:

-Login-AzAccount

-If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-az-ps). If you are running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.

-Login-AzAccount

- Login-AzAccount

-In this quickstart, you create a key vault with [Azure PowerShell](/powershell/azure/). If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-az-ps). If you are running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.

-Login-AzAccount

-If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-az-ps). If you're running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.

-Login-AzAccount

-If you do not have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.

-The service is available in limited regions ΓÇô To learn more about availability, please see [Azure Dedicated HSM purchase options](https://azure.microsoft.com/pricing/details/azure-dedicated-hsm).

-If you choose to install and use PowerShell locally, this tutorial requires Azure PowerShell module version 1.0.0 or later. Type `$PSVersionTable.PSVersion` to find the version. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-az-ps). If you are running PowerShell locally, you also need to run `Login-AzAccount` to create a connection with Azure.

-Login-AzAccount

-New-AzKeyVaultManagedHsm -Name "<your-unique-managed-hsm-name>" -ResourceGroupName "myResourceGroup" -Location "eastus2" -Administrator "<your-principal-ID>"

-When defining an authorization, each user account must be assigned one of the [Azure built-in roles](../../role-based-access-control/built-in-roles.md). Custom roles and [classic subscription administrator roles](../../role-based-access-control/classic-administrators.md) are not supported.

-In some cases, a role that had previously been supported with Azure Lighthouse may become unavailable. For example, if the [`DataActions`](../../role-based-access-control/role-definitions.md#dataactions) permission is added to a role that previously didn't have that permission, that role can no longer be used when onboarding new delegations. Users who had already been assigned the role will still be able to work on previously delegated resources, but they won't be able to perform tasks that use the [`DataActions`](../../role-based-access-control/role-definitions.md#dataactions) permission.

-> When assigning roles, be sure to review the [actions](../../role-based-access-control/role-definitions.md) specified for each role. In some cases, even though roles with [`DataActions`](../../role-based-access-control/role-definitions.md#dataactions) permission are not supported, the actions included in a role may allow access to data, where data is exposed through access keys and not accessed via the user's identity. For example, the [Virtual Machine Contributor](../../role-based-access-control/built-in-roles.md) role includes the `Microsoft.Storage/storageAccounts/listKeys/action` action, which returns storage account access keys that could be used to retrieve certain customer data.

-> [!NOTE]

-> As soon as a new applicable built-in role is added to Azure, it can be assigned when [onboarding a customer using Azure Resource Manager templates](../how-to/onboard-customer.md). There may be a delay before the newly-added role becomes available in Partner Center when [publishing a managed service offer](../how-to/publish-managed-services-offers.md). Similarly, if a role becomes unavailable, you may still see it in Partner Center for a period of time; however, you won't be able to publish new offers using such roles.

-If a subscription is [transferred to another Azure AD tenant account](../../cost-management-billing/manage/billing-subscription-transfer.md#transfer-a-subscription-to-another-azure-ad-tenant-account), the [registration definition and registration assignment resources](architecture.md#delegation-resources-created-in-the-customer-tenant) created through the [Azure Lighthouse onboarding process](../how-to/onboard-customer.md) will be preserved. This means that access granted through Azure Lighthouse to managing tenants will remain in effect for that subscription (or for delegated resource groups within that subscription).

-The only exception is if the subscription is transferred to an Azure AD tenant to which it had been previously delegated. In this case, the delegation resources for that tenant are removed and the access granted through Azure Lighthouse will no longer apply, since the subscription now belongs directly to that tenant (rather than being delegated to it through Azure Lighthouse). However, if that subscription had also been delegated to other managing tenants, those other managing tenants will retain the same access to the subscription.

->[!IMPORTANT]

->Load Balancer health probes originate from the IP address 168.63.129.16 and must not be blocked for probes to mark your instance as up. Review [probe source IP address](#probe-source-ip-address) for details. To see this probe traffic within your backend instance, review [the Azure Load Balancer FAQ](./load-balancer-faqs.yml).

->

->

->Regardless of configured time-out threshold, HTTP(S) load balancer health probes will automatically mark the instance as down if the server returns any status code that isn't HTTP 200 OK or if the connection is terminated via TCP reset.

-* Duration of the interval between individual probes

-* Protocol

-* Port

-* HTTP path to use for HTTP GET when using HTTP(S) probes

->[!NOTE]

->A probe definition is not mandatory or checked for when using Azure PowerShell, Azure CLI, Templates or API. Probe validation tests are only done when using the Azure Portal.

-For example, a health probe set to five seconds. The time at which a probe is sent isn't synchronized with when your application may change state. The total time it takes for your health probe to reflect your application state can fall into one of the two following scenarios:

-For this example, once detection has occurred, the platform takes a small amount of time to react to the change.

-The reaction depends on:

->[!NOTE]

->The health probe will probe all running instances in the backend pool. If an instance is stopped it will not be probed until it has been started again.

-* TCP listeners

-* HTTP endpoints

-* HTTPS endpoints

-The available protocols depend on the load balancer SKU used:

-The minimum probe interval is 5 seconds and canΓÇÖt exceed 120 seconds.

->[!NOTE]

->HTTPS probe is only available for [Standard Load Balancer](./load-balancer-overview.md).

-HTTP and HTTPS probes build on the TCP probe and issue an HTTP GET with the specified path. Both of these probes support relative paths for the HTTP GET. HTTPS probes are the same as HTTP probes with the addition of a Transport Layer Security (TLS). The health probe is marked up when the instance responds with an HTTP status 200 within the timeout period. The health probe attempts to check the configured health probe port every 15 seconds by default. The minimum probe interval is 5 seconds and canΓÇÖt exceed 120 seconds.

-> [!NOTE]

-> The HTTPS probe requires the use of certificates based that have a minimum signature hash of SHA256 in the entire chain.

-If you use Cloud Services and have web roles that use w3wp.exe, you achieve automatic monitoring of your website. Failures in your website code return a non-200 status to the load balancer probe.

-> [!NOTE]

-> If the health probe fluctuates, the load balancer waits longer before it puts the backend endpoint back in the healthy state. This extra wait time protects the user and the infrastructure and is an intentional policy.

-`Holiday`| String feature that specifies whether a date is a regional or national holiday. Days within some range of a holiday are also marked.

-target: https://<mybucket>.amazonaws.com # add the s3 bucket details

-target = "https://<mybucket>.amazonaws.com" # add the s3 bucket details

-wps_connection = WorkspaceConnection(name=name,

-Azure Machine Learning managed online endpoints have limits described in the following table.

-| **Resource** | **Limit** |

-| | |

-| Endpoint name| Endpoint names must <li> Begin with a letter <li> Be 3-32 characters in length <li> Only consist of letters and numbers ¹ |

-| Deployment name| Deployment names must <li> Begin with a letter <li> Be 3-32 characters in length <li> Only consist of letters and numbers ¹ |

-| Number of endpoints per subscription | 50 |

-| Number of deployments per subscription | 200 |

-| Number of deployments per endpoint | 20 |

-| Number of instances per deployment | 20 ² |

-| Max request time-out at endpoint level | 90 seconds |

-| Total requests per second at endpoint level for all deployments | 500 ³ |

-| Total connections per second at endpoint level for all deployments | 500 ³ |

-| Total connections active at endpoint level for all deployments | 500 ³ |

-| Total bandwidth at endpoint level for all deployments | 5 MBPS ³ |

-Bing collects data from multiple trusted, reliable sources, including the [World Health Organization (WHO)](https://www.who.int/emergencies/diseases/novel-coronavirus-2019), [Centers for Disease Control and Prevention (CDC)](https://www.cdc.gov/coronavirus/2019-ncov/https://docsupdatetracker.net/index.html), national and state public health departments, [BNO News](https://bnonews.com/index.php/2020/04/the-latest-coronavirus-cases/), [24/7 Wall St.](https://247wallst.com/), and [Wikipedia](https://en.wikipedia.org/wiki/2019%E2%80%9320_coronavirus_pandemic).

-| Hong Kong | [Colt](https://www.colt.net/product/cloud-prioritisation/), [Singtel](https://www.singtel.com/business/campaign/singnet-cloud-connect-microsoft-direct), [Vodafone](https://www.vodafone.com/business/solutions/fixed-connectivity/internet-services#solutions) |

-Customers experience an increasing demand for highly secure and compliant solutions as they face data breaches along with requests from governments to access online customer information. Important regulatory requirements such as the [General Data Protection Regulation (GDPR)](/compliance/regulatory/gdpr) or [Sarbanes-Oxley (SOX)](/compliance/regulatory/offering-sox) make selecting cloud services that help customers achieve trust, transparency, security, and compliance essential. To help customers achieve compliance with national, regional, and industry specific regulations and requirements Azure Database for PostgreSQL - Flexible Server build upon Microsoft AzureΓÇÖs compliance offerings to provide the most rigorous compliance certifications to customers at service general availability.

- Azure Database for PostgreSQL - Flexible Server has achieved a comprehensive set of national, regional, and industry-specific compliance certifications in our Azure public cloud to help you comply with requirements governing the collection and use of your data.

-* General availability: [Power BI integration](./connect-with-power-bi-desktop.md) for Azure Database for PostgreSQL ΓÇô Flexible Server.

- |The [region code name](region-code-names.md) of the region in which you deployed the private mobile network. For the East US region, this is *eastus*; for West Europe, this is *westeurope*. </br></br>You only need to collect this value if you're going to create your site using an ARM template. |Not applicable.|

- |The region in which you're deploying the private mobile network. This can be the East US or the West Europe region. |**Instance details: Region**|

-|The region in which the Azure resources are deployed. This must match the region into which the mobile network will be deployed, which must be one of the regions supported by AP5GC: **EastUS** or **WestEurope**.</br></br>This value must be the [region's code name](region-code-names.md); see [Products available by region](https://azure.microsoft.com/explore/global-infrastructure/products-by-region/) for a list of supported regions. |**LOCATION**|

-Alternatively, you can perform a full reset using the **Device Reset** blade in the local UI (see [Azure Stack Edge device reset and reactivation](/azure/databox-online/azure-stack-edge-reset-reactivate-device)) and then restart this procedure. In this case, you should also [delete any associated resources](/azure/databox-online/azure-stack-edge-return-device?tabs=azure-portal) left in the Azure Portal after completing the Azure Stack Edge reset. This will include some or all of the following, depending on how far through the process you are:

- - **Location:** enter the [code name](region-code-names.md) of the region in which you deployed the private mobile network. For the East US region, this is *eastus*; for West Europe, this is *westeurope*.

- | **Location** | Enter the [code name](region-code-names.md) of the region in which you deployed the private mobile network. For the East US region, this is *eastus*; for West Europe, this is *westeurope*. |

- | **Region** | Select **East US**. |

- | **Location** | Enter *eastus*. |

-Azure Private 5G Core is an Azure cloud service for deploying and managing 5G core network functions on an Azure Stack Edge device, as part of an on-premises private mobile network for enterprises. This quickstart describes how to use an Azure CLI to deploy the following.

-Azure Private 5G Core is an Azure cloud service for deploying and managing 5G core network functions on an Azure Stack Edge device, as part of an on-premises private mobile network for enterprises. This quickstart describes how to use an Azure PowerShell to deploy the following.

-Your RAN will transmit a Public Land Mobile Network Identity (PLMN ID) to all UEs on the frequency band it is configured to use. You should define the PLMN ID and confirm your access to spectrum. In some countries, spectrum must be obtained from the national regulator or incumbent telecommunications operator. For example, if you're using the band 48 Citizens Broadband Radio Service (CBRS) spectrum, you may need to work with your RAN partner to deploy a Spectrum Access System (SAS) domain proxy on the enterprise site so that the RAN can continuously check that it is authorized to broadcast.

- - **Location:** enter the [code name](region-code-names.md) of the region in which you deployed the private mobile network. For the East US region, this is *eastus*; for West Europe, this is *westeurope*.

-Azure Private 5G Core is currently available in the EastUS and WestEurope regions.

-To view all regions that support Azure Private 5G Core, see [Products available by region](https://azure.microsoft.com/explore/global-infrastructure/products-by-region/).

- |**Top classifications for files** |Shows the top classifications applied to files in your data, such as credit card numbers or national identification numbers. |

-> The collection_id is the identification for the collection, not the name. For the root collection, the collection_id will be the name of the root collection, but for all sub-collections it is a 5-character ID that can be found in one of two places:

-SAP managed workload should run in the same [Azure region](https://azure.microsoft.com/global-infrastructure/geographies/) as customerΓÇÖs central infrastructure and applications accessing it. Virtual network peering can be set up within the same region as your SAP managed environment, but also through [global virtual network peering](../../virtual-network/virtual-network-peering-overview.md) between any two Azure regions. With SAP RISE/ECS available in many Azure regions, the region should match with workload running in customer vnets due to latency and vnet peering cost considerations. However, some of the scenarios (for example, central S/4HANA deployment for a multi-national, globally presented company) also require to peer networks globally.

-| [**Azure RBAC support (data plane)**](search-security-rbac.md) | Security | Use new built-in roles to control access to indexes and indexing, eliminating or reducing the dependency on API keys. | Public preview. Use the Azure portal or the Management REST API version 2021-04-01-Preview to configure a search service for data plane authentication. Announced in July 2021. |

-| Azure role-based access control | [**RBAC for data plane (preview)**](search-security-rbac.md) refers to the assignment of roles to users and groups in Azure Active Directory to control access to search content and operations. |

-+ Write permissions on the search service. Permission can be granted through an [admin API key](search-security-api-keys.md) on the request. Alternatively, if you're participating in the [role-based access control public preview](search-security-rbac.md), you can issue your request as a member of the Search Contributor role.

-| **Steps** | Always Encrypted is a feature designed to protect sensitive data, such as credit card numbers or national identification numbers (e.g. U.S. social security numbers), stored in Azure SQL Database or SQL Server databases. Always Encrypted allows clients to encrypt sensitive data inside client applications and never reveal the encryption keys to the Database Engine (SQL Database or SQL Server). As a result, Always Encrypted provides a separation between those who own the data (and can view it) and those who manage the data (but should have no access) |

-| Azure SQL Database for PostgreSQL | Yes | Yes | - |

-Ransomware and extortion are a high profit, low-cost business, which has a debilitating impact on targeted organizations, national security, economic security, and public health and safety. What started as simple, single-PC ransomware has grown to include a variety of extortion techniques directed at all types of corporate networks and cloud platforms.

-| [Azure SQL Always Encrypted](/sql/relational-databases/security/encryption/always-encrypted-database-engine)|Protects sensitive data, such as credit card numbers or national identification numbers (for example, U.S. social security numbers), stored in Azure SQL Database, Azure SQL Managed Instance, and SQL Server databases. |

-[Follow the instructions](https://docs.pulsesecure.net/WebHelp/Content/PCS/PCS_AdminGuide_8.2/Configuring Syslog.htm) to enable syslog streaming of Pulse Connect Secure logs. Use the IP address or hostname for the Linux device with the Linux agent installed as the Destination IP address.

-SAP S/4HANA and SAP are trademarks or registered trademarks of SAP SE or its affiliates in Germany and in other countries. 

-| [.NET](/dotnet/api/azure.storage.blobs) | 12.15.0-beta.1 |

-| [Java](/java/api/overview/azure/storage-blob-readme) | 12.15.0-beta.1 |

-| [Python](/python/api/azure-storage-blob/) | 12.15.0b1 |

-| [JavaScript](/javascript/api/preview-docs/@azure/storage-blob/) | 12.13.0-beta.1 |

-Object replication incurs additional costs on read and write transactions against the source and destination accounts, as well as egress charges for the replication of data from the source account to the destination account and read charges to process change feed.

-# Migrate an application to use passwordless connections with Azure Storage

-Application requests to Azure Storage must be authenticated using either account access keys or passwordless connections. However, you should prioritize passwordless connections in your applications when possible. Traditional authentication methods that use passwords or secret keys create security risks and complications. Visit the [passwordless connections for Azure services](/azure/developer/intro/passwordless-overview) hub to learn more about the advantages of moving to passwordless connections.

-The following tutorial explains how to migrate an existing application to connect to Azure Storage to use passwordless connections instead of a key-based solution. These same migration steps should apply whether you're using access keys directly, or through connection strings.

-description: Read a summary of compliance offerings on Azure Storage for national, regional, and industry-specific requirements governing the collection and usage of data.

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-You can use NuGet to obtain the packages. Follow these steps:

-1. In **Solution Explorer**, right-click your project and choose **Manage NuGet Packages**.

-1. In **NuGet Package Manager**, select **Browse**. Then search for and choose **Microsoft.Azure.Storage.Blob**, and then select **Install**.

- This step installs the package and its dependencies.

-1. Search for and install these packages:

- - **Microsoft.Azure.Storage.Common**

- - **Microsoft.Azure.Storage.File**

- - **Microsoft.Azure.ConfigurationManager**

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-Replace `myaccount` with your storage account name and `StorageAccountKeyEndingIn==` with your storage account key.

-```xml

-<?xml version="1.0" encoding="utf-8" ?>

-<configuration>

- <startup>

- <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />

- </startup>

- <appSettings>

- <add key="StorageConnectionString"

- value="DefaultEndpointsProtocol=https;AccountName=myaccount;AccountKey=StorageAccountKeyEndingIn==" />

- </appSettings>

-</configuration>

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-using Microsoft.Azure; // Namespace for Azure Configuration Manager

-using Microsoft.Azure.Storage; // Namespace for Storage Client Library

-using Microsoft.Azure.Storage.Blob; // Namespace for Azure Blobs

-using Microsoft.Azure.Storage.File; // Namespace for Azure Files

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-Next, add the following content to the `Main()` method, after the code shown above, to retrieve the connection string. This code gets a reference to the file we created earlier and outputs its contents.

-```csharp

-// Create a CloudFileClient object for credentialed access to Azure Files.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Get a reference to the file share we created previously.

-CloudFileShare share = fileClient.GetShareReference("logs");

-// Ensure that the share exists.

-if (share.Exists())

-{

- // Get a reference to the root directory for the share.

- CloudFileDirectory rootDir = share.GetRootDirectoryReference();

- // Get a reference to the directory we created previously.

- CloudFileDirectory sampleDir = rootDir.GetDirectoryReference("CustomLogs");

- // Ensure that the directory exists.

- if (sampleDir.Exists())

- {

- // Get a reference to the file we created previously.

- CloudFile file = sampleDir.GetFileReference("Log1.txt");

- // Ensure that the file exists.

- if (file.Exists())

- {

- // Write the contents of the file to the console window.

- Console.WriteLine(file.DownloadTextAsync().Result);

- }

- }

-}

-```

-Run the console application to see the output.

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-// Parse the connection string for the storage account.

-CloudStorageAccount storageAccount = CloudStorageAccount.Parse(

- Microsoft.Azure.CloudConfigurationManager.GetSetting("StorageConnectionString"));

-// Create a CloudFileClient object for credentialed access to Azure Files.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Get a reference to the file share we created previously.

-CloudFileShare share = fileClient.GetShareReference("logs");

-// Ensure that the share exists.

-if (share.Exists())

-{

- // Check current usage stats for the share.

- // Note that the ShareStats object is part of the protocol layer for the File service.

- Microsoft.Azure.Storage.File.Protocol.ShareStats stats = share.GetStats();

- Console.WriteLine("Current share usage: {0} GiB", stats.Usage.ToString());

- // Specify the maximum size of the share, in GiB.

- // This line sets the quota to be 10 GiB greater than the current usage of the share.

- share.Properties.Quota = 10 + stats.Usage;

- share.SetProperties();

- // Now check the quota for the share. Call FetchAttributes() to populate the share's properties.

- share.FetchAttributes();

- Console.WriteLine("Current share quota: {0} GiB", share.Properties.Quota);

-}

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-You can also create a stored access policy on a file share to manage shared access signatures. We recommend creating a stored access policy because it lets you revoke the SAS if it becomes compromised. The following example creates a stored access policy on a share. The example uses that policy to provide the constraints for a SAS on a file in the share.

-```csharp

-// Parse the connection string for the storage account.

-CloudStorageAccount storageAccount = CloudStorageAccount.Parse(

- Microsoft.Azure.CloudConfigurationManager.GetSetting("StorageConnectionString"));

-// Create a CloudFileClient object for credentialed access to Azure Files.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Get a reference to the file share we created previously.

-CloudFileShare share = fileClient.GetShareReference("logs");

-// Ensure that the share exists.

-if (share.Exists())

-{

- string policyName = "sampleSharePolicy" + DateTime.UtcNow.Ticks;

- // Create a new stored access policy and define its constraints.

- SharedAccessFilePolicy sharedPolicy = new SharedAccessFilePolicy()

- {

- SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24),

- Permissions = SharedAccessFilePermissions.Read | SharedAccessFilePermissions.Write

- };

- // Get existing permissions for the share.

- FileSharePermissions permissions = share.GetPermissions();

- // Add the stored access policy to the share's policies. Note that each policy must have a unique name.

- permissions.SharedAccessPolicies.Add(policyName, sharedPolicy);

- share.SetPermissions(permissions);

- // Generate a SAS for a file in the share and associate this access policy with it.

- CloudFileDirectory rootDir = share.GetRootDirectoryReference();

- CloudFileDirectory sampleDir = rootDir.GetDirectoryReference("CustomLogs");

- CloudFile file = sampleDir.GetFileReference("Log1.txt");

- string sasToken = file.GetSharedAccessSignature(null, policyName);

- Uri fileSasUri = new Uri(file.StorageUri.PrimaryUri.ToString() + sasToken);

- // Create a new CloudFile object from the SAS, and write some text to the file.

- CloudFile fileSas = new CloudFile(fileSasUri);

- fileSas.UploadText("This write operation is authorized via SAS.");

- Console.WriteLine(fileSas.DownloadText());

-}

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-// Parse the connection string for the storage account.

-CloudStorageAccount storageAccount = CloudStorageAccount.Parse(

- Microsoft.Azure.CloudConfigurationManager.GetSetting("StorageConnectionString"));

-// Create a CloudFileClient object for credentialed access to Azure Files.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Get a reference to the file share we created previously.

-CloudFileShare share = fileClient.GetShareReference("logs");

-// Ensure that the share exists.

-if (share.Exists())

-{

- // Get a reference to the root directory for the share.

- CloudFileDirectory rootDir = share.GetRootDirectoryReference();

- // Get a reference to the directory we created previously.

- CloudFileDirectory sampleDir = rootDir.GetDirectoryReference("CustomLogs");

- // Ensure that the directory exists.

- if (sampleDir.Exists())

- {

- // Get a reference to the file we created previously.

- CloudFile sourceFile = sampleDir.GetFileReference("Log1.txt");

- // Ensure that the source file exists.

- if (sourceFile.Exists())

- {

- // Get a reference to the destination file.

- CloudFile destFile = sampleDir.GetFileReference("Log1Copy.txt");

- // Start the copy operation.

- destFile.StartCopy(sourceFile);

- // Write the contents of the destination file to the console window.

- Console.WriteLine(destFile.DownloadText());

- }

- }

-}

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-// Parse the connection string for the storage account.

-CloudStorageAccount storageAccount = CloudStorageAccount.Parse(

- Microsoft.Azure.CloudConfigurationManager.GetSetting("StorageConnectionString"));

-// Create a CloudFileClient object for credentialed access to Azure Files.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Create a new file share, if it does not already exist.

-CloudFileShare share = fileClient.GetShareReference("sample-share");

-share.CreateIfNotExists();

-// Create a new file in the root directory.

-CloudFile sourceFile = share.GetRootDirectoryReference().GetFileReference("sample-file.txt");

-sourceFile.UploadText("A sample file in the root directory.");

-// Get a reference to the blob to which the file will be copied.

-CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();

-CloudBlobContainer container = blobClient.GetContainerReference("sample-container");

-container.CreateIfNotExists();

-CloudBlockBlob destBlob = container.GetBlockBlobReference("sample-blob.txt");

-// Create a SAS for the file that's valid for 24 hours.

-// Note that when you are copying a file to a blob, or a blob to a file, you must use a SAS

-// to authorize access to the source object, even if you are copying within the same

-// storage account.

-string fileSas = sourceFile.GetSharedAccessSignature(new SharedAccessFilePolicy()

-{

- // Only read permissions are required for the source file.

- Permissions = SharedAccessFilePermissions.Read,

- SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24)

-});

-// Construct the URI to the source file, including the SAS token.

-Uri fileSasUri = new Uri(sourceFile.StorageUri.PrimaryUri.ToString() + fileSas);

-// Copy the file to the blob.

-destBlob.StartCopy(fileSasUri);

-// Write the contents of the file to the console window.

-Console.WriteLine("Source file contents: {0}", sourceFile.DownloadText());

-Console.WriteLine("Destination blob contents: {0}", destBlob.DownloadText());

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-storageAccount = CloudStorageAccount.Parse(ConnectionString);

-fClient = storageAccount.CreateCloudFileClient();

-string baseShareName = "myazurefileshare";

-CloudFileShare myShare = fClient.GetShareReference(baseShareName);

-var snapshotShare = myShare.Snapshot();

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-var shares = fClient.ListShares(baseShareName, ShareListingDetails.All);

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-CloudFileShare mySnapshot = fClient.GetShareReference(baseShareName, snapshotTime);

-var rootDirectory = mySnapshot.GetRootDirectoryReference();

-var items = rootDirectory.ListFilesAndDirectories();

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-CloudFileShare liveShare = fClient.GetShareReference(baseShareName);

-var rootDirOfliveShare = liveShare.GetRootDirectoryReference();

-var dirInliveShare = rootDirOfliveShare.GetDirectoryReference(dirName);

-var fileInliveShare = dirInliveShare.GetFileReference(fileName);

-CloudFileShare snapshot = fClient.GetShareReference(baseShareName, snapshotTime);

-var rootDirOfSnapshot = snapshot.GetRootDirectoryReference();

-var dirInSnapshot = rootDirOfSnapshot.GetDirectoryReference(dirName);

-var fileInSnapshot = dir1InSnapshot.GetFileReference(fileName);

-string sasContainerToken = string.Empty;

-SharedAccessFilePolicy sasConstraints = new SharedAccessFilePolicy();

-sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24);

-sasConstraints.Permissions = SharedAccessFilePermissions.Read;

-//Generate the shared access signature on the container, setting the constraints directly on the signature.

-sasContainerToken = fileInSnapshot.GetSharedAccessSignature(sasConstraints);

-string sourceUri = (fileInSnapshot.Uri.ToString() + sasContainerToken + "&" + fileInSnapshot.SnapshotTime.ToString()); ;

-fileInliveShare.StartCopyAsync(new Uri(sourceUri));

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-```csharp

-CloudFileShare mySnapshot = fClient.GetShareReference(baseShareName, snapshotTime); mySnapshot.Delete(null, null, null);

-```

-# [Azure \.NET SDK v12](#tab/dotnet)

-# [Azure \.NET SDK v11](#tab/dotnetv11)

-First, add the following `using` directives to your *Program.cs* file, along with the ones you added above:

-```csharp

-using Microsoft.Azure.Storage.File.Protocol;

-using Microsoft.Azure.Storage.Shared.Protocol;

-```

-Although Azure Blobs, Azure Tables, and Azure Queues use the shared `ServiceProperties` type in the `Microsoft.Azure.Storage.Shared.Protocol` namespace, Azure Files uses its own type, the `FileServiceProperties` type in the `Microsoft.Azure.Storage.File.Protocol` namespace. You must reference both namespaces from your code, however, for the following code to compile.

-```csharp

-// Parse your storage connection string from your application's configuration file.

-CloudStorageAccount storageAccount = CloudStorageAccount.Parse(

- Microsoft.Azure.CloudConfigurationManager.GetSetting("StorageConnectionString"));

-// Create the File service client.

-CloudFileClient fileClient = storageAccount.CreateCloudFileClient();

-// Set metrics properties for File service.

-// Note that the File service currently uses its own service properties type,

-// available in the Microsoft.Azure.Storage.File.Protocol namespace.

-fileClient.SetServiceProperties(new FileServiceProperties()

-{

- // Set hour metrics

- HourMetrics = new MetricsProperties()

- {

- MetricsLevel = MetricsLevel.ServiceAndApi,

- RetentionDays = 14,

- Version = "1.0"

- },

- // Set minute metrics

- MinuteMetrics = new MetricsProperties()

- {

- MetricsLevel = MetricsLevel.ServiceAndApi,

- RetentionDays = 7,

- Version = "1.0"

- }

-});

-// Read the metrics properties we just set.

-FileServiceProperties serviceProperties = fileClient.GetServiceProperties();

-Console.WriteLine("Hour metrics:");

-Console.WriteLine(serviceProperties.HourMetrics.MetricsLevel);

-Console.WriteLine(serviceProperties.HourMetrics.RetentionDays);

-Console.WriteLine(serviceProperties.HourMetrics.Version);

-Console.WriteLine();

-Console.WriteLine("Minute metrics:");

-Console.WriteLine(serviceProperties.MinuteMetrics.MetricsLevel);

-Console.WriteLine(serviceProperties.MinuteMetrics.RetentionDays);

-Console.WriteLine(serviceProperties.MinuteMetrics.Version);

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-```java

-// Include the following imports to use Azure Files APIs v11

-import com.microsoft.azure.storage.*;

-import com.microsoft.azure.storage.file.*;

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-Replace *your_storage_account_name* and *your_storage_account_key* with the actual values for your storage account.

-```java

-// Configure the connection-string with your values

-public static final String storageConnectionString =

- "DefaultEndpointsProtocol=http;" +

- "AccountName=your_storage_account_name;" +

- "AccountKey=your_storage_account_key";

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-To access your storage account, use the **CloudStorageAccount** object, passing the connection string to its **parse** method.

-```java

-// Use the CloudStorageAccount object to connect to your storage account

-try {

- CloudStorageAccount storageAccount = CloudStorageAccount.parse(storageConnectionString);

-} catch (InvalidKeyException invalidKey) {

- // Handle the exception

-}

-```

-**CloudStorageAccount.parse** throws an InvalidKeyException so you'll need to put it inside a try/catch block.

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-To obtain access to a share and its contents, create an Azure Files client.

-```java

-// Create the Azure Files client.

-CloudFileClient fileClient = storageAccount.createCloudFileClient();

-```

-Using the Azure Files client, you can then obtain a reference to a share.

-```java

-// Get a reference to the file share

-CloudFileShare share = fileClient.getShareReference("sampleshare");

-```

-To actually create the share, use the **createIfNotExists** method of the **CloudFileShare** object.

-```java

-if (share.createIfNotExists()) {

- System.out.println("New share created");

-}

-```

-At this point, **share** holds a reference to a share named **sample share**.

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-Delete a share by calling the **deleteIfExists** method on a **CloudFileShare** object.

-```java

-try

-{

- // Retrieve storage account from connection-string.

- CloudStorageAccount storageAccount = CloudStorageAccount.parse(storageConnectionString);

- // Create the file client.

- CloudFileClient fileClient = storageAccount.createCloudFileClient();

- // Get a reference to the file share

- CloudFileShare share = fileClient.getShareReference("sampleshare");

- if (share.deleteIfExists()) {

- System.out.println("sampleshare deleted");

- }

-} catch (Exception e) {

- e.printStackTrace();

-}

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-The following code creates a subdirectory named **sampledir** under the root directory.

-```java

-//Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-//Get a reference to the sampledir directory

-CloudFileDirectory sampleDir = rootDir.getDirectoryReference("sampledir");

-if (sampleDir.createIfNotExists()) {

- System.out.println("sampledir created");

-} else {

- System.out.println("sampledir already exists");

-}

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-```java

-// Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-// Get a reference to the directory you want to delete

-CloudFileDirectory containerDir = rootDir.getDirectoryReference("sampledir");

-// Delete the directory

-if ( containerDir.deleteIfExists() ) {

- System.out.println("Directory deleted");

-}

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-Get a list of files and directories by calling **listFilesAndDirectories** on a **CloudFileDirectory** reference. The method returns a list of **ListFileItem** objects on which you can iterate. The following code lists files and directories inside the root directory.

-```java

-//Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-for ( ListFileItem fileItem : rootDir.listFilesAndDirectories() ) {

- System.out.println(fileItem.getUri());

-}

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-Get a reference to the directory where the file will be uploaded by calling the **getRootDirectoryReference** method on the share object.

-```java

-//Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-```

-Now that you have a reference to the root directory of the share, you can upload a file onto it using the following code.

-```java

-// Define the path to a local file.

-final String filePath = "C:\\temp\\Readme.txt";

-CloudFile cloudFile = rootDir.getFileReference("Readme.txt");

-cloudFile.uploadFromFile(filePath);

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-The following example downloads SampleFile.txt and displays its contents.

-```java

-//Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-//Get a reference to the directory that contains the file

-CloudFileDirectory sampleDir = rootDir.getDirectoryReference("sampledir");

-//Get a reference to the file you want to download

-CloudFile file = sampleDir.getFileReference("SampleFile.txt");

-//Write the contents of the file to the console.

-System.out.println(file.downloadText());

-```

-# [Azure Java SDK v12](#tab/java)

-# [Azure Java SDK v8](#tab/java8)

-The following code deletes a file named SampleFile.txt stored inside a directory named **sampledir**.

-```java

-// Get a reference to the root directory for the share.

-CloudFileDirectory rootDir = share.getRootDirectoryReference();

-// Get a reference to the directory where the file to be deleted is in

-CloudFileDirectory containerDir = rootDir.getDirectoryReference("sampledir");

-String filename = "SampleFile.txt"

-CloudFile file;

-file = containerDir.getFileReference(filename)

-if ( file.deleteIfExists() ) {

- System.out.println(filename + " was deleted");

-}

-```

-[ShareServiceClient](/azure/developer/python/sdk/storage/azure-storage-file-share/azure.storage.fileshare.shareserviceclient) lets you work with shares, directories, and files. The following code creates a `ShareServiceClient` object using the storage account connection string.

-The [FileService](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true) object lets you work with shares, directories, and files. The following code creates a `FileService` object using the storage account name and account key. Replace `<myaccount>` and `<mykey>` with your account name and key.

-The following code example uses a [FileService](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true) object to create the share if it doesn't exist.

-The code below will create a subdirectory named *sampledir* under the root directory.

-In this section, you'll learn how to upload a file from local storage into Azure Files.

-An Azure file share contains, at the least, a root directory where files can reside. To create a file and upload data, use the [create_file_from_path](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#create-file-from-path-share-name--directory-name--file-name--local-file-path--content-settings-none--metadata-none--validate-content-false--progress-callback-none--max-connections-2--file-permission-none--smb-properties--azure-storage-file-models-smbproperties-objecttimeout-none-), [create_file_from_stream](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#create-file-from-stream-share-name--directory-name--file-name--stream--count--content-settings-none--metadata-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--file-permission-none--smb-properties--azure-storage-file-models-smbproperties-object--), [create_file_from_bytes](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#create-file-from-bytes-share-name--directory-name--file-name--file--index-0--count-none--content-settings-none--metadata-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--file-permission-none--smb-properties--azure-storage-file-models-smbproperties-object--), or [create_file_from_text](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#create-file-from-text-share-name--directory-name--file-name--text--encoding--utf-8content-settings-none--metadata-none--validate-content-false--timeout-none--file-permission-none--smb-properties--azure-storage-file-models-smbproperties-object--) methods. They're high-level methods that perform the necessary chunking when the size of the data exceeds 64 MiB.

-To list the files and directories in a subdirectory, use the [list_directories_and_files](/azure/developer/python/sdk/storage/azure-storage-file-share/azure.storage.fileshare.shareclient#list-directories-and-files-directory-name-none--name-starts-with-none--marker-none-kwargs-) method. This method returns an auto-paging iterable. The following code outputs the **name** of each file and subdirectory in the specified directory to the console.

-To list the files and directories in a share, use the [list_directories_and_files](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#list-directories-and-files-share-name--directory-name-none--num-results-none--marker-none--timeout-none--prefix-none--snapshot-none-) method. This method returns a generator. The following code outputs the **name** of each file and directory in a share to the console.

-To download data from a file, use [download_file](/azure/developer/python/sdk/storage/azure-storage-file-share/azure.storage.fileshare.sharefileclient#download-file-offset-none--length-none-kwargs-).

-To download data from a file, use [get_file_to_path](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#get-file-to-path-share-name--directory-name--file-name--file-path--open-mode--wbstart-range-none--end-range-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--snapshot-none-), [get_file_to_stream](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#get-file-to-stream-share-name--directory-name--file-name--stream--start-range-none--end-range-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--snapshot-none-), [get_file_to_bytes](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#get-file-to-bytes-share-name--directory-name--file-name--start-range-none--end-range-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--snapshot-none-), or [get_file_to_text](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#get-file-to-text-share-name--directory-name--file-name--encoding--utf-8start-range-none--end-range-none--validate-content-false--progress-callback-none--max-connections-2--timeout-none--snapshot-none-). They're high-level methods that perform the necessary chunking when the size of the data exceeds 64 MiB.

-You can download a file from a share snapshot. This enables you to restore a previous version of a file.

-To delete a file, call [delete_file](/azure/developer/python/sdk/storage/azure-storage-file-share/azure.storage.fileshare.sharefileclient#delete-filekwargs-).

-To delete a file, call [delete_file](/python/api/azure-storage-file/azure.storage.file.fileservice.fileservice?view=azure-python-previous&preserve-view=true#delete-file-share-name--directory-name--file-name--timeout-none-).

-To delete a share that contains snapshots, call [delete_share](/azure/developer/python/sdk/storage/azure-storage-file-share/azure.storage.fileshare.shareclient#delete-share-delete-snapshots-false-kwargs-) with `delete_snapshots=True`.

-A share that contains snapshots cannot be deleted unless all the snapshots are deleted first.

-Consider the example of a large multi-national corporation with tens of thousands of departments and employee entities where every department has many employees and each employee as associated with one specific department. One approach is to store separate department and employee entities such as these:

-* Provide a safe electrical earth connection to the power supply cords. Verify that the grounding of the enclosure meets the national and local requirements before applying power.

- 

- 

-4. Select **Spark history server**, then the Spark History Server web UI will show up.

- 

- 

- 

-## Explore the Data tab in Spark history server

-Select the Job ID for the job you want to view. Then select **Data** on the tool menu to get the data view. This section shows you how to do various tasks in the Data tab.

-* Check the **Inputs**, **Outputs**, and **Table Operations** by selecting the tabs separately.

- 

-* Copy all rows by selecting **Copy**.

- 

-* Save all data as CSV file by selecting **csv**.

- 

-* Search by entering keywords in field **Search**. The search results display immediately.

- 

-* Select the column header to sort table, select the plus sign to expand a row to show more details, or select the minus sign to collapse a row.

- 

-* Download a single file by selecting **Partial Download**. The selected file is downloaded to local. If the file no longer exists, a new tab appears with an error message.

- 

-* To copy a full path or relative path, select the **Copy Full Path** or **Copy Relative Path** options that expand from the drop-down menu. For Azure Data Lake Storage files, **Open in Azure Storage Explorer** launches Azure Storage Explorer and locates the folder when you are signed in.

- 

-* Select page numbers below the table to navigate pages when there are too many rows to display in one page.

- 

-* Hover on the question mark beside **Data** to show the tooltip, or select the question mark to get more information.

- 

-* Send feedback with issues by selecting **Provide us feedback**.

- 

-

-

-

-

-

-

-

-

-

-

-

- 

- 

- 

- 

- 

-> [!NOTE]

->Multimedia redirection on Azure Virtual Desktop is only available for the Windows Desktop client on Windows 11, Windows 10, or Windows 10 IoT Enterprise devices. Multimedia redirection requires the [Windows Desktop client, version 1.2.3916 or later](users/connect-windows.md) with Insider releases enabled. For more information, see [Prerequisites](#prerequisites).

- - [Tutorial to create and connect to a Windows 11 desktop with Azure Virtual Desktop](tutorial-create-connect-personal-desktop.md)

- - [Create a host pool](create-host-pool.md)

- - [Create an application group, a workspace, and assign users](create-application-group-workspace.md)

- - [Add session hosts to a host pool](add-session-hosts-host-pool.md)

-To enable customer-managed keys for managed disks, see our articles covering how to enable it with either the [Azure PowerShell module](windows/disks-enable-customer-managed-keys-powershell.md), the [Azure CLI](linux/disks-enable-customer-managed-keys-cli.md) or the [Azure portal](disks-enable-customer-managed-keys-portal.md).

-description: Learn about zone-redundant storage and locally-redundant storage for Azure managed disks.

-Azure managed disks offer two storage redundancy options, zone-redundant storage (ZRS), and locally-redundant storage. ZRS provides higher availability for managed disks than locally-redundant storage (LRS) does. However, the write latency for LRS disks is better than ZRS disks because LRS disks synchronously write data to three copies in a single data center.

-## Locally-redundant storage for managed disks

-Locally-redundant storage (LRS) replicates your data three times within a single data center in the selected region. LRS protects your data against server rack and drive failures. LRS disks provide at least 99.999999999% (11 9's) of durability over a given year. To protect an LRS disk from a zonal failure like a natural disaster or other issues, take the following steps:

-### Limitations

-| Standard_E96bs_v5 | 96 | 672 | 32 | 260000/75000 | 260000/8000 | 260000/6500|260000/6500 | 8 | 25000 |

-Azure CLI is used to create and manage Azure resources from the command line or in scripts. This article describes how to use Azure CLI to deploy an Oracle Database 12c database from the Azure Marketplace image. This article then shows you, step by step, how to install and configure Data Guard on an Azure virtual machine (VM).

-The Marketplace image that you use to create the VMs is Oracle:Oracle-Database-Ee:12.1.0.2:latest.

-The following example creates a resource group named `myResourceGroup` in the `westus` location:

-az group create --name myResourceGroup --location westus

- --resource-group myResourceGroup \

- --name myAvailabilitySet \

- --platform-fault-domain-count 2 \

- --platform-update-domain-count 2

-### Create a virtual machine

-Create a VM by using the [az vm create](/cli/azure/vm) command.

-The following example creates two VMs named `myVM1` and `myVM2`. It also creates SSH keys, if they do not already exist in a default key location. To use a specific set of keys, use the `--ssh-key-value` option.

-> [!NOTE]

-> Be aware of versions that are End Of Life (EOL) and no longer supported by Redhat. Uploaded images that are, at or beyond EOL will be supported on a reasonable business effort basis. Link to Redhat's [Product Lifecycle](https://access.redhat.com/product-life-cycles/?product=Red%20Hat%20Enterprise%20Linux,OpenShift%20Container%20Platform%204)

-Create myVM1 (primary):

- --resource-group myResourceGroup \

- --name myVM1 \

- --availability-set myAvailabilitySet \

- --image Oracle:Oracle-Database-Ee:12.1.0.2:latest \

- --size Standard_DS1_v2 \

- --admin-username azureuser \

- --generate-ssh-keys \

-After you create the VM, Azure CLI shows information similar to the following example. Note the value of `publicIpAddress`. You use this address to access the VM.

-```output

-{

- "fqdns": "",

- "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM",

- "location": "westus",

- "macAddress": "00-0D-3A-36-2F-56",

- "powerState": "VM running",

- "privateIpAddress": "10.0.0.4",

- "publicIpAddress": "13.64.104.241",

- "resourceGroup": "myResourceGroup"

-}

-```

-Create myVM2 (standby):

-az vm create \

- --resource-group myResourceGroup \

- --name myVM2 \

- --availability-set myAvailabilitySet \

- --image Oracle:Oracle-Database-Ee:12.1.0.2:latest \

- --size Standard_DS1_v2 \

- --admin-username azureuser \

- --generate-ssh-keys \

-Note the value of `publicIpAddress` after you create myVM2.

-### Open the TCP port for connectivity

-This step configures external endpoints, which allow remote access to the Oracle database.

-Open the port for myVM1:

-```azurecli

-az network nsg rule create --resource-group myResourceGroup\

- --nsg-name myVM1NSG --name allow-oracle\

- --protocol tcp --direction inbound --priority 999 \

- --source-address-prefix '*' --source-port-range '*' \

- --destination-address-prefix '*' --destination-port-range 1521 --access allow

-```

-The result should look similar to the following response:

-```output

-{

- "access": "Allow",

- "description": null,

- "destinationAddressPrefix": "*",

- "destinationPortRange": "1521",

- "direction": "Inbound",

- "etag": "W/\"bd77dcae-e5fd-4bd6-a632-26045b646414\"",

- "id": "/subscriptions/<subscription-id>/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/myVmNSG/securityRules/allow-oracle",

- "name": "allow-oracle",

- "priority": 999,

- "protocol": "Tcp",

- "provisioningState": "Succeeded",

- "resourceGroup": "myResourceGroup",

- "sourceAddressPrefix": "*",

- "sourcePortRange": "*"

-}

-```

-Open the port for myVM2:

-```azurecli

-az network nsg rule create --resource-group myResourceGroup\

- --nsg-name myVM2NSG --name allow-oracle\

- --protocol tcp --direction inbound --priority 999 \

- --source-address-prefix '*' --source-port-range '*' \

- --destination-address-prefix '*' --destination-port-range 1521 --access allow

-```

-### Connect to the virtual machine

-Use the following command to create an SSH session with the virtual machine. Replace the IP address with the `publicIpAddress` value for your virtual machine.

-```bash

-ssh azureuser@<publicIpAddress>

-### Create the database on myVM1 (primary)

- -sysPassword OraPasswd1 \

- -systemPassword OraPasswd1 \

- -pdbAdminPassword OraPasswd1 \

- -storageType FS \

- -ignorePreReqs

- ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1; export ORACLE_HOME

- ORACLE_SID=cdb1; export ORACLE_SID

-export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1

-SQL> ALTER DATABASE ADD STANDBY LOGFILE ('/u01/app/oracle/oradata/cdb1/standby_redo01.log') SIZE 200M;

-SQL> ALTER DATABASE ADD STANDBY LOGFILE ('/u01/app/oracle/oradata/cdb1/standby_redo02.log') SIZE 200M;

-SQL> ALTER DATABASE ADD STANDBY LOGFILE ('/u01/app/oracle/oradata/cdb1/standby_redo03.log') SIZE 200M;

-SQL> ALTER DATABASE ADD STANDBY LOGFILE ('/u01/app/oracle/oradata/cdb1/standby_redo04.log') SIZE 200M;

-SQL> ALTER DATABASE FLASHBACK ON;

-### Set up service on myVM1 (primary)

-Edit or create the tnsnames.ora file, which is in the $ORACLE_HOME\network\admin folder.

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM1)(PORT = 1521))

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM2)(PORT = 1521))

-Edit or create the listener.ora file, which is in the $ORACLE_HOME\network\admin folder.

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM1)(PORT = 1521))

- (ORACLE_HOME = /u01/app/oracle/product/12.1.0/dbhome_1)

-### Set up service on myVM2 (standby)

-SSH to myVM2:

-```bash

-ssh azureuser@<publicIpAddress>

-Log in as Oracle:

-sudo su - oracle

-Edit or create the tnsnames.ora file, which is in the $ORACLE_HOME\network\admin folder.

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM1)(PORT = 1521))

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM2)(PORT = 1521))

-Edit or create the listener.ora file, which is in the $ORACLE_HOME\network\admin folder.

- (ADDRESS = (PROTOCOL = TCP)(HOST = myVM2)(PORT = 1521))

- (ORACLE_HOME = /u01/app/oracle/product/12.1.0/dbhome_1)

-### Restore the database to myVM2 (standby)

-Create the parameter file /tmp/initcdb1_stby.ora with the following contents:

-mkdir -p /u01/app/oracle/oradata/cdb1/pdbseed

-mkdir -p /u01/app/oracle/oradata/cdb1/pdb1

-mkdir -p /u01/app/oracle/fast_recovery_area/cdb1

-mkdir -p /u01/app/oracle/admin/cdb1/adump

- orapwd file=/u01/app/oracle/product/12.1.0/dbhome_1/dbs/orapwcdb1 password=OraPasswd1 entries=10

-Start the database on myVM2:

- rman TARGET sys/OraPasswd1@cdb1 AUXILIARY sys/OraPasswd1@cdb1_stby

-Finished recover at 29-JUN-17

-Finished Duplicate Db at 29-JUN-17

-Optionally, you can add ORACLE_HOME and ORACLE_SID to the /home/oracle/.bashrc file, so that these settings are saved for future logins:

-```bash

-# add oracle home

-export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1

-# add oracle sid

-export ORACLE_SID=cdb1

-```

-### Configure Data Guard Broker on myVM1 (primary)

- dgmgrl sys/OraPasswd1@cdb1

-DGMGRL for Linux: Version 12.1.0.2.0 - 64bit Production

- cdb1_stby - Physical standby database

-Update or create the tnsnames.ora file on your client machine. This file is usually in $ORACLE_HOME\network\admin.

-Replace the IP addresses with your `publicIpAddress` values for myVM1 and myVM2:

- (HOST=<myVM1 IP address>)

- (HOST=<myVM2 IP address>)

-sqlplus sys/OraPasswd1@cdb1

-SQL*Plus: Release 12.2.0.1.0 Production on Wed May 10 14:18:31 2017

-Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

-### Switch over the database on myVM1 (primary)

-dgmgrl sys/OraPasswd1@cdb1

-DGMGRL for Linux: Version 12.1.0.2.0 - 64bit Production

-sqlplus sys/OraPasswd1@cdb1_stby

-SQL*Plus: Release 12.2.0.1.0 Production on Wed May 10 14:18:31 2017

-Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

-### Switch over the database on myVM2 (standby)

-To switch over, run the following on myVM2:

-dgmgrl sys/OraPasswd1@cdb1_stby

-DGMGRL for Linux: Version 12.1.0.2.0 - 64bit Production

-sqlplus sys/OraPasswd1@cdb1

-SQL*Plus: Release 12.2.0.1.0 Production on Wed May 10 14:18:31 2017

-Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

-az group delete --name myResourceGroup

-### Requirements and prefix readiness

-

-* Custom IPv6 prefixes use a "parent"/"child" model, where the global (parent) range is advertised by the Microsoft Wide Area Network (WAN) and the regional (child) range(s) are advertised by their respective region(s). Note that global ranges must be /48 in size, while regional ranges must always be /64 size.

-To utilize the Azure BYOIP feature, you must perform and number of steps prior to the provisioning of your IPv6 address range. Please refer to the [IPv4 instructions](create-custom-ip-address-prefix-cli.md#pre-provisioning-steps) for details. Note that all these steps should be completed for the IPv6 global (parent) range.

-The following steps display the modified steps for provisioning a sample global (parent) IPv6 range (2a05:f500:2::/48) and regional (child) IPv6 ranges. Note that some of the steps have been abbreviated or condensed from the [IPv4 instructions](create-custom-ip-address-prefix-cli.md) to focus on the differences between IPv4 and IPv6.

-The following command creates a custom IP prefix in the specified region and resource group. Specify the exact prefix in CIDR notation as a string to ensure there's no syntax error. (The `-authorization-message` and `-signed-message` parameters are constructed in the same manner as they are for IPv4; for more information, see [Create a custom IP prefix - CLI](create-custom-ip-address-prefix-cli.md).) Note that no zonal properties are provided because the global range isn't associated with any particular region (and therefore no regional availability zones).

-It is possible to commission the global custom IPv6 prefix prior to the regional custom IPv6 prefixes; however, note that this will mean the global range is being advertised to the Internet before the regional prefixes are ready, so this is not recommended for migrations of active ranges. Additionally, it is possible to decommission a global custom IPv6 prefix while there are still active (commissioned) regional custom IPv6 prefixes or to decommission a regional custom IP prefix while the global prefix is still active (commissioned).

-* Custom IPv6 prefixes use a "parent"/"child" model, where the global (parent) range is advertised by the Microsoft Wide Area Network (WAN) and the regional (child) range(s) are advertised by their respective region(s). Note that global ranges must be /48 in size, while regional ranges must always be /64 size.

- - A sample customer range (2a05:f500:2::/48) is used for this example. This range won't be validated by Azure. Replace the example range with yours.

-To utilize the Azure BYOIP feature, you must perform and number of steps prior to the provisioning of your IPv6 address range. Please refer to the [IPv4 instructions](create-custom-ip-address-prefix-powershell.md#pre-provisioning-steps) for details. Note all these steps should be completed for the IPv6 global (parent) range.

-The following steps display the modified steps for provisioning a sample global (parent) IPv6 range (2a05:f500:2::/48) and regional (child) IPv6 ranges. Note that some of the steps have been abbreviated or condensed from the [IPv4 instructions](create-custom-ip-address-prefix-powershell.md) to focus on the differences between IPv4 and IPv6.

-The following command creates a custom IP prefix in the specified region and resource group. Specify the exact prefix in CIDR notation as a string to ensure there's no syntax error. (The `-AuthorizationMessage` and `-SignedMessage` parameters are constructed in the same manner as they are for IPv4; for more information, see [Create a custom IP prefix - PowerShell](create-custom-ip-address-prefix-powershell.md).) Note that no zonal properties are provided because the global range isn't associated with any particular region (and therefore no regional availability zones).

-It is possible to commission the global custom IPv6 prefix prior to the regional custom IPv6 prefixes; however, note that this will mean the global range is being advertised to the Internet before the regional prefixes are ready, so this is not recommended for migrations of active ranges. Additionally, it is possible to decommission a global custom IPv6 prefix while there are still active (commissioned) regional custom IPv6 prefixes or to decommission a regional custom IP prefix while the global prefix is still active (commissioned).

-4. In **Create a custom IP prefix**, enter or select the following information in the **Basics** tab:

- | Availability Zones | Select **Zone-redundant**. |

- | Signed message | Paste in the output of **$byoipauthsigned** from the earlier section. |

-1. Verify, and wait if necessary, for **myCustomIPPrefix** to be is listed in a **Provisioned** state.

-1. In **Custom IP Prefixes**, select **myCustomIPPrefix**.

-1. In **Overview** of **myCustomIPPrefix**, select the **Commission** dropdown menu and choose **Globally**.

->[!NOTE]

->This article describes how you can leverage Network Virtual Appliances, Azure, Microsoft network, and the Azure partner ecosystem to work remotely and mitigate network issues that you are facing because of COVID-19 crisis.

->

-10. Select **ResponderOnly** for the **Connection Mode** and select **Save**.