Merge pull request #312868 from MicrosoftDocs/main

Auto Publish – main to live - 2026-03-09 23:00 UTC

Author: learn-build-service-prod[bot]

articles/azure-vmware/azure-vmware-solution-platform-updates.md

@@ -4,14 +4,20 @@ description: Learn about the platform updates to Azure VMware Solution.
 ms.topic: reference
 ms.custom: "references_regions, engagement-fy23"
 ms.service: azure-vmware
-ms.date: 09/12/2025
+ms.date: 03/09/2026
 # Customer intent: "As an Azure VMware Solution user, I want to stay informed about platform updates and maintenance schedules, so that I can ensure my workloads remain optimized and secure during transitions."
 ---
 
 # What's new in Azure VMware Solution
 
 Microsoft regularly applies important updates to the Azure VMware Solution for new features and software lifecycle management. You should receive a notification through Azure Service Health that includes the timeline of the maintenance. For more information, see [Host maintenance and lifecycle management](azure-vmware-solution-private-cloud-maintenance.md#host-maintenance-and-lifecycle-management).
 
+## March 2026
+
+**Microsoft Entra ID integration for Azure VMware Solution**
+
+Microsoft Entra ID intergration for Azure VMware Solution is now Generally Available (GA). This feature enables customers to utilize Microsoft Entra ID an an external identity source for vCenter, providing greater security and integration into Azure. [Learn More](configure-identity-source-vcenter.md#microsoft-entra-id-as-an-identity-source).
+
 ## January 2026
 
 **Self-service maintenance orchestrator**

articles/azure-vmware/configure-identity-source-vcenter.md

@@ -3,7 +3,7 @@ title: Set an external identity source for vCenter Server
 description: Learn how to set Windows Server Active Directory over LDAP or LDAPS for VMware vCenter Server as an external identity source.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 10/22/2025
+ms.date: 03/9/2026
 ms.custom: engagement-fy23
 # Customer intent: "As a system administrator, I want to configure Windows Server Active Directory as an external identity source for vCenter Server, so that I can authenticate users and manage role-based access efficiently."
 ---
@@ -46,6 +46,25 @@ In this article, you learn how to:
 > [!NOTE]
 > For more information about LDAPS and certificate issuance, contact your security team or your identity management team.
 
+## Microsoft Entra ID as an Identity Source
+
+Integrating Microsoft Entra ID as your external identity provider for Azure VMware Solution vCenter transforms your administrative security and operational efficiency. While Azure VMware Solution traditionally relies on Windows Server Active Directory via LDAPS, native Entra ID federation (using OIDC in vSphere 8.0 U2+) offers a modernized approach. The primary advantage is centralized identity management, which breaks down authentication silos between your cloud and on-premises environments.
+
+By relying on Entra ID, you can natively enforce advanced security policies—such as Multi-Factor Authentication (MFA) and Conditional Access—without deploying additional infrastructure. Because this is a federated model, vCenter never directly handles or stores user credentials; instead, it trusts Entra ID's validation. This protects credentials, ensures a seamless Single Sign-On (SSO) experience for your administrators, and provides centralized audit trails for better compliance.
+
+Azure VMware Solution is a managed service, standard CloudAdmin accounts do not have the elevated native vCenter permissions required to manage external identity provider directly. To bridge this gap, you must use Run Commands—specifically packaged PowerShell cmdlets executed directly through the Azure portal.
+
+| Category | Component/Feature | Description |
+| --- | --- | --- |
+| **Security Benefits** | MFA & Conditional Access | Enforces native Entra ID security policies to protect vCenter Access. |
+|  | Credential Protection | Federated authentication ensures vCenter never sees raw credentials. | 
+| **Run Commands** | Add-VCenterCloudAdminRoleVcIdentityProvidersManagePrivilege | Add required permission for external identity provider to Cloudadmin account. |
+|  | Remove-AVSIdentityProviderEntraId | Deletes the configured Entra ID from vCenter Server. |
+| **Permissions** | VcIdentityProviders.Manage | vCenter privilege required to create, update, or delete external identiy providers. |
+
+> [!NOTE]
+> Use Microsoft Entra ID or LDAPS authentication for external identity sources with vCenter. Azure VMware Solution supports both options. 
+
 ## Export the certificate for LDAPS authentication (Optional)
 
 First, verify that the certificate that's used for LDAPS is valid. If you don't have a certificate, complete the steps to [create a certificate for LDAPS](../active-directory-domain-services/tutorial-configure-ldaps.md#create-a-certificate-for-secure-ldap) before you continue.

articles/confidential-computing/confidential-vm-overview.md

@@ -66,7 +66,7 @@ This feature can be enabled through an opt-in process. To learn more, read [the
 
 Azure confidential VMs use both the OS disk and a small encrypted virtual machine guest state (VMGS) disk of several megabytes. The VMGS disk contains the security state of the VM's components. Some components include the vTPM and UEFI bootloader. The small VMGS disk might incur a monthly storage cost.
 
-From July 2022, encrypted OS disks will incur higher costs. For more information, see [the pricing guide for managed disks](https://azure.microsoft.com/pricing/details/managed-disks/).
+From March 30 2026, encrypted OS disks will incur higher costs. For more information, see [the pricing guide for managed disks](https://azure.microsoft.com/pricing/details/managed-disks/).
 
 ## Attestation and TPM
 

articles/stream-analytics/includes/stream-analytics-fabric-event-stream-query-language.md

@@ -0,0 +1,14 @@
+---
+title: Query Language in Azure Stream Analytics and Microsoft Fabric Eventstream
+description: This file includes a note staging that Fabric Eventstream Query Language and Azure Stream Analytics Query Language are the same, and links to the built-in functions article.
+author: spelluru
+ms.service: azure-stream-analytics
+ms.topic: include
+ms.date: 03/09/2026
+ms.author: spelluru
+ms.custom: "include file"
+---
+
+
+> [!NOTE]
+> [Fabric Eventstream](/fabric/real-time-intelligence/event-streams/overview) is built on the same runtime as Azure Stream Analytics. Therefore, the concepts explained in this article are applicable to both Azure Stream Analytics and the Fabric Eventstream.

articles/stream-analytics/stream-analytics-stream-analytics-query-patterns.md

@@ -1,15 +1,17 @@
 ---
 title: Common query patterns in Azure Stream Analytics
-description: This article describes several common query patterns and designs that are useful in Azure Stream Analytics jobs.
+description: This article describes several common query patterns and designs that are useful in Azure Stream Analytics jobs and Fabric Eventstream.
 ms.service: azure-stream-analytics
 ms.topic: how-to
-ms.date: 12/17/2024
+ms.date: 03/04/2026
 ms.custom: devx-track-js
 ---
 
-# Common query patterns in Azure Stream Analytics
+# Common query patterns in Azure Stream Analytics and Fabric Eventstream
 
-Queries in Azure Stream Analytics are expressed in an SQL-like query language. The language constructs are documented in the [Stream Analytics query language reference](/stream-analytics-query/stream-analytics-query-language-reference) guide. 
+[!INCLUDE [stream-analytics-fabric-event-stream-query-language](./includes/stream-analytics-fabric-event-stream-query-language.md)]
+
+Queries in Azure Stream Analytics are expressed in a SQL-like query language. The language constructs are documented in the [Stream Analytics query language reference](/stream-analytics-query/stream-analytics-query-language-reference) guide. 
 
 The query design can express simple pass-through logic to move event data from one input stream into an output data store, or it can do rich pattern matching and temporal analysis to calculate aggregates over various time windows as in the [Build an IoT solution by using Stream Analytics](stream-analytics-build-an-iot-solution-using-stream-analytics.md) guide. You can join data from multiple inputs to combine streaming events, and you can do lookups against static reference data to enrich the event values. You can also write data to multiple outputs.
 
@@ -83,7 +85,7 @@ HAVING
 ```
 
 
-The **INTO** clause tells the Stream Analytics service which of the outputs to write the data to. The first **SELECT** defines a pass-through query that receives data from the input and sends it to the output named **ArchiveOutput**. The second query aggregates and filters data before sending the results to a downstream alerting system output called **AlertOutput**.
+The **INTO** clause tells the Stream Analytics service, which of the outputs to write the data to. The first **SELECT** defines a pass-through query that receives data from the input and sends it to the output named **ArchiveOutput**. The second query aggregates and filters data before sending the results to a downstream alerting system output called **AlertOutput**.
 
 The **WITH** clause can be used to define multiple subquery blocks. This option has the benefit of opening fewer readers to the input source.
 
@@ -115,7 +117,7 @@ For more information, see [**WITH** clause](/stream-analytics-query/with-azure-s
 
 ## Simple pass-through query
 
-A simple pass-through query can be used to copy the input stream data into the output. For example, if a stream of data containing real-time vehicle information needs to be saved in an SQL database for later analysis, a simple pass-through query does the job.
+A simple pass-through query can be used to copy the input stream data into the output. For example, if a stream of data containing real-time vehicle information needs to be saved in a SQL database for later analysis, a simple pass-through query does the job.
 
 Consider the following **input**:
 
@@ -434,7 +436,7 @@ WHERE
 	LAG(Make, 1) OVER (LIMIT DURATION(second, 90)) = Make
 ```
 
-The **LAG** function can look into the input stream one event back and retrieve the *Make* value, comparing that with the *Make* value of the current event.  Once the condition is met, data from the previous event can be projected using **LAG** in the **SELECT** statement.
+The **LAG** function can look into the input stream one event back and retrieve the *Make* value, comparing that with the *Make* value of the current event. Once the condition is met, data from the previous event can be projected using **LAG** in the **SELECT** statement.
 
 For more information, see [LAG](/stream-analytics-query/lag-azure-stream-analytics).
 
@@ -851,6 +853,9 @@ For more information on SessionWindow, see [Session Window](/stream-analytics-qu
 
 ## User defined functions in JavaScript and C#
 
+> [!NOTE]
+> This section doesn't apply to Fabric Eventstream. 
+
 Azure Stream Analytics query language can be extended with custom functions written either in JavaScript or C# language. User Defined Functions (UDF) are custom/complex computations that can’t be easily expressed using the **SQL** language. These UDFs can be defined once and used multiple times within a query. For example, an UDF can be used to convert a hexadecimal *nvarchar(max)* value to a *bigint* value.
 
 Sample **input**:
@@ -945,14 +950,14 @@ MATCH_RECOGNIZE (
 
 This query matches at least two consecutive failure events and generates an alarm when the conditions are met.
 **PATTERN** defines the regular expression to be used on the matching, in this case, at least two consecutive warnings after at least one successful operation.
-Success and Warning are defined using Return_Code value and once the condition is met, the **MEASURES** are projected with *ATM_id*, the first warning operation and first warning time.
+Success and Warning are defined using Return_Code value and once the condition is met. The MEASURES** are projected with *ATM_id*, the first warning operation, and first warning time.
 
 For more information, see [MATCH_RECOGNIZE](/stream-analytics-query/match-recognize-stream-analytics).
 
 ## Geofencing and geospatial queries
 
 Azure Stream Analytics provides built-in geospatial functions that can be used to implement scenarios such as fleet management, ride sharing, connected cars, and asset tracking.
-Geospatial data can be ingested in either GeoJSON or WKT formats as part of event stream or reference data.
+Geospatial data can be ingested in either GeoJSON or WKT formats as part of eventstream or reference data.
 For example, a company that is specialized in manufacturing machines for printing passports, leases their machines to governments and consulates. The location of those machines is heavily controlled as to avoid the misplacing and possible use for counterfeiting of passports. Each machine is fitted with a GPS tracker, that information is relayed back to an Azure Stream Analytics job.
 The manufacture would like to keep track of the location of those machines and be alerted if one of them leaves an authorized area, this way they can remotely disable, alert authorities and retrieve the equipment.
 

articles/synapse-analytics/spark/apache-spark-34-runtime.md

@@ -15,7 +15,7 @@ ms.date: 11/17/2023
 > [!WARNING]
 > End of Support Announcement
 > - End of support announced for Azure Synapse Runtime for Apache Spark 3.4.
-> - Azure Synapse Runtime for Apache Spark 3.4 will be deprecated and disabled March 31, 2026. 
+> - Azure Synapse Runtime for Apache Spark 3.4 will be deprecated March 31, 2026. 
 
 Azure Synapse Analytics supports multiple runtimes for Apache Spark. This document covers the runtime components and versions for the Azure Synapse Runtime for Apache Spark 3.4.