Merge pull request #2622 from MicrosoftDocs/main

Auto Publish – main to live - 2026-03-16 05:00 UTC

Author: learn-build-service-prod[bot]

articles/attestation/tpm-attestation-sample-policies.md

@@ -71,7 +71,7 @@ c:[type=="srtmDrtmEventPcr", issuer=="AttestationPolicy"] => add(type="Bitlocker
 [type=="BitlockerStatus", issuer=="AttestationPolicy"] => issue(type="BitlockerStatus", value=true);
 ![type=="BitlockerStatus", issuer=="AttestationPolicy"] => issue(type="BitlockerStatus", value=false);
 
-// Elam Driver (windows defender) Loaded
+// Elam Driver (Microsoft Defender) Loaded
 c:[type=="boolProperties", issuer=="AttestationPolicy"] => add(type="elamDriverLoaded", value=JsonToClaimValue(JmesPath(c.value, "[*].EVENT_LOADEDMODULE_AGGREGATION[] | [? EVENT_IMAGEVALIDATED == `true` && (equals_ignore_case(EVENT_FILEPATH, '\\windows\\system32\\drivers\\wdboot.sys') || equals_ignore_case(EVENT_FILEPATH, '\\windows\\system32\\drivers\\wd\\wdboot.sys'))] | @ != `null`")));
 [type=="elamDriverLoaded", issuer=="AttestationPolicy"] => issue(type="ELAMDriverLoaded", value=true);
 ![type=="elamDriverLoaded", issuer=="AttestationPolicy"] => issue(type="ELAMDriverLoaded", value=false);

articles/confidential-ledger/manage-azure-ad-token-based-users.md

@@ -55,7 +55,7 @@ ledger_client = ConfidentialLedgerClient(
 
 # Add a user with the contributor role
 # Other supported roles are Contributor and Administrator
-user_id = "Azure AD object id of the user"
+user_id = "Microsoft Entra ID object id of the user"
 user = ledger_client.create_or_update_user(
     user_id, {"assignedRole": "Contributor"}
 )
@@ -98,7 +98,7 @@ internal class ACLUserManagement
       // The DefaultAzureCredential will use the current Azure context to authenticate to Azure
       var ledgerClient = new ConfidentialLedgerClient(new Uri("https://contoso.confidential-ledger.azure.com"), new DefaultAzureCredential());
 
-      string userId = "Azure AD object id of the user";
+      string userId = "Microsoft Entra ID object id of the user";
 
       // Add the user with the Reader role
       // Other supported roles are Contributor and Administrator
@@ -206,7 +206,7 @@ public class CreateOrUpdateUserSample {
 			// Other supported roles are Contributor and Administrator
 			BinaryData userDetails = BinaryData.fromString("{\"assignedRole\":\"Reader\"}");
 			RequestOptions requestOptions = new RequestOptions();
-			String userId = "Azure AD object id of the user";
+			String userId = "Microsoft Entra ID object id of the user";
 			Response<BinaryData> response = confidentialLedgerClient.createOrUpdateUserWithResponse(userId,
 					userDetails, requestOptions);
 
@@ -277,8 +277,8 @@ export async function main() {
     new DefaultAzureCredential()
   );
 
-  // Azure AD object id of the user
-  const userId = "Azure AD Object id"
+  // Microsoft Entra ID object id of the user
+  const userId = "Microsoft Entra ID Object id"
 
   // Other supported roles are Reader and Contributor
   const createUserParams: CreateOrUpdateUserParameters = {

articles/confidential-ledger/quickstart-template.md

@@ -1,6 +1,6 @@
 ---
-title: Create an Microsoft Azure confidential ledger by using Azure Resource Manager template
-description: Learn how to create an Microsoft Azure confidential ledger by using Azure Resource Manager template.
+title: Create a Microsoft Azure confidential ledger by using Azure Resource Manager template
+description: Learn how to create a Microsoft Azure confidential ledger by using Azure Resource Manager template.
 services: azure-resource-manager
 author: msmbaldwin
 ms.service: azure-confidential-ledger
@@ -10,7 +10,7 @@ ms.author: mbaldwin
 ms.date: 04/14/2025
 ---
 
-# Quickstart: Create an Microsoft Azure confidential ledger with an ARM template
+# Quickstart: Create a Microsoft Azure confidential ledger with an ARM template
 
 [Microsoft Azure confidential ledger](overview.md) is a new and highly secure service for managing sensitive data records. This quickstart describes how to use an Azure Resource Manager template (ARM template) to create a new ledger.
 

articles/confidential-ledger/quickstart-terraform.md

@@ -24,7 +24,7 @@ In this quickstart, you create an Azure resource group and a confidential ledger
 > * Retrieve the current Azure client configuration.
 > * Generate a random string for the Azure confidential ledger name.
 > * Create an Azure confidential ledger with the generated name and assign it to the resource group.
-> * Assign an Azure AD based service principal to the confidential ledger.
+> * Assign a Microsoft Entra ID based service principal to the confidential ledger.
 > * Tag the confidential ledger as an example.
 > * Output the resource group name, confidential ledger name, confidential ledger type, and confidential ledger role name.
 > * Specify the required version of Terraform and the required providers.

articles/dedicated-hsm/overview.md

@@ -65,7 +65,7 @@ Azure Dedicated HSM is most suitable for “lift-and-shift” scenarios that req
 
 ### Not a fit
 
-Azure Dedicated HSM is not a good fit for the following type of scenario: Microsoft cloud services that support encryption with customer-managed keys (such as Azure Information Protection, Azure Disk Encryption, Azure Data Lake Store, Azure Storage, Azure SQL Database, and Customer Key for Office 365) that are not integrated with Azure Dedicated HSM.
+Azure Dedicated HSM is not a good fit for the following type of scenario: Microsoft cloud services that support encryption with customer-managed keys (such as Azure Information Protection, Azure Disk Encryption, Azure Data Lake Store, Azure Storage, Azure SQL Database, and Customer Key for Microsoft 365) that are not integrated with Azure Dedicated HSM.
 
 > [!NOTE]
 > Customers must have an assigned Microsoft Account Manager and meet the monetary requirement of five million ($5M) USD or greater in overall committed Azure revenue annually to qualify for onboarding and use of Azure Dedicated HSM.  

articles/defender-for-cloud/alerts-resource-manager.md

@@ -118,7 +118,7 @@ This article lists the security alerts you might get for Resource Manager from M
 
 **Severity**: High
 
-### **PowerZure exploitation toolkit used to elevate access from Azure AD to Azure**
+### **PowerZure exploitation toolkit used to elevate access from Microsoft Entra ID to Azure**
 
 (ARM_PowerZure.AzureElevatedPrivileges)
 

articles/defender-for-cloud/defender-for-cloud-glossary.md

@@ -275,7 +275,7 @@ Shared access signature that provides secure delegated access to resources in yo
 
 ### **SaaS**
 
-Software as a service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365). SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider.[What is SaaS?](https://azure.microsoft.com/resources/cloud-computing-dictionary/what-is-saas/).
+Software as a service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft 365). SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider.[What is SaaS?](https://azure.microsoft.com/resources/cloud-computing-dictionary/what-is-saas/).
 
 ### **Secure Score**
 

articles/defender-for-cloud/defender-for-sql-scan-results.md

@@ -114,7 +114,7 @@ Azure Logic Apps is a low-code or no-code cloud-based service that provides you
 
 You can use [these instructions](https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Workflow%20automation/Notify-SQLVulnerabilityReport), to learn how to use Logic Apps to automate email notifications using an example template.
 
-This example Logic App template automates a weekly email report that summarizes the vulnerability scan results for every database from a selected list of servers. After you deploy the template, you must authorize the Office 365 connector to generate a valid access token to authenticate your credentials.
+This example Logic App template automates a weekly email report that summarizes the vulnerability scan results for every database from a selected list of servers. After you deploy the template, you must authorize the Microsoft 365 connector to generate a valid access token to authenticate your credentials.
 
 The recipients receive emails with the findings of the scan results.
 

articles/defender-for-cloud/recommendations-reference-ai.md

@@ -120,7 +120,7 @@ This recommendation replaces the old recommendation *Cognitive Services should u
 
 ### Azure Machine Learning Computes should have local authentication methods disabled (Preview)
 
-**Description & related policy**: Disabling local authentication methods improves security by ensuring that Machine Learning Computes require Azure Active Directory identities exclusively for authentication. For more information, see [Azure Policy Regulatory Compliance controls for Azure Machine Learning](/azure/machine-learning/security-controls-policy).
+**Description & related policy**: Disabling local authentication methods improves security by ensuring that Machine Learning Computes require Microsoft Entra ID identities exclusively for authentication. For more information, see [Azure Policy Regulatory Compliance controls for Azure Machine Learning](/azure/machine-learning/security-controls-policy).
 
 **Severity**: Medium
 

articles/defender-for-cloud/recommendations-reference-app-services.md

@@ -115,23 +115,23 @@ Using the latest Python version for API apps is recommended to benefit from secu
 ### Managed identity should be used in API apps
 
 **Description**: For enhanced authentication security, use a managed identity.
-On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.
+On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Microsoft Entra ID and using it to obtain Microsoft Entra ID (Microsoft Entra ID) tokens.
 (Related policy: [Managed identity should be used in your API App](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2fproviders%2fMicrosoft.Authorization%2fpolicyDefinitions%2fc4d441f8-f9d9-4a9e-9cef-e82117cb3eef)).
 
 **Severity**: Medium
 
 ### Managed identity should be used in function apps
 
 **Description**: For enhanced authentication security, use a managed identity.
-On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.
+On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Microsoft Entra ID and using it to obtain Microsoft Entra ID (Microsoft Entra ID) tokens.
 (Related policy: [Managed identity should be used in your Function App](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2fproviders%2fMicrosoft.Authorization%2fpolicyDefinitions%2f0da106f2-4ca3-48e8-bc85-c638fe6aea8f)).
 
 **Severity**: Medium
 
 ### Managed identity should be used in web apps
 
 **Description**: For enhanced authentication security, use a managed identity.
-On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.
+On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Microsoft Entra ID and using it to obtain Microsoft Entra ID (Microsoft Entra ID) tokens.
 (Related policy: [Managed identity should be used in your Web App](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2fproviders%2fMicrosoft.Authorization%2fpolicyDefinitions%2f2b9ad585-36bc-4615-b300-fd4435808332)).
 
 **Severity**: Medium