Merge branch 'main' into release-postgresql-migration-extension-ads-preview

v-alje · v-alje · commit 40efe6d20ae1 · 2023-02-27T18:07:52.000-08:00
diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md
@@ -32,7 +32,7 @@ To learn more, see an overview of [FCI with SQL Server on Azure VMs](failover-cl
 
 Before you complete the instructions in this article, you should already have:
 
-- An Azure subscription. Get started for [free](https://azure.microsoft.com/free/). 
+- An Azure subscription. Get started with a [free Azure account](https://azure.microsoft.com/free/). 
 - [Two or more prepared Windows Azure virtual machines](failover-cluster-instance-prepare-vm.md) in an availability set, or availability zones. 
 - An account that has permissions to create objects on both Azure virtual machines and in Active Directory.
 - The latest version of [Azure PowerShell](/powershell/azure/install-az-ps). 
diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-prepare-vm.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-prepare-vm.md
@@ -24,7 +24,7 @@ To learn more, see an overview of [FCI with SQL Server on Azure VMs](failover-cl
 
 ## Prerequisites 
 
-- A Microsoft Azure subscription. Get started for [free](https://azure.microsoft.com/free/). 
+- A Microsoft Azure subscription. Get started with a [free Azure account](https://azure.microsoft.com/free/). 
 - A Windows domain on Azure virtual machines or an on-premises active directory extended to Azure with virtual network pairing.
 - An account that has permissions to create objects on Azure virtual machines and in Active Directory.
 - An Azure virtual network and one or more subnets with enough IP address space for these components:
diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md
@@ -55,7 +55,7 @@ The preceding diagram shows the following resources in the same resource group:
 
 Before you complete the instructions in this article, you should already have:
 
-- An Azure subscription. Get started for [free](https://azure.microsoft.com/free/). 
+- An Azure subscription. Get started with a [free Azure account](https://azure.microsoft.com/free/). 
 - [Two or more prepared Windows Azure virtual machines](failover-cluster-instance-prepare-vm.md) in an [availability set](/azure/virtual-machines/windows/tutorial-availability-sets#create-an-availability-set).
 - An account that has permissions to create objects on both Azure virtual machines and in Active Directory.
 - The latest version of [PowerShell](/powershell/azure/install-az-ps). 
diff --git a/docs/machine-learning/install/sql-ml-cab-downloads.md b/docs/machine-learning/install/sql-ml-cab-downloads.md
@@ -101,7 +101,7 @@ CAB files are listed in reverse chronological order. When you download the CAB f
 
 |Release  |Component | Download link  | Issues addressed |
 |---------|----------|----------------|------------------|
-|**[SQL Server 2017 CU29](https://support.microsoft.com//help/5010786/)** |  |  |  |
+|**[SQL Server 2017 CU29](https://support.microsoft.com//help/5010786/)-[CU31](https://support.microsoft.com//help/5016884/)** |  |  |  |
 | | Microsoft R Open      | [SRO_3.5.2.777_1033.cab](https://go.microsoft.com/fwlink/?linkid=2134897)  |  |
 | | R Server              | [SRS_9.4.7.1162_1033.cab](https://go.microsoft.com/fwlink/?linkid=2174362)  |  |
 | | Microsoft Python Open | [SPO_4.5.12.479_1033.cab](https://go.microsoft.com/fwlink/?LinkId=2118341) |  |
diff --git a/docs/relational-databases/security/permissions-database-engine.md b/docs/relational-databases/security/permissions-database-engine.md
@@ -4,7 +4,7 @@ description: Consult this complete list of SQL Server permissions to find out wh
 author: AndreasWolter
 ms.author: anwolter
 ms.reviewer: randolphwest
-ms.date: 02/26/2023
+ms.date: 02/27/2023
 ms.service: sql
 ms.subservice: security
 ms.topic: conceptual
@@ -236,7 +236,6 @@ The following table lists major classes of permissions and the kinds of securabl
 |DATABASE|EXECUTE|EX|SERVER|CONTROL SERVER|
 |DATABASE|EXECUTE ANY EXTERNAL ENDPOINT|EAEE|SERVER|CONTROL SERVER|
 |DATABASE|EXECUTE ANY EXTERNAL SCRIPT|EAES<br /><br />Applies to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] ([!INCLUDE[sssql16-md](../../includes/sssql16-md.md)] through current).|SERVER|CONTROL SERVER|
-|DATABASE|GENERATE LEDGER DIGEST|GLD|SERVER|CONTROL|
 |DATABASE|INSERT|IN|SERVER|CONTROL SERVER|
 |DATABASE|KILL DATABASE CONNECTION|KIDC<br /><br />Only applies to [!INCLUDE[ssSDSfull](../../includes/sssdsfull-md.md)]. Use ALTER ANY CONNECTION in [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].|SERVER|ALTER ANY CONNECTION|
 |DATABASE|REFERENCES|RF|SERVER|CONTROL SERVER|
@@ -409,7 +408,7 @@ The following permissions are added to SQL Server 2022:
 - 18 new permissions have been added for extended events.
 - 9 new permissions have been added with regard to security-related objects.
 
-- 5 permissions have been added for Ledger.
+- 4 permissions have been added for Ledger.
 - 3 additional database permissions.
 
 For more information, see [New granular permissions for SQL Server 2022 and Azure SQL to improve adherence with PoLP](https://techcommunity.microsoft.com/t5/sql-server-blog/new-granular-permissions-for-sql-server-2022-and-azure-sql-to/ba-p/3607507).
@@ -479,7 +478,6 @@ All these permissions are under the same parent-permission: **ALTER ANY DATABASE
 - ALTER LEDGER
 - ALTER LEDGER CONFIGURATION
 - ENABLE LEDGER
-- GENERATE LEDGER DIGEST
 - VIEW LEDGER CONTENT
 
 #### Other database permissions
diff --git a/docs/sql-server/azure-arc/includes/features-operating-system.md b/docs/sql-server/azure-arc/includes/features-operating-system.md
@@ -0,0 +1,18 @@
+---
+author: MikeRayMSFT
+ms.author: mikeray
+ms.date: 02/22/2023
+ms.topic: include
+ms.service: sql
+---
+
+The following table identifies features available by operating system:
+
+|Feature  |Windows|Linux|
+|---------|---------|---------|
+|[Discover and register SQL Servers in Azure](../prerequisites.md) |Yes |Yes |
+|[Best practices assessment](../assess.md) |Yes |No |
+|[Detailed database inventory](../view-databases.md#inventory-databases) |Yes |No |
+|[Azure Active Directory authentication](../../../relational-databases/security/authentication-access/azure-ad-authentication-sql-server-overview.md) |Yes |Yes |
+|[Microsoft Defender for Cloud](/azure/defender-for-cloud/defender-for-sql-usage)|Yes |No |
+|[Microsoft Purview](/azure/purview/tutorial-register-scan-on-premises-sql-server)|Yes |Yes |
diff --git a/docs/sql-server/azure-arc/overview.md b/docs/sql-server/azure-arc/overview.md
@@ -15,7 +15,16 @@ Azure Arc-enabled SQL Server extends Azure services to SQL Server instances host
 
 ## Manage your SQL Servers at-scale from a single point of control
 
-Azure Arc enables you to manage all of your SQL Servers from a single point of control: Azure. As you connect your SQL Servers to Azure, you get a single place to view the detailed inventory of your SQL Servers and databases.  You can look at details for a given SQL Server in the Azure Portal such as the name, version, edition, number of cores, and host operating system. At scale, you can query across all of your SQL Servers using Azure Resource Graph Explorer to answer questions like 'How many SQL Servers do I have that are SQL Server 2014? or "What are the names of all the SQL Servers that are running on Linux?"  You can even quickly create charts from these queries and pin them to customizable dashboards.  Go a level deeper and you can view a list of every database on a SQL Server and do cross-SQL Server queries of databases to get insights into which databases haven't been backed up recently or that are not encrypted.
+Azure Arc enables you to manage all of your SQL Servers from a single point of control: Azure. As you connect your SQL Servers to Azure, you get a single place to view the detailed inventory of your SQL Servers and databases.  
+
+- Look at details for a given SQL Server in the Azure portal such as the name, version, edition, number of cores, and host operating system.
+- Query across all of your SQL Servers using Azure Resource Graph Explorer to answer questions like:
+  - "How many SQL Servers do I have that are SQL Server 2014?"
+  - "What are the names of all the SQL Servers that are running on Linux?"  
+- Quickly create charts from these queries and pin them to customizable dashboards.
+- View a list of every database on a SQL Server and do cross-SQL Server queries of databases to see:
+  - Databases that haven't been backed up recently.
+  - Databases that aren't encrypted.
 
 ![A screenshot of the Arc-enabled SQL Server dashboard from Azure portal.](media/overview/arc-sql-server-dashboard.png)
 
@@ -38,7 +47,7 @@ When you enable Microsoft Defender through Azure Arc-enabled SQL Server, you can
 
 ## Microsoft Purview
 
-Microsoft Purview provides a unified data governance solution to help manage and govern your on-premises, multi-cloud, and software as a service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Enable data consumers to access valuable, trustworthy data management.
+Microsoft Purview provides a unified data governance solution to help manage and govern your on-premises, multicloud, and software as a service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Enable data consumers to access valuable, trustworthy data management.
 
 Azure Arc-enabled SQL Server powers some of the Microsoft Purview features such as access policies and it generally makes it easier for you to get your SQL Servers connected into Purview.
 
@@ -60,6 +69,9 @@ The following diagram illustrates the architecture of Azure Arc-enabled SQL Serv
 
 [!INCLUDE [license-types](includes/license-types.md)]
 
+## Feature availability by operating system
+
+[!INCLUDE [features-operating-systems](includes/features-operating-system.md)]
 ## Supported Azure regions
 
 [!INCLUDE [azure-arc-data-regions](includes/azure-arc-data-regions.md)]
diff --git a/docs/sql-server/azure-arc/prerequisites.md b/docs/sql-server/azure-arc/prerequisites.md
@@ -21,7 +21,7 @@ An Azure Arc-enabled instance of SQL Server is an instance on-premises or in a c
 
 Before you can Arc-enable an instance of SQL Server you need to:
 
-- Have an Azure account with an active subscription. [Create one for free](https://azure.microsoft.com/free/)
+- Have an Azure account with an active subscription. If needed, [create a free Azure Account](https://azure.microsoft.com/free/)
 - Verify [Arc connected machine agent prerequisites](/azure/azure-arc/servers/prerequisites)
 - Verify [Arc connected machine agent network requirements](/azure/azure-arc/servers/network-requirements)
 - Register resource providers. Specifically:
diff --git a/docs/tools/sqlpackage/sqlpackage-deploy-drift-report.md b/docs/tools/sqlpackage/sqlpackage-deploy-drift-report.md
@@ -86,7 +86,7 @@ SqlPackage {parameters}{properties}{SQLCMD Variables}
 |**/p:**|DisableAndReenableDdlTriggers=(BOOLEAN 'True')| Specifies whether Data Definition Language (DDL) triggers are disabled at the beginning of the publish process and re-enabled at the end of the publish action.|
 |**/p:**|DoNotAlterChangeDataCaptureObjects=(BOOLEAN 'True')|If true, Change Data Capture objects are not altered.|
 |**/p:**|DoNotAlterReplicatedObjects=(BOOLEAN 'True')|Specifies whether objects that are replicated are identified during verification.|
-|**/p:**|DoNotDropObjectType=(STRING)|An object type that should not be dropped when DropObjectsNotInSource is true. Valid object type names are Aggregates, ApplicationRoles, Assemblies, AsymmetricKeys, BrokerPriorities, Certificates, ColumnEncryptionKeys, ColumnMasterKeys, Contracts, DatabaseRoles, DatabaseTriggers, Defaults, ExtendedProperties, ExternalDataSources, ExternalFileFormats, ExternalTables, Filegroups, FileTables, FullTextCatalogs, FullTextStoplists, MessageTypes, PartitionFunctions, PartitionSchemes, Permissions, Queues, RemoteServiceBindings, RoleMembership, Rules, ScalarValuedFunctions, SearchPropertyLists, SecurityPolicies, Sequences, Services, Signatures, StoredProcedures, SymmetricKeys, Synonyms, Tables, TableValuedFunctions, UserDefinedDataTypes, UserDefinedTableTypes, ClrUserDefinedTypes, Users, Views, XmlSchemaCollections, Audits, Credentials, CryptographicProviders, DatabaseAuditSpecifications, DatabaseScopedCredentials, Endpoints, ErrorMessages, EventNotifications, EventSessions, LinkedServerLogins, LinkedServers, Logins, Routes, ServerAuditSpecifications, ServerRoleMembership, ServerRoles, ServerTriggers. |
+|**/p:**|DoNotDropObjectType=(STRING)|An object type that should not be dropped when DropObjectsNotInSource is true. Valid object type names are Aggregates, ApplicationRoles, Assemblies, AsymmetricKeys, BrokerPriorities, Certificates, ColumnEncryptionKeys, ColumnMasterKeys, Contracts, DatabaseRoles, DatabaseTriggers, Defaults, ExtendedProperties, ExternalDataSources, ExternalFileFormats, ExternalTables, Filegroups, FileTables, FullTextCatalogs, FullTextStoplists, MessageTypes, PartitionFunctions, PartitionSchemes, Permissions, Queues, RemoteServiceBindings, RoleMembership, Rules, ScalarValuedFunctions, SearchPropertyLists, SecurityPolicies, Sequences, Services, Signatures, StoredProcedures, SymmetricKeys, Synonyms, Tables, TableValuedFunctions, UserDefinedDataTypes, UserDefinedTableTypes, ClrUserDefinedTypes, Users, Views, XmlSchemaCollections, Audits, Credentials, CryptographicProviders, DatabaseAuditSpecifications, DatabaseScopedCredentials, Endpoints, ErrorMessages, EventNotifications, EventSessions, LinkedServerLogins, LinkedServers, Logins, Routes, ServerAuditSpecifications, ServerRoleMembership, ServerRoles, ServerTriggers. This property may be specified multiple times to indicate multiple options.|
 |**/p:**|DoNotDropObjectTypes=(STRING)|A semicolon-delimited list of object types that should not be dropped when DropObjectsNotInSource is true. Valid object type names are Aggregates, ApplicationRoles, Assemblies, AsymmetricKeys, BrokerPriorities, Certificates, ColumnEncryptionKeys, ColumnMasterKeys, Contracts, DatabaseRoles, DatabaseTriggers, Defaults, ExtendedProperties, ExternalDataSources, ExternalFileFormats, ExternalTables, Filegroups, FileTables, FullTextCatalogs, FullTextStoplists, MessageTypes, PartitionFunctions, PartitionSchemes, Permissions, Queues, RemoteServiceBindings, RoleMembership, Rules, ScalarValuedFunctions, SearchPropertyLists, SecurityPolicies, Sequences, Services, Signatures, StoredProcedures, SymmetricKeys, Synonyms, Tables, TableValuedFunctions, UserDefinedDataTypes, UserDefinedTableTypes, ClrUserDefinedTypes, Users, Views, XmlSchemaCollections, Audits, Credentials, CryptographicProviders, DatabaseAuditSpecifications, DatabaseScopedCredentials, Endpoints, ErrorMessages, EventNotifications, EventSessions, LinkedServerLogins, LinkedServers, Logins, Routes, ServerAuditSpecifications, ServerRoleMembership, ServerRoles, ServerTriggers.|
 |**/p:**|DropConstraintsNotInSource=(BOOLEAN 'True')|Specifies whether constraints that do not exist in the database snapshot (.dacpac) file will be dropped from the target database when you publish to a database.|
 |**/p:**|DropDmlTriggersNotInSource=(BOOLEAN 'True')|Specifies whether DML triggers that do not exist in the database snapshot (.dacpac) file will be dropped from the target database when you publish to a database.|
diff --git a/docs/tools/sqlpackage/sqlpackage-export.md b/docs/tools/sqlpackage/sqlpackage-export.md
@@ -100,7 +100,7 @@ SqlPackage /at:$($AccessToken_Object.Token) /Action:Export /TargetFile:"C:\Adven
 |**/p:**|IgnoreIndexesStatisticsOnEnclaveEnabledColumns=(BOOLEAN 'False')|Specifies whether indexes or statistics on columns encrypted using randomized encryption and enclave-enabled column encryption keys should be ignored (not included in the generated bacpac). By default (false) any index or a statistic on a column encrypted using randomized encryption and an enclave-enabled column encryption key will block the export action.|
 |**/p:**|LongRunningCommandTimeout=(INT32 '0')|Specifies the long running command timeout in seconds when executing queries against SQL Server. Use 0 to wait indefinitely.|
 |**/p:**|Storage=({File&#124;Memory})|Specifies the type of backing storage for the schema model used during extraction. 'Memory' is default for .NET Core version of SqlPackage. 'File' is only available and default for .NET Framework version of SqlPackage. |
-|**/p:**|TableData=(STRING[])|Indicates the table from which data will be extracted. Specify the table name with or without the brackets surrounding the name parts in the following format: schema_name.table_identifier. This option may be specified multiple times.|
+|**/p:**|TableData=(STRING)|Indicates the table from which data will be extracted. Specify the table name with or without the brackets surrounding the name parts in the following format: schema_name.table_identifier. This property may be specified multiple times to indicate multiple options.|
 |**/p:**|TargetEngineVersion=({Default&#124;Latest&#124;V11&#124;V12} 'Latest')|This property is deprecated and use is not recommended. Specifies the version the target engine for Azure SQL Database is expected to be.|
 |**/p:**|TempDirectoryForTableData=(STRING)|Specifies an alternative temporary directory used to buffer table data before being written to the package file. The space required in this location may be large and is relative to the full size of the database.|
 |**/p:**|VerifyExtraction=(BOOLEAN 'True')|Specifies whether the extracted schema model should be verified. If set to true, schema validation rules are run on the dacpac or bacpac.|
diff --git a/docs/tools/sqlpackage/sqlpackage-extract.md b/docs/tools/sqlpackage/sqlpackage-extract.md
@@ -122,7 +122,7 @@ SqlPackage /at:$($AccessToken_Object.Token) /Action:Extract /TargetFile:"C:\Adve
 |**/p:**|IgnoreUserLoginMappings=(BOOLEAN 'False')|Specifies whether relationships between users and logins are ignored.|
 |**/p:**|LongRunningCommandTimeout=(INT32 '0')| Specifies the long running command timeout in seconds when executing queries against SQL Server. Use 0 to wait indefinitely.|
 |**/p:**|Storage=({File&#124;Memory})|Specifies the type of backing storage for the schema model used during extraction. 'Memory' is default for .NET Core version of SqlPackage. 'File' is only available and default for .NET Framework version of SqlPackage.|
-|**/p:**|TableData=(STRING[])|Indicates the table from which data will be extracted. Specify the table name with or without the brackets surrounding the name parts in the following format: schema_name.table_identifier. This option may be specified multiple times.|
+|**/p:**|TableData=(STRING)|Indicates the table from which data will be extracted. Specify the table name with or without the brackets surrounding the name parts in the following format: schema_name.table_identifier.  This property may be specified multiple times to indicate multiple options.|
 |**/p:**|TempDirectoryForTableData=(STRING)|Specifies the temporary directory used to buffer table data before being written to the package file.|
 |**/p:**|VerifyExtraction=(BOOLEAN 'True')|Specifies whether the extracted schema model should be verified.|
 
diff --git a/docs/tools/sqlpackage/sqlpackage-publish.md b/docs/tools/sqlpackage/sqlpackage-publish.md
diff --git a/docs/tools/sqlpackage/sqlpackage-script.md b/docs/tools/sqlpackage/sqlpackage-script.md
