Azure · roarrioj · Oct 2, 2023 · Oct 2, 2023 · Oct 2, 2023 · Oct 2, 2023
diff --git a/carml/1.3.0/Microsoft.Storage/storageAccounts/deploy.bicep b/carml/1.3.0/Microsoft.Storage/storageAccounts/deploy.bicep
@@ -58,7 +58,7 @@ param azureFilesIdentityBasedAuthentication object = {}
 @description('Optional. A boolean flag which indicates whether the default authentication is OAuth or not.')
 param defaultToOAuthAuthentication bool = false
 
-@description('Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.')
+@description('Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Microsoft Entra ID. The default value is null, which is equivalent to true.')
 param allowSharedKeyAccess bool = true
 
 @description('Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.')

diff --git a/carml/1.3.0/Microsoft.Storage/storageAccounts/readme.md b/carml/1.3.0/Microsoft.Storage/storageAccounts/readme.md
@@ -57,7 +57,7 @@ This module is used to deploy a storage account, with the ability to deploy 1 or
 | `allowBlobPublicAccess` | bool | `False` |  | Indicates whether public access is enabled for all blobs or containers in the storage account. For security reasons, it is recommended to set it to false. |
 | `allowCrossTenantReplication` | bool | `True` |  | Allow or disallow cross AAD tenant object replication. |
 | `allowedCopyScope` | string | `''` | `['', AAD, PrivateLink]` | Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. |
-| `allowSharedKeyAccess` | bool | `True` |  | Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true. |
+| `allowSharedKeyAccess` | bool | `True` |  | Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Microsoft Entra ID. The default value is null, which is equivalent to true. |
 | `azureFilesIdentityBasedAuthentication` | object | `{object}` |  | Provides the identity based authentication settings for Azure Files. |
 | `blobServices` | _[blobServices](blobServices/readme.md)_ object | `{object}` |  | Blob service and containers to deploy. |
 | `cMKKeyName` | string | `''` |  | The name of the customer managed key to use for encryption. Cannot be deployed together with the parameter 'systemAssignedIdentity' enabled. |

diff --git a/workload/arm/deploy-baseline.json b/workload/arm/deploy-baseline.json
@@ -34709,7 +34709,7 @@
                       "type": "bool",
                       "defaultValue": true,
                       "metadata": {
-                        "description": "Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true."
+                        "description": "Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Microsoft Entra ID. The default value is null, which is equivalent to true."
                       }
                     },
                     "privateEndpoints": {
@@ -38909,7 +38909,7 @@
                       "type": "bool",
                       "defaultValue": true,
                       "metadata": {
-                        "description": "Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true."
+                        "description": "Optional. Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Microsoft Entra ID. The default value is null, which is equivalent to true."
                       }
                     },
                     "privateEndpoints": {

diff --git a/workload/bicep/modules/avdSessionHosts/deploy.bicep b/workload/bicep/modules/avdSessionHosts/deploy.bicep
@@ -231,7 +231,7 @@ module sessionHosts '../../../../carml/1.3.0/Microsoft.Compute/virtualMachines/d
               options: '3'
           }
       }
-      // Microsoft Entra ID (AAD) Join.
+      // Microsoft Entra ID Join.
       extensionAadJoinConfig: {
           enabled: (identityServiceProvider == 'AAD') ? true: false
           settings: createIntuneEnrollment ? {

diff --git a/workload/docs/baseline-troubleshooting-guide.md b/workload/docs/baseline-troubleshooting-guide.md
@@ -10,7 +10,7 @@ Follow the steps below to troubleshoot and resolve the issue:
 
 ### Validate environment and account configuration
 
-- **Check Configuration**: Review your Azure Virtual Desktop (AVD) virtual network configuration and ensure that DNS is properly configured and the virtual network is peered to the network Hub or Identity Services virtual network. When using AD DS or AAD DS commonly the virtual network will need to be setup with custom DNS servers settings that point to the domain controllers IPs.
+- **Check Configuration**: Review your Azure Virtual Desktop (AVD) virtual network configuration and ensure that DNS is properly configured and the virtual network is peered to the network Hub or Identity Services virtual network. When using AD DS or Microsoft Entra ID DS commonly the virtual network will need to be setup with custom DNS servers settings that point to the domain controllers IPs.
     - Resources:
         - [Name resolution for resources in Azure virtual networks](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances?tabs=redhat)
 

diff --git a/workload/docs/citrixlzaccelerator/readme.md b/workload/docs/citrixlzaccelerator/readme.md
@@ -315,7 +315,7 @@ Depending on how your Citrix Cloud and Azure AD are configured, one or more Ente
 | 5c913119-2257-4316-9994-5e8f3832265b | Default connection between Azure AD and Citrix Cloud with Citrix Endpoint Management |
 | e067934c-b52d-4e92-b1ca-70700bd1124e | Legacy connection between Azure AD and Citrix Cloud with Citrix Endpoint Management | 
 
-Each Enterprise application grants Citrix Cloud specific permissions to either the Microsoft Graph or the Windows Azure Active Directory API. For instance, the Workspace subscriber login grants User.Read permissions to both APIs so that users can sign-in and read their profile. More information about the permissions granted can be found [here](https://docs.citrix.com/en-us/citrix-cloud/citrix-cloud-management/identity-access-management/azure-ad-permissions.html). 
+Each Enterprise application grants Citrix Cloud specific permissions to either the Microsoft Graph or the Windows Microsoft Entra ID API. For instance, the Workspace subscriber login grants User.Read permissions to both APIs so that users can sign-in and read their profile. More information about the permissions granted can be found [here](https://docs.citrix.com/en-us/citrix-cloud/citrix-cloud-management/identity-access-management/azure-ad-permissions.html). 
 
 **Using Built-in Roles**
 

diff --git a/workload/docs/deploy-baseline.md b/workload/docs/deploy-baseline.md
@@ -11,7 +11,7 @@
   - **Environment** – Deployment Environment type (Development/Test/Production), will be used for naming and tagging purposes.
 - **Identity provider** blade
   - **Identity Service Provider** - Identity service provider (AD DS, AAD DS, AAD) that already exists and will be used for Azure Virtual Desktop.
-    - Microsoft Entra ID (AAD).
+    - Microsoft Entra ID.
     - Active Directory (AD DS).
     - Microsoft Entra ID Domain Services (AAD DS).
   - **Azure Virtual Desktop access assignment** - These identities will be granted access to Azure Virtual Desktop application groups (role "Desktop Virtualization User").

diff --git a/workload/docs/horizonlzaccelerator-nextgen/readme.md b/workload/docs/horizonlzaccelerator-nextgen/readme.md
@@ -138,7 +138,7 @@ The following list provides more information about platform-based resources:
 
 - [Providing Access to VMware Horizon Cloud Service Desktops and Applications in Workspace ONE Access](https://docs.vmware.com/en/VMware-Workspace-ONE-Access/services/ws1-access-resources/GUID-361DF7AB-D944-4E87-8F6E-7F0425D23ACD.html) – Explains how to configure Workspace One for use with Horizon Cloud Service
 
-Typically, Horizon Cloud on Microsoft Azure integrates with Azure Active Directory or Workspace ONE Access for identity services. If you need to integrate a 3rd party prover like OKTA or OpenLDAP you can consider using Workspace ONE Access which has the ability to integrate with other LDAP providers.
+Typically, Horizon Cloud on Microsoft Azure integrates with Microsoft Entra ID or Workspace ONE Access for identity services. If you need to integrate a 3rd party prover like OKTA or OpenLDAP you can consider using Workspace ONE Access which has the ability to integrate with other LDAP providers.
 Resources Review the following resources on Identity integration.
 - [Workspace ONE Access](https://docs.vmware.com/en/VMware-Workspace-ONE-Access/index.html)
 - [Workspace ONE Access - Directory Integration](https://docs.vmware.com/en/VMware-Workspace-ONE-Access/services/ws1_access_directory/GUID-DF53F9EF-6715-469A-A885-9ACFE4B2A35B.html)

diff --git a/workload/docs/horizonlzaccelerator/readme.md b/workload/docs/horizonlzaccelerator/readme.md
@@ -111,7 +111,7 @@ Horizon offers flexible deployment options across private and public clouds, fro
 Designing a multi-cloud solution is challenging and complex. VMware has developed guidance for deploying Horizon on each of the supported cloud-based infrastructure platforms. Review the different reference architectures for other platforms on the [Horizon Reference Architecture](https://techzone.vmware.com/reference-architecture#horizon) on VMware TechZone. 
 
 # Design area – Identity
-Typically, Horizon Cloud on Microsoft Azure integrates with Azure Active Directory or Workspace ONE Access for identity services. If you need to integrate a 3rd party prover like OKTA or OpenLDAP you can consider using Workspace ONE Access which has the ability to integrate with other LDAP providers.
+Typically, Horizon Cloud on Microsoft Azure integrates with Microsoft Entra ID or Workspace ONE Access for identity services. If you need to integrate a 3rd party prover like OKTA or OpenLDAP you can consider using Workspace ONE Access which has the ability to integrate with other LDAP providers.
 
 Resources
 Review the following resources on Identity integration.

diff --git a/workload/portal-ui/portal-ui-baseline.json b/workload/portal-ui/portal-ui-baseline.json
@@ -139,7 +139,7 @@
                                         "required": true,
                                         "allowedValues": [
                                             {
-                                                "label": "Microsoft Entra ID (AAD)",
+                                                "label": "Microsoft Entra ID",
                                                 "value": "AAD"
                                             },
                                             {
@@ -1257,7 +1257,7 @@
                             "type": "Microsoft.Common.InfoBox",
                             "visible": "[and(equals(steps('network').createAvdVirtualNetwork, false), equals(steps('network').deployPrivateEndpointKeyvaultStorage, true), equals(steps('network').virtualNetworkPrivateDnsZone, true))]",
                             "options": {
-                                "text": "When using private endpoints, an existing Azure Virtual Desktop vNet, and creating new private DNS zones, custom DNS servers may NOT be used (unless they are connected to the same vNet used for the Azure Virtual Desktop dpeloyment) in order for FSlogix/MSIX App Attach deployment to be successful, given that the private DNS zone will be linked to the existing vNet and this will be the only network able to resolve private endpoint DNS records. <br/> ***Note: selected options (existing vNet and create DNS zones) are only recommended when using Microsoft Entra ID (AAD) as identity service provider.",
+                                "text": "When using private endpoints, an existing Azure Virtual Desktop vNet, and creating new private DNS zones, custom DNS servers may NOT be used (unless they are connected to the same vNet used for the Azure Virtual Desktop dpeloyment) in order for FSlogix/MSIX App Attach deployment to be successful, given that the private DNS zone will be linked to the existing vNet and this will be the only network able to resolve private endpoint DNS records. <br/> ***Note: selected options (existing vNet and create DNS zones) are only recommended when using Microsoft Entra ID as identity service provider.",
                                 "uri": "https://docs.microsoft.com/azure/private-link/disable-private-endpoint-network-policy",
                                 "style": "Warning"
                             }
@@ -1363,7 +1363,7 @@
                                     "type": "Microsoft.Common.InfoBox",
                                     "visible": "[equals(steps('identity').identityDomainInformation.identityServiceProvider, 'AAD')]",
                                     "options": {
-                                        "text": "vNet peering to identity services is not required when Microsoft Entra ID (AAD) as identity service provider .",
+                                        "text": "vNet peering to identity services is not required when Microsoft Entra ID as identity service provider .",
                                         "uri": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/azure-virtual-desktop-azure-active-directory-join",
                                         "style": "info"
                                     }

diff --git a/workload/terraform/greenfield/AADDSscenario/output.tf b/workload/terraform/greenfield/AADDSscenario/output.tf
@@ -39,6 +39,6 @@ output "vnetrange" {
 }
 
 output "AVD_user_groupname" {
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
   value       = data.azuread_group.adds_group.display_name
 }
diff --git a/workload/terraform/greenfield/AADDSscenario/readme.md b/workload/terraform/greenfield/AADDSscenario/readme.md
@@ -1,4 +1,4 @@
-# Implement Azure Virtual Desktop with Azure Active Directory
+# Implement Azure Virtual Desktop with Microsoft Entra ID
 
 This guide is designed to help you get started with deploying a greenfield Azure Virtual Desktop using the provided Terraform template(s) within this repository. Before you deploy, it is recommended to review the template(s) to understand the resources that will be deployed and the associated costs.
 
@@ -8,7 +8,7 @@ This accelerator is to be used as starter kit and you can expand its functionali
 
 ## Table of contents
 
-- [Implement Azure Virtual Desktop with Azure Active Directory](#implement-azure-virtual-desktop-with-azure-active-directory)
+- [Implement Azure Virtual Desktop with Microsoft Entra ID](#implement-azure-virtual-desktop-with-azure-active-directory)
   - [Table of contents](#table-of-contents)
   - [Scenario Overview](#scenario-overview)
     - [Azure Architecture](#azure-architecture)

diff --git a/workload/terraform/greenfield/AADDSscenario/variables.tf b/workload/terraform/greenfield/AADDSscenario/variables.tf
@@ -120,7 +120,7 @@ variable "subnet_range" {
 
 variable "aad_group_name" {
   type        = string
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
 }
 
 variable "rdsh_count" {

diff --git a/workload/terraform/greenfield/AADscenario/output.tf b/workload/terraform/greenfield/AADscenario/output.tf
@@ -39,6 +39,6 @@ output "vnetrange" {
 }
 
 output "AVD_user_groupname" {
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
   value       = data.azuread_group.adds_group.display_name
 }
diff --git a/workload/terraform/greenfield/AADscenario/readme.md b/workload/terraform/greenfield/AADscenario/readme.md
@@ -1,4 +1,4 @@
-# Implement Azure Virtual Desktop with Azure Active Directory
+# Implement Azure Virtual Desktop with Azure Microsoft Entra ID
 
 This guide is designed to help you get started with deploying a greenfield Azure Virtual Desktop using the provided Terraform template(s) within this repository. Before you deploy, it is recommended to review the template(s) to understand the resources that will be deployed and the associated costs.
 
@@ -8,7 +8,7 @@ This accelerator is to be used as starter kit and you can expand its functionali
 
 ## Table of contents
 
-- [Implement Azure Virtual Desktop with Azure Active Directory](#implement-azure-virtual-desktop-with-azure-active-directory)
+- [Implement Azure Virtual Desktop with Microsoft Entra ID](#implement-azure-virtual-desktop-with-azure-active-directory)
   - [Table of contents](#table-of-contents)
   - [Scenario Overview](#scenario-overview)
     - [Azure Architecture](#azure-architecture)
@@ -35,7 +35,7 @@ The solution implements a new:
   - 1 Workspaces – 1 pooled
   - AVD Monitoring, log analytics workspace and diagnostic logs enabled
   - AVD Scaling plan
-- Azure Files Storage with FSLogix share, RBAC role assignment and private endpoint joined to Azure Active Directory
+- Azure Files Storage with FSLogix share, RBAC role assignment and private endpoint joined to Microsoft Entra ID
 - Key Vault and private endpoint
 - Azure Virtual Desktop spoke resources:
   - Virtual Network

diff --git a/workload/terraform/greenfield/AADscenario/variables.tf b/workload/terraform/greenfield/AADscenario/variables.tf
@@ -150,7 +150,7 @@ variable "subnet_range" {
 
 variable "aad_group_name" {
   type        = string
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
 }
 
 variable "rdsh_count" {

diff --git a/workload/terraform/greenfield/ADDSscenario/output.tf b/workload/terraform/greenfield/ADDSscenario/output.tf
@@ -39,7 +39,7 @@ output "vnetrange" {
 }
 
 output "AVD_user_groupname" {
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
   value       = data.azuread_group.adds_group.display_name
 }
 output "vault_uri" {

diff --git a/workload/terraform/greenfield/ADDSscenario/variables.tf b/workload/terraform/greenfield/ADDSscenario/variables.tf
@@ -153,7 +153,7 @@ variable "avd_users" {
 
 variable "aad_group_name" {
   type        = string
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
 }
 
 variable "rdsh_count" {

diff --git a/workload/terraform/greenfield/readme.md b/workload/terraform/greenfield/readme.md
@@ -44,8 +44,8 @@ This folder is laid out hierarchically so that different levels of modules may b
 | ------------------- | ------------------------------------------------------------ |
 | [modules](../modules)            | This folder contains re-usable modules that create infrastructure components that are used to compose more complex scenarios |
 | [ADDS scenarios](./ADDSscenario/readme.md)  | This folder contains scenario root modules that deploy AVD with ADDS join session host. |
-| [AAD scenarios](./AADscenario/readme.md)  | This folder contains scenario root modules that deploy AVD with Azure Active Directory join session host. |
-| [AAD Zero Trust scenarios](./zerotrust/readme.md)  | This folder contains scenario root modules that deploy AVD with Azure Active Directory join session host following zero trust principles. |
+| [AAD scenarios](./AADscenario/readme.md)  | This folder contains scenario root modules that deploy AVD with Microsoft Entra ID join session host. |
+| [AAD Zero Trust scenarios](./zerotrust/readme.md)  | This folder contains scenario root modules that deploy AVD with Microsoft Entra ID join session host following zero trust principles. |
 
 <details>
 <summary>Click to expand</summary>

diff --git a/workload/terraform/greenfield/zerotrust/output.tf b/workload/terraform/greenfield/zerotrust/output.tf
@@ -39,7 +39,7 @@ output "vnetrange" {
 }
 
 output "AVD_user_groupname" {
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
   value       = data.azuread_group.adds_group.display_name
 }
 output "vault_uri" {

diff --git a/workload/terraform/greenfield/zerotrust/variables.tf b/workload/terraform/greenfield/zerotrust/variables.tf
@@ -156,7 +156,7 @@ variable "hub_connectivity_rg" {
 
 variable "aad_group_name" {
   type        = string
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
 }
 
 variable "rdsh_count" {

diff --git a/workload/terraform/modules/avd/personal/variables.tf b/workload/terraform/modules/avd/personal/variables.tf
@@ -34,5 +34,5 @@ variable "avdLocation" {
 
 variable "aad_group_name" {
   type        = string
-  description = "Azure Active Directory Group for AVD users"
+  description = "Microsoft Entra ID Group for AVD users"
 }