You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Tutorial: Build a chatbot with Azure App Service and Azure OpenAI (Flask)
17
17
18
-
In this tutorial, you'll build an intelligent AI application by integrating Azure OpenAI with a Python web application and deploying it to Azure App Service. You'll create a Flask app that sends chat completion requests to a model in Azure OpneAI.
18
+
In this tutorial, you'll build an intelligent AI application by integrating Azure OpenAI with a Python web application and deploying it to Azure App Service. You'll create a Flask app that sends chat completion requests to a model in Azure OpenAI.
Copy file name to clipboardExpand all lines: articles/application-gateway/application-gateway-private-deployment.md
+4Lines changed: 4 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -187,6 +187,10 @@ The resource tag is cosmetic, and serves to confirm that the gateway has been pr
187
187
188
188
Application Gateway Subnet is the subnet within the Virtual Network where the Application Gateway Resources will be deployed. In the Frontend Private Ip configuration, is important that this subnet can reach privately the resources that want to connect to your exposed app or site.
189
189
190
+
> [!NOTE]
191
+
> As of May 5, 2025, new and existing deployments of Private Application Gateway require Subnet Delegation to `Microsoft.Network/applicationGateways`.
192
+
> Please follow [these steps](/azure/virtual-network/manage-subnet-delegation?tabs=manage-subnet-delegation-portal) for configuring Subnet Delegation.
193
+
190
194
## Outbound Internet connectivity
191
195
192
196
Application Gateway deployments that contain only a private frontend IP configuration (do not have a public IP frontend configuration associated to a request routing rule) aren't able to egress traffic destined to the Internet. This configuration affects communication to backend targets that are publicly accessible via the Internet.
Copy file name to clipboardExpand all lines: articles/azure-functions/extension-bundles.md
+20-5Lines changed: 20 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Azure Functions Extension Bundles
3
3
description: Learn how to use extension bundles to make the correct set of Azure Functions trigger and binding extensions available in your non-.NET function code.
4
4
ms.topic: concept-article
5
-
ms.date: 05/30/2025
5
+
ms.date: 07/25/2025
6
6
7
7
#Customer intent: I want to understand how to correctly install extension bundles so that the functionality implemented in the extensions is available to my functions in my preferred development language.
8
8
---
@@ -19,13 +19,13 @@ Extension bundles add a predefined set of compatible binding extensions to your
19
19
20
20
When you create an Azure Functions project from a non-.NET template, extension bundles are already enabled in the app's `host.json` file.
21
21
22
-
## Defining an extension bundle reference
22
+
## Define an extension bundle reference
23
23
24
24
You define an extension bundle reference in the `host.json` project file by adding an `extensionBundle` section, as in this example:
The default extension bundles are defined via version ranges. To see the `extensions.json` definition file that generates the current bundle version for a major extension, select the link in the table.
39
+
The default extension bundles are defined via version ranges. To see the `extensions.json` definition file that generates the current bundle version for a major extension, select the link in the table.-->
40
40
41
41
## Considerations for extension bundles
42
42
@@ -46,7 +46,22 @@ Keep these considerations in mind when you work with extension bundles:
46
46
- Use the latest version range to obtain optimal app performance and access to the latest features.
47
47
- In the unlikely event that you can't use an extension bundle, you must instead [explicitly install extensions](./functions-bindings-register.md#explicitly-install-extensions).
48
48
49
-
## Previewing extension bundles
49
+
## Upgrade extension bundles
50
+
51
+
It's important to keep your bundle version up-to-date so that your apps can continue to be eligible for new features, security patches, and performance optimizations.
52
+
53
+
To upgrade your app to the most recent bundle, edit the host.json file in the root of your app project. Replace the value of `extensionBundle.version` with the most recent supported extension bundles version.
54
+
55
+
Keep these considerations in mind when upgrading the extension bundle version used by your app:
56
+
57
+
+ The contents of the latest 4.x bundle can always be found at [this release page in the repo](https://github.com/Azure/azure-functions-extension-bundles/releases/latest).
58
+
+ Review the reference documentation for any extensions used by your app to look for any breaking changes between versions. <!---For the list of extension versions included in the default bundle, see the `extension.json` project file linked [from this table](#supported-extension-bundles).--> You can review the [bundle releases page](https://github.com/Azure/azure-functions-extension-bundles/releases) in the bundles repo for specific bundle version tags.
59
+
+ Always verify your app locally after upgrading the bundle version to ensure compatibility with the updated extensions. You can use the [func start](functions-core-tools-reference.md#func-start) command in Azure Functions Core Tools or F5 in Visual Studio or Visual Studio Code to run your function app locally.
60
+
+ The way that you trigger extensions to be updated based on changes to the bundle version in the host.json file depends on your app environment:
61
+
+ Local project: extensions are updated locally when Core Tools starts, either from the `func start` command or when debugging in your development tools.
62
+
+ Function app: extensions are updated when you deploy the updated host.json file to your function app in Azure.
63
+
64
+
## Preview extension bundles
50
65
51
66
Prerelease versions of specific binding extensions are maintained in a preview extension bundle: `Microsoft.Azure.Functions.ExtensionBundle.Preview`. You can use this preview extension bundle to take advantage of preview extensions and new behaviors in existing extensions before they reach general availability (GA).
Copy file name to clipboardExpand all lines: articles/azure-functions/functions-bindings-register.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -60,7 +60,7 @@ To manually install binding extensions:
60
60
61
61
1. Validate your app functionality locally and then redeploy your project, including `extensions.csproj`, to your function app in Azure.
62
62
63
-
As soon as possible, you should [switch your app back to using the latest supported extension bundle](./extension-bundles.md#defining-an-extension-bundle-reference).
63
+
As soon as possible, you should [switch your app back to using the latest supported extension bundle](./extension-bundles.md#define-an-extension-bundle-reference).
Copy file name to clipboardExpand all lines: articles/azure-vmware/azure-vmware-solution-known-issues.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: This article provides details about the known issues of Azure VMwar
4
4
ms.topic: reference
5
5
ms.custom: "engagement-fy23"
6
6
ms.service: azure-vmware
7
-
ms.date: 7/15/2025
7
+
ms.date: 7/29/2025
8
8
# Customer intent: "As a cloud administrator, I want to access detailed information about known issues in Azure VMware Solution so that I can implement workarounds and ensure the stability of my virtual environment."
9
9
---
10
10
@@ -16,9 +16,9 @@ Refer to the table to find details about resolution dates or possible workaround
16
16
17
17
|Issue | Date discovered | Workaround | Date resolved |
| [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877) VMXNET3 integer-overflow, VMCI integer-underflow, PVSCSI heap-overflow, and vSockets information-disclosure vulnerabilities. | July 15, 2025 | Microsoft verified the applicability of the vulnerabilities within the Azure VMware Solution service and adjudicated the vulnerabilities at a combined adjusted Environmental Score of [9.3](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H). Customers are advised to take extra precautions when granting administrative access to guest VMs until the update is addressed. For additional information on the vulnerability, see [this blog post](https://techcommunity.microsoft.com/blog/azuremigrationblog/azure-vmware-solution-broadcom-vmsa-2025-0013-remediation/4433430) (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239). | July 21, 2025 (Pending) - Resolved in [ESXi 8.0_U3f](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html) |
20
-
| Changing the default NSX Tier-1 name may cause some NSX features added through the Azure portal, such as DNS Zone and the Segment page, to not function as expected. | June 2025 | Azure VMware Solution uses the NSX Tier-1 name "TNTxx-T1" (where xx is the internal tenant ID) for these features. Therefore do not change the default Tier-1 name. | N/A|
21
-
| Creating stateful gateway firewall rules associated with Azure VMware Solution default NSX-T tier-0 router causes unwanted/unexpected behavior. | May 2025 | Azure VMware Solution deploys with a stateless NSX-T tier-0 router. As such, stateful firewall rules are incompatible even though the NSX-T UI may allow it. Apply stateful services and/or firewall rules at the tier-1 router. | N/A|
19
+
| [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877) VMXNET3 integer-overflow, VMCI integer-underflow, PVSCSI heap-overflow, and vSockets information-disclosure vulnerabilities. | July 15, 2025 | Microsoft verified the applicability of the vulnerabilities within the Azure VMware Solution service and adjudicated the vulnerabilities at a combined adjusted Environmental Score of [9.3](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H). Customers are advised to take extra precautions when granting administrative access to guest VMs until the update is addressed. For additional information on the vulnerability, see [this blog post](https://techcommunity.microsoft.com/blog/azuremigrationblog/azure-vmware-solution-broadcom-vmsa-2025-0013-remediation/4433430) (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239). | July 29, 2025 - Resolved in [ESXi 8.0_U3f](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html) |
20
+
| Changing the default NSX Tier-1 name may cause some NSX features added through the Azure portal, such as DNS Zone and the Segment page, to not function as expected. | June 2025 | Azure VMware Solution uses the NSX Tier-1 name "TNTxx-T1" (where xx is the internal tenant ID) for these features. Therefore do not change the default Tier-1 name. | N/A|
21
+
| Creating stateful gateway firewall rules associated with Azure VMware Solution default NSX-T tier-0 router causes unwanted/unexpected behavior. | May 2025 | Azure VMware Solution deploys with a stateless NSX-T tier-0 router. As such, stateful firewall rules are incompatible even though the NSX-T UI may allow it. Apply stateful services and/or firewall rules at the tier-1 router. | N/A|
22
22
| AV64 hosts running vSAN Express Storage Architecture (ESA), may see a High pNIC errors due to buffer overflows. [Getting alarm in relation to "High pNic error rate detected" on hosts in vSAN clusters when using Mellanox NICs](https://knowledge.broadcom.com/external/article/392333/getting-alarm-in-relation-to-high-pnic-e.html)| June 2025 | The alert should be considered an informational message, since Microsoft manages the service. Select the **Reset to Green** link to clear it. | N/A |
23
23
|[VMSA-2025-0012](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738) Multiple vulnerabilities (CVE-2025-22243, CVE-2025-22244, CVE-2025-22245) identified in VMware NSX. | May 2025 | The vulnerability described in the Broadcom document does not apply to Azure VMware Solution due to existing compensating controls mitigate the risk of exploitation. | The upcoming version of NSX includes the patch to address this vulnerability. |
24
24
|[VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) Multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228) have been identified in VMware ESXi and vCenter Server. | May 2025 | Microsoft confirmed the applicability of these vulnerabilities in Azure VMware Solution. Existing security controls, including cloudadmin role restrictions and network isolation, are deemed to significantly mitigate the impact of these vulnerabilities before official patching. The vulnerabilities adjudicated with a combined adjusted Environmental Score of [6.8](https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H) within the Azure VMware Solution. Until the update is addressed, customers are advised to exercise caution when granting administrative access to guest virtual machines and to actively monitor any administrative activities performed on them. | N/A |
Copy file name to clipboardExpand all lines: articles/azure-vmware/azure-vmware-solution-platform-updates.md
+5-1Lines changed: 5 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Learn about the platform updates to Azure VMware Solution.
4
4
ms.topic: reference
5
5
ms.custom: "references_regions, engagement-fy23"
6
6
ms.service: azure-vmware
7
-
ms.date: 7/21/2025
7
+
ms.date: 7/29/2025
8
8
# Customer intent: "As an Azure VMware Solution user, I want to stay informed about platform updates and maintenance schedules, so that I can ensure my workloads remain optimized and secure during transitions."
9
9
---
10
10
@@ -18,6 +18,10 @@ Microsoft regularly applies important updates to the Azure VMware Solution for n
18
18
19
19
Public preview of Self-Service Capabilities for Planned Maintenance. [Learn more](https://techcommunity.microsoft.com/blog/azuremigrationblog/take-control-of-your-azure-vmware-solution-maintenance-schedule/4434496)
20
20
21
+
**VCF 5.2.1 and VMSA-2025-0013 remediation**
22
+
23
+
To address the vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239) reported in Broadcom security advisory [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877), ESXi hosts are being patched in all Azure VMware Solution private clouds to [ESXi 8.0_U3f](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html). All new Azure VMware Solution private clouds are deployed with the same version. [Learn more](https://techcommunity.microsoft.com/blog/azuremigrationblog/azure-vmware-solution-broadcom-vmsa-2025-0013-remediation/4433430)
24
+
21
25
## May 2025
22
26
23
27
**vSAN ESA (Express Storage Architecture) support**
![learn-build-service-prod[bot]](https://avatars.githubusercontent.com/in/237442?v=4&size=40){kind=avatar}
0 commit comments