Merge pull request #293798 from MicrosoftDocs/main

01/29/2025 PM Publishing

Author: v-alje

articles/azure-government/compliance/azure-services-in-fedramp-auditscope.md

@@ -7,7 +7,7 @@ ms.topic: article
 ms.service: azure-government
 ms.custom: references_regions
 recommendations: false
-ms.date: 01/15/2025
+ms.date: 01/27/2025
 ---
 
 # Azure, Dynamics 365, Microsoft 365, and Power Platform services compliance scope
@@ -36,6 +36,7 @@ For current Azure Government regions and available services, see [Products avail
 >
 > - Some Azure services deployed in Azure Government regions US Gov Arizona, US Gov Texas, and US Gov Virginia (US Gov regions) require extra configuration to meet DoD IL5 compute and storage isolation requirements, as explained in **[Isolation guidelines for Impact Level 5 workloads](../documentation-government-impact-level-5.md).**
 > - For DoD IL5 PA compliance scope in Azure Government regions US DoD Central and US DoD East (US DoD regions), see **[US DoD regions IL5 audit scope](../documentation-government-overview-dod.md#us-dod-regions-il5-audit-scope).**
+> - For full list of M365 GCC high services authorized for FedRAMP High, see **[Microsoft Office 365 GCC High FedRAMP Marketplace](https://marketplace.fedramp.gov/products/FR1824057433)**. Azure Communication Services operates under the same infrastructure that powers Microsoft Teams and obtained FedRAMP High accreditation as part of the M365 GCC-High service offering.
 
 **Azure Government Secret** maintains:
 
@@ -50,7 +51,7 @@ For current Azure Government regions and available services, see [Products avail
 This article provides a detailed list of Azure, Dynamics 365, Microsoft 365, and Power Platform cloud services in scope for FedRAMP High, DoD IL2, DoD IL4, DoD IL5, and DoD IL6 authorizations across Azure, Azure Government, and Azure Government Secret cloud environments. For other authorization details in Azure Government Secret and Azure Government Top Secret, contact your Microsoft account representative.
 
 ## Azure public services by audit scope
-*Last updated: December 2024*
+*Last updated: January 2025*
 
 ### Terminology used
 
@@ -304,6 +305,7 @@ This article provides a detailed list of Azure, Dynamics 365, Microsoft 365, and
 | [Azure Database for MySQL](/azure/mysql/) | ✅ | ✅ | ✅ | ✅ | ✅ |
 | [Azure Database for PostgreSQL](/azure/postgresql/) | ✅ | ✅ | ✅ | ✅ | |
 | [Azure Databricks](/azure/databricks/) | ✅ | ✅ | ✅ | ✅ | |
+| [Azure Fluid Relay](../../azure-fluid-relay/index.yml) | ✅ | ✅ | |  |  |
 | [Azure Information Protection](/azure/information-protection/) ****** | ✅ | ✅ | ✅ | ✅ | ✅ |
 | [Azure Kubernetes Service (AKS)](/azure/aks/) | ✅ | ✅ | ✅ | ✅ | ✅ |
 | [Azure Managed Grafana](../../managed-grafana/index.yml) | ✅ | ✅ | |  |  |

articles/azure-maps/map-show-traffic.md

@@ -59,7 +59,7 @@ There are two different traffic controls that can be added to the map. The first
 The following code shows how to add the traffic controls to the map.
 
 ```JavaScript
-//Att the traffic control toogle button to the top right corner of the map.
+//Att the traffic control toggle button to the top right corner of the map.
 map.controls.add(new atlas.control.TrafficControl(), { position: 'top-right' });
 
 //Att the traffic legend control to the bottom left corner of the map.

articles/azure-netapp-files/application-volume-group-add-volume-secondary.md

@@ -118,6 +118,8 @@ This section shows an example of creating a single-host, secondary SAP HANA syst
 
 1. From your NetApp account, select **Application volume groups**, and select **+Add Group**. In Deployment Type, select **SAP HANA** then **Next**. 
 
+    :::image type="content" source="./media/application-volume-group-add-volume-secondary/extension-one-create.png" alt-text="Screenshot of application volume group creation menu." lightbox="./media/application-volume-group-add-volume-secondary/extension-one-create.png":::
+
 2. In the **SAP HANA** tab, provide HANA-specific information. 
 
     > [!IMPORTANT]
@@ -200,7 +202,7 @@ This section shows an example of creating a single-host, secondary SAP HANA syst
 
     Select **Volumes** to return to the Volumes overview page.  
 
-8. Select **Review + Create** to list all volumes that will be created. Select **Create Volume Group** to start the volume group creation. 
+8. Select **Review + Create** to list all volumes to be created. Select **Create Volume Group** to start the volume group creation. 
 
 
 ---

articles/azure-netapp-files/application-volume-group-considerations.md

@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: conceptual
-ms.date: 08/13/2024
+ms.date: 01/29/2025
 ms.author: anfdocs
 ---
 # Requirements and considerations for application volume group for SAP HANA 
@@ -32,7 +32,7 @@ This article describes the requirements and considerations you need to be aware
     It is recommended that you lay out the VNet and delegated subnet at design time. 
 
     Application volume group for SAP HANA creates multiple IP addresses, up to six IP addresses for larger-sized estates. Ensure that the delegated subnet has sufficient free IP addresses. Consider using a delegated subnet with a minimum of 251 IP addresses with a subnet size of /24. See [Considerations about delegating a subnet to Azure NetApp Files](azure-netapp-files-delegate-subnet.md#considerations).
-* Application volume group for SAP HANA only supports platform-managed keys for Azure NetApp Files volume encryption at volume creation at this time. Contact your Azure NetApp Files specialist or CSA if you have any questions about transitioning volumes from platform-managed keys to customer-managed keys after volume creation. 
+* Application volume group for SAP HANA only supports platform-managed keys for Azure NetApp Files volume encryption at volume creation at this time. Contact your Azure NetApp Files specialist or CSA if you have any questions about transitioning volumes from platform-managed keys to customer-managed keys after volume creation. Alternately, you can use customer-managed keys with extension 1.  
 
 >[!IMPORTANT]
 >The use of application volume group for SAP HANA for applications other than SAP HANA is not supported. Reach out to your Azure NetApp Files specialist for guidance on using Azure NetApp Files multi-volume layouts with other database applications.
@@ -43,6 +43,7 @@ This article describes the requirements and considerations you need to be aware
 * Application volume group supports Basic network features. If you're registered for extension 1, application volume group also supports [Standard network features](azure-netapp-files-network-topologies.md).
 * Extension 1 supports [availability zone volume placement](use-availability-zones.md) as the new default method for placement. This upgrade mitigates the need for AVset pinning and eliminates the need for proximity placement groups. With support for availability zone volume placement, you only need to select the same availability zone as the database servers. Using availability zone volume placement aligns with the Microsoft recommendation on how to deploy SAP HANA infrastructures to achieve best performance with high-availability, maximum flexibility, and simplified deployment. 
     If regions do not support availability zones, you can select a regional deployment or choose proximity placement groups.
+* Extension one supports [customer-managed-keys](configure-customer-managed-keys.md).
 
 ## Best practices about proximity placement
 

articles/azure-netapp-files/application-volume-group-delete.md

@@ -21,7 +21,7 @@ This article describes how to delete an application volume group.
 
 2. To delete the volume group, select **Delete**. If you are prompted, type the volume group name to confirm the deletion.  
 
-    :::image type="content" source="./media/application-volume-group-add-volume-secondary/application-volume-group-create-extension-one.png" alt-text="Screenshot of create application volume group interface for extension one." lightbox="./media/application-volume-group-add-volume-secondary/application-volume-group-create-extension-one.png":::
+    :::image type="content" source="./media/application-volume-group-delete/application-volume-group-delete.png" alt-text="Screenshot of create application volume group without volumes..":::
 
 
 

articles/azure-netapp-files/application-volume-group-deploy-first-host.md

@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: how-to
-ms.date: 06/18/2024
+ms.date: 01/29/2025
 ms.author: anfdocs
 ---
 # Deploy the first SAP HANA host using application volume group for SAP HANA
@@ -16,9 +16,10 @@ This article describes how to deploy the first SAP HANA host using Azure NetApp
 
 ## Before you begin
 
-You should understand the [requirements and considerations for application volume group for SAP HANA](application-volume-group-considerations.md). 
+- Understand the [requirements and considerations for application volume group for SAP HANA](application-volume-group-considerations.md). 
 
-Be sure to follow the **[pinning recommendations](https://aka.ms/HANAPINNING)** and have at least one HANA virtual machine (VM) in the availability set started. Alternately, you can use [Application volume group for SAP HANA extension 1](application-volume-group-introduction.md#extension-1-features). 
+- Application volume group for SAP HANA extension 1 enables you to select Standard network features and availability zone volume placement without using volume pinning. You must register for [extension 1](#register-for-extension-1) to use the function. 
+    Alternately, adhere to the **[pinning recommendations](https://aka.ms/HANAPINNING)**. Have at least one HANA virtual machine (VM) in the availability set started. Alternately, you can use [Application volume group for SAP HANA extension 1](application-volume-group-introduction.md#extension-1-features). 
 
 ### Register for extension 1 
 
@@ -80,7 +81,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
         Specifies that the data, log, and shared volumes are to be created close to the VMs.
     * **Capacity pool**:  
         All volumes are placed in a single manual QoS capacity pool. 
-        If you want to create the log-backup and data-backup volumes in a separate capacity pool, you can choose not to add those volumes to the volume group.
+        If you want to create the log-backup and data-backup volumes in a separate capacity pool, you can choose not to add those volumes to the volume group and create them separately. 
     * **Virtual network**:  
         Specify an existing VNet where the VMs are placed. 
     * **Subnet**:  
@@ -195,13 +196,15 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 4. In the **Volume group** tab, provide information for creating the volume group:  
 
     * **Availability option**:
+
         Select either **Availability zone** or **Proximity placement group**. 
         When selecting **Availability zone**, you must select the appropriate availability zone in the next field. 
         * **Proximity placement group (PPG)**:  
             Specifies that the data, log, and shared volumes are to be created close to the VMs.
         * **Availability Zone**: 
             This option lets you deploy the volumes in the logical availability zone that you specify. Select an availability zone where Azure NetApp Files resources are present. For details, see [Manage availability zone volume placement](manage-availability-zone-volume-placement.md).
     * **Network features**: 
+
         Standard network features is the default, however you can still use Basic network features. 
         See [Configure network features for a volume](configure-network-features.md) and [Guidelines for Azure NetApp Files network planning](azure-netapp-files-network-topologies.md) for details.
     * **Capacity pool**:  
@@ -211,6 +214,9 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
         Specify an existing VNet where the VMs are placed. 
     * **Subnet**:  
         Specify the delegated subnet where the IP addresses for the NFS exports are created. Ensure that you have a delegated subnet with enough free IP addresses.
+    * **Encryption key source**:
+
+        Select [Customer Managed Key](configure-customer-managed-keys.md) or Microsoft Managed Key. If you choose Customer Managed Key, provide the key vault private endpoint.
     
     Select **Next: Tags**. 
     
@@ -228,12 +234,14 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
     [ ![Screenshot that shows the protocols tags.](./media/application-volume-group-deploy-first-host/application-protocols-tag.png) ](./media/application-volume-group-deploy-first-host/application-protocols-tag.png#lightbox)
 
-7. The **Volumes** tab summarizes the volumes that are being created with proposed volume name, quota, and throughput. 
+7. The **Volumes** tab summarizes the volumes being created, showing protocol, volume name, quota, and throughput. 
 
     The Volumes tab also shows that only the data, log, and shared volumes are created close to the HANA VMs. The other volumes (data-backup and log-backup) are created at a different location within the region.
 
     The creation for the data-backup and log-backup volumes is optional.
 
+    [ ![Screenshot that summarizes the volume creation](./media/application-volume-group-deploy-first-host/volume-validation-extension-one.png)(./media/application-volume-group-deploy-first-host/volume-validation-extension-one.png#lightbox)]
+
 8. In the **Volumes** tab, you can select each volume to view or change the volume details. For example, select "data-*volume-name*". 
 
     Not all settings can be changed because of SAP HANA certification restrictions.
@@ -246,6 +254,8 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
         The size of the volume.
     * **Throughput**:  
         You can reduce the throughput requirements for development or test systems accordingly to the value required for your use cases.
+    * **Encryption key source**:
+        Select [Customer Managed Key](configure-customer-managed-keys.md) or Microsoft Managed Key. If you choose Customer Managed Key, provide the key vault private endpoint.
 
     Select **Next: Protocols** to review the protocol settings. 
 
@@ -272,17 +282,11 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
     Select **Volumes** to return to the Volume overview page. Select **Next: Review + create**.
 
-11.	The **Review + Create** tab lists all the volumes and their creation method. Select **Create Volume Group** to start the volume group creation.
-
-12. The **Volume Groups** deployment workflow starts. You can monitor the progress. This process can take a few minutes to complete.
-
-    :::image type="content" source="./media/application-volume-group-deploy-first-host/volume-group-confirm-extension-one.png" alt-text="Screenshot of the confirmed operation." lightbox="./media/application-volume-group-deploy-first-host/volume-group-confirm-extension-one.png":::
+11.	The **Review + Create** tab lists all the volumes and their creation method. Select **Create Volume Group** to start the volume group creation. This process can take a few minutes to complete.
 
-    You can display the list of volume groups to see the new volume group. You can select the new volume group to see the details and status of each of the volumes being created.
+    A notification confirms when the operation completes successfully. When you see this message, you can select **Go to resource** to view the newly created volume group. 
 
-    Creating a volume group is an "all-or-none" operation. If one volume cannot be created, all remaining volumes are removed.
-
-    [ ![Screenshot that shows the new volume group.](./media/application-volume-group-deploy-first-host/application-new-volume-group.png) ](./media/application-volume-group-deploy-first-host/application-new-volume-group.png#lightbox)
+    :::image type="content" source="./media/application-volume-group-deploy-first-host/go-to-resource.png" alt-text="Screenshot of a successfully created resource." lightbox="./media/application-volume-group-deploy-first-host/go-to-resource.png":::
 
 ---
 

articles/azure-netapp-files/application-volume-group-introduction.md

@@ -1,11 +1,11 @@
 ---
-title: Understand Azure NetApp Files application volume group for SAP HANA | Microsoft Docs
+title: Understand Azure NetApp Files application volume group for SAP HANA 
 description: Describes the use cases and key features of Azure NetApp Files application volume group for SAP HANA.
 services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: conceptual
-ms.date: 09/11/2024
+ms.date: 01/29/2025
 ms.author: anfdocs
 ---
 # Understand Azure NetApp Files application volume group for SAP HANA 

articles/azure-netapp-files/application-volume-group-oracle-considerations.md

@@ -12,7 +12,7 @@ ms.service: azure-netapp-files
 ms.workload: storage
 ms.tgt_pltfrm: na
 ms.topic: conceptual
-ms.date:  04/19/2024
+ms.date:  01/29/2025
 ms.author: anfdocs
 ---
 # Requirements and considerations for application volume group for Oracle 
@@ -32,8 +32,6 @@ This article describes the requirements and considerations you need to be aware
     * Determine the expected change rate for the database volumes (in case you're using snapshots for backup purposes).
 * Create a VNet and delegated subnet to map the Azure NetApp Files IP addresses. It is recommended that you lay out the VNet and delegated subnet at design time
 * Application volume group for Oracle volumes are deployed in a selectable availability zone for regions that offer availability zones. You need to ensure that the database server is provisioned in the same availability zone as the Azure NetApp Files volumes. You may need to check in which zones the required VM types are available as well as Azure NetApp Files resources. 
-* Application volume group for Oracle currently only supports platform-managed keys for Azure NetApp Files volume encryption at volume creation. 
-    Contact your Azure NetApp Files specialist or CSA if you have questions about transitioning volumes from platform-managed keys to customer-managed keys after volume creation.
 * Application volume group for Oracle creates multiple IP addresses--at a minimum four IP addresses for a single database. For larger Oracle estates distributed across zones, it can be 12 or more IP addresses. Ensure that the delegated subnet has sufficient free IP addresses. It's recommended that you use a delegated subnet with a minimum of 59 IP addresses with a subnet size of /26. For larger Oracle deployments, consider using a /24 network offering 251 IP addresses for the delegated subnet. See [Considerations about delegating a subnet to Azure NetApp Files](azure-netapp-files-delegate-subnet.md#considerations).
 
 > [!IMPORTANT]