Merge remote-tracking branch 'upstream/main'

Author: flang-msft

.openpublishing.redirection.json

@@ -4039,6 +4039,21 @@
       "redirect_url": "/azure/expressroute/work-remotely-support",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/expressroute/expressroute-howto-add-ipv6-powershell.md",
+      "redirect_url": "/azure/expressroute/expressroute-howto-add-ipv6",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/expressroute/expressroute-howto-add-ipv6-cli.md",
+      "redirect_url": "/azure/expressroute/expressroute-howto-add-ipv6",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/expressroute/expressroute-howto-add-ipv6-portal.md",
+      "redirect_url": "/azure/expressroute/expressroute-howto-add-ipv6",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/external-attack-surface-management/data-connections-overview.md",
       "redirect_url": "/azure/external-attack-surface-management/index",
@@ -6943,6 +6958,11 @@
       "source_path": "articles/signups/startup-programs.md",
       "redirect_url": "/azure/signups/overview",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/reliability/migrate-sql-database.md",
+      "redirect_url": "/azure/azure-sql/database/enable-zone-redundancy",
+      "redirect_document_id": false
     }
 
   ]

articles/api-management/api-management-gateways-overview.md

@@ -8,7 +8,7 @@ ms.service: azure-api-management
 ms.custom:
   - build-2024
 ms.topic: concept-article
-ms.date: 07/11/2024
+ms.date: 07/22/2025
 ms.author: danlep
 ---
 
@@ -79,20 +79,20 @@ The following tables compare features available in the following API Management
 | [Virtual network injection](virtual-network-concepts.md)  |  Developer, Premium | Premium v2 | ❌ | ✔️<sup>1,2</sup> | ✔️ |
 | [Inbound private endpoints](private-endpoint.md)  |  Developer, Basic, Standard, Premium | Standard v2 | ❌ | ❌ | ❌ |
 | [Outbound virtual network integration](integrate-vnet-outbound.md)  | ❌ | Standard  v2, Premium v2  |  ❌ | ❌ | ✔️ |
-| [Availability zones](zone-redundancy.md)  |  Premium | ✔️<sup>3</sup>  | ❌ | ✔️<sup>1</sup> | ✔️<sup>3</sup> |
+| [Availability zones](zone-redundancy.md)  |  Premium | ❌  | ❌ | ✔️<sup>1</sup> | ❌ |
 | [Multi-region deployment](api-management-howto-deploy-multi-region.md) |  Premium | ❌ |  ❌ | ✔️<sup>1</sup> | ❌ |
-| [CA root certificates](api-management-howto-ca-certificates.md) for certificate validation |  ✔️ | ❌ | ❌ | ✔️<sup>4</sup> |  ❌ |
+| [CA root certificates](api-management-howto-ca-certificates.md) for certificate validation |  ✔️ | ❌ | ❌ | ✔️<sup>3</sup> |  ❌ |
 | [Managed domain certificates](configure-custom-domain.md?tabs=managed#domain-certificate-options) |  Developer, Basic, Standard, Premium | ❌ | ✔️ | ❌ | ❌ |
 | [TLS settings](api-management-howto-manage-protocols-ciphers.md) |  ✔️ | ✔️ | ✔️ | ✔️ | ❌ |
-| **HTTP/2** (Client-to-gateway) | ✔️<sup>5</sup> | ✔️<sup>5</sup> |❌ | ✔️ | ❌ |
-| **HTTP/2** (Gateway-to-backend) |  ❌ | ❌ | ❌ | ✔️ | ❌ |
+| **HTTP/2** (Client-to-gateway) | ✔️<sup>4</sup> | ✔️<sup>4</sup> |❌ | ✔️ | ❌ |
+| **HTTP/2** (Gateway-to-backend) |  ❌ | ✔️<sup>5</sup> | ❌ | ✔️<sup>5</sup> | ❌ |
 | API threat detection with [Defender for APIs](protect-with-defender-for-apis.md) | ✔️ | ✔️ |  ❌ | ❌ | ❌ |
 
 <sup>1</sup> Depends on how the gateway is deployed, but is the responsibility of the customer.<br/>
 <sup>2</sup> Connectivity to the self-hosted gateway v2 [configuration endpoint](self-hosted-gateway-overview.md#fqdn-dependencies) requires DNS resolution of the endpoint hostname.<br/>
-<sup>3</sup> Two zones are enabled by default; not configurable.<br/>
-<sup>4</sup> CA root certificates for self-hosted gateway are managed separately per gateway<br/>
-<sup>5</sup> Client protocol needs to be enabled.
+<sup>3</sup> CA root certificates for self-hosted gateway are managed separately per gateway<br/>
+<sup>4</sup> Client protocol needs to be enabled.<br/>
+<sup>5</sup> Configure using the [forward-request](forward-request-policy.md) policy.
 
 ### Backend APIs
 

articles/api-management/azure-openai-emit-token-metric-policy.md

@@ -59,7 +59,7 @@ The `azure-openai-emit-token-metric` policy sends custom metrics to Application
 | ----------- | --------------------------------------------------------------------------------- | -------- |
 | dimension   | Add one or more of these elements for each dimension included in the metric.  | Yes      |
 
-### dimension attributes
+### Dimension attributes
 
 | Attribute | Description                | Required |  Default value  |
 | --------- | -------------------------- |  ------------------ | -------------- |
@@ -77,7 +77,7 @@ The `azure-openai-emit-token-metric` policy sends custom metrics to Application
 ### Usage notes
 
 * This policy can be used multiple times per policy definition.
-* You can configure at most 10 custom dimensions for this policy.
+* You can configure at most 5 custom dimensions for this policy.
 * This policy can optionally be configured when adding an API from the Azure OpenAI Service using the portal.
 * Where available, values in the usage section of the response from the Azure OpenAI Service API are used to determine token metrics.
 * Certain Azure OpenAI endpoints support streaming of responses. When `stream` is set to `true` in the API request to enable streaming, token metrics are estimated.

articles/api-management/configure-custom-domain.md

@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 05/30/2025
+ms.date: 07/25/2025
 ms.author: danlep
 ms.custom:
   - engagement-fy23
@@ -104,12 +104,20 @@ For more information, see [Use managed identities in Azure API Management](api-m
 
 API Management offers a free, managed TLS certificate for your domain, if you don't wish to purchase and manage your own certificate. The certificate is autorenewed automatically.
 
+> [!IMPORTANT]
+> **Creation of managed certificates for custom domains in API Management will be temporarily unavailable from August 15, 2025 to March 15, 2026.** Our Certificate Authority (CA), DigiCert, will migrate to a new validation platform to meet Multi-Perspective Issuance Corroboration (MPIC) requirements for issuing certificates. This migration requires us to temporarily suspend the creation of managed certificates for custom domains. [Learn more](breaking-changes/managed-certificates-suspension-august-2025.md)
+>
+> Existing managed certificates will be autorenewed and remain unaffected.
+>
+> While creation of managed certificates is suspended, use other certificate options for configuring custom domains.
+
 > [!NOTE]
-> The free, managed TLS certificate is in preview. Currently, it's unavailable in the v2 service tiers. 
+> The free, managed TLS certificate is in preview. 
 
 #### Limitations
 
 * Currently can be used only with the Gateway endpoint of your API Management service
+* Not supported in the v2 tiers
 * Not supported with the self-hosted gateway
 * Not supported in the following Azure regions: France South and South Africa West
 * Currently available only in the Azure cloud

articles/api-management/emit-metric-policy.md

@@ -52,7 +52,7 @@ The `emit-metric` policy sends custom metrics in the specified format to Applica
 | ----------- | --------------------------------------------------------------------------------- | -------- |
 | dimension   | Add one or more of these elements for each dimension included in the custom metric.  | Yes      |
 
-### dimension attributes
+### Dimension attributes
 
 | Attribute | Description                | Required |  Default value  |
 | --------- | -------------------------- |  ------------------ | -------------- |
@@ -69,7 +69,7 @@ The `emit-metric` policy sends custom metrics in the specified format to Applica
 
 ### Usage notes
 
-* You can configure at most 10 custom dimensions for this policy.
+* You can configure at most 5 custom dimensions for this policy.
 
 ## Example
 

articles/api-management/forward-request-policy.md

@@ -35,7 +35,7 @@ The `forward-request` policy forwards the incoming request to the backend servic
 | timeout                             | The amount of time in seconds to wait for the HTTP response headers to be returned by the backend service before a timeout error is raised. Minimum value is 0 seconds. Values greater than 240 seconds may not be honored, because the underlying network infrastructure can drop idle connections after this time. Policy expressions are allowed. You can specify either `timeout` or `timeout-ms` but not both. | No       | 300    |
 | timeout-ms                             | The amount of time in milliseconds to wait for the HTTP response headers to be returned by the backend service before a timeout error is raised. Minimum value is 0 ms. Policy expressions are allowed. You can specify either `timeout` or `timeout-ms` but not both.  | No       | N/A    |
 | continue-timeout | The amount of time in seconds to wait for a `100 Continue` status code to be returned by the backend service before a timeout error is raised. Policy expressions are allowed. | No  | N/A |
-| http-version                             | The HTTP spec version to use when sending the HTTP response to the backend service. When using `2or1`, the gateway will favor HTTP /2 over /1, but fall back to HTTP /1 if HTTP /2 doesn't work. | No       | 1    |
+| http-version                             | The HTTP protocol version to use when sending the HTTP request to the backend service: <br> - `1`: HTTP/1 <br> - `2`: HTTP/2 <br/> - `2or1`: The gateway favors HTTP/2 over HTTP/1, but falls back to HTTP/1 if HTTP/2 doesn't work.<br/><br/> HTTP/2 outbound is supported in select gateways. See [Usage notes](#usage-notes) for details. | No       | 1    |
 | follow-redirects | Specifies whether redirects from the backend service are followed by the gateway or returned to the caller. Policy expressions are allowed.                                                                                                                                                                                                    | No       | `false`   |
 | buffer-request-body      | When set to `true`, request is buffered and will be reused on [retry](retry-policy.md).                                                                                                                                                                                               | No       | `false`   |
 | buffer-response | Affects processing of chunked responses. When set to `false`, each chunk received from the backend is immediately returned to the caller. When set to `true`, chunks are buffered (8 KB, unless end of stream is detected) and only then returned to the caller.<br/><br/>Set to `false` with backends such as those implementing [server-sent events (SSE)](how-to-server-sent-events.md) that require content to be returned or streamed immediately to the caller. Policy expressions aren't allowed. | No | `true` |
@@ -48,11 +48,18 @@ The `forward-request` policy forwards the incoming request to the backend servic
 - [**Policy scopes:**](./api-management-howto-policies.md#scopes) global, workspace, product, API, operation
 -  [**Gateways:**](api-management-gateways-overview.md) classic, v2, consumption, self-hosted, workspace
 
+### Usage notes
+
+*  Use the `http-version` attribute to enable the HTTP/2 protocol outbound from the gateway to the backend. Set the attribute to `2or1` or `2`. Currently, HTTP/2 outbound is supported in the self-hosted gateway and in preview in the v2 gateway.
+
+    > [!IMPORTANT]
+    > In the v2 gateway, HTTP/2 is supported inbound to the API Management gateway and outbound from the gateway to the backend but not end-to-end. Currently, the v2 gateway downgrades an incoming HTTP/2 connection to HTTP/1 before forwarding the request to the backend.
+
 ## Examples
 
 ### Send request to HTTP/2 backend
 
-The following API level policy forwards all API requests to an HTTP/2 backend service.
+The following API level policy forwards all API requests to an HTTP/2 backend service. For example, use this policy to forward requests from a self-hosted gateway to a gRPC backend.
 
 ```xml
 <!-- api level -->
@@ -69,8 +76,6 @@ The following API level policy forwards all API requests to an HTTP/2 backend se
 </policies>
 ```
 
-This is required for HTTP /2 or gRPC workloads and currently only supported in self-hosted gateway. Learn more in our [API gateway overview](api-management-gateways-overview.md).
-
 ### Forward request with timeout interval
 
 The following API level policy forwards all API requests to the backend service with a timeout interval of 60 seconds.

articles/api-management/llm-emit-token-metric-policy.md

@@ -58,7 +58,7 @@ The `llm-emit-token-metric` policy sends custom metrics to Application Insights
 | ----------- | --------------------------------------------------------------------------------- | -------- |
 | dimension   | Add one or more of these elements for each dimension included in the metric.  | Yes      |
 
-### dimension attributes
+### Dimension attributes
 
 | Attribute | Description                | Required |  Default value  |
 | --------- | -------------------------- |  ------------------ | -------------- |
@@ -77,7 +77,7 @@ The `llm-emit-token-metric` policy sends custom metrics to Application Insights
 ### Usage notes
 
 * This policy can be used multiple times per policy definition.
-* You can configure at most 10 custom dimensions for this policy.
+* You can configure at most 5 custom dimensions for this policy.
 * Where available, values in the usage section of the response from the LLM API are used to determine token metrics.
 * Certain LLM endpoints support streaming of responses. When `stream` is set to `true` in the API request to enable streaming, token metrics are estimated.
 

articles/azure-functions/functions-bindings-mcp-trigger.md

@@ -421,6 +421,8 @@ In both cases, you must include a call to `builder.EnableMcpToolMetadata()` in y
 ```csharp
 var builder = FunctionsApplication.CreateBuilder(args);
 
+builder.ConfigureFunctionsWebApplication();
+
 builder.EnableMcpToolMetadata();
 
 // other configuration
@@ -449,6 +451,8 @@ You can define one or more tool properties in your entry point (`Program.cs`) fi
 ```csharp
 var builder = FunctionsApplication.CreateBuilder(args);
 
+builder.ConfigureFunctionsWebApplication();
+
 builder.EnableMcpToolMetadata();
 
 builder

articles/azure-functions/functions-bindings-mcp.md

@@ -64,6 +64,9 @@ To use this preview bundle in your app, replace the existing `extensionBundle` o
 
 [!INCLUDE [functions-host-json-section-intro](../../includes/functions-host-json-section-intro.md)]
 
+> [!NOTE]
+> Until the extension is no longer in preview, the JSON schema for `host.json` isn't updated, and specific properties and behaviors might change. During the preview period, you might see warnings in your editor that say the `mcp` section isn't recognized. You can safely ignore these warnings.
+
 You can use `host.json` to define MCP server information.
 
 ```json

articles/azure-maps/tutorial-create-store-locator.md

@@ -59,7 +59,7 @@ This section lists the Azure Maps features that are demonstrated in the Contoso
 * A store logo on the header
 * A map that supports panning and zooming
 * A **My Location** button to search over the user's current location.
-* A Page layout that adjusts based on the width of the devices screen
+* A Page layout that adjusts based on the width of the device's screen
 * A search box and a search button
 
 ### Functionality features