Update concepts-networking-private-link.md

Author: GennadNY

articles/postgresql/flexible-server/concepts-networking-private-link.md

@@ -12,12 +12,37 @@ ms.custom:
 ms.topic: conceptual
 ---
 
-# Azure Database for PostgreSQL - Flexible Server networking with Private Link - Preview
+# Azure Database for PostgreSQL - Flexible Server networking with Private Link 
 
 **Azure Private Link** allows you to create private endpoints for Azure Database for PostgreSQL flexible server to bring it inside your Virtual Network (virtual network). That functionality is introduced **in addition** to already [existing networking capabilities provided by VNET Integration](./concepts-networking-private.md), which is currently in general availability with Azure Database for PostgreSQL flexible server. With **Private Link**, traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no longer necessary. You can create your own private link service in your virtual network and deliver it to your customers. Setup and consumption using Azure Private Link is consistent across Azure PaaS, customer-owned, and shared partner services.
 
 > [!NOTE]
-> Azure Database for PostgreSQL flexible server supports Private Link based networking in Preview.
+> Azure Database for PostgreSQL flexible server supports Private Link based networking in General Availability in following regions:
+> * Canada East
+> *	Poland Central
+> *	Italy North
+> *	South India
+> *	UK West
+> *	Japan West
+> *	France South
+> *	Qatar Central
+> *	Jio India West
+> *	Australia Central
+> *	Korea South
+> *	Switzerland West
+> *	UAE Central
+> *	Australia Central 2
+> *	Germany North
+> *	Norway West
+> *	Brazil Southeast
+> *	South Africa West
+>
+> **You can create new Azure Database for PostgreSQL - Flexible Server, with Azure Private Link based networking utilizing Private Endpoints in these above listed regions under General Availability.**
+> **In the rest of Azure regions where Azure Database for PostgreSQL - Flexible Server is available, Azure Database for PostgreSQL flexible server supports Private Link based networking in Preview at this time.**
+>
+> **Important Prerequisite for regions where this feature is in Preview** Azure Database for PostgreSQL flexible server support for Private Endpoints in Preview requires enablement of [**Azure Database for PostgreSQL flexible server Private Endpoint capability** preview feature in your subscription](../../azure-resource-manager/management/preview-features.md). Only **after preview feature is enabled** you can create servers which are PE capable, i.e. can be networked using Private Link.
+
+
 
 Private Link is exposed to users through two  Azure resource types:
 
@@ -31,10 +56,6 @@ For a list to PaaS services that support Private Link functionality, review the
 
 The same public service instance can be referenced by multiple private endpoints in different VNets/subnets, even if they belong to different users/subscriptions (including within differing Microsoft Entra ID tenants) or if they have overlapping address spaces.
 
-> [!NOTE]
-> **Important Prerequisite:** Azure Database for PostgreSQL flexible server support for Private Endpoints in Preview requires enablement of [**Azure Database for PostgreSQL flexible server Private Endpoint capability** preview feature in your subscription](../../azure-resource-manager/management/preview-features.md). 
-> Only **after preview feature is enabled** you can create servers which are PE capable, i.e. can be networked using Private Link.
-
 
 ## Key Benefits of Azure Private Link
 
@@ -58,23 +79,24 @@ Clients can connect to the private endpoint from the same VNet, peered VNet in s
 
 In  Preview of Private Endpoint for Azure Database for PostgreSQL flexible server, there are certain limitations as explain in cross feature availability matrix below.
 
-Cross Feature Availability Matrix for preview of Private Endpoint in Azure Database for PostgreSQL flexible server.
+Cross Feature Availability Matrix for Private Endpoint in Azure Database for PostgreSQL flexible server.
 
 | **Feature** | **Availability** | **Notes** |
 | --- | --- | --- |
 | High Availability (HA) | Yes |Works as designed |
-| Read Replica | No | |
+| Read Replica | Yes | **Limitation: support replica site swap only with single replica.**|
 | Point in Time Restore (PITR) | Yes |Works as designed |
 | Allowing also public/internet access with firewall rules | Yes | Works as designed|
 | Major Version Upgrade (MVU) | Yes | Works as designed |
 | Microsoft Entra Authentication (Entra Auth) | Yes | Works as designed |
 | Connection pooling with PGBouncer | Yes | Works as designed |
 | Private Endpoint DNS | Yes | Works as designed and [documented](../../private-link/private-endpoint-dns.md) |
+| Encryption with Customer Managed Keys (CMK)| Yes| Works as designed|
 
 
 ### Connect from an Azure VM in Peered Virtual Network 
 
-Configure [VNet peering](../../virtual-network/tutorial-connect-virtual-networks-powershell.md) to establish connectivity to Azure Database for PostgreSQL flexible server from an Azure VM in a peered VNet.
+Configure [virtual network peering](../../virtual-network/tutorial-connect-virtual-networks-powershell.md) to establish connectivity to Azure Database for PostgreSQL flexible server from an Azure VM in a peered virtual network.
 
 ### Connect from an Azure VM in VNet-to-VNet environment
 
@@ -89,7 +111,7 @@ To establish connectivity from an on-premises environment to the Azure Database
 
 ## Network Security and Private Link
 
-When you use private endpoints, traffic is secured to a **private-link resource**. The platform validates network connections, allowing only those that reach the specified private-link resource. To access more subresources within the same Azure service, more private endpoints with corresponding targets are required. In the case of Azure Storage, for instance, you would need separate private endpoints to access the file and blob subresources.
+When you use private endpoints, traffic is secured to a **private-link resource**. The platform validates network connections, allowing only those connections that reach the specified private-link resource. To access more subresources within the same Azure service, more private endpoints with corresponding targets are required. In the case of Azure Storage, for instance, you would need separate private endpoints to access the file and blob subresources.
 
 **Private endpoints** provide a privately accessible IP address for the Azure service, but don't necessarily restrict public network access to it. All other Azure services require another [access controls](../../event-hubs/event-hubs-ip-filtering.md), however. These controls provide an extra network security layer to your resources, providing protection that helps prevent access to the Azure service associated with the private-link resource.
 
@@ -126,10 +148,10 @@ The following situations and outcomes are possible when you use Private Link in
 
 ## Troubleshooting connectivity issues with Private Endpoint based networking
 
-Following are basic areas to check if you are having connectivity issues using Private Endpoint based networking:
+Following are basic areas to check if you're having connectivity issues using Private Endpoint based networking:
 
 1. **Verify IP Address Assignments:** Check that the private endpoint has the correct IP address assigned and that there are no conflicts with other resources. For more information on private endpoint and IP see this [doc](../../private-link/manage-private-endpoint.md)
-2. **Check Network Security Groups (NSGs):** Review the NSG rules for the private endpoint's subnet to ensure the necessary traffic is allowed and does not have conflicting rules.  For more information on NSG see this [doc](../../virtual-network/network-security-groups-overview.md)
+2. **Check Network Security Groups (NSGs):** Review the NSG rules for the private endpoint's subnet to ensure the necessary traffic is allowed and doesn't have conflicting rules.  For more information on NSG see this [doc](../../virtual-network/network-security-groups-overview.md)
 3. **Validate Route Table Configuration:** Ensure the route tables associated with the private endpoint's subnet and the connected resources are correctly configured with the appropriate routes.
 4. **Use Network Monitoring and Diagnostics:** Leverage Azure Network Watcher to monitor and diagnose network traffic using tools like Connection Monitor or Packet Capture. For more information on network diagnostics see this [doc](../../network-watcher/network-watcher-overview.md)