update

Author: msmbaldwin

.openpublishing.redirection.json

@@ -1,5 +1,30 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/backup/azure-elastic-storage-area-network-backup-manage.md",
+      "redirect_url": "/azure/backup/azure-elastic-san-backup-manage",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/backup/azure-elastic-storage-area-network-backup-restore.md",
+      "redirect_url": "/azure/backup/azure-elastic-san-backup-restore",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/backup/azure-elastic-storage-area-network-backup-configure.md",
+      "redirect_url": "/azure/backup/azure-elastic-san-backup-configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/backup/azure-elastic-storage-area-network-backup-support-matrix.md",
+      "redirect_url": "/azure/backup/azure-elastic-san-backup-support-matrix",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/backup/azure-elastic-storage-area-network-backup-overview.md",
+      "redirect_url": "/azure/backup/azure-elastic-san-backup-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/cdn/cdn-traffic-manager.md",
       "redirect_url": "/previous-versions/azure/cdn/cdn-traffic-manager",
@@ -7058,6 +7083,12 @@
       "source_path": "articles/cyclecloud/release-notes/ccws/2025.02.06.md",
       "redirect_url": "/azure/cyclecloud/release-notes/ccws/2025-02-06",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/reliability/whats-new.md",
+      "redirect_url": "/azure/reliability/overview",
+      "redirect_document_id": false
     }
   ]
 }
+

articles/active-directory-b2c/billing.md

@@ -5,7 +5,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: reference
-ms.date: 06/10/2025
+ms.date: 06/13/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: fasttrack-edit
@@ -19,7 +19,7 @@ ms.custom: fasttrack-edit
 
 Azure Active Directory B2C (Azure AD B2C) pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. This billing model applies to both Azure AD B2C tenants and [Microsoft Entra guest user collaboration (B2B)](../active-directory/external-identities/external-identities-pricing.md). MAU billing helps you reduce costs by offering a free tier and flexible, predictable pricing. 
 
-In this article, learn about MAU and Go Local billing, linking Azure AD B2C tenants to a subscription, and changing the pricing tier.
+In this article, learn about MAU and Go Local billing and linking Azure AD B2C tenants to a subscription.
 
 ## MAU overview
 
@@ -43,7 +43,7 @@ MAU billing went into effect for Azure AD B2C tenants on **November 1, 2019**. A
 - If you have an Azure AD B2C tenant that hasn't been linked to a subscription, link it now. 
 - If you have an existing Azure AD B2C tenant that was linked to a subscription before November 1, 2019, upgrade to the monthly active users (MAU) billing model. You can also choose to stay on the per-authentication billing model.
 
-Your Azure AD B2C tenant must also be linked to the appropriate Azure pricing tier based on the features you want to use. Premium features require Azure AD B2C [Premium P1 or P2 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/). You might need to upgrade your pricing tier as you use new features. For example, for risk-based Conditional Access policies, you’ll need to select the Azure AD B2C Premium P2 pricing tier for your tenant.
+Your Azure AD B2C tenant must also be linked to the appropriate Azure pricing tier based on the features you want to use. Premium features require Azure AD B2C [Premium P1 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/).
 
 > [!NOTE]
 > Your first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features, but the **free tier doesn’t apply to free trial, credit-based, or sponsorship subscriptions**. Once the free trial period or credits expire for these types of subscriptions, you'll begin to be charged for Azure AD B2C MAUs. To determine the total number of MAUs, we combine MAUs from all your tenants (both Microsoft Entra ID and Azure AD B2C) that are linked to the same subscription.

articles/active-directory-b2c/faq.yml

@@ -8,7 +8,7 @@ metadata:
   ms.service: azure-active-directory
 
   ms.topic: faq
-  ms.date: 06/12/2024
+  ms.date: 06/20/2025
   ms.author: godonnell
   ms.subservice: b2c
   ms.custom: b2c-support, has-azure-ad-ps-ref,azure-ad-ref-level-one-done
@@ -24,7 +24,7 @@ sections:
       - question: |
           Azure AD B2C end of sale
         answer: |
-          Effective **May 1, 2025** Azure AD B2C will no longer be available to purchase for new customers, but current Azure AD B2C customers can continue using the product. The product experience, including creating new tenants or user flows, will remain unchanged. The operational commitments, including service level agreements (SLAs), security updates, and compliance, will also remain unchanged. We'll continue supporting Azure AD B2C until at least May 2030. More information, including migration plans will be made available. Contact your account representative for more information and to learn more about Microsoft Entra External ID.
+          Effective **May 1, 2025** Azure AD B2C will no longer be available to purchase for new customers, but current Azure AD B2C customers can continue using the product. The product experience, including creating new tenants or user flows, will remain unchanged; however, new tenants can only be created with Azure AD B2C P1.  Azure AD B2C P2 will be discontinued on March 15, 2026, for all customers. The operational commitments, including service level agreements (SLAs), security updates, and compliance, will also remain unchanged. We'll continue supporting Azure AD B2C until at least May 2030. More information, including migration plans will be made available. Contact your account representative for more information and to learn more about Microsoft Entra External ID.
       - question: |
           What is Microsoft Entra External ID?
         answer: |

articles/api-center/synchronize-api-management-apis.md

@@ -4,7 +4,7 @@ description: Integrate an API Management instance to Azure API Center for automa
 author: dlepow
 ms.service: azure-api-center
 ms.topic: how-to
-ms.date: 06/02/2025
+ms.date: 06/18/2025
 ms.author: danlep 
 ms.custom: devx-track-azurecli
 # Customer intent: As an API program manager, I want to integrate my Azure API Management instance with my API center and synchronize API Management APIs to my inventory.
@@ -32,6 +32,7 @@ API Management APIs automatically synchronize to the API center whenever existin
 > [!NOTE]
 > * Integration of Azure API Management is currently in preview.
 > * There are [limits](../azure-resource-manager/management/azure-subscription-service-limits.md?toc=/azure/api-center/toc.json&bc=/azure/api-center/breadcrumb/toc.json#azure-api-center-limits) for the number of integrated API Management instances (API sources).
+> * An integrated API Management instance can be configured in a virtual network.
 > * API updates in API Management typically synchronize to your API center within minutes, but synchronization can take up to 24 hours.
 > * API definitions also synchronize to the API center if you select the option to include them during integration.
 

articles/api-management/TOC.yml

@@ -113,7 +113,7 @@
         href: inject-vnet-v2.md
       - name: Virtual network integration (v2 tiers)
         href: integrate-vnet-outbound.md
-    - name: Virtual network integration (workspace gateway) - requirements
+    - name: Virtual network for workspace gateways
       href: virtual-network-workspaces-resources.md
     - name: Connect privately using private endpoint
       href: private-endpoint.md

articles/api-management/api-management-howto-disaster-recovery-backup-restore.md

@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 09/06/2024
+ms.date: 06/16/2025
 ms.author: danlep 
 ms.custom: devx-track-azurepowershell
 ---
@@ -39,7 +39,11 @@ This article shows how to automate backup and restore operations of your API Man
 
 ## Prerequisites
 
-* An API Management service instance. If you don't have one, see [Create an API Management service instance](get-started-create-service-instance.md).
+* An API Management service instance in a supported service tier. If you don't have one, see [Create an API Management service instance](get-started-create-service-instance.md).
+
+   > [!NOTE]
+   > Currently, backup and restore aren't supported in API Management instances with associated [workspace gateways](workspaces-overview.md#workspace-gateway).
+
 * An Azure storage account. If you don't have one, see [Create a storage account](../storage/common/storage-account-create.md).
     * [Create a container](../storage/blobs/storage-quickstart-blobs-portal.md#create-a-container) in the storage account to hold the backup data.
 

articles/api-management/api-management-region-availability.md

@@ -6,7 +6,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: concept-article
-ms.date: 05/28/2025
+ms.date: 06/17/2025
 ms.author: danlep
 ms.custom:
   - references_regions
@@ -34,7 +34,7 @@ Information in the following table is updated regularly. Capacity availability i
 | Central India  | ✅ | ✅ | |  |
 | East Asia | ✅ | ✅ | | ✅ |
 | East US  | ✅ | ✅ |  |  |
-| East US 2 | ✅ | ✅ |  | ✅ |
+| East US 2 | ✅ | ✅ | ✅ | ✅ |
 | France Central  | ✅ | ✅ | | ✅ |
 | Germany West Central  | ✅ | ✅ | ✅ | ✅ |
 | Japan East | ✅ | ✅ | | ✅ |

articles/api-management/inject-vnet-v2.md

@@ -103,12 +103,7 @@ When you [create](get-started-create-service-instance.md) a Premium v2 instance
 
 When a Premium v2 API Management instance is injected in a virtual network, you have to manage your own DNS to enable inbound access to API Management. 
 
-While you have the option to use your own custom DNS server, we recommend:
-
-1. Configure an Azure [DNS private zone](../dns/private-dns-overview.md).
-1. Link the Azure DNS private zone to the virtual network. 
-
-Learn how to [set up a private zone in Azure DNS](../dns/private-dns-getstarted-portal.md).
+[!INCLUDE [api-management-virtual-network-dns-resolver](../../includes/api-management-virtual-network-dns-resolver.md)]
 
 ### Endpoint access on default hostname
 

articles/api-management/self-hosted-gateway-enable-dapr.md

@@ -18,7 +18,7 @@ Dapr integration in API Management enables operations teams to directly expose D
 
 ## About Dapr
 
-Dapr is a portable runtime for building stateless and stateful microservices-based applications with any language or framework. It codifies the common microservice patterns, like service discovery and invocation with build-in retry logic, publish-and-subscribe with at-least-once delivery semantics, or pluggable binding resources to ease composition using external services. Go to [dapr.io](https://dapr.io) for detailed information and instruction on how to get started with Dapr.
+Dapr is a portable runtime for building stateless and stateful microservices-based applications with any language or framework. It codifies the common microservice patterns, like service discovery and invocation with built-in retry logic, publish-and-subscribe with at-least-once delivery semantics, or pluggable binding resources to ease composition using external services. Go to [dapr.io](https://dapr.io) for detailed information and instruction on how to get started with Dapr.
 
 ## Enable Dapr support
 

articles/api-management/validate-client-certificate-policy.md

@@ -54,11 +54,11 @@ For more information about custom CA certificates and certificate authorities, s
 
 | Name                            | Description      | Required |  Default    |
 | ------------------------------- | -----------------| -------- | ----------- |
-| validate-revocation  | Boolean. Specifies whether certificate is validated against online revocation list. Policy expressions aren't allowed.  | No  | `true`  |
-| validate-trust | Boolean. Specifies if validation should fail in case chain cannot be successfully built up to trusted CA. Policy expressions aren't allowed. | No | `true` |
-| validate-not-before | Boolean. Validates value against current time. Policy expressions aren't allowed.| No | `true` |
-| validate-not-after  | Boolean. Validates value against current time. Policy expressions aren't allowed.| No | `true`|
-| ignore-error  | Boolean. Specifies if policy should proceed to the next handler or jump to on-error upon failed validation. Policy expressions aren't allowed. | No | `false` |
+| validate-revocation | Boolean. Specifies whether certificate is validated against online revocation list. Policy expressions aren't allowed. | No  | `true`  |
+| validate-trust| Boolean. Specifies if validation should fail in case chain cannot be successfully built up to trusted CA. Policy expressions aren't allowed. | No | `true` |
+| validate-not-before | Boolean. Validates value against current time. Policy expressions aren't allowed.| No| `true` |
+| validate-not-after | Boolean. Validates value against current time. Policy expressions aren't allowed.| No| `true`|
+| ignore-error | Boolean. Specifies if policy should proceed to the next handler or jump to on-error upon failed validation. Policy expressions aren't allowed. | No | `false` |
 
 ## Elements
 
@@ -70,27 +70,24 @@ For more information about custom CA certificates and certificate authorities, s
 
 | Name                            | Description      | Required |  Default    |
 | ------------------------------- | -----------------| -------- | ----------- |
-| thumbprint | Certificate thumbprint. | No | N/A |
+| thumbprint | Certificate SHA-1 thumbprint. | No | N/A |
 | serial-number | Certificate serial number. | No | N/A |
 | common-name | Certificate common name (part of Subject string). | No | N/A |
 | subject | Subject string. Must follow format of Distinguished Name, which consists of comma-separated name attributes, for example, *"CN=MyName, OU=MyOrgUnit, C=US..."*.| No | N/A | 
 | dns-name | Value of dnsName entry inside Subject Alternative Name claim. | No | N/A |
-| issuer-subject | Issuer's subject. Must follow format of Distinguished Name, which consists of comma-separated name attributes, for example, *"CN=MyName, OU=MyOrgUnit, C=US..."*. | No | N/A |
-| issuer-thumbprint | Issuer thumbprint. | No | N/A |
-| issuer-certificate-id | Identifier of existing certificate entity representing the issuer's public key. Mutually exclusive with other issuer attributes.  | No | N/A |
+| issuer-subject | Issuer's subject. Must follow format of Distinguished Name. | No | N/A |
+| issuer-thumbprint | Issuer SHA-1 thumbprint. | No | N/A |
+| issuer-certificate-id | Identifier of existing certificate entity representing the issuer's public key. Mutually exclusive with other issuer attributes. | No | N/A |
+
 
 ## Usage
 
 - [**Policy sections:**](./api-management-howto-policies.md#understanding-policy-configuration) inbound
 - [**Policy scopes:**](./api-management-howto-policies.md#scopes) global, workspace, product, API, operation
 - [**Gateways:**](api-management-gateways-overview.md) classic, v2, consumption, self-hosted, workspace
 
+## Examples
 
-### Usage notes
-
-* You must use double quotes to enclose values of name attributes in the `subject` and `issuer-subject` attributes when they contain certain special characters such as ",". For example, specify `O="Contoso, Inc."` instead of `O=Contoso, Inc.` for the organization name. [Learn more](/windows/win32/api/wincrypt/nf-wincrypt-certnametostra#remarks)
-
-## Example
 
 The following example validates a client certificate to match the policy's default validation rules and checks whether the subject and issuer name match specified values.
 
@@ -109,6 +106,25 @@ The following example validates a client certificate to match the policy's defau
 </validate-client-certificate> 
 ```
 
+The following example performs a stricter validation by cheking whether the subject thumbprint and the issuer thumbprint match specified values.
+
+```xml
+<validate-client-certificate 
+    validate-revocation="true" 
+    validate-trust="true" 
+    validate-not-before="true" 
+    validate-not-after="true" 
+    ignore-error="false">
+    <identities>
+        <identity
+            thumbprint="AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00"
+            issuer-thumbprint="BB22CC33DD44EE55FF66AA77BB88CC99DD00EE11" />
+    </identities>
+</validate-client-certificate> 
+```
+
+
+
 ## Related policies
 
 * [Authentication and authorization](api-management-policies.md#authentication-and-authorization)