PE no longer blocks public access for App Services

Recent changes in Azure App Service allow Azure App Services and Azure Functions with Private Link to be publicly accessed. Documentation for that topic is in the App Service docs: https://learn.microsoft.com/en-us/azure/app-service/networking/private-endpoint#conceptual-overview

Quoting from those docs: "Private endpoint and public access can co-exist on an app. For more information, see overview of access restrictions"

This PR updates the Private Endpoint documentation to reflect those changes.

/cc @asudbring @madsd as authors for each of the statements in the docs.

Author: ranieuwe

articles/private-link/private-endpoint-overview.md

@@ -125,7 +125,7 @@ A private-link resource is the destination target of a specified private endpoin
 
 When you use private endpoints, traffic is secured to a private-link resource. The platform validates network connections, allowing only those that reach the specified private-link resource. To access additional sub-resources within the same Azure service, additional private endpoints with corresponding targets are required. In the case of Azure Storage, for instance, you would need separate private endpoints to access the _file_ and _blob_ sub-resources.
 
-Private endpoints provide a privately accessible IP address for the Azure service, but do not necessarily restrict public network access to it. [Azure App Service](tutorial-private-endpoint-webapp-portal.md) and [Azure Functions](../azure-functions/functions-create-vnet.md) become inaccessible publicly when they are associated with a private endpoint. All other Azure services require additional [access controls](../event-hubs/event-hubs-ip-filtering.md), however. These controls provide an extra network security layer to your resources, providing protection that helps prevent access to the Azure service associated with the private-link resource.
+Private endpoints provide a privately accessible IP address for the Azure service, but do not necessarily restrict public network access to it. All other Azure services require additional [access controls](../event-hubs/event-hubs-ip-filtering.md), however. These controls provide an extra network security layer to your resources, providing protection that helps prevent access to the Azure service associated with the private-link resource.
 
 Private endpoints support network policies. Network policies enable support for Network Security Groups (NSG), User Defined Routes (UDR), and Application Security Groups (ASG). For more information about enabling network policies for a private endpoint, see [Manage network policies for private endpoints](disable-private-endpoint-network-policy.md). To use an ASG with a private endpoint, see [Configure an application security group (ASG) with a private endpoint](configure-asg-private-endpoint.md).