Merge pull request #267994 from duongau/afdgov

Azure Front Door - Migration articles (add note about Gov cloud doesn't support manage certificate)

Author: prmerger-automator[bot]

articles/frontdoor/migrate-tier-powershell.md

@@ -60,6 +60,9 @@ Azure Front Door Standard and Premium tier bring the latest cloud delivery netwo
 
 ## Prepare for migration
 
+> [!NOTE]
+> * Managed certificate is currently **not supported** for Azure Front Door Standard or Premium in Azure Government Cloud. You need to use BYOC for Azure Front Door Standard or Premium in Azure Government Cloud or wait until this capability is available.
+
 #### [Without WAF and BYOC (Bring your own certificate)](#tab/without-waf-byoc)
 
 Run the [Start-AzFrontDoorCdnProfilePrepareMigration](/powershell/module/az.cdn/start-azfrontdoorcdnprofilepreparemigration) command to prepare for migration. Replace the values for the resource group name, resource ID, profile name with your own values. For *SkuName* use either **Standard_AzureFrontDoor** or **Premium_AzureFrontDoor**. The *SkuName* is based on the output from the [Test-AzFrontDoorCdnProfileMigration](/powershell/module/az.cdn/test-azfrontdoorcdnprofilemigration) command.

articles/frontdoor/migrate-tier.md

@@ -75,11 +75,12 @@ Azure Front Door Standard and Premium tier bring the latest cloud delivery netwo
 
 ## Enable managed identities
 
-> [!NOTE]
-> If you're not using your own certificate, enabling managed identities and granting access to the Key Vault is not required. You can skip to the [**Migrate**](#migrate) phase.
-
 If you're using your own certificate and you'll need to enable managed identity so Azure Front Door can access the certificate in your Azure Key Vault. Managed identity is a feature of Microsoft Entra ID that allows you to securely connect to other Azure services without having to manage credentials. For more information, see [What are managed identities for Azure resources?](..//active-directory/managed-identities-azure-resources/overview.md)
 
+> [!NOTE]
+> * If you're not using your own certificate, enabling managed identities and granting access to the Key Vault is not required. You can skip to the [**Migrate**](#migrate) phase.
+> * Managed certificate is currently **not supported** for Azure Front Door Standard or Premium in Azure Government Cloud. You need to use BYOC for Azure Front Door Standard or Premium in Azure Government Cloud or wait until this capability is available.
+
 1. Select **Enable** and then select either **System assigned** or **User assigned** depending on the type of managed identities you want to use.
 
     :::image type="content" source="./media/migrate-tier/enable-managed-identity.png" alt-text="Screenshot of the enable manage identity button for Front Door migration.":::

articles/frontdoor/tier-migration.md

@@ -5,7 +5,7 @@ services: frontdoor
 author: duongau
 ms.service: frontdoor
 ms.topic: conceptual
-ms.date: 05/26/2023
+ms.date: 03/04/2024
 ms.author: duau
 ---
 
@@ -33,6 +33,9 @@ The migration tool checks to see if your Azure Front Door (classic) profile is c
 
 * If you're using BYOC (Bring Your Own Certificate) for Azure Front Door (classic), you need to [grant Key Vault access](standard-premium/how-to-configure-https-custom-domain.md#register-azure-front-door) to Azure Front Door Standard or Premium. This step is required for Azure Front Door Standard or Premium to access your certificate in Key Vault. If you're using Azure Front Door managed certificate, you don't need to grant Key Vault access.
 
+    > [!NOTE]
+    > Managed certificate is currently **not supported** for Azure Front Door Standard or Premium in Azure Government Cloud. You need to use BYOC for Azure Front Door Standard or Premium in Azure Government Cloud or wait until this capability is available..
+
 #### Prepare for migration
 
 Azure Front Door creates a new Standard or Premium profile based on your Front Door (classic) profile's configuration. The new Front Door profile tier depends on the Web Application Firewall (WAF) policy settings you associate with the profile.