Merge pull request #246257 from ericd-mst-github/erd-aib-updates

prmerger-automator[bot] · web-flow · commit 737d97019a59 · 2023-08-10T18:22:45.000Z
AIB SQL WinRM connection configuration updates
diff --git a/articles/virtual-machines/image-builder-overview.md b/articles/virtual-machines/image-builder-overview.md
@@ -3,7 +3,7 @@ title: Azure VM Image Builder overview
 description: In this article, you learn about VM Image Builder for virtual machines in Azure.
 author: sumit-kalra
 ms.author: sukalra
-ms.date: 05/30/2023
+ms.date: 07/31/2023
 ms.topic: conceptual
 ms.service: virtual-machines
 ms.subservice: image-builder
@@ -151,6 +151,20 @@ VM Image Builder supports the following Azure Marketplace base operating system
 > [!NOTE]
 > You can now use the Azure Image Builder service inside the portal as of March 2023. [Get started](https://ms.portal.azure.com/#create/Microsoft.ImageTemplate) with building and validating custom images inside the portal.
 
+## Confidential VM and Trusted Launch Support
+
+VM Image Builder has extended support for TrustedLaunchSupported and ConfidentialVMSupported images, with certain constraints. Below is the list of constraints:
+
+| SecurityType | Support status |
+|--------------|----------------|
+| TrustedLaunchSupported | Support as a source image for image builds |
+| ConfidentialVMSupported | Support as a source image for image builds |
+| TrustedLaunch | Not supported as a source image |
+| ConfidentialVM | Not supported as a source image |
+
+> [!NOTE]
+> When using TrustedLaunchSupported images, it's important that the source and distribute must both be TrustedLaunchSupported for it to be supported. If the source is normal and the distribute is TrustedLaunchSupported, or if the source is TrustedLaunchSupported and the distribute is normal Gen2, it's not supported.
+
 ## How it works
 
 VM Image Builder is a fully managed Azure service that's accessible to Azure resource providers. Resource providers configure it by specifying a source image, a customization to perform, and where the new image is to be distributed. A high-level workflow is illustrated in the following diagram:
diff --git a/articles/virtual-machines/linux/image-builder-networking.md b/articles/virtual-machines/linux/image-builder-networking.md
@@ -3,8 +3,8 @@ title: Azure VM Image Builder networking options
 description: Understand the networking options available to you when you deploy the Azure VM Image Builder service.
 author: kof-f
 ms.author: kofiforson
-ms.reviewer: cynthn
-ms.date: 08/10/2020
+ms.reviewer: erd
+ms.date: 07/25/2023
 ms.topic: article
 ms.service: virtual-machines
 ms.subservice: image-builder
@@ -46,6 +46,9 @@ If you use an existing virtual network, VM Image Builder deploys an additional V
 > The virtual network must be in the same region as the VM Image Builder service region.
 > 
 
+> [!IMPORTANT]
+> The Azure VM Image Builder service modifies the WinRM connection configuration on all Windows builds to use HTTPS on port 5986 instead of the default HTTP port on 5985. This configuration change can impact workflows that rely on WinRM communication.
+
 ### Why deploy a proxy VM?
 
 When a VM without a public IP is behind an internal load balancer, it doesn't have internet access. The load balancer used for the virtual network is internal. The proxy VM allows internet access for the build VM during builds. You can use the associated network security groups to restrict the build VM access.
