Skip to content

Commit 73c0a64

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #264257 from johnmarco/jm-update-esu-endpoint
Updated ESU endpoint
2 parents 5f0d8f9 + 4285d88 commit 73c0a64

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

articles/azure-arc/servers/includes/esu-network-requirements.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ If you are using Azure Arc-enabled servers only for the purpose of Extended Secu
1717
|`management.azure.com`|Azure Resource Manager - to create or delete the Arc server resource|When connecting or disconnecting a server, only| Public, unless a [resource management private link](../../../azure-resource-manager/management/create-private-link-access-portal.md) is also configured |
1818
|`*.his.arc.azure.com`|Metadata and hybrid identity services|Always| Private |
1919
|`*.guestconfiguration.azure.com`| Extension management and guest configuration services |Always| Private |
20-
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | ESUs enabled by Azure Arc | Public |
20+
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | Always for automatic updates, or temporarily if downloading certificates manually. | Public |
2121
|`san-af-<region>-prod.azurewebsites.net`| Azure Arc data processing service| SQL Server ESUs | Public|
2222

2323
#### [Azure Government](#tab/azure-government)
@@ -30,7 +30,7 @@ If you are using Azure Arc-enabled servers only for the purpose of Extended Secu
3030
|`management.usgovcloudapi.net`|Azure Resource Manager - to create or delete the Arc server resource|When connecting or disconnecting a server, only| Public, unless a [resource management private link](../../../azure-resource-manager/management/create-private-link-access-portal.md) is also configured |
3131
|`*.his.arc.azure.us`|Metadata and hybrid identity services|Always| Private |
3232
|`*.guestconfiguration.azure.us`| Extension management and guest configuration services |Always| Private |
33-
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | ESUs enabled by Azure Arc | Public |
33+
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | Always for automatic updates, or temporarily if downloading certificates manually. | Public |
3434

3535
#### [Microsoft Azure operated by 21Vianet](#tab/azure-china)
3636

articles/azure-arc/servers/includes/network-requirements.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ The table below lists the URLs that must be available in order to install and us
6060
|`dc.services.visualstudio.com`|Agent telemetry|Optional, not used in agent versions 1.24+| Public |
6161
| `san-af-<region>-prod.azurewebsites.net` | Azure Arc data processing service | For SQL Server enabled by Azure Arc. The Azure Extension for SQL Server uploads inventory and billing information to the data processing service. | Public |
6262
| `telemetry.<region>.arcdataservices.com` | For Arc SQL Server. Sends service telemetry and performance monitoring to Azure | Always | Public |
63-
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | ESUs enabled by Azure Arc | Public |
63+
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | If using ESUs enabled by Azure Arc. Required always for automatic updates, or temporarily if downloading certificates manually. | Public |
6464

6565
> [!NOTE]
6666
> To translate the `*.servicebus.windows.net` wildcard into specific endpoints, use the command `\GET https://guestnotificationservice.azure.com/urls/allowlist?api-version=2020-01-01&location=<region>`. Within this command, the region must be specified for the `<region>` placeholder.
@@ -84,7 +84,7 @@ The table below lists the URLs that must be available in order to install and us
8484
|`*.guestconfiguration.azure.us`| Extension management and guest configuration services |Always| Private |
8585
|`*.blob.core.usgovcloudapi.net`|Download source for Azure Arc-enabled servers extensions|Always, except when using private endpoints| Not used when private link is configured |
8686
|`dc.applicationinsights.us`|Agent telemetry|Optional, not used in agent versions 1.24+| Public |
87-
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | ESUs enabled by Azure Arc | Public |
87+
|`www.microsoft.com/pkiops/certs`| Intermediate certificate updates for ESUs (note: uses HTTP/TCP 80 and HTTPS/TCP 443) | If using ESUs enabled by Azure Arc. Required always for automatic updates, or temporarily if downloading certificates manually. | Public |
8888

8989
#### [Microsoft Azure operated by 21Vianet](#tab/azure-china)
9090

0 commit comments

Comments
 (0)