Merge pull request #303627 from mbender-ms/nsp-GA-updates

network security perimeter | GA Release updates

Author: JillGrant615

articles/private-link/create-network-security-perimeter-bicep.md

@@ -6,7 +6,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 03/25/2025   
+ms.date: 08/01/2025
 ms.custom: subject-armqs, mode-arm, template-concept, devx-track-bicep
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource in the Bicep, so that I can control the network traffic to and from the resource.
 # Customer intent: As a network administrator, I want to create a network security perimeter for an Azure Key Vault using Bicep, so that I can manage network traffic securely within a defined boundary.

articles/private-link/create-network-security-perimeter-cli.md

@@ -8,7 +8,7 @@ ms.service: azure-private-link
 ms.custom:
   - ignite-2024
 ms.topic: quickstart
-ms.date: 03/25/2025
+ms.date: 08/01/2025
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource using Azure CLI, so that I can control the network traffic to and from the resource.
 # Customer intent: As a network administrator, I want to create a network security perimeter for an Azure Key Vault using Azure CLI, so that I can control and monitor the network traffic to and from the resource effectively.
 ---

articles/private-link/create-network-security-perimeter-portal.md

@@ -6,7 +6,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 03/25/2025
+ms.date: 08/01/2025
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource in the Azure portal, so that I can control the network traffic to and from the resource.
 # Customer intent: As a network administrator, I want to create a network security perimeter for an Azure Key Vault in the Azure portal, so that I can manage and control network traffic securely for the resource.
 ---

articles/private-link/create-network-security-perimeter-powershell.md

@@ -6,7 +6,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 03/25/2025
+ms.date: 08/01/2025
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource using Azure PowerShell, so that I can control the network traffic to and from the resource.
 # Customer intent: As a network administrator, I want to create and manage a network security perimeter for an Azure Key Vault using PowerShell, so that I can enhance security by controlling the network traffic within a trusted boundary.
 ---

articles/private-link/create-network-security-perimeter-template.md

@@ -5,7 +5,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: quickstart
-ms.date: 03/25/2025
+ms.date: 08/01/2025
 ms.custom: subject-armqs, mode-arm, template-quickstart, devx-track-arm-template
 #CustomerIntent: As a network administrator, I want to create a network security perimeter for an Azure resource in the Azure Resource Manager template, so that I can control the network traffic to and from the resource.
 # Customer intent: As a network administrator, I want to create a network security perimeter for an Azure Key Vault using an ARM template, so that I can control and secure the network traffic to and from the resource effectively.

articles/private-link/media/network-security-perimeter-concepts/network-security-perimeter-overview-large.png

@@ -6,7 +6,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: overview
-ms.date: 07/29/2025
+ms.date: 08/01/2025
 ms.custom:
   - references_regions, ignite-2024
   - ai-gen-docs-bap
@@ -94,21 +94,31 @@ For example, upon creating a network security perimeter and associating a set of
 
 A network security perimeter-aware private link resource is a PaaS resource that can be associated with a network security perimeter. Currently the list of onboarded private link resources are as follows:
 
-| Private link resource name | Resource type | Resources |
-|---------------------------|---------------|-----------|
-| [Azure Monitor](/azure/azure-monitor/essentials/network-security-perimeter)             | Microsoft.Insights/dataCollectionEndpoints</br>Microsoft.Insights/ScheduledQueryRules</br>Microsoft.Insights/actionGroups</br>Microsoft.OperationalInsights/workspaces | Log Analytics Workspace, Application Insights, Alerts, Notification Service |
-| [Azure AI Search](/azure/search/search-security-network-security-perimiter)          | Microsoft.Search/searchServices | - |
-| [Cosmos DB](/azure/cosmos-db/how-to-configure-nsp)                | Microsoft.DocumentDB/databaseAccounts | - |
-| [Event Hubs](/azure/event-hubs/network-security-perimeter)                | Microsoft.EventHub/namespaces | - |
-| [Key Vault](/azure/key-vault/general/network-security#network-security-perimeter-preview)                 | Microsoft.KeyVault/vaults | - |
-| [SQL DB](/azure/azure-sql/database/network-security-perimeter)                    | Microsoft.Sql/servers | - |
-| [Storage](/azure/storage/common/storage-network-security#network-secuirty-perimeter-preview)               | Microsoft.Storage/storageAccounts | - |
-| [Azure OpenAI service](/azure/ai-services/openai/how-to/network-security-perimeter) | Microsoft.CognitiveServices | - |
+| Private link resource name | Resource type | Resources | Availability |
+|---------------------------|---------------|-----------| --------- |
+| [Azure Monitor](/azure/azure-monitor/essentials/network-security-perimeter)             | Microsoft.Insights/dataCollectionEndpoints</br>Microsoft.Insights/ScheduledQueryRules</br>Microsoft.Insights/actionGroups</br>Microsoft.OperationalInsights/workspaces | Log Analytics Workspace, Application Insights, Alerts, Notification Service | Generally available |
+| [Azure AI Search](/azure/search/search-security-network-security-perimiter)          | Microsoft.Search/searchServices | | Generally Available |
+| [Cosmos DB](/azure/cosmos-db/how-to-configure-nsp)                | Microsoft.DocumentDB/databaseAccounts | | Public Preview |
+| [Event Hubs](/azure/event-hubs/network-security-perimeter)                | Microsoft.EventHub/namespaces | | Generally Available |
+| [Key Vault](/azure/key-vault/general/network-security#network-security-perimeter-preview)                 | Microsoft.KeyVault/vaults | | Generally Available |
+| [SQL DB](/azure/azure-sql/database/network-security-perimeter)                    | Microsoft.Sql/servers | | Public Preview |
+| [Storage](/azure/storage/common/storage-network-security#network-secuirty-perimeter-preview)               | Microsoft.Storage/storageAccounts | | Generally Available |
+| [Azure OpenAI service](/azure/ai-services/openai/how-to/network-security-perimeter) | Microsoft.CognitiveServices | | Public Preview |
+
+> [!IMPORTANT]
+> The following onboarded services are in public preview with Network Security Perimeter:
+> - Cosmos DB
+> - SQL DB
+> - Azure Open AI Service
+>   
+> These previews are provided without a service level agreement, and it's not recommended for production workloads.
+> Certain features might not be supported or might have constrained capabilities.
+> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
 > [!NOTE]
 > Refer to the respective private link resource documentation for information on currently unsupported scenarios.
 
-## Supported access rules' types
+## Supported access rule types
 
 Network security perimeter supports the following access rule types:
 

articles/private-link/network-security-perimeter-concepts.md

@@ -6,7 +6,7 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: concept-article
-ms.date: 05/16/2025
+ms.date: 08/01/2025
 ms.custom: references_regions, ignite-2024
 #CustomerIntent: As a network administrator, I want to enable diagnostic logging for Network Security Perimeter, so that I can monitor and analyze the network traffic to and from my resources.
 # Customer intent: "As a network administrator, I want to enable and configure diagnostic logging for the Network Security Perimeter, so that I can effectively monitor and analyze access logs for enhanced security oversight."

articles/private-link/network-security-perimeter-diagnostic-logs.md

@@ -8,7 +8,7 @@ ms.service: azure-private-link
 ms.custom:
   - ignite-2024
 ms.topic: concept-article
-ms.date: 11/04/2024
+ms.date: 08/01/2025
 # customer intent: As a network administrator, I want to know the Azure role-based access control permissions required to use network security perimeter capabilities, so that I can assign the correct permissions to my team members.
 # Customer intent: As a network administrator, I want to understand the Azure RBAC permissions required for network security perimeter features, so that I can effectively assign roles and manage access within my team.
 ---

articles/private-link/network-security-perimeter-role-based-access-control-requirements.md

@@ -6,7 +6,8 @@ author: mbender-ms
 ms.author: mbender
 ms.service: azure-private-link
 ms.topic: overview
-ms.date: 05/16/2025
+# Resolved conflict: keep the newer ms.date
+ms.date: 08/01/2025
 #CustomerIntent: As a network administrator, I want to understand the different access modes and how to transition to a network security perimeter in Azure.
 # Customer intent: As a network administrator, I want to learn how to configure access modes and transition to a network security perimeter in Azure, so that I can secure my resources while minimizing connectivity disruptions.
 ---
@@ -15,6 +16,8 @@ ms.date: 05/16/2025
 
 In this article, you learn about the different access modes and how to transition to a [network security perimeter](./network-security-perimeter-concepts.md) in Azure. Access modes control resource access and logging behavior, helping you secure your Azure resources.
 
+[!INCLUDE network-security-perimeter-preview-message]
+
 ## Access mode configuration point on resource associations 
 
 The **access mode** configuration point is part of a resource association on the perimeter and therefore can be set by the perimeter's administrator.