Merge branch 'main' into release-asr-pv2-pup

Author: v-alje

articles/api-management/api-management-region-availability.md

@@ -6,7 +6,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: concept-article
-ms.date: 04/29/2025
+ms.date: 05/28/2025
 ms.author: danlep
 ms.custom: references_regions
 ---
@@ -47,12 +47,10 @@ Information in the following table is updated regularly. Capacity availability i
 | Switzerland North | ✅ |✅ |  | |
 | UK South | ✅  | ✅ | ✅ | ✅ |
 | UK West | ✅  | ✅ | | |
-| West Europe  | ✅ | ✅ | | ✅<sup>1</sup> |
+| West Europe  | ✅ | ✅ | | ✅ |
 | West US | ✅ | ✅ |  | ✅ |
 | West US 2 | ✅ | ✅ |  | |
 
-<sup>1</sup> Request access to this region by emailing `[email protected]` 
-
 ## Related content
 
 Learn more about:

articles/app-service/invoke-openapi-web-app-from-azure-ai-agent-service.md

@@ -1,21 +1,21 @@
 ---
-title: 'Invoke an OpenAPI App Service web app from Azure AI Agent Service'
-description: Learn how to integrate App Service with AI Agent Service and get started with agentic AI
+title: 'Invoke an OpenAPI App Service web app from Azure AI Foundry Agent Service'
+description: Learn how to integrate App Service with AI Foundry Agent Service and get started with agentic AI
 author: seligj95
 ms.author: jordanselig
-ms.date: 04/25/2025
+ms.date: 05/28/2025
 ms.topic: article
 ms.custom: devx-track-dotnet
 ms.collection: ce-skilling-ai-copilot
 ---
 
-# Invoke an OpenAPI App Service web app from Azure AI Agent Service
+# Invoke an OpenAPI App Service web app from Azure AI Foundry Agent Service
 
-[Azure AI Agent Service](/azure/ai-services/agents/overview) allows you to create AI agents tailored to your needs through custom instructions and augmented by advanced tools like code interpreter, and custom functions. You can now connect your Azure AI Agent to an external API using an [OpenAPI 3.0](https://www.openapis.org/what-is-openapi) specified tool, allowing for scalable interoperability with various applications. 
+[Azure AI Foundry Agent Service](/azure/ai-services/agents/overview) allows you to create AI agents tailored to your needs through custom instructions and augmented by advanced tools like code interpreter, and custom functions. You can now connect your Azure AI Agent to an external API using an [OpenAPI 3.0](https://www.openapis.org/what-is-openapi) specified tool, allowing for scalable interoperability with various applications. 
 
-Azure App Service is a fully managed platform for building, deploying, and scaling web apps and APIs. If your API is hosted on Azure App Service, you can connect your AI Agent to the API using the OpenAPI specification. The OpenAPI specification defines the API and how to interact with it. You can then use natural language to invoke the API through your AI Agent.
+Azure App Service is a fully managed platform for building, deploying, and scaling web apps and APIs. If your API is hosted on Azure App Service, you can connect your AI Agent to the API using the OpenAPI specification. The OpenAPI specification defines the API and how to interact with it. You can then use natural language to invoke the API through your AI Agent. This tool is powerful because it allows you to add AI agent capabilities to your existing apps with minimal code changes. Also, this agent has the ability to directly interact with your app. There's no need for significant code changes or implementation work other thank minor updates to interact with the agent using the available SDKs.
 
-In this tutorial, you're using an Azure AI Agent to invoke an API hosted on Azure App Service. By the end of this tutorial, you have a fashion assistant chat application running in App Service using an AI agent from the Azure AI Agent Service.
+In this tutorial, you're using an Azure AI Foundry Agent to invoke an existing API hosted on Azure App Service. By the end of this tutorial, you have a fashion assistant chat application running in App Service using an AI agent from the Azure AI Foundry Agent Service.
 
 :::image type="content" source="media/invoke-openapi-web-app-from-azure-ai-agent-service/browse-app.png" alt-text="A screenshot showing an AI agent running within App Service.":::
 
@@ -137,10 +137,10 @@ azd down
 1. **Chat Not Working**
    - Verify that the environment variables (`AzureAIAgent__ConnectionString` and `AzureAIAgent__AgentId`) are correctly set in the App Service environment variables.
    - Check that the AI Agent is properly created and configured with the correct OpenAPI tool.
-   - Ensure the OpenAPI specification URL is accessible from the Azure AI Agent Service.
+   - Ensure the OpenAPI specification URL is accessible from the Azure AI Foundry Agent Service.
    - Ensure the App Service URL is updated in the `swagger.json` provided to the OpenAPI Specified Tool.
 1. **Permission Issues**
-   - If you encounter authentication errors, ensure that your App Service's managed identity has proper permissions to access the Azure AI Agent Service. The managed identity needs at least the `Microsoft.MachineLearningServices/workspaces/agents/action` permission to interact with the Agent. The provided "Azure AI Developer role" has this permission and should be sufficient. If you decide to change this role, be sure it has the necessary permission.
+   - If you encounter authentication errors, ensure that your App Service's managed identity has proper permissions to access the Azure AI Foundry Agent Service. The managed identity needs at least the `Microsoft.MachineLearningServices/workspaces/agents/action` permission to interact with the Agent. The provided "Azure AI Developer role" has this permission and should be sufficient. If you decide to change this role, be sure it has the necessary permission.
 1. **API Issues**
    - If the agent is unable to perform actions on the inventory or cart, check the API routes in the OpenAPI specification.
    - Verify that the API endpoints are responding correctly by testing them directly in the Swagger UI at `/api/docs`.
@@ -183,7 +183,7 @@ Beyond basic interactions, the AI agent can handle more complex scenarios:
 
 ## Security Considerations
 
-- The application uses Azure managed identities for secure authentication to Azure AI Agent Service in production environments.
+- The application uses Azure managed identities for secure authentication to Azure AI Foundry Agent Service in production environments.
 - You can further secure your app and agent using any of the standard practices and Azure resources. For secure Azure AI Agent infrastructure templates, see the [azureai-samples repo](https://github.com/Azure-Samples/azureai-samples/tree/main/scenarios/Agents/setup).
 
 ## Next steps
@@ -197,4 +197,4 @@ Now that you learned how to connect your AI Agent to an API on Azure App Service
 > [Tutorial: Run chatbot in App Service with a Phi-4 sidecar extension (ASP.NET Core)](tutorial-ai-slm-dotnet.md)
 
 > [!div class="nextstepaction"]
-> [Deploy a .NET Blazor app connected to Azure SQL and Azure OpenAI on Azure App Service](./deploy-intelligent-apps-dotnet-to-azure-sql.md)
+> [Deploy a .NET Blazor app connected to Azure SQL and Azure OpenAI on Azure App Service](./deploy-intelligent-apps-dotnet-to-azure-sql.md)

articles/app-service/overview-access-restrictions.md

@@ -130,6 +130,8 @@ In this scenario, you're accessing your site through a private endpoint and are
 
 Traffic from Azure Front Door to your application originates from a well known set of IP ranges defined in the `AzureFrontDoor.Backend` service tag. Using a service tag restriction rule, you can restrict traffic to only originate from Azure Front Door. To ensure traffic only originates from your specific instance, you need to further filter the incoming requests based on the unique http header that Azure Front Door sends called X-Azure-FDID. You can find the Front Door ID in the portal.
 
+Alternatively, [Azure Private Link](../frontdoor/private-link.md) enables you to access Azure PaaS services and services hosted in Azure over a private endpoint in your virtual network. Traffic between your virtual network and the service goes over the Microsoft backbone network, eliminating exposure to the public Internet. Azure Front Door Premium can connect to your origin using Private Link. Your origin can be hosted in a virtual network or hosted as a PaaS service such as an Azure Web App. Private Link removes the need for your origin to be accessed publicly. To learn how to connect Azure Front Door to your App Service app with private link, see [Connect Azure Front Door Premium to an App Service (Web App or Function App) origin with Private Link](../frontdoor/standard-premium/how-to-enable-private-link-web-app.md).  
+
 ## Next steps
 > [!NOTE]
 > Access restriction rules that block public access to your site can also block services such as log streaming. If you require these, you will need to allow your App Service's IP address in your restrictions.

articles/azure-app-configuration/howto-best-practices.md

@@ -239,7 +239,7 @@ To address these concerns, we recommend that you use a proxy service between you
 
 ## Multitenant applications in App Configuration
 
-A multitenant application is built on an architecture where a shared instance of your application serves multiple customers or tenants. For example, you may have an email service that offers your users separate accounts and customized experiences. Your application usually manages different configurations for each tenant. Here are some architectural considerations for [using App Configuration in a multitenant application](/azure/architecture/guide/multitenant/service/app-configuration).
+A multitenant application is built on an architecture where a shared instance of your application serves multiple customers or tenants. For example, you may have an email service that offers your users separate accounts and customized experiences. Your application usually manages different configurations for each tenant. Here are some architectural considerations for [using App Configuration in a multitenant application](/azure/architecture/guide/multitenant/service/app-configuration). You can also reference the [example code for multitenant application setup](https://github.com/Azure/AppConfiguration/blob/main/examples/DotNetCore/MultiTenantApplicationSetup/README.md).
 
 ## Configuration as Code
 

articles/azure-cache-for-redis/cache-best-practices-kubernetes.md

@@ -1,49 +1,51 @@
 ---
-title: Best practices for hosting a Kubernetes client application
-description: Learn how to host a Kubernetes client application.
+title: Best practices for Kubernetes-hosted client apps
+description: Learn about best practices for using Azure Cache for Redis in Kubernetes-hosted client applications.
 ms.custom: linux-related-content, ignite-2024
 ms.topic: conceptual
-ms.date: 11/10/2023
+ms.date: 05/28/2025
 appliesto:
   - ✅ Azure Cache for Redis
 
 ---
 
-# Kubernetes-hosted client application
+# Kubernetes-hosted client applications
 
-## Client connections from multiple pods
+This article provides best practices for using Azure Cache for Redis in Kubernetes-hosted client applications.
 
-When you have multiple pods connecting to a Redis server, make sure the new connections from the pods are created in a staggered manner. If multiple pods start in a short time without staggering, it causes a sudden spike in the number of client connections created. The high number of connections leads to high load on the Redis server and might cause timeouts.
+## Stagger multiple connections
 
-Avoid the same scenario when shutting down multiple pods at the same time. Failing to stagger shutdown might cause a steep dip in the number of connections that leads to CPU pressure.
+Make sure to stagger multiple pod connections to a Redis server. Starting multiple pods in a short time without staggering causes a sudden spike in the number of client connections, leading to high load on the Redis server and possible timeouts.
 
-## Sufficient pod resources
+Also avoid shutting down multiple pods at the same time. Failing to stagger shutdown might cause a steep dip in the number of connections leading to CPU pressure.
 
-Ensure that the pod running your client application is given enough CPU and memory resources. If the client application is running close to its resource limits, it can result in timeouts.
+## Provide sufficient pod resources
 
-## Sufficient node resources
+Make sure to give the pod running your client application enough CPU and memory resources. Client applications running close to their resource limits can lead to timeouts.
 
-A pod running the client application can be affected by other pods running on the same node and throttle Redis connections or IO operations. So always ensure that the node on which your client application pods run have enough memory, CPU, and network bandwidth. Running low on any of these resources could result in connectivity issues.
+## Provide sufficient node resources
 
-## Linux-hosted client applications and TCP settings
+The pod running the client application can be affected by other pods running on the same node, and throttle Redis connections or IO operations. Make sure the nodes that run your client application pods have enough memory, CPU, and network bandwidth. Insufficient amounts of these resources could result in connectivity issues.
 
-If your Azure Cache for Redis client application runs on a Linux-based container, we recommend updating some TCP settings. These settings are detailed in [TCP settings for Linux-hosted client applications](cache-best-practices-connection.md#tcp-settings-for-linux-hosted-client-applications).
+## Check TCP settings for Linux applications
 
-## Potential connection collision with _Istio/Envoy_
+If your Azure Redis client application runs on a Linux-based container, make sure your TCP settings match the [TCP settings for Linux-hosted client applications](cache-best-practices-connection.md#tcp-settings-for-linux-hosted-client-applications).
+
+## Avoid connection collision with Istio
 
 <!-- Currently, Azure Cache for Redis uses ports 15xxx for clustered caches to expose cluster nodes to client applications. As documented [here](https://istio.io/latest/docs/ops/deployment/application-requirements/#ports-used-by-istio), the same ports are also used by _Istio.io_ sidecar proxy called _Envoy_ and could interfere with creating connections, especially on port 15001 and 15006. -->
 
-When using _Istio_ with an Azure Managed Redis cluster, consider excluding the potential collision ports with an [istio annotation](https://istio.io/latest/docs/reference/config/annotations/).
+If you use Istio with an Azure Managed Redis cluster, consider excluding potential collision ports with the following [Istio annotation](https://istio.io/latest/docs/reference/config/annotations/):
 
-```
+```console
 annotations:
   traffic.sidecar.istio.io/excludeOutboundPorts: "15000,15001,15004,15006,15008,15009,15020"
 ```
 
-To avoid connection interference, we recommend:
+To avoid connection interference:
 
-- Consider using a nonclustered cache or an Enterprise tier cache instead
-- Avoid configuring _Istio_ sidecars on pods running Azure Cache for Redis client code
+- Consider using a nonclustered cache or an Azure Managed Redis cache instead.
+- Avoid configuring Istio sidecars on pods running Azure Redis client code.
 
 ## Related content