Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into vnet-toc-patch

Author: asudbring

.github/policies/disallow-edits.yml

@@ -160,8 +160,8 @@ configuration:
               matchAny: true
               pattern: articles/reliability/*
           - commentContains:
-              pattern: \#sign-off
-              isRegex: false
+              pattern: '\#sign-off'
+              isRegex: true
           - not:
               or:
                 - isActivitySender:

.openpublishing.redirection.json

@@ -1,5 +1,80 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/automation/change-tracking/enable-from-portal.md",
+      "redirect_url": "/azure/automation/change-tracking/enable-vms-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/enable-from-vm.md",
+      "redirect_url": "/azure/automation/change-tracking/enable-vms-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/enable-from-automation-account.md",
+      "redirect_url": "/azure/automation/change-tracking/enable-vms-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/configure-alerts.md",
+      "redirect_url": "/azure/automation/change-tracking/overview-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/enable-from-runbook.md",
+      "redirect_url": "/azure/automation/change-tracking/manage-change-tracking-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/manage-change-tracking.md",
+      "redirect_url": "/azure/automation/change-tracking/manage-change-tracking-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/manage-inventory-vms.md",
+      "redirect_url": "/azure/automation/change-tracking/manage-change-tracking-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/manage-scope-configurations.md",
+      "redirect_url": "/azure/automation/change-tracking/enable-vms-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/overview.md",
+      "redirect_url": "/azure/automation/change-tracking/overview-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/remove-feature.md",
+      "redirect_url": "/azure/automation/change-tracking/overview-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/change-tracking/remove-vms-from-change-tracking.md",
+      "redirect_url": "/azure/automation/change-tracking/overview-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/how-to/region-mappings.md",
+      "redirect_url": "/azure/automation/change-tracking/region-mappings-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/automation-tutorial-installed-software.md",
+      "redirect_url": "/azure/automation/change-tracking/overview-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/troubleshoot/change-tracking.md",
+      "redirect_url": "/azure/automation/change-tracking/guidance-migration-log-analytics-monitoring-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/troubleshoot/onboarding.md",
+      "redirect_url": "/azure/automation/change-tracking/guidance-migration-log-analytics-monitoring-agent",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/migrate/tutorial-modernize-asp-net-aks.md",
       "redirect_url": "/azure/migrate/migrate-services-overview",
@@ -1865,6 +1940,11 @@
       "redirect_url": "/azure/api-management/monitor-api-management",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-cross-premises-options.md",
+      "redirect_url": "/previous-versions/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-about-forced-tunneling.md",
       "redirect_url": "/previous-versions/azure/vpn-gateway/vpn-gateway-about-forced-tunneling",
@@ -4085,36 +4165,6 @@
       "redirect_url": "/azure/notification-hubs/notification-hubs-push-notification-http2-token-authentication",
       "redirect_document_id": false
     },
-    {
-      "source_path_from_root": "/articles/openshift/howto-encrypt-data-disks.md",
-      "redirect_url": "/azure/openshift/howto-byok",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/howto-deploy-java-jboss-enterprise-application-platform-with-auto-redeploy.md",
-      "redirect_url": "/azure/openshift/index",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/quickstart-portal.md",
-      "redirect_url": "/azure/openshift/create-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-connect-cluster.md",
-      "redirect_url": "/azure/openshift/connect-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-create-cluster.md",
-      "redirect_url": "/azure/openshift/create-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-delete-cluster.md",
-      "redirect_url": "/azure/openshift/delete-cluster",
-      "redirect_document_id": false
-    },
     {
       "source_path_from_root": "/articles/operator-service-manager/overview.md",
       "redirect_url": "azure/operator-service-manager/azure-operator-service-manager-overview",
@@ -5979,6 +6029,11 @@
       "source_path": "articles/reliability/availability-zones-baseline.md",
       "redirect_url": "/azure/reliability/availability-zones-migration-overview",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/virtual-network/virtual-network-for-azure-services.md",
+      "redirect_url": "/azure/virtual-network/vnet-integration-for-azure-services",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory-b2c/multi-factor-authentication.md

@@ -133,6 +133,19 @@ In Azure AD B2C, you can delete a user's TOTP authenticator app enrollment. The
 
 Learn how to [delete a user's Software OATH token authentication method](/graph/api/softwareoathauthenticationmethod-delete) using the Microsoft Graph API.
 
+### SMS pricing tiers by country/region
+
+The following table provides details about the different pricing tiers for SMS based authentication services across various countries or regions. For pricing details, see [Azure AD B2C pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/).
+
+SMS is an add-on feature and requires a linked subscription. If your subscription expires or is cancelled, end users will no longer be able to authenticate using SMS, which could block them from signing in depending on your MFA policy.
+
+|Tier                               |Countries/Regions  |
+|-----------------------------------|-------------------|
+|Phone Authentication Low Cost      |Australia, Brazil, Brunei, Canada, Chile, China, Colombia, Cyprus, North Macedonia, Poland, Portugal, South Korea, Thailand, Türkiye, United States         |
+|Phone Authentication Mid Low Cost  |Greenland, Albania, American Samoa, Austria, Bahamas, Bahrain, Bosnia & Herzegovina, Botswana, Costa Rica, Czech Republic, Denmark, Estonia, Faroe Islands, Finland, France, Greece, Hong Kong SAR, Hungary, Iceland, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Macao SAR, Malta, Mexico, Micronesia, Moldova, Namibia, New Zealand, Nicaragua, Norway, Romania, São Tomé and Príncipe, Seychelles Republic, Singapore, Slovakia, Solomon Islands, Spain, Sweden, Switzerland, Taiwan, United Kingdom, United States Virgin Islands, Uruguay         |
+|Phone Authentication Mid High Cost |Andorra, Angola, Anguilla, Antarctica, Antigua and Barbuda, Argentina, Armenia, Aruba, Barbados, Belgium, Benin, Bolivia, Bonaire, Curaçao, Saba, Sint Eustatius and Sint Maarten, British Virgin Islands, Bulgaria, Burkina Faso, Cameroon, Cayman Islands, Central African Republic, Cook Islands, Côte d’Ivoire, Croatia, Diego Garcia, Djibouti, Dominican Republic, Dominican Republic, Dominican Republic, Ecuador, El Salvador, Eritrea, Falkland Islands, Fiji, French Guiana, French Polynesia, Gambia, Georgia, Germany, Gibraltar, Grenada, Guadeloupe, Guam, Guinea, Guyana, Honduras, India, Kenya, Kiribati, Laos, Liberia, Malaysia, Marshall Islands, Martinique, Mauritius, Monaco, Montenegro, Montserrat, Netherlands, New Caledonia, Niue, Oman, Palau, Panama, Paraguay, Peru, Puerto Rico, Puerto Rico, Réunion, Rwanda, Saint Helena, Ascension and Tristan de Cunha, Saint Kitts & Nevis, Saint Lucia, Saint Pierre & Miquelon, Saint Vincent and the Grenadines, Saipan, Samoa, San Marino, Saudi Arabia, Sint Maarten, Slovenia, South Africa, South Sudan, Suriname, Swaziland (New Name is Kingdom of Eswatini), Timor-Leste, Tokelau, Tonga, Turks & Caicos, Tuvalu, United Arab Emirates, Vanuatu, Venezuela, Vietnam, Wallis and Futuna         |
+|Phone Authentication High Cost     |Liechtenstein, Bermuda, Cabo Verde, Cambodia, Democratic Republic of Congo, Dominica, Egypt, Equatorial Guinea, Ghana, Guatemala, Guinea-Bissau, Israel, Jamaica, Jamaica, Kosovo, Lesotho, Maldives, Mali, Mauritania, Morocco, Mozambique, Papua New Guinea, Philippines, Qatar, Sierra Leone, Trinidad & Tobago, Ukraine, Zimbabwe, Afghanistan, Algeria, Azerbaijan, Bangladesh, Belarus, Belize, Bhutan, Burundi, Chad, Comoros, Congo, Ethiopia, Gabonese Republic, Haiti, Indonesia, Iraq, Jordan, Kuwait, Kyrgyzstan, Lebanon, Libya, Madagascar, Malawi, Mongolia, Myanmar, Nauru, Nepal, Niger, Nigeria, Pakistan, Palestinian National Authority, Russia, Senegal, Serbia, Somalia, Sri Lanka, Sudan, Tajikistan, Tanzania, Togolese Republic, Tunisia, Turkmenistan, Uganda, Uzbekistan, Yemen, Zambia         |
+
 ::: zone pivot="b2c-custom-policy"
 
 ## Next steps

articles/api-management/api-management-faq.yml

@@ -138,3 +138,6 @@ sections:
           When you clone an API, the new instance is created with a system-generated value for the name, which you can't change. To specify a name for the API, 
           manually create a new API and import the API definition. For more information, see [Import an API](api-management-howto-import-api.md).
 
+      - question: Can I integrate Azure API Management directly with Azure database solutions?  
+        answer: |
+          Yes, you can integrate Azure API Management directly with other Azure services without an intermediary. For example, Azure API Management can integrate directly with Azure Cosmos DB REST APIs for CRUD operations, eliminating the need for intermediate services like Azure Functions.

articles/api-management/api-management-gateways-overview.md

@@ -107,7 +107,7 @@ The following tables compare features available in the following API Management
 | [Service Fabric](/azure/service-fabric/service-fabric-api-management-overview) |  Developer, Premium |  ❌ |❌ | ❌ | ❌ | 
 | [Pass-through GraphQL](graphql-apis-overview.md) |  ✔️ | ✔️ |✔️ | ✔️ | ✔️ |
 | [Synthetic GraphQL](graphql-apis-overview.md)|  ✔️ |  ✔️ | ✔️<sup>1</sup> | ✔️<sup>1</sup> | ❌ |
-| [Pass-through WebSocket](websocket-api.md) |  ✔️ |  ✔️ | ❌ | ✔️ | ❌ |
+| [Pass-through WebSocket](websocket-api.md) |  ✔️ |  ✔️ | ❌ | ✔️ | ✔️ |
 | [Pass-through gRPC](grpc-api.md)  |  ❌ | ❌ | ❌ | ✔️ | ❌ |
 | [OData](import-api-from-odata.md)  |  ✔️ |  ✔️ | ✔️ | ✔️ | ✔️ |
 | [Azure OpenAI and LLM](azure-openai-api-from-specification.md) | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |

articles/api-management/api-management-key-concepts.md

@@ -141,6 +141,7 @@ API Management integrates with many complementary Azure services to create enter
 * **[Event Hubs](api-management-howto-log-event-hubs.md)** for streaming events​
 * **[Azure Redis](api-management-howto-cache-external.md)** for caching responses​ with Azure Cache for Redis or Azure Managed Redis​
 * Several Azure compute offerings commonly used to build and host APIs on Azure, including **[Functions](import-function-app-as-api.md)**, **[Logic Apps](import-logic-app-as-api.md)**, **[Web Apps](import-app-service-as-api.md)**, **[Service Fabric](how-to-configure-service-fabric-backend.yml)**, and others including **[Azure OpenAI](azure-openai-api-from-specification.md)** service.​
+* Azure database offerings, including [Azure Cosmos DB](cosmosdb-data-source-policy.md), enabling direct CRUD (Create, Read, Update, Delete) operations without requiring intermediate compute resources.
 
 **More information**:
 * [Basic enterprise integration](/azure/architecture/reference-architectures/enterprise-integration/basic-enterprise-integration?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)

articles/api-management/websocket-api.md

@@ -15,8 +15,6 @@ ms.custom: template-how-to
 
 With API Management’s WebSocket API solution, API publishers can quickly add a WebSocket API in API Management via the Azure portal, Azure CLI, Azure PowerShell, and other Azure tools. 
 
-[!INCLUDE [api-management-workspace-availability](../../includes/api-management-workspace-availability.md)]
-
 WebSocket APIs can be secured by applying API Management's [access control policies](api-management-policies.md#authentication-and-authorization) to the initial handshake operation. You can also test WebSocket APIs using the API test consoles in both Azure portal and developer portal. Building on existing observability capabilities, API Management provides metrics and logs for monitoring and troubleshooting WebSocket APIs. 
 
 In this article, you will:
@@ -106,7 +104,7 @@ Per the [WebSocket protocol](https://tools.ietf.org/html/rfc6455), when a client
 Use standard API Management and Azure Monitor features to [monitor](api-management-howto-use-azure-monitor.md) WebSocket APIs:
 
 * View API metrics in Azure Monitor
-* Optionally enable diagnostic settings to collect and view API Management gateway logs, which include WebSocket API operations
+* Optionally enable diagnostic settings to collect and view API Management gateway logs, which include WebSocket API operations, or WebSocket connection logs
 
 For example, the following screenshot shows recent WebSocket API responses with code `101` from the **ApiManagementGatewayLogs** table. These results indicate the successful switch of the requests from TCP to the WebSocket protocol.
 

articles/api-management/workspaces-overview.md

@@ -103,7 +103,7 @@ The following constraints currently apply to workspace gateways:
 * APIs in workspaces aren't covered by Defender for APIs
 * Workspace gateways don't support the API Management service's credential manager
 * Workspace gateways support only internal cache; external cache isn't supported 
-* Workspace gateways don't support synthetic GraphQL APIs and WebSocket APIs
+* Workspace gateways don't support synthetic GraphQL APIs
 * Workspace gateways don't support creating APIs directly from Azure resources such as Azure OpenAI Service, App Service, Function Apps, and so on
 * Request metrics can't be split by workspace in Azure Monitor; all workspace metrics are aggregated at the service level
 * Azure Monitor logs are aggregated at the service level; workspace-level logs aren't available

articles/app-service/app-service-web-configure-tls-mutual-auth.md

@@ -1,16 +1,16 @@
 ---
-title: Configure TLS mutual authentication
-description: Learn how to authenticated client certificates on TLS. Azure App Service can make the client certificate available to the app code for verification.
-
+title: Set up TLS mutual authentication
+description: Learn how to set up TLS mutual authentication in Azure App Service for secure two-way communication between client and server.
+keywords: TLS mutual authentication, Azure App Service security, secure client-server communication
 author: msangapu-msft
 ms.author: msangapu
 ms.assetid: cd1d15d3-2d9e-4502-9f11-a306dac4453a
 ms.topic: article
-ms.date: 06/21/2024
+ms.date: 02/14/2025
 ms.devlang: csharp
 ms.custom: devx-track-csharp, devx-track-extended-java, devx-track-js, devx-track-python
 ---
-# Configure TLS mutual authentication for Azure App Service
+# Configure TLS mutual authentication in Azure App Service
 
 You can restrict access to your Azure App Service app by enabling different types of authentication for it. One way to do it is to request a client certificate when the client request is over TLS/SSL and validate the certificate. This mechanism is called Transport Layer Security (TLS) mutual authentication or client certificate authentication. This article shows how to set up your app to use client certificate authentication.
 

articles/app-service/app-service-web-tutorial-custom-domain.md

@@ -1,17 +1,17 @@
 ---
-title: 'Map existing custom DNS name'
-description: Learn how to add an existing custom DNS domain name (vanity domain) to a web app, mobile app back end, or API app in Azure App Service.
+title: 'Set up an existing custom domain name for your app'
+description: Learn how to set up and map an existing custom domain name for your App Service app to improve branding and user access.
 keywords: app service, azure app service, domain mapping, domain name, existing domain, hostname, vanity domain
 
 ms.assetid: dc446e0e-0958-48ea-8d99-441d2b947a7c
 ms.topic: how-to
-ms.date: 08/27/2024
+ms.date: 02/14/2025
 ms.custom: mvc
 ms.author: msangapu
 author: msangapu-msft
 ---
 
-# Map an existing custom DNS name to Azure App Service
+# Set up an existing custom domain in Azure App Service
 
 [!INCLUDE [regionalization-note](./includes/regionalization-note.md)]