Merge branch 'main' into May-16-2025-TVM

Author: AbhishekMallick01

.openpublishing.redirection.json

@@ -1,5 +1,25 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/network-watcher/traffic-analytics-schema-update.md",
+      "redirect_url": "/previous-versions/azure/network-watcher/traffic-analytics-schema-update",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/network-watcher/network-watcher-visualize-nsg-flow-logs-open-source-tools.md",
+      "redirect_url": "/previous-versions/azure/network-watcher/network-watcher-visualize-nsg-flow-logs-open-source-tools",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/network-watcher/network-watcher-nsg-grafana.md",
+      "redirect_url": "/previous-versions/azure/network-watcher/network-watcher-nsg-grafana",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/network-watcher/network-watcher-analyze-nsg-flow-logs-graylog.md",
+      "redirect_url": "/previous-versions/azure/network-watcher/network-watcher-analyze-nsg-flow-logs-graylog",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/api-management/migrate-stv1-to-stv2-no-vnet.md",
       "redirect_url": "/previous-versions/azure/api-management/migrate-stv1-to-stv2-no-vnet",
@@ -6945,4 +6965,4 @@
       "redirect_document_id": false
     }
   ]
-}
+}

articles/active-directory-b2c/billing.md

@@ -5,7 +5,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: reference
-ms.date: 03/10/2025
+ms.date: 05/20/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: fasttrack-edit
@@ -36,18 +36,6 @@ Also, if you choose to provide higher levels of assurance by using multifactor a
 > [!IMPORTANT]
 > This article does not contain pricing details. For the latest information about usage billing and pricing, see [Azure Active Directory B2C pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/). See also [Azure AD B2C region availability and data residency](data-residency.md) for details about where the Azure AD B2C service is available and where user data is stored.
 
-## What do I need to do?
-
-To take advantage of MAU billing, your Azure AD B2C tenant must be linked to an Azure subscription. You might also need to switch your Azure AD B2C tenant to another pricing tier if you want to use Azure AD B2C Premium P2 features, like risk-based Conditional Access policies.
-
-|If your tenant is:  |You need to:  |
-|---------|---------|
-| An Azure AD B2C tenant already billed on a per-MAU basis     | Do nothing. When users authenticate to your Azure AD B2C tenant, you'll be automatically billed using the MAU-based billing model.        |
-| An Azure AD B2C tenant not yet linked to a subscription     |  [Link your Azure AD B2C tenant to a subscription](#link-an-azure-ad-b2c-tenant-to-a-subscription) to activate MAU billing.     |
-| An Azure AD B2C tenant that was linked to a subscription before November 1, 2019    | [Switch to MAU billing (recommended)](#switch-to-mau-billing-pre-november-2019-azure-ad-b2c-tenants), or stay on the per-authentication billing model.     |
-| An Azure AD B2C tenant and you want to use premium features  (like risk-based Conditional Access policies)    | [Change to a Microsoft Entra pricing tier](#change-your-azure-ad-pricing-tier) that supports the features you want to use.        |
-|  |  |
-
 ## About the monthly active users (MAU) billing model
 
 MAU billing went into effect for Azure AD B2C tenants on **November 1, 2019**. Any Azure AD B2C tenants that you created and linked to a subscription on or after that date have been billed on a per-MAU basis. 

articles/active-directory-b2c/conditional-access-identity-protection-overview.md

@@ -4,10 +4,10 @@ description: Learn how Identity Protection gives you visibility into risky sign-
 ms.service: azure-active-directory
 ms.subservice: b2c
 ms.topic: overview
-ms.date: 01/11/2024
+ms.date: 05/20/2025
 ms.author: kengaderdus
 author: kengaderdus
-manager: CelesteDG
+manager: mwongerapk
 ms.collection: M365-identity-device-management
 
 #Customer intent: As an Azure AD B2C application owner, I want to enhance the security of my applications by using Identity Protection and Conditional Access, so that I can detect and respond to risky authentications and enforce organizational policies.

articles/active-directory-b2c/find-help-open-support-ticket.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: troubleshooting
-ms.date: 01/11/2024
+ms.date: 05/20/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 

articles/active-directory-b2c/identity-protection-investigate-risk.md

@@ -4,7 +4,7 @@ description: Learn how to investigate risky users, and detections in Azure AD B2
 ms.service: entra-id
 ms.subservice: conditional-access
 ms.topic: overview
-ms.date: 01/24/2025
+ms.date: 05/24/2025
 ms.author: godonnell
 author: garrodonnell
 manager: CelesteDG

articles/active-directory-b2c/supported-azure-ad-features.md

@@ -3,12 +3,12 @@ title: Supported Microsoft Entra ID features
 description: Learn about Microsoft Entra ID features, which are still supported in Azure AD B2C.
 
 author: kengaderdus
-manager: CelesteDG
+manager: mwongerapk
 
 ms.service: azure-active-directory
 
 ms.topic: overview
-ms.date: 01/11/2024
+ms.date: 05/20/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 
@@ -36,4 +36,4 @@ An Azure Active Directory B2C (Azure AD B2C) tenant is different than a Microsof
 | [Go-Local add-on](data-residency.md#go-local-add-on) | Microsoft Entra Go-Local add-on enables you to store data in the country/region you choose when your Microsoft Entra tenant.| Just like Microsoft Entra ID, Azure AD B2C supports [Go-Local add-on](data-residency.md#go-local-add-on). |
 
 > [!NOTE]
-> **Other Azure resources in your tenant:** <br>In an Azure AD B2C tenant, you can't provision other Azure resources such as virtual machines, Azure web apps, or Azure functions. You must create these resources in your Microsoft Entra tenant.
+> **Other Azure resources in your tenant:** <br>In an Azure AD B2C tenant, you can't provision other Azure resources such as virtual machines, Azure web apps, or Azure functions. You must create these resources in your Microsoft Entra tenant.

articles/api-management/developer-portal-self-host.md

@@ -432,7 +432,7 @@ Update the developer portal URL in any template that has a link in the footer:
 
 ## Move from managed to self-hosted developer portal
 
-Over time, your business requirements may change. You can end up in a situation where the managed version of the API Management developer portal no longer satisfies your needs. For example, a new requirement may force you to build a custom widget that integrates with a third-party data provider. Unlike the manged version, the self-hosted version of the portal offers you full flexibility and extensibility.
+Over time, your business requirements may change. You can end up in a situation where the managed version of the API Management developer portal no longer satisfies your needs. For example, a new requirement may force you to build a custom widget that integrates with a third-party data provider. Unlike the managed version, the self-hosted version of the portal offers you full flexibility and extensibility.
 
 ### Transition process
 

articles/application-gateway/toc.yml

@@ -289,6 +289,8 @@
       href: ../reliability/migrate-app-gateway-v2.md?toc=/azure/application-gateway/toc.json
   - name: Proxy buffer configuration
     href: proxy-buffers.md
+  - name: Using Server-sent events
+    href: use-server-sent-events.md    
   - name: Custom error pages
     href: custom-error.md
   - name: Migrate to v2 SKU

articles/application-gateway/use-server-sent-events.md

@@ -0,0 +1,48 @@
+---
+title: Using Server-sent events with Application Gateway (Preview)
+description: This article provides guidance for using Server-sent events with your Azure Application Gateway.
+services: application-gateway
+author: jaesoni
+ms.service: azure-application-gateway
+ms.topic: concept-article
+ms.date: 05/15/2025
+ms.author: jaysoni
+---
+
+# Using Server-sent events with Application Gateway (Preview)
+
+Azure Application Gateway offers support for Server-sent events (SSE). This document provides guidelines to ensure the seamless operation of this feature when used with Azure Application Gateway.
+
+> [!Note]
+> - The SSE support with Azure Application Gateway is currently in Preview phase.
+> - The response time recorded in [Access logs](monitor-application-gateway-reference.md#resource-logs) represents the total duration for which the connection was established. Multiple event streams may pass through during this connection period. 
+
+## Configuring Application Gateway
+
+### Response Buffer 
+
+The [Response Buffers on Application Gateway resource](proxy-buffers.md) should be disabled. This configuration enables your application gateway resource to send responses to clients as streams from the backend server are received.
+
+### Backend Setting - Request timeout 
+
+Ensure that the [Request time-out (seconds) in Backend Settings](configuration-http-settings.md?tabs=backendhttpsettings#request-timeout) is configured to exceed the idle time between events. Otherwise, your application gateway resource terminates the connection prematurely.
+
+
+## Configuring backend server
+
+The backend server should send the following Response headers to ensure proper stream handling by the clients and any intermediaries. Note, these headers aren't a requirement for Application Gateway as a proxy.
+
+### Content-Type: text/event-stream
+This header notifies the client that the response will be a stream of events, enabling them to correctly handle the Server-sent events (SSE) protocol.
+
+### Connection: keep-alive
+This header maintains the TCP connection, allowing the backend server to send events to the client continuously.
+
+### Transfer-Encoding: chunked 
+This header allows the server to send responses in chunks without requiring a Content-Length header. It's necessary for streaming responses through SSE when the total size can't be determined in advance.
+
+### Cache-Control: no-cache 
+It's advisable to use this header to prevent intermediaries like CDNs from caching the SSE response.
+
+## Next steps
+Learn about [Request and Response Proxy Buffers](proxy-buffers.md) in Application Gateway.

articles/azure-app-configuration/enable-dynamic-configuration-azure-kubernetes-service.md

@@ -23,22 +23,9 @@ If you use Azure Kubernetes Service (AKS), this tutorial shows you how to enable
 
 Finish the quickstart: [Use Azure App Configuration in Azure Kubernetes Service](./quickstart-azure-kubernetes-service.md).
 
-> [!TIP]
-> The Azure Cloud Shell is a free, interactive shell that you can use to run the command line instructions in this article. It has common Azure tools preinstalled, including the .NET Core SDK. If you're logged in to your Azure subscription, launch your [Azure Cloud Shell](https://shell.azure.com) from shell.azure.com. You can learn more about Azure Cloud Shell by [reading our documentation](../cloud-shell/overview.md).
->
-## Add a sentinel key
-
-A *sentinel key* is a key that you update after you complete the change of all other keys. Your app monitors the sentinel key. When a change is detected, your app refreshes all configuration values. This approach helps to ensure the consistency of configuration in your app and reduces the overall number of requests made to your App Configuration store, compared to monitoring all keys for changes.
-
-Add the following key-value to your App Configuration store. For more information about how to add key-values to a store using the Azure portal or the CLI, go to [Create a key-value](./quickstart-azure-app-configuration-create.md#create-a-key-value).
-
-| Key | Value |
-|---|---|
-| Settings:Sentinel | 1 |
-
 ## Reload data from App Configuration
 
-1. Open the *appConfigurationProvider.yaml* file located in the *Deployment* directory. Then, add the `refresh` section under the `configuration` property. It enables configuration refresh by monitoring the sentinel key.
+1. Open the *appConfigurationProvider.yaml* file located in the *Deployment* directory. Then, add the `refresh` section under the `configuration` property. It enables the Kubernetes provider to reload the entire configuration whenever it detects a change in any of the selected key-values (those starting with *Settings:* and having no label). For more information about monitoring configuration changes, see [Best practices for configuration refresh](./howto-best-practices.md#configuration-refresh).
 
     ```yaml
     apiVersion: azconfig.io/v1
@@ -58,13 +45,10 @@ Add the following key-value to your App Configuration store. For more informatio
       configuration:
         refresh:
           enabled: true
-          monitoring:
-            keyValues:
-            - key: Settings:Sentinel
     ```
 
     > [!TIP]
-    > By default, the Kubernetes provider polls the monitoring key-values every 30 seconds for change detection. However, you can change this behavior by setting the `interval` property of the `refresh`. If you want to reduce the number of requests to your App Configuration store, you can adjust it to a higher value.
+    > You can set the `interval` property of the `refresh` to specify the minimum time between configuration refreshes. In this example, you use the default value of 30 seconds. Adjust to a higher value if you need to reduce the number of requests made to your App Configuration store.
 
 1. Open the *deployment.yaml* file in the *Deployment* directory and add the following content to the `spec.containers` section. Your application loads configuration from a volume-mounted file the App Configuration Kubernetes provider generates. By setting this environment variable, your application can [use polling to monitor changes in mounted files](/dotnet/api/microsoft.extensions.fileproviders.physicalfileprovider.usepollingfilewatcher).
 
@@ -90,7 +74,6 @@ Add the following key-value to your App Configuration store. For more informatio
     | Key | Value |
     |---|---|
     | Settings:Message | Hello from Azure App Configuration - now with live updates! |
-    | Settings:Sentinel | 2 |
 
 1. After refreshing the browser a few times, you'll see the updated content once the ConfigMap is updated in 30 seconds.