Draft updates

Author: ecfan

articles/logic-apps/create-single-tenant-workflows-azure-portal.md

@@ -143,7 +143,7 @@ More workflows in your logic app raise the risk of longer load times, which nega
 
    | Enable public access | Behavior |
    |----------------------|----------|
-   | **On** | Your logic app has a public endpoint with an inbound address that's open to the internet and can't access an Azure virtual network. |
+   | **On** | Your logic app has a public endpoint with an inbound address that's open to the internet. For clients that are outside an Azure virtual network, they can use this endpoint to access your logic app, but not the virtual network. |
    | **Off** | Your logic app has no public endpoint, but has a private endpoint instead for communication within an Azure virtual network, and is isolated within that virtual network. The private endpoint can communicate with endpoints in the virtual network, but only from clients within that network. This configuration also means that logic app traffic can be governed by network security groups or affected by virtual network routes. |
 
    The following settings control Standard logic app access to endpoints in a virtual network:

articles/logic-apps/enterprise-integration/create-integration-account.md

@@ -187,6 +187,10 @@ To read artifacts and write any state information, your Premium integration acco
 
 ## Set up private endpoint for Premium integration account (Preview)
 
+> [!NOTE]
+>
+> This capability is in preview and is subject to the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+
 To create a secure connection between your Premium integration account and Azure services, you can set up a [private endpoint](../../private-link/private-endpoint-overview.md) for your integration account. This endpoint is a network interface that uses a private IP address from your Azure virtual network. This way, traffic between your virtual network and Azure services stays on the Azure backbone network and never traverses the public internet. Private endpoints ensure a secure, private communication channel between your resources and Azure services by providing the following benefits:
 
 - Eliminates exposure to the public internet and reducing the risks from attacks.
@@ -201,7 +205,9 @@ To create a secure connection between your Premium integration account and Azure
 
 ### Limitations
 
-- Only Standard logic app workflows can use private endpoints on a Premium integration account.
+- Any Azure resource in the same virtual network as the Premium integration account.
+
+- Standard logic app workflows can use private endpoints on
 
 ### Best practices for private endpoints
 

articles/private-link/private-endpoint-overview.md

@@ -67,6 +67,7 @@ A private-link resource is the destination target of a specified private endpoin
 | Private-link resource name | Resource type | Sub-resources |
 | ---------------------------| ------------- | ------------- |
 | Application Gateway | Microsoft.Network/applicationgateways |Frontend IP Configuration name|
+| Azure AI Search | Microsoft.Search/searchServices | searchService |
 | Azure AI services | Microsoft.CognitiveServices/accounts | account |
 | Azure API for FHIR (Fast Healthcare Interoperability Resources) | Microsoft.HealthcareApis/services | fhir |
 | Azure API Management | Microsoft.ApiManagement/service | Gateway |
@@ -79,18 +80,17 @@ A private-link resource is the destination target of a specified private endpoin
 | Azure Batch | Microsoft.Batch/batchAccounts | batchAccount, nodeManagement |
 | Azure Cache for Redis | Microsoft.Cache/Redis | redisCache |
 | Azure Cache for Redis Enterprise | Microsoft.Cache/redisEnterprise | redisEnterprise |
-| Azure AI Search | Microsoft.Search/searchServices | searchService |
 | Azure Container Registry | Microsoft.ContainerRegistry/registries | registry |
 | Azure Cosmos DB | Microsoft.AzureCosmosDB/databaseAccounts | SQL, MongoDB, Cassandra, Gremlin, Table |
-| Azure Cosmos DB for PostgreSQL | Microsoft.DBforPostgreSQL/serverGroupsv2 | coordinator |
 | Azure Cosmos DB for MongoDB vCore | Microsoft.DocumentDb/mongoClusters | mongoCluster |
+| Azure Cosmos DB for PostgreSQL | Microsoft.DBforPostgreSQL/serverGroupsv2 | coordinator |
 | Azure Data Explorer | Microsoft.Kusto/clusters | cluster |
 | Azure Data Factory | Microsoft.DataFactory/factories | dataFactory |
 | Azure Database for MariaDB | Microsoft.DBforMariaDB/servers | mariadbServer |
+| Azure Database for MySQL - Flexible Server | Microsoft.DBforMySQL/flexibleServers | mysqlServer |
 | Azure Database for MySQL - Single Server | Microsoft.DBforMySQL/servers | mysqlServer |
-| Azure Database for MySQL- Flexible Server | Microsoft.DBforMySQL/flexibleServers | mysqlServer |
-| Azure Database for PostgreSQL - Single server | Microsoft.DBforPostgreSQL/servers | postgresqlServer |
 | Azure Database for PostgreSQL - Flexible server | Microsoft.DBforPostgreSQL/flexibleServers | postgresqlServer |
+| Azure Database for PostgreSQL - Single server | Microsoft.DBforPostgreSQL/servers | postgresqlServer |
 | Azure Databricks | Microsoft.Databricks/workspaces | databricks_ui_api, browser_authentication |
 | Azure Device Provisioning Service | Microsoft.Devices/provisioningServices | iotDps |
 | Azure Digital Twins | Microsoft.DigitalTwins/digitalTwinsInstances | API |
@@ -123,6 +123,7 @@ A private-link resource is the destination target of a specified private endpoin
 | Azure Virtual Desktop - host pools | Microsoft.DesktopVirtualization/hostpools | connection |
 | Azure Virtual Desktop - workspaces | Microsoft.DesktopVirtualization/workspaces | feed<br />global |
 | Device Update for IoT Hub | Microsoft.DeviceUpdate/accounts | DeviceUpdate |
+| Integration Account (Premium) | Microsoft.Logic/integrationAccounts | integrationAccount |
 | Microsoft Purview | Microsoft.Purview/accounts | account |
 | Microsoft Purview | Microsoft.Purview/accounts | portal |
 | Power BI | Microsoft.PowerBI/privateLinkServicesForPowerBI | Power BI |