Merge branch 'main' of https://github.com/ggailey777/azure-docs-pr

Author: ggailey777

.openpublishing.redirection.json

@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/vpn-gateway/vpn-gateway-about-forced-tunneling.md",
+      "redirect_url": "/previous-versions/azure/vpn-gateway/vpn-gateway-about-forced-tunneling",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/azure-app-configuration/rest-api-postman.md",
       "redirect_url": "/previous-versions/azure/azure-app-configuration/rest-api-postman",

articles/app-service/environment/overview.md

@@ -205,10 +205,6 @@ App Service Environment v3 is available in the following regions:
 
 An App Service Environment will only store customer data including app content, settings and secrets within the region where it's deployed. All data is guaranteed to remain in the region. For more information, see [Data residency in Azure](https://azure.microsoft.com/explore/global-infrastructure/data-residency/#overview).
 
-## App Service Environment v2
-
-App Service Environment has three versions: App Service Environment v1, App Service Environment v2, and App Service Environment v3. The information in this article is based on App Service Environment v3. To learn more about App Service Environment v2, see [App Service Environment v2 introduction](./intro.md).
-
 ## Next steps
 
 > [!div class="nextstepaction"]

articles/application-gateway/for-containers/how-to-frontend-mtls-gateway-api.md

@@ -6,7 +6,7 @@ author: greglin
 ms.service: azure-application-gateway
 ms.subservice: appgw-for-containers
 ms.topic: how-to
-ms.date: 9/16/2024
+ms.date: 9/18/2024
 ms.author: greglin
 ---
 
@@ -28,7 +28,7 @@ See the following figure:
 
 The valid client certificate flow shows a client presenting a certificate to the frontend of Application Gateway for Containers. Application Gateway for Containers determines the certificate is valid and proxies the request to the backend target. The response is ultimately returned to the client.
 
-The revoked client certificate flow shows a client presenting a revoked certificate to the frontend of Application Gateway for Containers. Application Gateway for Containers determines the certificate is not valid and prevents the request from being proxied to the client. The client will receive an HTTP 400 bad request and corresponding reason.
+The revoked client certificate flow shows a client presenting a revoked certificate to the frontend of Application Gateway for Containers. Application Gateway for Containers determines the certificate isn't valid and prevents the request from being proxied to the client. The client will receive an HTTP 400 bad request and corresponding reason.
 
 ## Prerequisites
 
@@ -51,7 +51,7 @@ The revoked client certificate flow shows a client presenting a revoked certific
 
 ### Generate certificate(s)
 
-For this example, we will create a root certificate and issue a client certificate from the root. If you already have a root certificate and client certificate, you may skip these steps.
+For this example, we'll create a root certificate and issue a client certificate from the root. If you already have a root certificate and client certificate, you may skip these steps.
 
 #### Generate a private key for the root certificate
 
@@ -103,7 +103,7 @@ spec:
       certificateRefs:
       - kind : Secret
         group: ""
-        name: contoso.com
+        name: listener-tls-secret
 EOF
 ```
 
@@ -147,7 +147,7 @@ EOF
           certificateRefs:
           - kind : Secret
             group: ""
-            name: contoso.com
+            name: listener-tls-secret
       addresses:
       - type: alb.networking.azure.io/alb-frontend
         value: $FRONTEND_NAME
@@ -223,8 +223,8 @@ spec:
   - name: gateway-01
   rules:
   - backendRefs:
-    - name: mtls-app
-      port: 443
+    - name: echo
+      port: 80
 EOF
 ```
 
@@ -266,6 +266,12 @@ status:
       namespace: test-infra
   ```
 
+Create a Kubernetes secret using kubectl that contains the certificate chain to the client certificate.
+
+```bash
+kubectl create secret generic ca.bundle -n test-infra --from-file=ca.crt=root.crt
+```
+
 Create a FrontendTLSPolicy
 
 ```bash
@@ -290,7 +296,6 @@ spec:
         group: ""
         kind: Secret
         namespace: test-infra
-      subjectAltName: "contoso-client"
 EOF
 ```
 
@@ -321,10 +326,24 @@ Now we're ready to send some traffic to our sample application, via the FQDN ass
 fqdn=$(kubectl get gateway gateway-01 -n test-infra -o jsonpath='{.status.addresses[0].value}')
 ```
 
-Curling this FQDN should return responses from the backend as configured on the HTTPRoute.
+Curling the FQDN of your frontend without the client certificate.
+
+```bash
+curl --insecure https://$fqdn/
+```
+
+Note the response alerts a certificate is required.
+
+```
+curl: (56) OpenSSL SSL_read: OpenSSL/1.1.1k: error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required, errno 0
+```
+
+Curl the FQDN presenting the client certificate generated.
 
 ```bash
 curl --cert client.crt --key client.key --insecure https://$fqdn/
 ```
 
-Congratulations, you have installed ALB Controller, deployed a backend application, authenticated via client certificate, and routed traffic to the application via the gateway on Application Gateway for Containers.
+Note the response is from the backend service behind Application Gateway for Containers.
+
+Congratulations, you installed ALB Controller, deployed a backend application, authenticated via client certificate, and returned traffic from your backend service via Application Gateway for Containers.

articles/automation/.openpublishing.redirection.automation.json

@@ -254,7 +254,17 @@
              "source_path_from_root": "/articles/automation/troubleshoot/start-stop-vm.md",
              "redirect_url": "/azure/azure-functions/start-stop-vms/troubleshoot",
              "redirect_document_id": false
-        },       
+        }, 
+        {
+            "source_path_from_root": "/articles/automation/troubleshoot/automation-account.md",
+            "redirect_url": "/azure/automation/enable-managed-identity-for-automation",
+            "redirect_document_id": false
+        }, 
+        {
+            "source_path_from_root": "/articles/automation/automation-managed-identity-faq.md",
+            "redirect_url": "/azure/automation/enable-managed-identity-for-automation",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/automation/dsc-linux-powershell.md",
             "redirect_url": "/azure/automation/automation-dsc-overview",

articles/automation/TOC.yml

@@ -136,6 +136,8 @@
           href: delete-account.md 
         - name: Migrate from Orchestrator to Azure Automation (Beta)
           href: automation-orchestrator-migration.md
+        - name: Context switching in Azure Automation
+          href: context-switching.md
     - name: Shared resources
       items:
         - name: Manage certificates
@@ -278,6 +280,8 @@
               href: change-tracking/overview.md
             - name: Support regions for linked Log Analytics workspace
               href: how-to/region-mappings.md
+            - name: Discover the software installed on your VMs
+              href: automation-tutorial-installed-software.md
             - name: Enable
               items:
                 - name: Enable from the Azure portal

articles/automation/automation-managed-identity-faq.md

@@ -1228,7 +1228,7 @@ Allocation logic is similar to the [Microsoft.Targeting](#microsofttargeting) fe
 
 ### Overriding Enabled State with a Variant
 
-You can use variants to override the enabled state of a feature flag. This gives variants an opportunity to extend the evaluation of a feature flag. If a caller is checking whether a flag that has variants is enabled, the feature manager will check if the variant assigned to the current user is set up to override the result. This is done using the optional variant property `status_override`. By default, this property is set to `None`, which means the variant doesn't affect whether the flag is considered enabled or disabled. Setting `status_override` to `Enabled` allows the variant, when chosen, to override a flag to be enabled. Setting `status_override` to `Disabled` provides the opposite functionality, therefore disabling the flag when the variant is chosen. A feature with an `enabled` state of `false` can't be overridden.
+You can use variants to override the enabled state of a feature flag. This gives variants an opportunity to extend the evaluation of a feature flag. When calling `IsEnabled` on a flag with variants, the feature manager will check if the variant assigned to the current user is configured to override the result. This is done using the optional variant property `status_override`. By default, this property is set to `None`, which means the variant doesn't affect whether the flag is considered enabled or disabled. Setting `status_override` to `Enabled` allows the variant, when chosen, to override a flag to be enabled. Setting `status_override` to `Disabled` provides the opposite functionality, therefore disabling the flag when the variant is chosen. A feature with an `enabled` state of `false` can't be overridden.
 
 If you're using a feature flag with binary variants, the `status_override` property can be very helpful. It allows you to continue using APIs like `IsEnabledAsync` and `FeatureGateAttribute` in your application, all while benefiting from the new features that come with variants, such as percentile allocation and seed.
 
@@ -1481,4 +1481,4 @@ To learn how to use feature filters, continue to the following tutorials.
 To learn how to run experiments with variant feature flags, continue to the following tutorial.
 
 > [!div class="nextstepaction"]
-> [Run experiments with variant feature flags](./howto-feature-filters.md)
+> [Run experiments with variant feature flags](./howto-feature-filters.md)

articles/automation/troubleshoot/automation-account.md

@@ -860,10 +860,12 @@ Azure Functions currently can be used with the following "Preview" or "Go-live"
 
 | Operating system | .NET preview version |
 | - | - |
-| Linux | .NET 9 Preview 7<sup>1</sup> |
+| Linux | .NET 9 Preview 7<sup>1, 2</sup> |
 
 <sup>1</sup> To successfully target .NET 9, your project needs to reference the [2.x versions of the core packages](#version-2x-preview). If using Visual Studio, .NET 9 requires version 17.12 or later.
 
+<sup>2</sup> .NET 9 is not yet supported on the Flex Consumption SKU.
+
 See [Supported versions][supported-versions] for a list of generally available releases that you can use.
 
 ### Using a preview .NET SDK