Merge pull request #299149 from dlepow/patch-149587

prmerger-automator[bot] · web-flow · commit b6b6f789d24f · 2025-05-21T12:51:31.000Z
[APIM] Update self-hosted-gateway-settings-reference.md
diff --git a/articles/api-management/self-hosted-gateway-overview.md b/articles/api-management/self-hosted-gateway-overview.md
@@ -95,18 +95,20 @@ Self-hosted gateways require outbound TCP/IP connectivity to Azure on port 443.
 
 To operate properly, each self-hosted gateway needs outbound connectivity on port 443 to the following endpoints associated with its cloud-based API Management instance:
 
-| Description | Required for v1 | Required for v2 | Notes |
-|:------------|:---------------------|:---------------------|:------|
-| Hostname of the configuration endpoint | `<apim-service-name>.management.azure-api.net` | `<apim-service-name>.configuration.azure-api.net`<sup>1</sup> | Custom hostnames are also supported and can be used instead of the default hostname. |
-| Public IP address of the API Management instance | ✔️ | ✔️ | IP address of primary location is sufficient. |
-| Public IP addresses of Azure Storage [service tag](../virtual-network/service-tags-overview.md) | ✔️ | Optional<sup>2</sup> | IP addresses must correspond to primary location of API Management instance. |
-| Hostname of Azure Blob Storage account | ✔️ | Optional<sup>2</sup> | Account associated with instance (`<blob-storage-account-name>.blob.core.windows.net`) |
-| Hostname of Azure Table Storage account | ✔️ | Optional<sup>2</sup> | Account associated with instance (`<table-storage-account-name>.table.core.windows.net`) |
-| Endpoints for Azure Resource Manager | ✔️ | Optional<sup>3</sup> | Required endpoints are `management.azure.com`. |
-| Endpoints for Microsoft Entra integration | ✔️ | Optional<sup>4</sup> | Required endpoints are `<region>.login.microsoft.com` and `login.microsoftonline.com`. |
-| Endpoints for [Azure Application Insights integration](api-management-howto-app-insights.md) | Optional<sup>5</sup> | Optional<sup>5</sup> | Minimal required endpoints are:<ul><li>`rt.services.visualstudio.com:443`</li><li>`dc.services.visualstudio.com:443`</li><li>`{region}.livediagnostics.monitor.azure.com:443`</li></ul>Learn more in [Azure Monitor docs](/azure/azure-monitor/ip-addresses#outgoing-ports) |
-| Endpoints for [Event Hubs integration](api-management-howto-log-event-hubs.md) | Optional<sup>5</sup> | Optional<sup>5</sup> | Learn more in [Azure Event Hubs docs](../event-hubs/network-security.md) |
-| Endpoints for [external cache integration](api-management-howto-cache-external.md) | Optional<sup>5</sup> | Optional<sup>5</sup> | This requirement depends on the external cache that is being used |
+
+| Endpoint | Required? | Notes |
+|:------------|:---------------------|:------|
+| Hostname of the configuration endpoint | `<apim-service-name>.configuration.azure-api.net`<sup>1</sup> | Custom hostnames are also supported and can be used instead of the default hostname. |
+| Public IP address of the API Management instance | ✔️ | IP address of primary location is sufficient. |
+| Public IP addresses of Azure Storage [service tag](../virtual-network/service-tags-overview.md) | Optional<sup>2</sup> | IP addresses must correspond to primary location of API Management instance. |
+| Hostname of Azure Blob Storage account | Optional<sup>2</sup> | Account associated with instance (`<blob-storage-account-name>.blob.core.windows.net`) |
+| Hostname of Azure Table Storage account | Optional<sup>2</sup> | Account associated with instance (`<table-storage-account-name>.table.core.windows.net`) |
+| Endpoints for Azure Resource Manager | Optional<sup>3</sup> | Required endpoints are `management.azure.com`. |
+| Endpoints for Microsoft Entra integration | Optional<sup>4</sup> | Required endpoints are `<region>.login.microsoft.com` and `login.microsoftonline.com`. |
+| Endpoints for [Azure Application Insights integration](api-management-howto-app-insights.md) | Optional<sup>5</sup> | Minimal required endpoints are:<ul><li>`rt.services.visualstudio.com:443`</li><li>`dc.services.visualstudio.com:443`</li><li>`{region}.livediagnostics.monitor.azure.com:443`</li></ul>Learn more in [Azure Monitor docs](/azure/azure-monitor/ip-addresses#outgoing-ports) |
+| Endpoints for [Event Hubs integration](api-management-howto-log-event-hubs.md) | Optional<sup>5</sup> | Learn more in [Azure Event Hubs docs](../event-hubs/network-security.md) |
+| Endpoints for [external cache integration](api-management-howto-cache-external.md) | Optional<sup>5</sup> | This requirement depends on the external cache that is being used |
+
 
 <sup>1</sup>For an API Management instance in an internal virtual network, see [Connectivity in an internal virtual network](#connectivity-in-internal-virtual-network).<br/>
 <sup>2</sup>Only required in v2 when API inspector or quotas are used in policies.<br/>
@@ -167,9 +169,6 @@ The following functionality found in the managed gateways is **not available** i
 
 ### Transport Layer Security (TLS)
 
-> [!IMPORTANT]
-> This overview is only applicable to the self-hosted gateway v1 & v2.
-
 #### Supported protocols
 
 The self-hosted gateway provides support for TLS v1.2 by default.
@@ -178,9 +177,6 @@ Customers using custom domains can enable TLS v1.0 and/or v1.1 [in the control p
 
 #### Available cipher suites
 
-> [!IMPORTANT]
-> This overview is only applicable to the self-hosted gateway v2.
-
 The self-hosted gateway uses the following cipher suites for both client and server connections:
 
 - `TLS_AES_256_GCM_SHA384`
diff --git a/articles/api-management/self-hosted-gateway-settings-reference.md b/articles/api-management/self-hosted-gateway-settings-reference.md
@@ -71,8 +71,8 @@ This guidance helps you provide the required information to define how to authen
 
 | Name                    | Description              | Required | Default           | Availability |
 |-------------------------|------------------------|----------|-------------------| ----|
-| k8s.ingress.enabled     | Enable Kubernetes Ingress integration. | No | `false` | v1.2+ |
-| k8s.ingress.namespace   | Kubernetes namespace to watch Kubernetes Ingress resources in. | No | `default` | v1.2+ |
+| k8s.ingress.enabled     | Enable Kubernetes Ingress integration. | No | `false` | v2.0+ |
+| k8s.ingress.namespace   | Kubernetes namespace to watch Kubernetes Ingress resources in. | No | `default` | v2.0+ |
 | k8s.ingress.dns.suffix  | DNS suffix to build DNS hostname for services to send requests to. | No | `svc.cluster.local` | v2.4+ |
 | k8s.ingress.config.path | Path to Kubernetes configuration (Kubeconfig). | No | N/A | v2.4+ |
 
