Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into apicport

Author: gitName

articles/active-directory-b2c/openid-connect-technical-profile.md

@@ -89,7 +89,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | HttpBinding | No | The expected HTTP binding to the access token and claims token endpoints. Possible values: `GET` or `POST`.  |
 | ValidTokenIssuerPrefixes | No | A key that can be used to sign in to each of the tenants when using a multi-tenant identity provider such as Microsoft Entra ID. |
 | UsePolicyInRedirectUri | No | Indicates whether to use a policy when constructing the redirect URI. When you configure your application in the identity provider, you need to specify the redirect URI. The redirect URI points to Azure AD B2C, `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/oauth2/authresp`.  If you specify `true`, you need to add a redirect URI for each policy you use. For example: `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/{policy-name}/oauth2/authresp`. |
-| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
+| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the HTTP status code is in the 5xx range. The default is `false`. |
 | DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 |token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic`, `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |

articles/api-management/api-management-howto-disaster-recovery-backup-restore.md

@@ -22,7 +22,7 @@ To recover from availability problems that affect your API Management service, b
 
 Backup and restore operations can also be used for replicating API Management service configuration between operational environments, for example, development and staging. Beware that runtime data such as users and subscriptions will be copied as well, which might not always be desirable.
 
-This article shows how to automate backup and restore operations of your API Management instance using an external storage account. The steps shown here use either the [Backup-AzApiManagement](/powershell/module/az.apimanagement/backup-azapimanagement) and [Restore-AzApiManagement](/powershell/module/az.apimanagement/restore-azapimanagement) Azure PowerShell cmdlets, or the [Api Management Service - Backup](/rest/api/apimanagement/current-ga/api-management-service/backup) and [Api Management Service - Restore](/rest/api/apimanagement/current-ga/api-management-service/restore) REST APIs.
+This article shows how to automate backup and restore operations of your API Management instance using an external storage account. The steps shown here use either the [Backup-AzApiManagement](/powershell/module/az.apimanagement/backup-azapimanagement) and [Restore-AzApiManagement](/powershell/module/az.apimanagement/restore-azapimanagement) Azure PowerShell cmdlets, or the [API Management Service - Backup](/rest/api/apimanagement/current-ga/api-management-service/backup) and [API Management Service - Restore](/rest/api/apimanagement/current-ga/api-management-service/restore) REST APIs.
 
 
 > [!WARNING]

articles/api-management/soft-delete.md

@@ -32,7 +32,7 @@ Recovery and other operations on a soft-deleted instance are enabled through [RE
 | [Create or Update](/rest/api/apimanagement/current-ga/api-management-service/create-or-update) | Creates or updates an API Management service.  | API Management Service | Any |
 | [Create or Update](/rest/api/apimanagement/current-ga/api-management-service/create-or-update) with `restore` property set to **true** | Recovers (undeletes) an API Management Service if it was previously soft-deleted. If `restore` is specified and set to `true` all other properties will be ignored.  | API Management Service |  2020-06-01-preview |
 | [Delete](/rest/api/apimanagement/current-ga/api-management-service/delete) | Deletes an existing API Management service. | API Management Service | 2020-06-01-preview|
-| [Get By Name](/rest/api/apimanagement/current-ga/deleted-services/get-by-name) | Get soft-deleted Api Management Service by name. | Deleted Services | 2020-06-01-preview |
+| [Get By Name](/rest/api/apimanagement/current-ga/deleted-services/get-by-name) | Get soft-deleted API Management service by name. | Deleted Services | 2020-06-01-preview |
 | [List By Subscription](/rest/api/apimanagement/current-ga/deleted-services/list-by-subscription) | Lists all soft-deleted services available for undelete for the given subscription. | Deleted Services | 2020-06-01-preview
 | [Purge](/rest/api/apimanagement/current-ga/deleted-services/purge) | Purges API Management Service (permanently deletes it with no option to undelete). | Deleted Services | 2020-06-01-preview
 

articles/app-service/configure-ssl-certificate.md

@@ -140,7 +140,7 @@ By default, the App Service resource provider doesn't have access to your key va
 ### [RBAC permissions](#tab/rbac)
 | Resource provider | Service principal app ID / assignee | Key vault RBAC role |
 |--|--|--|
-| **Microsoft Azure App Service** or **Microsoft.Azure.WebSites** | - `abfa0a7c-a6b6-4736-8310-5855508787cd` for public Azure cloud environment <br><br>- `6a02c803-dafd-4136-b4c3-5a6f318b4714` for Azure Government cloud environment | Certificate User |
+| **Microsoft Azure App Service** or **Microsoft.Azure.WebSites** | - `abfa0a7c-a6b6-4736-8310-5855508787cd` for global Azure cloud environment <br><br>- `6a02c803-dafd-4136-b4c3-5a6f318b4714` for Azure Government cloud environment | Certificate User |
 
 The service principal app ID or assignee value is the ID for the App Service resource provider. Note that when granting access using RBAC, the corresponding Object ID of the service principal app ID is tenant-specific. To learn how to authorize key vault permissions for the App Service resource provider using an access policy, see the [provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control documentation](/azure/key-vault/general/rbac-guide?tabs=azure-portal#key-vault-scope-role-assignment).
 
@@ -154,8 +154,8 @@ The service principal app ID or assignee value is the ID for the App Service res
 
 > [!NOTE]
 > Do not delete these access policy permissions from key vault. If you do, App Service will not be able to sync your web app with the latest key vault certificate version.
->
 > If key vault is configured to disable public access, ensure that Microsoft services have access by checking the 'Allow trusted Microsoft services to bypass this firewall' checkbox. See [Key Vault firewall enabled trusted services only](/azure/key-vault/general/network-security?WT.mc_id=Portal-Microsoft_Azure_KeyVault#key-vault-firewall-enabled-trusted-services-only) documentation for more information.
+>
 ---
 
 #### [Azure CLI](#tab/azure-cli/rbac)
@@ -204,7 +204,7 @@ New-AzRoleAssignment -RoleDefinitionName "Key Vault Certificate User" -Applicati
    > [!NOTE]
    > If you update your certificate in Key Vault with a new certificate, App Service automatically syncs your certificate within 24 hours.
 
-1. To helps secure custom domain with this certificate, you still have to create a certificate binding. Follow the steps in [Secure a custom DNS name with a TLS/SSL binding in Azure App Service](configure-ssl-bindings.md).
+1. To help secure custom domain with this certificate, you still have to create a certificate binding. Follow the steps in [Secure a custom DNS name with a TLS/SSL binding in Azure App Service](configure-ssl-bindings.md).
 
 ## Upload a private certificate
 
@@ -349,13 +349,13 @@ After the certificate renews in your key vault, App Service automatically syncs
 - [Azure PowerShell: Bind a custom TLS/SSL certificate to a web app using PowerShell](scripts/powershell-configure-ssl-certificate.md)
 
 ### Can I use a private CA (certificate authority) certificate for inbound TLS on my app?
-You can use a private CA certificate for inbound TLS in [App Service Environment version 3](./environment/overview-certificates.md). This isn't possible in App Service (multi-tenant). For more information on App Service multi-tenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
+You can use a private CA certificate for inbound TLS in [App Service Environment version 3](./environment/overview-certificates.md). This isn't possible in App Service (multitenant). For more information on App Service multitenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
 
 ### Can I make outbound calls using a private CA client certificate from my app?
-This is only supported for Windows container apps in multi-tenant App Service. In addition, you can make outbound calls using a private CA client certificate with both code-based and container-based apps in [App Service Environment version 3](./environment/overview-certificates.md). For more information on App Service multi-tenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
+This is only supported for Windows container apps in multitenant App Service. In addition, you can make outbound calls using a private CA client certificate with both code-based and container-based apps in [App Service Environment version 3](./environment/overview-certificates.md). For more information on App Service multitenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
 
 ### Can I load a private CA certificate in my App Service Trusted Root Store?
-You can load your own CA certificate into the Trusted Root Store in [App Service Environment version 3](./environment/overview-certificates.md). You can't modify the list of Trusted Root Certificates in App Service (multi-tenant). For more information on App Service multi-tenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
+You can load your own CA certificate into the Trusted Root Store in [App Service Environment version 3](./environment/overview-certificates.md). You can't modify the list of Trusted Root Certificates in App Service (multitenant). For more information on App Service multitenant vs. single-tenant, see [App Service Environment v3 and App Service public multitenant comparison](./environment/ase-multi-tenant-comparison.md).
 
 ### Can App Service Certificate be used for other services?
 Yes, certificates purchased via App Service Certificate can be exported and used with Application Gateway or other services. Refer to the following blog article for more information: [Creating a local PFX copy of App Service Certificate](https://azure.github.io/AppService/2017/02/24/Creating-a-local-PFX-copy-of-App-Service-Certificate.html).

articles/app-service/deploy-ftp.md

@@ -96,7 +96,7 @@ Run the [az webapp config set](/cli/azure/webapp/deployment#az-webapp-deployment
 az webapp config set --name <app-name> --resource-group <group-name> --ftps-state FtpsOnly
 ```
 
-Possible values for `--ftps-state` are `AllAllowed` (FTP and FTPS enabled), `Disabled` (FTP and FTPs disabled), and `FtpsOnly` (FTPS only).
+Possible values for `--ftps-state` are `AllAllowed` (FTP and FTPS enabled), `Disabled` (FTP and FTPS disabled), and `FtpsOnly` (FTPS only).
 
 # [Azure PowerShell](#tab/powershell)
 
@@ -106,7 +106,7 @@ Run the [Set-AzWebApp](/powershell/module/az.websites/set-azwebapp) command with
 Set-AzWebApp -Name <app-name> -ResourceGroupName <group-name> -FtpsState FtpsOnly
 ```
 
-Possible values for `--ftps-state` are `AllAllowed` (FTP and FTPS enabled), `Disabled` (FTP and FTPs disabled), and `FtpsOnly` (FTPS only).
+Possible values for `--ftps-state` are `AllAllowed` (FTP and FTPS enabled), `Disabled` (FTP and FTPS disabled), and `FtpsOnly` (FTPS only).
 
 -----
 

articles/app-service/manage-create-arc-environment.md

@@ -6,6 +6,7 @@ ms.author: msangapu
 ms.topic: article
 ms.custom: devx-track-azurecli
 ms.date: 01/15/2025
+ROBOTS: NOINDEX
 ---
 # Set up an Azure Arc-enabled Kubernetes cluster to run App Service, Functions, and Logic Apps (Preview)
 

articles/app-service/overview-arc-integration.md

@@ -6,6 +6,7 @@ ms.custom: devx-track-azurecli
 ms.date: 01/15/2025
 author: apwestgarth
 ms.author: msangapu
+ROBOTS: NOINDEX
 ---
 
 # App Service, Functions, and Logic Apps on Azure Arc (Preview)

articles/app-service/quickstart-arc.md

@@ -7,6 +7,7 @@ ms.custom: mode-other, devx-track-azurecli
 ms.devlang: azurecli
 author: msangapu-msft
 ms.author: msangapu
+ROBOTS: NOINDEX
 ---
 
 # Create an App Service app on Azure Arc (Preview)

articles/automation/automation-subscription-limits-faq.md

@@ -3,7 +3,7 @@ title: Azure Automation subscription limits and quotas
 description: This article provides automation subscription and service limits and includes answers to frequently asked questions.
 services: automation
 ms.topic: faq
-ms.date: 01/28/2025
+ms.date: 03/10/2025
 ms.custom: references_regions
 #Customer intent: As an implementer, I want answers to various questions.
 ---
@@ -41,6 +41,7 @@ Azure Automation offers Limits and Quotas to resources assigned for your Azure s
 |Maximum amount of memory given to a sandbox <sup>1</sup> | 400 MB | Applies to Azure sandboxes only. |
 |Maximum number of network sockets allowed per sandbox <sup>1</sup> | 1,000 | Applies to Azure Sandboxes only|
 |Maximum runtime allowed per runbook <sup>1<sup> | Three hours | Applies to Azure Sandboxes only |
+|Maximum number of runbooks per Automation account | 800 |
 |Maximum number of system hybrid runbook workers per Automation Account | 4,000 | |
 |Maximum number of user hybrid runbook workers per Automation account | 4,000| |
 |Maximum number of concurrent jobs that can be run on a single Hybrid Runbook Worker | 50 | |

articles/azure-vmware/configure-site-to-site-vpn-gateway.md

@@ -86,7 +86,7 @@ A virtual hub is a virtual network that is created and used by Azure Virtual WAN
 
    :::image type="content" source="../virtual-wan/media/virtual-wan-custom-ipsec-portal/contextmenu.png" alt-text="Screenshot showing the context menu for an existing VPN site." lightbox="../virtual-wan/media/virtual-wan-custom-ipsec-portal/contextmenu.png":::
 
-   - Internet Protocol Security (IPSec), select **Custom**.
+   - Internet Protocol Security (IPsec), select **Custom**.
 
    - Use policy-based traffic selector, select **Enable**