Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into more-articles-about-microsoft-sentinel-solutions

Author: LHL407

.openpublishing.redirection.json

@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/databox-online/azure-stack-edge-gpu-deploy-sample-module-marketplace.md",
+      "redirect_url": "https://azuremarketplace.microsoft.com/marketplace/apps?page=1",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/partner-solutions/logzio/create.md",
       "redirect_url": "/previous-versions/azure/partner-solutions/logzio/create",

articles/active-directory-b2c/tutorial-create-user-flows.md

@@ -210,10 +210,12 @@ Next, specify that the application should be treated as a public client:
 1. In the left menu, under **Manage**, select **Authentication**.
 1. Under **Advanced settings**, in the **Allow public client flows** section, set **Enable the following mobile and desktop flows** to **Yes**. 
 1. Select **Save**.
-1. Ensure that **"allowPublicClient": true** is set in the application manifest:
+1. Ensure that **"isFallbackPublicClient": true** is set in the application manifest:
     1. In the left menu, under **Manage**, select **Manifest** to open application manifest.
+    1. Switch from the **Microsoft Graph App Manifest (New)** tab to the **AAD Graph App Manifest (Deprecating Soon)** tab.
     1. Find **allowPublicClient** key and ensure its value is set to **true**.
 
+
 Now, grant permissions to the API scope you exposed earlier in the *IdentityExperienceFramework* registration:
 
 1. In the left menu, under **Manage**, select **API permissions**.

articles/api-management/TOC.yml

@@ -703,3 +703,5 @@
     href: /answers/tags/29/azure-api-management
   - name: Stack Overflow
     href: https://stackoverflow.com/questions/tagged/azure-api-management
+  - name: aka.ms/apimlove
+    href: https://aka.ms/apimlove

articles/api-management/api-management-key-concepts.md

@@ -45,6 +45,9 @@ Common scenarios include:
 * **Multi-channel user experiences** - APIs are frequently used to enable user experiences such as web, mobile, wearable, or Internet of Things applications. Reuse APIs to accelerate development and ROI.
 * **B2B integration** - APIs exposed to partners and customers lower the barrier to integrate business processes and exchange data between business entities. APIs eliminate the overhead inherent in point-to-point integration. Especially with self-service discovery and onboarding enabled, APIs are the primary tools for scaling B2B integration.
 
+> [!TIP]
+> Visit [aka.ms/apimlove](https://aka.ms/apimlove) for a library of useful resources, including videos, blogs, and customer stories about using Azure API Management.
+
 ## API Management components
 
 Azure API Management is made up of an API *gateway*, a *management plane*, and a *developer portal*. These components are Azure-hosted and fully managed by default. API Management is available in various [tiers](#api-management-tiers) differing in capacity and features.
@@ -132,7 +135,8 @@ API Management integrates with many complementary Azure services to create enter
 **More information**:
 * [Basic enterprise integration](/azure/architecture/reference-architectures/enterprise-integration/basic-enterprise-integration?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 * [Landing zone accelerator](/azure/cloud-adoption-framework/scenarios/app-platform/api-management/landing-zone-accelerator?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
-* [Import APIs to API Center from API Management](../api-center/import-api-management-apis.md?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
+* [GenAI gateway capabilities in API Management](genai-gateway-capabilities.md)
+* [Synchronize APIs to API Center from API Management](../api-center/synchronize-api-management-apis.md?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 
 ## Key concepts
 

articles/app-service/configure-ssl-certificate.md

@@ -136,16 +136,13 @@ If you use Azure Key Vault to manage your certificates, you can import a PKCS12
 
 By default, the App Service resource provider doesn't have access to your key vault. To use a key vault for a certificate deployment, you must authorize read access for the resource provider (App Service) to the key vault. You can grant access either with access policy or RBAC. 
 
-### [RBAC permissions](#tab/RBAC)
+### [RBAC permissions](#tab/rbac)
 | Resource provider | Service principal app ID / assignee | Key vault RBAC role |
 |--|--|--|
 | **Microsoft Azure App Service** or **Microsoft.Azure.WebSites** | - `abfa0a7c-a6b6-4736-8310-5855508787cd` for public Azure cloud environment <br><br>- `6a02c803-dafd-4136-b4c3-5a6f318b4714` for Azure Government cloud environment | Certificate User |
 
 The service principal app ID or assignee value is the ID for the App Service resource provider. To learn how to authorize key vault permissions for the App Service resource provider using an access policy, see the [provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control documentation](/azure/key-vault/general/rbac-guide?tabs=azure-portal#key-vault-scope-role-assignment).
 
-> [!NOTE]
-> Do not delete these RBAC permissions from key vault. If you do, App Service will not be able to sync your web app with the latest key vault certificate version.
-
 ### [Access policy permissions](#tab/accesspolicy)
 
 | Resource provider | Service principal app ID | Key vault secret permissions | Key vault certificate permissions |
@@ -159,6 +156,23 @@ The service principal app ID or assignee value is the ID for the App Service res
 
 ---
 
+#### [Azure CLI](#tab/azure-cli/rbac)
+```azurecli-interactive
+az role assignment create --role "Key Vault Certificate User" --assignee "abfa0a7c-a6b6-4736-8310-5855508787cd" --scope "/subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}/providers/Microsoft.KeyVault/vaults/{key-vault-name}"
+```
+
+#### [Azure PowerShell](#tab/azure-powershell/rbac)
+```azurepowershell
+#Assign by Service Principal ApplicationId
+New-AzRoleAssignment -RoleDefinitionName "Key Vault Certificate User" -ApplicationId "abfa0a7c-a6b6-4736-8310-5855508787cd" -Scope "/subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}/providers/Microsoft.KeyVault/vaults/{key-vault-name}"
+```
+
+> [!NOTE]
+> Do not delete these RBAC permissions from key vault. If you do, App Service will not be able to sync your web app with the latest key vault certificate version.
+
+---
+
+
 ### Import a certificate from your vault to your app
 
 1. In the [Azure portal](https://portal.azure.com), from the left menu, select **App Services** > **\<app-name>**.

articles/app-service/getting-started.md

@@ -5,7 +5,7 @@ ms.author: msangapu
 author: msangapu-msft
 ms.topic: overview
 ms.custom: devx-track-extended-java, devx-track-python, devx-track-js
-ms.date: 8/27/2024
+ms.date: 02/05/2025
 zone_pivot_groups: app-service-getting-started-stacks
 ---
 
@@ -30,19 +30,52 @@ Use the following resources to get started with .NET.
 | **Review best practices** | - [Scale your app](./manage-scale-up.md)<br>- [Deployment](./deploy-best-practices.md)<br>- [Security](/security/benchmark/azure/baselines/app-service-security-baseline?toc=/azure/app-service/toc.json)<br>- [Virtual Network](./configure-vnet-integration-enable.md)|
 
 ::: zone-end
-::: zone pivot="stack-python"
+::: zone pivot="stack-java"
 
-## Python
+## Java
+
+App Service aims to provide robust support for Java. To cover the depth and breadth of 
+Java applications, App Service supports the Java Standard Edition (SE), Tomcat, and 
+JBoss Enterprise Application Platform (EAP) technology stacks. At the base of these 
+stacks, App Service supports all recent Java long-term support (LTS) versions. There are 
+several key scenarios for which you should consider adopting App Service for your Java 
+applications.
+
+### Java SE on App Service
+Java SE on App Service allows you to effortlessly deploy your applications to fully 
+managed Java Virtual Machine (JVM) instances. You should consider this stack if you 
+have Spring Boot and Quarkus web applications. However, you can use this stack for any 
+application that can be started directly from a JVM and includes an embedded 
+HyperText Transfer Protocol (HTTP) server. You can deploy your 
+Java archive (JAR) file and let App Service do the rest.
+
+### Tomcat on App Service
+This App Service stack supports all recent major and minor versions of Tomcat. 
+You should consider migrating on-premises Tomcat web applications to App Service using 
+this stack. Such applications often use technologies such as the Spring Framework and 
+Hibernate. The stack is also suitable for applications currently running on servers such 
+as WebLogic or WebSphere that can be easily migrated to Tomcat. You can deploy 
+your web application archive (WAR) file and let App Service do the rest.
+
+### JBoss EAP on App Service
+You can effortlessly run any JBoss EAP version currently supported by Red Hat on this 
+App Service stack. JBoss EAP is fully compatible with the Java Enterprise Edition (EE) 
+and Jakarta EE standards. The stack can optionally support any application that requires 
+JBoss EAP clustering. You should consider migrating applications currently running 
+on-premises on JBoss EAP and WildFly to this stack. The stack is also suitable for 
+applications running on servers such as WebLogic or WebSphere that can be easily migrated 
+to JBoss EAP. You can deploy your web application archive (WAR) or 
+enterprise archive (EAR) file and let App Service do the rest.
 
-Use the following resources to get started with Python.
+Use the following resources to get started with Java.
 
 | Action | Resources |
 | --- | --- |
-| **Create your first Python app** | Use one of the following tools:<br><br>- [Flask - CLI](./quickstart-python.md?tabs=flask%2Cwindows%2Cazure-cli%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Flask - Visual Studio Code](./quickstart-python.md?tabs=flask%2Cwindows%2Cvscode-aztools%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - CLI](./quickstart-python.md?tabs=django%2Cwindows%2Cazure-cli%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - Visual Studio Code](./quickstart-python.md?tabs=django%2Cwindows%2Cvscode-aztools%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - Azure portal](./quickstart-python.md?tabs=django%2Cwindows%2Cazure-portal%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli) |
-| **Deploy your app** | - [Configure Python](configure-language-python.md)<br>- [GitHub Actions](./deploy-github-actions.md) |
-| **Monitor your app**| - [Log stream](./troubleshoot-diagnostic-logs.md#stream-logs)<br>- [Diagnose and solve tool](./overview-diagnostics.md)|
+| **Create your first Java app** | Use one of the following tools:<br><br>- [Maven deploy with an embedded web server](./quickstart-java.md?pivots=java-javase)<br>- [Maven deploy to a Tomcat server](./quickstart-java.md?pivots=java-tomcat)<br>- [Maven deploy to a JBoss EAP server](./quickstart-java.md?pivots=java-jboss) |
+| **Deploy your app** | - [With Maven](configure-language-java-deploy-run.md?pivots=platform-linux#maven)<br>- [With Gradle](configure-language-java-deploy-run.md?pivots=platform-linux#gradle)<br>- [With popular IDEs (Visual Studio Code, IntelliJ, and Eclipse)](configure-language-java-deploy-run.md?pivots=platform-linux#ides)<br>- [Deploy JAR, WAR, or EAR packages directly](./deploy-zip.md?tabs=cli#deploy-warjarear-packages)<br>- [With GitHub Actions](./deploy-github-actions.md)<br>- [With Azure DevOps](./deploy-azure-pipelines.md)|
+| **Monitor your app**| - [Monitoring overview](./monitor-app-service.md)<br>- [Log stream](./troubleshoot-diagnostic-logs.md#stream-logs)<br>- [Diagnose and solve tool](./overview-diagnostics.md)|
 | **Add domains & certificates** |- [Map a custom domain](./app-service-web-tutorial-custom-domain.md?tabs=root%2Cazurecli)<br>- [Add an SSL certificate](./configure-ssl-certificate.md)|
-| **Connect to a database** | - [PostgreSQL - CLI](./tutorial-python-postgresql-app-flask.md?pivots=azure-developer-cli)<br>- [PostgreSQL - Azure portal](./tutorial-python-postgresql-app-flask.md?pivots=azure-portal)|
+| **Connect to a database** |- [Spring Boot with Azure Cosmos DB](./tutorial-java-spring-cosmosdb.md)<br>- [Tomcat with PostgreSQL](./tutorial-java-tomcat-connect-managed-identity-postgresql-database.md)<br>- [JBoss EAP with PostgreSQL](./tutorial-java-jboss-mysql-app.md)|
 | **Custom containers** |- [Linux - Visual Studio Code](./quickstart-custom-container.md?tabs=python&pivots=container-linux-vscode)|
 | **Review best practices** | - [Scale your app](./manage-scale-up.md)<br>- [Deployment](./deploy-best-practices.md)<br>- [Security](/security/benchmark/azure/baselines/app-service-security-baseline?toc=/azure/app-service/toc.json)<br>- [Virtual networks](./configure-vnet-integration-enable.md)|
 
@@ -64,19 +97,19 @@ Use the following resources to get started with Node.js.
 | **Review best practices** | - [Scale your app](./manage-scale-up.md)<br>- [Deployment](./deploy-best-practices.md)<br>- [Security](/security/benchmark/azure/baselines/app-service-security-baseline?toc=/azure/app-service/toc.json)<br>- [Virtual networks](./configure-vnet-integration-enable.md)|
 
 ::: zone-end
-::: zone pivot="stack-java"
+::: zone pivot="stack-python"
 
-## Java 
+## Python
 
-Use the following resources to get started with Java.
+Use the following resources to get started with Python.
 
 | Action | Resources |
 | --- | --- |
-| **Create your first Java app** | Use one of the following tools:<br><br>- [Maven deploy with an embedded web server](./quickstart-java.md?pivots=java-javase)<br>- [Maven deploy to a Tomcat server](./quickstart-java.md?pivots=java-tomcat)<br>- [Maven deploy to a JBoss server](./quickstart-java.md?pivots=java-jboss) |
-| **Deploy your app** | - [With Maven](configure-language-java-deploy-run.md?pivots=platform-linux#maven)<br>- [With Gradle](configure-language-java-deploy-run.md?pivots=platform-linux#gradle)<br>- [With popular IDEs (Visual Studio Code, IntelliJ, and Eclipse)](configure-language-java-deploy-run.md?pivots=platform-linux#ides)<br>- [Deploy WAR or JAR packages directly](./deploy-zip.md?tabs=cli#deploy-warjarear-packages)<br>- [With GitHub Actions](./deploy-github-actions.md) |
+| **Create your first Python app** | Use one of the following tools:<br><br>- [Flask - CLI](./quickstart-python.md?tabs=flask%2Cwindows%2Cazure-cli%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Flask - Visual Studio Code](./quickstart-python.md?tabs=flask%2Cwindows%2Cvscode-aztools%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - CLI](./quickstart-python.md?tabs=django%2Cwindows%2Cazure-cli%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - Visual Studio Code](./quickstart-python.md?tabs=django%2Cwindows%2Cvscode-aztools%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli)<br>- [Django - Azure portal](./quickstart-python.md?tabs=django%2Cwindows%2Cazure-portal%2Cvscode-deploy%2Cdeploy-instructions-azportal%2Cterminal-bash%2Cdeploy-instructions-zip-azcli) |
+| **Deploy your app** | - [Configure Python](configure-language-python.md)<br>- [GitHub Actions](./deploy-github-actions.md) |
 | **Monitor your app**| - [Log stream](./troubleshoot-diagnostic-logs.md#stream-logs)<br>- [Diagnose and solve tool](./overview-diagnostics.md)|
 | **Add domains & certificates** |- [Map a custom domain](./app-service-web-tutorial-custom-domain.md?tabs=root%2Cazurecli)<br>- [Add an SSL certificate](./configure-ssl-certificate.md)|
-| **Connect to a database** |- [Java Spring with Azure Cosmos DB](./tutorial-java-spring-cosmosdb.md)|
+| **Connect to a database** | - [PostgreSQL - CLI](./tutorial-python-postgresql-app.md?tabs=flask%2Cwindows&pivots=azure-developer-cli)<br>- [PostgreSQL - Azure portal](./tutorial-python-postgresql-app.md?tabs=flask%2Cwindows&pivots=azure-portal)|
 | **Custom containers** |- [Linux - Visual Studio Code](./quickstart-custom-container.md?tabs=python&pivots=container-linux-vscode)|
 | **Review best practices** | - [Scale your app](./manage-scale-up.md)<br>- [Deployment](./deploy-best-practices.md)<br>- [Security](/security/benchmark/azure/baselines/app-service-security-baseline?toc=/azure/app-service/toc.json)<br>- [Virtual networks](./configure-vnet-integration-enable.md)|
 

articles/app-service/monitor-instances-health-check.md

@@ -202,6 +202,9 @@ Imagine you have two applications (or one app with a slot) with Health check ena
 
 If all instances of your application are unhealthy, App Service won't remove instances from the load balancer. In this scenario, taking all unhealthy app instances out of the load balancer rotation would effectively cause an outage for your application. However, the instance replacement will still occur.
 
+ ### What happens during a slot swap?
+Health check configuration is not slot-specific, so after a swap, the Health check configuration of the swapped slot will be applied to the destination slot and vice-versa. For example, if you have Health Check enabled for your staging slot the endpoint configured will be applied to the production slot after a swap. 
+
 ### Does Health check work on App Service Environments?
 
 Yes, health check is available for App Service Environment v3, but not for versions 1 or 2. If you're using the older versions of App Service Environment, you can use the [migration feature](environment/migrate.md) to migrate your App Service Environment to version 3.