Merge pull request #219720 from roygara/adDiskGA

Azure AD disk GA

Author: jborsecnik

articles/backup/backup-azure-vms-enhanced-policy.md

@@ -17,7 +17,7 @@ Azure Backup now supports _Enhanced policy_ that's needed to support new Azure o
 >[!Important]
 >- [Default policy](./backup-during-vm-creation.md#create-a-vm-with-backup-configured) will not support protecting newer Azure offerings, such as [Trusted Launch VM](backup-support-matrix-iaas.md#tvm-backup), [Ultra SSD](backup-support-matrix-iaas.md#vm-storage-support), [Shared disk](backup-support-matrix-iaas.md#vm-storage-support), and Confidential Azure VMs.
 >- Enhanced policy currently doesn't support protecting Ultra SSD.
->- Backups for VMs having data access authentication enabled disks will fail. Currently, [data access authentication mode](../virtual-machines/windows/download-vhd.md?tabs=azure-portal#secure-downloads-and-uploads-with-azure-ad-preview) is in preview.
+>- Backups for VMs having [data access authentication enabled disks](../virtual-machines/windows/download-vhd.md?tabs=azure-portal#secure-downloads-and-uploads-with-azure-ad) will fail.
 
 You must enable backup of Trusted Launch VM through enhanced policy only. Enhanced policy provides the following features:
 

articles/virtual-machines/linux/disks-upload-vhd-to-managed-disk-cli.md

@@ -4,7 +4,7 @@ description: Learn how to upload a VHD to an Azure managed disk and copy a manag
 services: "virtual-machines,storage"
 author: roygara
 ms.author: rogarana
-ms.date: 11/18/2022
+ms.date: 12/07/2022
 ms.topic: how-to
 ms.service: storage
 ms.subservice: disks
@@ -19,22 +19,12 @@ This article explains how to either upload a VHD from your local machine to an A
 If you're providing a backup solution for IaaS VMs in Azure, you should use direct upload to restore customer backups to managed disks. When uploading a VHD from a source external to Azure, speeds depend on your local bandwidth. When uploading or copying from an Azure VM, your bandwidth would be the same as standard HDDs.
 
 
-## Secure uploads with Azure AD (preview)
+## Secure uploads with Azure AD
 
-If you're using [Azure Active Directory (Azure AD)](../../active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploading of Azure managed disks. This feature is currently in preview. When a user attempts to upload a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level, to ensure that an Azure AD identity has the necessary permissions for uploading before allowing a disk or a disk snapshot to be uploaded. If you have any questions on securing uploads with Azure AD, reach out to this email: azuredisks@microsoft .com
+If you're using [Azure Active Directory (Azure AD)](../../active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploading of Azure managed disks. This feature is available as a GA offering in all public cloud regions, it is a currently only available as a preview offering in Azure Government and Azure China regions. When a user attempts to upload a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level, to ensure that an Azure AD identity has the necessary permissions for uploading before allowing a disk or a disk snapshot to be uploaded. If you have any questions on securing uploads with Azure AD, reach out to this email: azuredisks@microsoft .com
 
 ### Prerequisites
 - [Install the Azure CLI](/cli/azure/install-azure-cli).
-- Use the following command to enable the preview on your subscription:
-    ```azurecli
-    az feature register --name AllowAADAuthForDataAccess --namespace Microsoft.Compute
-    ```
-
-    It may take some time for the feature registration to complete, you can confirm if it has with the following command:
-    
-    ```azurecli
-    az feature show --name AllowAADAuthForDataAccess --namespace Microsoft.Compute --output table
-    ```
 
 ### Restrictions
 [!INCLUDE [disks-azure-ad-upload-download-restrictions](../../../includes/disks-azure-ad-upload-download-restrictions.md)]

articles/virtual-machines/linux/download-vhd.md

@@ -7,7 +7,7 @@ ms.service: storage
 ms.subservice: disks
 ms.collection: linux
 ms.topic: how-to
-ms.date: 11/18/2022
+ms.date: 12/07/2022
 ---
 
 # Download a Linux VHD from Azure
@@ -47,7 +47,7 @@ Your snapshot will be created shortly, and can then be used to download or creat
 >  
 > This method is only recommended for VMs with a single OS disk. VMs with one or more data disks should be stopped before download or before creating a snapshot for the OS disk and each data disk.
 
-## Secure downloads and uploads with Azure AD (preview)
+## Secure downloads and uploads with Azure AD
 
 [!INCLUDE [disks-azure-ad-upload-download-portal](../../../includes/disks-azure-ad-upload-download-portal.md)]
 

articles/virtual-machines/windows/disks-upload-vhd-to-managed-disk-powershell.md

@@ -3,7 +3,7 @@ title: Upload a VHD to Azure or copy a disk across regions - Azure PowerShell
 description: Learn how to upload a VHD to an Azure managed disk and copy a managed disk across regions, using Azure PowerShell, via direct upload.    
 author: roygara
 ms.author: rogarana
-ms.date: 11/18/2022
+ms.date: 12/07/2022
 ms.topic: how-to
 ms.service: storage
 ms.tgt_pltfrm: linux
@@ -19,9 +19,9 @@ This article explains how to either upload a VHD from your local machine to an A
 
 If you're providing a backup solution for IaaS VMs in Azure, you should use direct upload to restore customer backups to managed disks. When uploading a VHD from a source external to Azure, speeds depend on your local bandwidth. When uploading or copying from an Azure VM, your bandwidth would be the same as standard HDDs.
 
-## Secure uploads with Azure AD (preview)
+## Secure uploads with Azure AD
 
-If you're using [Azure Active Directory (Azure AD)](../../active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploading of Azure managed disks. This feature is currently in preview. When a user attempts to upload a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level to ensure that an Azure AD identity has the necessary permissions for uploading before allowing a disk or a disk snapshot to be uploaded. If you have any questions on securing uploads with Azure AD, reach out to this email: azuredisks@microsoft .com
+If you're using [Azure Active Directory (Azure AD)](../../active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploading of Azure managed disks. This feature is available as a GA offering in all public cloud regions, it is a currently only available as a preview offering in Azure Government and Azure China regions. When a user attempts to upload a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level to ensure that an Azure AD identity has the necessary permissions for uploading before allowing a disk or a disk snapshot to be uploaded. If you have any questions on securing uploads with Azure AD, reach out to this email: azuredisks@microsoft .com
 
 ### Prerequisites
 [!INCLUDE [disks-azure-ad-upload-download-prereqs](../../../includes/disks-azure-ad-upload-download-prereqs.md)]

articles/virtual-machines/windows/download-vhd.md

@@ -7,7 +7,7 @@ ms.service: storage
 ms.subservice: disks
 ms.workload: infrastructure-services
 ms.topic: how-to
-ms.date: 11/18/2022
+ms.date: 12/07/2022
 ---
 
 # Download a Windows VHD from Azure
@@ -58,7 +58,7 @@ Your snapshot will be created shortly, and can then be used to download or creat
 > This method is only recommended for VMs with a single OS disk. VMs with one or more data disks should be stopped before download or before creating a snapshot for the OS disk and each data disk.
 
 
-## Secure downloads and uploads with Azure AD (preview)
+## Secure downloads and uploads with Azure AD
 
 [!INCLUDE [disks-azure-ad-upload-download-portal](../../../includes/disks-azure-ad-upload-download-portal.md)]
 

includes/disks-azure-ad-upload-download-portal.md

@@ -5,15 +5,14 @@
  author: roygara
  ms.service: storage
  ms.topic: include
- ms.date: 11/18/2022
+ ms.date: 12/02/2022
  ms.author: rogarana
  ms.custom: include file
 ---
-If you're using [Azure Active Directory (Azure AD)](../articles/active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploads and downloads of Azure managed disks. This feature is currently in preview. When a user attempts to upload or download a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level, to ensure that all disks and snapshots must use Azure AD for uploads or downloads. If you have any questions on securing uploads or downloads with Azure AD, reach out to this email: azuredisks@microsoft .com
+If you're using [Azure Active Directory (Azure AD)](../articles/active-directory/fundamentals/active-directory-whatis.md) to control resource access, you can now use it to restrict uploads and downloads of Azure managed disks. This feature is available as a GA offering in all public cloud regions, it is a currently only available as a preview offering in Azure Government and Azure China regions. When a user attempts to upload or download a disk, Azure validates the identity of the requesting user in Azure AD, and confirms that user has the required permissions. At a higher level, a system administrator could set a policy at the Azure account or subscription level, to ensure that all disks and snapshots must use Azure AD for uploads or downloads. If you have any questions on securing uploads or downloads with Azure AD, reach out to this email: azuredisks@microsoft .com
 
 ### Restrictions
 [!INCLUDE [disks-azure-ad-upload-download-restrictions](disks-azure-ad-upload-download-restrictions.md)]
-- To download a VHD that is using Azure AD to restrict access, you must access the Azure portal from this link: [https://aka.ms/dataAccessAuthenticationMode](https://aka.ms/dataAccessAuthenticationMode)
 
 ### Prerequisites
 [!INCLUDE [disks-azure-ad-upload-download-prereqs](disks-azure-ad-upload-download-prereqs.md)]
@@ -33,7 +32,7 @@ For detailed steps on assigning a role, see the following articles for [portal](
 
 # [Portal](#tab/azure-portal)
 
-Enable **data access authentication mode** to restrict access to the disk. You can either enable it when creating the disk, or you can enable it on the **Disk Export** page for existing disks. In order to enable **data access authentication mode** you must access the Azure portal from the following link: [https://aka.ms/dataAccessAuthenticationMode](https://aka.ms/dataAccessAuthenticationMode)
+Enable **data access authentication mode** to restrict access to the disk. You can either enable it when creating the disk, or you can enable it on the **Disk Export** page for existing disks.
 
 :::image type="content" source="media/disks-azure-ad-upload-download-portal/disks-data-access-auth-mode.png" alt-text="Screenshot of a disk's data access authentication mode checkbox, tick the checkbox to restrict access to the disk, and save your changes." lightbox="media/disks-azure-ad-upload-download-portal/disks-data-access-auth-mode.png":::
 

includes/disks-azure-ad-upload-download-prereqs.md

@@ -5,18 +5,8 @@
  author: roygara
  ms.service: storage
  ms.topic: include
- ms.date: 06/21/2022
+ ms.date: 11/28/2022
  ms.author: rogarana
  ms.custom: include file
 ---
-- Install the latest [Azure PowerShell module](/powershell/azure/install-az-ps).
-- You must enable the preview on your subscription, use the following command to enable the preview:
-    ```azurepowershell
-    Register-AzProviderFeature -FeatureName "AllowAADAuthForDataAccess" -ProviderNamespace "Microsoft.Compute"
-    ```
-
-    It may take some time for the feature registration to complete, you can confirm if it has with the following command:
-    
-    ```azurepowershell
-    Get-AzProviderFeature -FeatureName "AllowAADAuthForDataAccess" -ProviderNamespace "Microsoft.Compute"
-    ```
+- Install the latest [Azure PowerShell module](/powershell/azure/install-az-ps).