MicrosoftDocs
diff --git a/‎.github/policies/disallow-edits.yml
Lines changed: 7 additions & 4 deletions b/‎.github/policies/disallow-edits.yml
Lines changed: 7 additions & 4 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 120 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 120 additions & 0 deletions
diff --git a/‎articles/api-management/TOC.yml
Lines changed: 2 additions & 0 deletions b/‎articles/api-management/TOC.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎articles/api-management/api-management-policies.md
Lines changed: 1 addition & 0 deletions b/‎articles/api-management/api-management-policies.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎articles/api-management/llm-content-safety-policy.md
Lines changed: 118 additions & 0 deletions b/‎articles/api-management/llm-content-safety-policy.md
Lines changed: 118 additions & 0 deletions
diff --git a/‎articles/app-service/app-service-undelete.md
Lines changed: 17 additions & 2 deletions b/‎articles/app-service/app-service-undelete.md
Lines changed: 17 additions & 2 deletions
@@ -155,13 +155,16 @@ configuration:
         if:
           # If a 'sign-off' comment is added to a PR in the articles/reliability folder , and the PR author isn't Anastasia or John...
           - payloadType: Issue_Comment
-          - isPullRequest
           - filesMatchPattern:
               matchAny: true
               pattern: articles/reliability/*
-          - commentContains:
-              pattern: '\#sign-off'
-              isRegex: true
+          - or:
+              - commentContains:
+                  pattern: ^(#sign-off)$
+                  isRegex: True
+              - commentContains:
+                  pattern: ^(\#sign-off)$
+                  isRegex: True
           - not:
               or:
                 - isActivitySender:
 
@@ -1,5 +1,120 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/automation/update-management/configure-alerts.md",
+      "redirect_url": "/azure/update-manager/manage-alerts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/configure-groups.md",
+      "redirect_url": "/azure/update-manager/dynamic-scope-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/configure-wuagent.md",
+      "redirect_url": "/azure/update-manager/configure-wu-agent",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/deploy-updates.md",
+      "redirect_url": "/azure/update-manager/deploy-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/enable-from-automation-account.md",
+      "redirect_url": "/azure/update-manager/migration-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/enable-from-portal.md",
+      "redirect_url": "/azure/update-manager/migration-using-portal",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/enable-from-runbook.md",
+      "redirect_url": "/azure/update-manager/migration-using-runbook-scripts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/enable-from-template.md",
+      "redirect_url": "/azure/update-manager/migration-manual",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/enable-from-vm.md",
+      "redirect_url": "/azure/update-manager/migration-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/manage-updates-for-vm.md",
+      "redirect_url": "/azure/update-manager/view-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/mecmintegration.md",
+      "redirect_url": "/azure/update-manager/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/operating-system-requirements.md",
+      "redirect_url": "/azure/update-manager/support-matrix-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/overview.md",
+      "redirect_url": "/azure/update-manager/workflow-update-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/plan-deployment.md",
+      "redirect_url": "/azure/update-manager/workflow-update-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/pre-post-scripts.md",
+      "redirect_url": "/azure/update-manager/pre-post-events-schedule-maintenance-configuration",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/query-logs.md",
+      "redirect_url": "/azure/update-manager/sample-query-logs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/remove-feature.md",
+      "redirect_url": "/azure/update-manager/view-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/remove-vms.md",
+      "redirect_url": "/azure/update-manager/deploy-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/scope-configuration.md",
+      "redirect_url": "/azure/update-manager/updates-maintenance-schedules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/update-management/view-update-assessments.md",
+      "redirect_url": "/azure/update-manager/view-updates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/troubleshoot/update-management.md",
+      "redirect_url": "/azure/update-manager/troubleshoot",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/troubleshoot/update-agent-issues.md",
+      "redirect_url": "/azure/update-manager/troubleshoot",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/automation/troubleshoot/update-agent-issues-linux.md",
+      "redirect_url": "/azure/update-manager/troubleshoot",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/automation/change-tracking/enable-from-portal.md",
       "redirect_url": "/azure/automation/change-tracking/enable-vms-monitoring-agent",
@@ -85,6 +200,11 @@
       "redirect_url": "https://azuremarketplace.microsoft.com/marketplace/apps?page=1",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/partner-solutions/logzio/index.yml",
+      "redirect_url": "/previous-versions/azure/partner-solutions/logzio/index",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/partner-solutions/logzio/create.md",
       "redirect_url": "/previous-versions/azure/partner-solutions/logzio/create",
 
@@ -544,6 +544,8 @@
       href: json-to-xml-policy.md
     - name: limit-concurrency
       href: limit-concurrency-policy.md
+    - name: llm-content-safety
+      href: llm-content-safety-policy.md
     - name: llm-emit-token-metric
       href: llm-emit-token-metric-policy.md
     - name: llm-semantic-cache-lookup
 
@@ -59,6 +59,7 @@ More information about policies:
 
 |Policy  |Description  | Classic | V2  | Consumption |Self-hosted  |Workspace |
 |---------|---------|---------|---------|---------|--------|------|
+| [Enforce content safety checks on LLM requests](llm-content-safety-policy.md) | Enforces content safety checks on LLM requests (prompts) by transmitting them to the [Azure AI Content Safety](/azure/ai-services/content-safety/overview) service before sending to the backend LLM. | Yes | Yes | Yes | Yes | Yes |
 | [Validate content](validate-content-policy.md) | Validates the size or content of a request or response body against one or more API schemas. The supported schema formats are JSON and XML. | Yes | Yes | Yes | Yes | Yes |
 | [Validate GraphQL request](validate-graphql-request-policy.md) | Validates and authorizes a request to a GraphQL API. | Yes | Yes | Yes | Yes | No |
 | [Validate OData request](validate-odata-request-policy.md) | Validates a request to an OData API to ensure conformance with the OData specification. | Yes | Yes | Yes | Yes | Yes |
 
@@ -0,0 +1,118 @@
+---
+title: Azure API Management policy reference - llm-content-safety
+description: Reference for the llm-content-safety policy available for use in Azure API Management. Provides policy usage, settings, and examples.
+services: api-management
+author: dlepow
+
+ms.service: azure-api-management
+ms.collection: ce-skilling-ai-copilot
+ms.custom:
+ms.topic: article
+ms.date: 03/04/2025
+ms.author: danlep
+---
+
+# Enforce content safety checks on LLM requests
+
+[!INCLUDE [api-management-availability-premium-dev-standard-basic-premiumv2-standardv2-basicv2](../../includes/api-management-availability-premium-dev-standard-basic-premiumv2-standardv2-basicv2.md)]
+
+The `llm-content-safety` policy enforces content safety checks on large language model (LLM) requests (prompts) by transmitting them to the [Azure AI Content Safety](/azure/ai-services/content-safety/overview) service before sending to the backend LLM API. When the policy is enabled and Azure AI Content Safety detects malicious content, API Management blocks the request and returns a `403` error code. 
+
+Use the policy in scenarios such as the following:
+
+* Block requests that contain predefined categories of harmful content or hate speech
+* Apply custom blocklists to prevent specific content from being sent
+* Shield against prompts that match attack patterns
+
+[!INCLUDE [api-management-policy-generic-alert](../../includes/api-management-policy-generic-alert.md)]
+
+## Prerequisites
+
+* An [Azure AI Content Safety](/azure/ai-services/content-safety/) resource. 
+* An API Management [backend](backends.md) configured to route content safety API calls and authenticate to the Azure AI Content Safety service, in the form `https://<content-safety-service-name>.cognitiveservices.azure.com`. Managed identity with Cognitive Services User role is recommended for authentication.
+
+
+## Policy statement
+
+```xml
+<llm-content-safety backend-id="name of backend entity" shield-prompt="true | false" >
+    <categories output-type="FourSeverityLevels | EightSeverityLevels">
+        <category name="Hate | SelfHarm | Sexual | Violence" threshold="integer" />
+        <!-- If there are multiple categories, add more category elements -->
+        [...]
+    </categories>
+    <blocklists>
+        <id>blocklist-identifier</id>
+        <!-- If there are multiple blocklists, add more id elements -->
+        [...]
+    </blocklists>
+</llm-content-safety>
+```
+
+## Attributes
+
+| Attribute           | Description                                                                                           | Required | Default |
+| -------------- | ----------------------------------------------------------------------------------------------------- | -------- | ------- |
+| backend-id	| Identifier (name) of the Azure AI Content Safety backend to route content-safety API calls to. Policy expressions are allowed.	|  Yes	| N/A |
+| shield-prompt	| If set to `true`, content is checked for user attacks. Otherwise, skip this check. Policy expressions are allowed.	| No	| `false` |
+
+
+## Elements
+
+| Element	| Description	| Required |
+| -------------- | -----| -------- |
+| categories	| A list of `category` elements that specify settings for blocking requests when the category is detected. | 	No |
+| blocklists	| A list of [blocklist](/azure/ai-services/content-safety/how-to/use-blocklist) `id` elements from the Azure AI Content Safety instance for which detection causes the request to be blocked. Policy expressions are allowed.	| No |
+
+### categories attributes
+
+| Attribute           | Description                                                                                           | Required | Default |
+| -------------- | ----------------------------------------------------------------------------------------------------- | -------- | ------- |
+| output-type	| Specifies how severity levels are returned by Azure AI Content Safety. The attribute must have one of the following values.<br /><br />- `FourSeverityLevels`: Output severities in four levels: 0,2,4,6.<br/>- `EightSeverityLevels`: Output severities in eight levels: 0,1,2,3,4,5,6,7.<br/><br/>Policy expressions are allowed.	| No	| `FourSeverityLevels` |
+
+
+### category attributes
+
+| Attribute           | Description                                                                                           | Required | Default |
+| -------------- | ----------------------------------------------------------------------------------------------------- | -------- | ------- |
+| name	| Specifies the name of this category. The attribute must have one of the following values: `Hate`, `SelfHarm`, `Sexual`, `Violence`. Policy expressions are allowed.	| Yes	| N/A |
+| threshold	| Specifies the threshold value for this category at which request are blocked. Requests with content severities less than the threshold aren't blocked. The value must be between 0 and 7. Policy expressions are allowed.	| Yes	| N/A |
+
+
+## Usage
+
+- [**Policy sections:**](./api-management-howto-policies.md#sections) inbound
+- [**Policy scopes:**](./api-management-howto-policies.md#scopes) global, workspace, product, API
+- [**Gateways:**](api-management-gateways-overview.md) classic, v2, consumption, self-hosted, workspace
+
+### Usage notes
+
+* The policy runs on a concatenation of all text content in a completion or chat completion request.
+* If the request exceeds the character limit of Azure AI Content Safety, a `403` error is returned.
+* This policy can be used multiple times per policy definition.
+
+## Example
+
+The following example enforces content safety checks on LLM requests using the Azure AI Content Safety service. The policy blocks requests that contain speech in the `Hate` or `Violence` category with a severity level of 4 or higher. The `shield-prompt` attribute is set to `true` to check for adversarial attacks.
+
+```xml
+<policies>
+    <inbound>
+        <llm-content-safety backend-id="content-safety-backend" shield-prompt="true">
+            <categories output-type="EightSeverityLevels">
+                <category name="Hate" threshold="4" />
+                <category name="Violence" threshold="4" />
+            </categories>
+        </llm-content-safety>
+    </inbound>
+</policies>
+
+```
+
+## Related policies
+
+* [Content validation](api-management-policies.md#content-validation)
+* [llm-token-limit](llm-token-limit-policy.md) policy
+* [llm-emit-token-metric](llm-emit-token-metric-policy.md) policy
+
+[!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]
@@ -7,10 +7,25 @@ ms.date: 10/4/2023
 ms.topic: article 
 ms.custom: devx-track-azurepowershell
 ---
+# Restore deleted App Service app
 
-# Restore Deleted App Service App Using PowerShell
+If you happened to accidentally delete your app in Azure App Service, you can now restore it by using the Azure portal or PowerShell.
 
-If you happened to accidentally delete your app in Azure App Service, you can restore it using the commands from the [Az PowerShell module](/powershell/azure/).
+## Restore deleted App Service app by using the portal
+
+If you deleted your app in Azure App Service, you can now restore it from the portal by using following steps:
+
+1. Navigate to App Services in the portal.
+1. Click on **Manage Deleted Apps**.
+1. Select **Subscription**.
+1. From the dropdown, select the deleted app. Apps deleted in last 30 days will show up in the drop down list.
+1. Select destination app from the dropdown where you want to restore your app. 
+1. If you would like to restore the deleted app to a slot of destination app, check the slot checkbox and select available slots from the dropdown.
+1. By default only app content is restored. If you want app configuration also to be restored, check **Restore App configuration**.
+
+## Restore deleted App Service app by using PowerShell
+
+If you deleted your app in Azure App Service, you can restore it using the commands from the [Az PowerShell module](/powershell/azure/).
 
 > [!NOTE]
 > - Deleted apps are purged from the system 30 days after the initial deletion. After an app is purged, it can't be recovered.