Merge branch 'main' of https://github.com/microsoftDocs/azure-docs-pr

Author: Michael Bender

.openpublishing.redirection.json

@@ -4805,6 +4805,11 @@
       "redirect_url": "/azure/vpn-gateway/about-site-to-site-tunneling",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/vpn-gateway/openvpn-azure-ad-tenant-multi-app.md",
+      "redirect_url": "/azure/vpn-gateway/point-to-site-entra-users-access",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-howto-multi-site-to-site-resource-manager-portal.md",
       "redirect_url": "/azure/vpn-gateway/add-remove-site-to-site-connections",

.openpublishing.redirection.sentinel.json

@@ -1,10 +1,5 @@
 {
     "redirections": [
-        {
-            "source_path": "articles/sentinel/cef-name-mapping.md",
-            "redirect_url": "/azure/sentinel/cef-syslog-ama-overview",
-            "redirect_document_id": false
-        },
         {
             "source_path": "articles/sentinel/detect-threats-built-in.md#use-analytics-rule-templates",
             "redirect_url": "/azure/sentinel/create-analytics-rule-from-template",

articles/api-management/api-management-howto-app-insights.md

@@ -37,7 +37,7 @@ You can easily integrate Azure Application Insights with Azure API Management. A
 
         * If you enable a user-assigned managed identity, take note of the identity's **Client ID**.
 
-    1. Assign the identity the **Monitoring Metrics Publisher** role, scoped to the Application Insights resource. To assign the role, use the [Azure portal](../active-directory/managed-identities-azure-resources/howto-assign-access-portal.md) or other Azure tools.
+    1. Assign the identity the **Monitoring Metrics Publisher** role, scoped to the Application Insights resource. To assign the role, use the [Azure portal](../role-based-access-control/role-assignments-portal.yml) or other Azure tools.
 
 ## Scenario overview
 

articles/api-management/api-management-howto-disaster-recovery-backup-restore.md

@@ -58,7 +58,7 @@ Azure generates two 512-bit storage account access keys for each storage account
 
     * If you enable a user-assigned managed identity, take note of the identity's **Client ID**.
     * If you will back up and restore to different API Management instances, enable a managed identity in both the source and target instances.
-1. Assign the identity the **Storage Blob Data Contributor** role, scoped to the storage account used for backup and restore. To assign the role, use the [Azure portal](../active-directory/managed-identities-azure-resources/howto-assign-access-portal.md) or other Azure tools.
+1. Assign the identity the **Storage Blob Data Contributor** role, scoped to the storage account used for backup and restore. To assign the role, use the [Azure portal](../role-based-access-control/role-assignments-portal.yml) or other Azure tools.
 
 
 ## Back up an API Management service

articles/api-management/api-management-howto-log-event-hubs.md

@@ -50,7 +50,7 @@ To create an Event Hubs connection string, see [Get an Event Hubs connection str
 
     * If you enable a user-assigned managed identity, take note of the identity's **Client ID**.
 
-1. Assign the identity the **Azure Event Hubs Data sender** role, scoped to the Event Hubs namespace or to the event hub used for logging. To assign the role, use the [Azure portal](../active-directory/managed-identities-azure-resources/howto-assign-access-portal.md) or other Azure tools.
+1. Assign the identity the **Azure Event Hubs Data sender** role, scoped to the Event Hubs namespace or to the event hub used for logging. To assign the role, use the [Azure portal](../role-based-access-control/role-assignments-portal.yml) or other Azure tools.
 
 ## Create an API Management logger
 The next step is to configure a [logger](/rest/api/apimanagement/current-ga/logger) in your API Management service so that it can log events to the event hub.

articles/app-service/overview-tls.md

@@ -55,13 +55,6 @@ To ensure backward compatibility for TLS 1.0 and TLS 1.1, App Service will conti
 
 The minimum TLS cipher suite includes a fixed list of cipher suites with an optimal priority order that you cannot change. Reordering or reprioritizing the cipher suites is not recommended as it could expose your web apps to weaker encryption. You also cannot add new or different cipher suites to this list. When you select a minimum cipher suite, the system automatically disables all less secure cipher suites for your web app, without allowing you to selectively disable only some weaker cipher suites.
 
-Follow these steps to change the Minimum TLS cipher suite:
-1. Browse to your app in the [Azure portal](https://portal.azure.com/)
-1. In the left menu, select **configuration** and then select the **General settings** tab.
-1. Under __Minimum Inbound TLS Cipher Suite__, select **change**, and then select the **Minimum TLS Cipher Suite**.
-1. Select **Ok**.
-1. Select **Save** to save the changes.
-
 ### What are cipher suites and how do they work on App Service? 
 
 A cipher suite is a set of instructions that contains algorithms and protocols to help secure network connections between clients and servers. By default, the front-end's OS would pick the most secure cipher suite that is supported by both App Service and the client. However, if the client only supports weak cipher suites, then the front-end's OS would end up picking a weak cipher suite that is supported by them both. If your organization has restrictions on what cipher suites should not be allowed, you may update your web app’s minimum TLS cipher suite property to ensure that the weak cipher suites would be disabled for your web app. 
@@ -72,13 +65,7 @@ For App Service Environments with `FrontEndSSLCipherSuiteOrder` cluster setting,
 
 ## End-to-end TLS Encryption (preview)
 
-End-to-end (E2E) TLS encryption is available in Standard App Service plans and higher. Front-end intra-cluster traffic between App Service front-ends and the workers running application workloads can now be encrypted. Below is a simple diagram to help you understand how it works. 
-
-Follow these steps to enable end-to-end TLS encryption:
-1. Browse to your app in the [Azure portal](https://portal.azure.com/)
-1. In the left menu, select **configuration** and then select the **General settings** tab.
-1. Under __End-to-end TLS encryption__, select **on**.
-1. Save the changes.
+End-to-end (E2E) TLS encryption is available in Standard App Service plans and higher. Front-end intra-cluster traffic between App Service front-ends and the workers running application workloads can now be encrypted.
 
 ## Next steps
 * [Secure a custom DNS name with a TLS/SSL binding](configure-ssl-bindings.md)

articles/automation/automation-tutorial-installed-software.md

@@ -7,6 +7,7 @@ ms.date: 04/11/2018
 ms.topic: tutorial
 ms.subservice: change-inventory-management
 ms.custom: mvc
+ms.service: azure-automation
 ---
 # Discover what software is installed on your VMs
 

articles/automation/change-tracking/configure-alerts.md

@@ -5,6 +5,7 @@ services: automation
 ms.subservice: change-inventory-management
 ms.date: 07/22/2024
 ms.topic: conceptual
+ms.service: azure-automation
 ---
 
 # How to create alerts for Change Tracking and Inventory

articles/automation/change-tracking/enable-from-automation-account.md

@@ -5,6 +5,7 @@ services: automation
 ms.subservice: change-inventory-management
 ms.date: 07/22/2024
 ms.topic: conceptual
+ms.service: azure-automation
 ---
 
 # Enable Change Tracking and Inventory from an Automation account

articles/automation/change-tracking/enable-from-portal.md

@@ -5,6 +5,7 @@ services: automation
 ms.subservice: change-inventory-management
 ms.date: 07/22/2024
 ms.topic: conceptual
+ms.service: azure-automation
 ---
 
 # Enable Change Tracking and Inventory from Azure portal