Merge pull request #287749 from MicrosoftDocs/main

10/2/2024 AM Publish

Author: PhilKang0704

articles/bastion/index.yml

@@ -10,7 +10,7 @@ metadata:
   ms.topic: landing-page
   author: cherylmc
   ms.author: cherylmc
-  ms.date: 10/16/2023
+  ms.date: 09/27/2024
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
 
@@ -26,6 +26,8 @@ landingContent:
             url: bastion-overview.md
       - linkListType: concept
         links:
+          - text: Design architecture
+            url: design-architecture.md
           - text: Azure Bastion FAQ
             url: bastion-faq.md
       - linkListType: learn
@@ -45,16 +47,29 @@ landingContent:
             url: quickstart-host-portal.md
           - text: Deploy Bastion automatically - Developer SKU
             url: quickstart-developer-sku.md
-      - linkListType: tutorial
+      - linkListType: deploy
         links:
-          - text: Deploy Bastion manually - specify settings
+          - text: Deploy Bastion using manually specified settings
             url: tutorial-create-host-portal.md
+          - text: Deploy Bastion as a private-only deployment
+            url: private-only-deployment.md          
+  # Card
+  - title: Connect to a virtual machine
+    linkLists:
+      - linkListType: concept
+        links:
+          - text: Connecting to VMs
+            url: vm-about.md#connect
       - linkListType: how-to-guide
         links:
-          - text: Connect to a virtual machine (Linux)
+          - text: Connect to a Linux virtual machine
             url: bastion-connect-vm-ssh-linux.md
-          - text: Connect to a virtual machine (Windows)
+          - text: Connect to a Windows virtual machine
             url: bastion-connect-vm-rdp-windows.md
+          - text: Connect to a virtual machine using the Windows native client
+            url: connect-vm-native-client-windows.md
+          - text: Connect to a virtual machine using the Linux native client
+            url: connect-vm-native-client-linux.md
       - linkListType: learn
         links:
           - text: Connect to a VM using Azure Bastion
@@ -68,8 +83,6 @@ landingContent:
     linkLists:
       - linkListType: concept
         links:
-          - text: Connecting to VMs
-            url: vm-about.md#connect
           - text: VM supported features
             url: vm-about.md
       - linkListType: how-to-guide
@@ -80,7 +93,8 @@ landingContent:
             url: bastion-vm-full-screen.md
           - text: Upload or download files
             url: vm-upload-download-native.md
-            
+          - text: Record a VM session (session recording)
+            url: session-recording.md           
  # Card
   - title: Reference
     linkLists:
@@ -91,6 +105,4 @@ landingContent:
           - text: Azure CLI
             url: /cli/azure/network/bastion
           - text: REST
-            url: /rest/api/virtualnetwork/bastion-hosts
-
-            
+            url: /rest/api/virtualnetwork/bastion-hosts

articles/confidential-computing/TOC.yml

@@ -3,24 +3,28 @@
 - name: What is confidential computing? # WHAT?
   expanded: true
   items:
-     - name: Real-time protection of data whilst in-use # what keys are where+protect what #p1
-       href: overview.md # DONE #p1
-     - name: Use-cases and scenarios
-       href: use-cases-scenarios.md #DONE, link to the learn page  
-     - name: Confidential computing on Azure #DONE, #existing page  - shows the ACC products
-       href: overview-azure-products.md 
-     - name: Trusted Execution Environment (TEE) #p1
-       href: trusted-execution-environment.md # new, an easy to understandding of what a TEE is - explain like the black box example
-     - name: Trusted Compute Base (TCB) #p1 #done
-       href: trusted-compute-base.md #an easy to understandding of what a TCB is - what it means to be in/out of the TCB 
-     - name: Secret & Key Management #p1
-       href: secret-key-management.md # details on AKV and mHSM, and how they're used in the context of Confidential Computing #stubbed
-     - name: Attestation #p1 #done # EXISTING, use updated page - explain what attestation is, and why it's important, and give some practical examples of where its used #done
-       href: attestation-solutions.md 
+    - name: Real-time protection of data whilst in-use # what keys are where+protect what #p1
+      href: overview.md # DONE #p1
+    - name: Use-cases and scenarios
+      href: use-cases-scenarios.md #DONE, link to the learn page  
+    - name: Confidential computing on Azure #DONE, #existing page  - shows the ACC products
+      href: overview-azure-products.md 
+    - name: Trusted Execution Environment (TEE) #p1
+      href: trusted-execution-environment.md # new, an easy to understandding of what a TEE is - explain like the black box example
+    - name: Trusted Compute Base (TCB) #p1 #done
+      href: trusted-compute-base.md #an easy to understandding of what a TCB is - what it means to be in/out of the TCB 
+    - name: Secret & Key Management #p1
+      href: secret-key-management.md # details on AKV and mHSM, and how they're used in the context of Confidential Computing #stubbed
+    - name: Attestation #p1 #done # EXISTING, use updated page - explain what attestation is, and why it's important, and give some practical examples of where its used #done
+      href: attestation-solutions.md 
  #    - name: Hardware attestation vs. software attestation #p1  new, why HW based attestation is better than the rest
  #      href: hardware-attestation-approach.md 
-     - name: Deploying solutions on confidential computing #moved from original #done
-       href: confidential-computing-deployment-models.md
+    - name: Confidential computing solutions
+      items:
+      - name: Building confidential computing solutions
+        href: confidential-computing-solutions.md
+      - name: Deploying solutions on confidential computing #moved from original #done
+        href: confidential-computing-deployment-models.md
 - name: Why might I need it? # WHY?
   expanded: true
   items:
@@ -57,6 +61,12 @@
       href: how-to-leverage-virtual-tpms-in-azure-confidential-vms.md
     - name: Create a custom image for a confidential VM
       href: how-to-create-custom-image-confidential-vm.md
+    - name: Quickly create confidential VMs
+      items:
+      - name: Create VM through the Azure portal
+        href: quick-create-portal.md
+      - name: Create VM through the Azure Marketplace
+        href: quick-create-marketplace.md
     - name: Image hardening techniques for deployment
       items:
       - name: Harden a Linux image to remove sudo users

articles/confidential-computing/quick-create-confidential-vm-arm.md

@@ -58,13 +58,13 @@ To create and deploy your confidential VM using an ARM template through the Azur
     az group create -n $resourceGroup -l $region
     ```
 
-1. Deploy your VM to Azure using an ARM template with a custom parameter file. For TDX deployments here is an example template: https://aka.ms/TDXtemplate.
+1. Deploy your VM to Azure using an ARM template with a custom parameter file and [template file](https://github.com/Azure/confidential-computing-cvm/tree/main/cvm_deployment/templates).
 
     ```azurecli-interactive
     az deployment group create `
      -g $resourceGroup `
      -n $deployName `
-     -u "https://aka.ms/CVMTemplate" `
+     -u "<json-template-file-path>" `
      -p "<json-parameter-file-path>" `
      -p vmLocation=$region `
         vmName=$vmName

articles/expressroute/expressroute-locations.md

@@ -63,7 +63,7 @@ The following table shows locations by service provider. If you want to view ava
 | **BSNL** | &check; | &check; | Chennai<br/>Mumbai |
 | **[C3ntro](https://www.c3ntro.com/)** | &check; | &check; | Miami |
 | **Cello** | &check; | &check; | Sydney |
-| **CDC** | &check; | &check; | Canberra<br/>Canberra2 |
+| **[CDC](https://cdc.com/services/network-services/)** | &check; | &check; | Canberra<br/>Canberra2 |
 | **[CenturyLink Cloud Connect](https://www.centurylink.com/cloudconnect)** | &check; | &check; | Amsterdam2<br/>Chicago<br/>Dallas<br/>Dublin<br/>Frankfurt<br/>Hong Kong<br/>Las Vegas<br/>London<br/>London2<br/>Montreal<br/>New York<br/>Paris<br/>Phoenix<br/>San Antonio<br/>Seattle<br/>Silicon Valley<br/>Singapore2<br/>Tokyo<br/>Toronto<br/>Washington DC<br/>Washington DC2 |
 | **[Chief Telecom](https://www.chief.com.tw/)** |&check; |&check; | Hong Kong<br/>Taipei |
 | **China Mobile International** |&check; |&check; | Hong Kong<br/>Hong Kong2<br/>Singapore<br/>Singapore2 |

articles/operator-service-manager/best-practices-onboard-deploy.md

@@ -243,7 +243,7 @@ Consider the following high-availability and disaster recovery requirements:
 
 ## Troubleshooting considerations
 
-During installation and upgrade by default, atomic and wait options are set to `true`, and the operation timeout is set to `27 minutes`. During onboarding, we recommend that you set the atomic flag to `false` to prevent the Helm rollback upon failure. The optimal way to accomplish that is in the ARM template of the NF.
+During installation and upgrade by default, atomic and wait options are set to `true`, and the operation timeout is set to `27 minutes`. During initial onboarding, only while you are still debugging and developing artifacts, we recommend that you set the atomic flag to `false.` This prevents a helm rollback upon failure and retains any logs or errors which may otherwise be lost. The optimal way to accomplish that is in the ARM template of the NF.
 
 In the ARM template, add the following section:
 
@@ -269,6 +269,9 @@ The component name is defined in the NFDV:
             }
 </pre>
 
+> [!IMPORTANT]
+> Make sure atomic and wait are set back to `true` after initial onboarding is complete.
+
 ## Cleanup considerations
 
 Delete operator resources in the following order to make sure no orphaned resources are left behind:

articles/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted.md

@@ -98,7 +98,7 @@ This section compares advanced capabilities provided by Storage queues and Servi
 | Storage metrics |Yes<br/><br/>Minute Metrics provides real-time metrics for availability, TPS, API call counts, error counts, and more. They're all in real time, aggregated per minute and reported within a few minutes from what just happened in production. For more information, see [About Storage Analytics Metrics](/rest/api/storageservices/fileservices/About-Storage-Analytics-Metrics). |Yes<br/><br/>For information about metrics supported by Azure Service Bus, see [Message metrics](monitor-service-bus-reference.md#message-metrics). |
 | State management |No |Yes (Active, Disabled, SendDisabled, ReceiveDisabled. For details on these states, see [Queue status](entity-suspend.md#queue-status)) |
 | Message autoforwarding |No |Yes |
-| Purge queue function |Yes |No |
+| Purge queue function |Yes |[Yes](/azure/service-bus-messaging/batch-delete)|
 | Message groups |No |Yes<br/><br/>(by using messaging sessions) |
 | Application state per message group |No |Yes |
 | Duplicate detection |No |Yes<br/><br/>(configurable on the sender side) |
@@ -122,10 +122,10 @@ This section compares Storage queues and Service Bus queues from the perspective
 
 | Comparison Criteria | Storage queues | Service Bus queues |
 | --- | --- | --- |
-| Maximum queue size |500 TB<br/><br/>(limited to a [single storage account capacity](../storage/common/storage-introduction.md#queue-storage)) |1 GB to 80 GB<br/><br/>(defined upon creation of a queue and [enabling partitioning](service-bus-partitioning.md) – see the “Additional Information” section) |
-| Maximum message size |64 KB<br/><br/>(48 KB when using Base 64 encoding)<br/><br/>Azure supports large messages by combining queues and blobs – at which point you can enqueue up to 200 GB for a single item. |256 KB or 100 MB<br/><br/>(including both header and body, maximum header size: 64 KB).<br/><br/>Depends on the [service tier](service-bus-premium-messaging.md). |
+| Maximum queue size |500 TB<br/><br/>(limited to a [single storage account capacity](../storage/common/storage-introduction.md#queue-storage)) |1 GB to 80 GB<br/><br/>(Premium SKU or Standard SKU with partitioning)|
+| Maximum message size |64 KB<br/><br/>(48 KB when using Base 64 encoding)<br/><br/>Azure supports large messages by combining queues and blobs – at which point you can enqueue up to 200 GB for a single item. |256 KB, 1 MB or 100 MB<br/><br/>(including both header and body, maximum header size: 64 KB).<br/><br/>Depends on the [service tier](service-bus-premium-messaging.md). |
 | Maximum message TTL |Infinite (api-version 2017-07-27 or later) |TimeSpan.MaxValue |
-| Maximum number of queues |Unlimited |10,000<br/><br/>(per service namespace) |
+| Maximum number of queues |Unlimited |10,000 (Standard SKU)<br/>1000 / Messaging Unit (Premium SKU)<br/>(per service namespace) |
 | Maximum number of concurrent clients |Unlimited |5,000 |
 
 ### Additional information
@@ -134,7 +134,7 @@ This section compares Storage queues and Service Bus queues from the perspective
 * With Storage queues, if the content of the message isn't XML-safe, then it must be **Base64** encoded. If you **Base64**-encode the message, the user payload can be up to 48 KB, instead of 64 KB.
 * With Service Bus queues, each message stored in a queue is composed of two parts: a header and a body. The total size of the message can't exceed the maximum message size supported by the service tier.
 * When clients communicate with Service Bus queues over the TCP protocol, the maximum number of concurrent connections to a single Service Bus queue is limited to 100. This number is shared between senders and receivers. If this quota is reached, requests for additional connections will be rejected and an exception will be received by the calling code. This limit isn't imposed on clients connecting to the queues using REST-based API.
-* If you require more than 10,000 queues in a single Service Bus namespace, you can contact the Azure support team and request an increase. To scale beyond 10,000 queues with Service Bus, you can also create additional namespaces using the [Azure portal].
+* To scale beyond 10,000 queues with Service Bus Standard SKU or 1000 queues/Messaging Unit with Service Bus Premium SKU, you can also create additional namespaces using the [Azure portal].
 
 ## Management and operations
 This section compares the management features provided by Storage queues and Service Bus queues.

articles/static-web-apps/apis-overview.md

@@ -5,7 +5,7 @@ services: static-web-apps
 author: craigshoemaker
 ms.service: azure-static-web-apps
 ms.topic:  conceptual
-ms.date: 06/14/2022
+ms.date: 10/02/2024
 ms.author: cshoe
 ---
 
@@ -17,7 +17,7 @@ Key features of Azure Static Web Apps APIs include:
 
 - **Integrated security** with direct access to user [authentication and role-based authorization](user-information.md) data.
 
-- **Seamless routing** that makes the `/api` route available to the front-end web app without requiring custom CORS rules.
+- **Seamless routing** that makes the back-end `/api` route available to the front-end web app without requiring custom CORS rules.
 
 ## API options
 

articles/static-web-apps/deployment-token-management.md

@@ -6,7 +6,7 @@ author: craigshoemaker
 ms.author: cshoe
 ms.service: azure-static-web-apps
 ms.topic:  conceptual
-ms.date: 06/24/2024
+ms.date: 10/02/2024
 ---
 
 # Reset deployment tokens in Azure Static Web Apps
@@ -40,14 +40,14 @@ To keep automated deployment running, after resetting a token you need to set th
 
 1. Go to your project's repository on GitHub, and select the **Settings** tab.
 
-1. Select **Secrets** from the menu item. Find a secret generated during Static Web App provisioning named _AZURE_STATIC_WEB_APPS_API_TOKEN_... in the _Repository secrets_ section.
+1. Under the *Security* section, select **Actions**.  
 
-    :::image type="content" source="./media/deployment-token-management/github-repo-secrets.png" alt-text="Listing repository secrets":::
+1. Find a secret generated during Static Web App provisioning named _AZURE_STATIC_WEB_APPS_API_TOKEN_... in the _Repository secrets_ section.
 
     > [!NOTE]
     > If you created the Azure Static Web Apps site against multiple branches of this repository, you see multiple _AZURE_STATIC_WEB_APPS_API_TOKEN_... secrets in this list. Select the correct one by matching the file name listed in the _Edit workflow_ field on the _Overview_ tab of the Static Web Apps site.
 
-1. Select **Update**.
+1. Select pen icon button to update the value.
 
 1. **Paste the value** of the deployment token to the _Value_ field.
 

articles/static-web-apps/external-providers.md

@@ -1,15 +1,15 @@
 ---
-title: Deploy to Azure Static Web Apps with external providers
-description: Learn to use CI/CD providers that aren't supported out-of-the-box to build and deploy your website in Azure Static Web Apps.
+title: Set up Azure Static Web Apps to deploy to external providers
+description: Learn how to set up your static web app to use CI/CD providers that aren't supported out-of-the-box.
 services: static-web-apps
 author: craigshoemaker
 ms.service: azure-static-web-apps
 ms.topic:  how-to
-ms.date: 06/05/2023
+ms.date: 10/02/2024
 ms.author: cshoe
 ---
 
-# Deploy to Azure Static Web Apps with external providers
+# Set up Azure Static Web Apps to deploy to external providers
 
 Azure Static Web Apps supports a series of built-in providers to help you publish your website. If you would like to use a provider beyond the out-of-the-box options, use the following guide to build and deploy your static web app.
 

articles/static-web-apps/front-door-manual.md

@@ -1,16 +1,16 @@
 ---
-title: "Tutorial: Configure Azure Front Door for Azure Static Web Apps"
-description: Learn how to set up Azure Front Door for Azure Static Web Apps
+title: "Tutorial: Configure a CDN for Azure Static Web Apps"
+description: Learn how to set up a content delivery network (CDN) for Azure Static Web Apps
 services: static-web-apps
 author: craigshoemaker
 ms.service: azure-static-web-apps
 ms.topic: how-to
-ms.date: 01/24/2023
+ms.date: 10/01/2024
 ms.author: cshoe
 zone_pivot_groups: static-web-apps-afd-methods
 ---
 
-# Tutorial: Configure Azure Front Door for Azure Static Web Apps
+# Tutorial: Configure a CDN for Azure Static Web Apps
 
 By adding [Azure Front Door](../frontdoor/front-door-overview.md) as the CDN for your static web app, you benefit from a secure entry point for fast delivery of your web applications.