Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into patricka-data-flow

Author: PatAltimore

.openpublishing.redirection.json

@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/databox-online/azure-stack-edge-gpu-deploy-sample-module-marketplace.md",
+      "redirect_url": "https://azuremarketplace.microsoft.com/marketplace/apps?page=1",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/partner-solutions/logzio/create.md",
       "redirect_url": "/previous-versions/azure/partner-solutions/logzio/create",
@@ -25,6 +30,46 @@
       "redirect_url": "/previous-versions/azure/partner-solutions/logzio/troubleshoot",
        "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/hdinsight-aks/index.yml",
+      "redirect_url": "/previous-versions/azure/hdinsight-aks",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/hdinsight-aks/flink/index.md",
+      "redirect_url": "/previous-versions/azure/hdinsight-aks/flink/flink-overview",
+      "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/prerequisites-subscription.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/quickstart-prerequisites-subscription",
+        "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/release-notes/index.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/release-notes/hdinsight-aks-release-notes",
+        "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/prerequisites-resources.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/quickstart-prerequisites-resources",
+        "redirect_document_id": false
+    },    
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/spark/index.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/spark/hdinsight-on-aks-spark-overview",
+        "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/get-started.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/quickstart-get-started",
+        "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/hdinsight-aks/trino/index.md",
+        "redirect_url": "/previous-versions/azure/hdinsight-aks/trino/trino-overview ",
+        "redirect_document_id": false
+    },
     {
       "source_path": "articles/hdinsight-aks/cluster-storage.md",
       "redirect_url": "/previous-versions/azure/hdinsight-aks/cluster-storage",

articles/active-directory-b2c/tutorial-create-user-flows.md

@@ -212,7 +212,9 @@ Next, specify that the application should be treated as a public client:
 1. Select **Save**.
 1. Ensure that **"isFallbackPublicClient": true** is set in the application manifest:
     1. In the left menu, under **Manage**, select **Manifest** to open application manifest.
-    1. Find **isFallbackPublicClient** key and ensure its value is set to **true**.
+    1. Switch from the **Microsoft Graph App Manifest (New)** tab to the **AAD Graph App Manifest (Deprecating Soon)** tab.
+    1. Find **allowPublicClient** key and ensure its value is set to **true**.
+
 
 Now, grant permissions to the API scope you exposed earlier in the *IdentityExperienceFramework* registration:
 

articles/api-management/TOC.yml

@@ -703,3 +703,5 @@
     href: /answers/tags/29/azure-api-management
   - name: Stack Overflow
     href: https://stackoverflow.com/questions/tagged/azure-api-management
+  - name: aka.ms/apimlove
+    href: https://aka.ms/apimlove

articles/api-management/api-management-key-concepts.md

@@ -45,6 +45,9 @@ Common scenarios include:
 * **Multi-channel user experiences** - APIs are frequently used to enable user experiences such as web, mobile, wearable, or Internet of Things applications. Reuse APIs to accelerate development and ROI.
 * **B2B integration** - APIs exposed to partners and customers lower the barrier to integrate business processes and exchange data between business entities. APIs eliminate the overhead inherent in point-to-point integration. Especially with self-service discovery and onboarding enabled, APIs are the primary tools for scaling B2B integration.
 
+> [!TIP]
+> Visit [aka.ms/apimlove](https://aka.ms/apimlove) for a library of useful resources, including videos, blogs, and customer stories about using Azure API Management.
+
 ## API Management components
 
 Azure API Management is made up of an API *gateway*, a *management plane*, and a *developer portal*. These components are Azure-hosted and fully managed by default. API Management is available in various [tiers](#api-management-tiers) differing in capacity and features.
@@ -132,7 +135,8 @@ API Management integrates with many complementary Azure services to create enter
 **More information**:
 * [Basic enterprise integration](/azure/architecture/reference-architectures/enterprise-integration/basic-enterprise-integration?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 * [Landing zone accelerator](/azure/cloud-adoption-framework/scenarios/app-platform/api-management/landing-zone-accelerator?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
-* [Import APIs to API Center from API Management](../api-center/import-api-management-apis.md?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
+* [GenAI gateway capabilities in API Management](genai-gateway-capabilities.md)
+* [Synchronize APIs to API Center from API Management](../api-center/synchronize-api-management-apis.md?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 
 ## Key concepts
 

articles/app-service/configure-ssl-app-service-certificate.md

@@ -139,6 +139,13 @@ By default, App Service certificates have a one-year validity period. Before the
 
 If you think your certificate's private key is compromised, you can rekey your certificate. This action rotates the certificate with a new certificate issued from the certificate authority.
 
+> [!NOTE]
+> Starting September 23 2021, if you haven't verified the domain in the last 395 days, App Service certificates require domain verification during a renew, auto-renew, or rekey process. The new certificate order remains in "pending issuance" mode during the renew, auto-renew, or rekey process until you complete the domain verification.
+> 
+> Unlike the free App Service managed certificate, purchased App Service certificates don't have automated domain re-verification. Failure to verify domain ownership results in failed renewals. For more information about how to verify your App Service certificate, review [Confirm domain ownership](#confirm-domain-ownership).
+>
+> The rekey process requires that the service principal for App Service has the required permissions on your key vault. These permissions are set up for you when you import an App Service certificate through the Azure portal. Make sure that you don't remove these permissions from your key vault.
+
 1. On the [App Service Certificates page](https://portal.azure.com/#blade/HubsExtension/Resources/resourceType/Microsoft.CertificateRegistration%2FcertificateOrders), select the certificate. From the left menu, select **Rekey and Sync**.
 
 1. To start the process, select **Rekey**. This process can take 1-10 minutes to complete.

articles/app-service/configure-ssl-certificate.md

@@ -136,16 +136,13 @@ If you use Azure Key Vault to manage your certificates, you can import a PKCS12
 
 By default, the App Service resource provider doesn't have access to your key vault. To use a key vault for a certificate deployment, you must authorize read access for the resource provider (App Service) to the key vault. You can grant access either with access policy or RBAC. 
 
-### [RBAC permissions](#tab/RBAC)
+### [RBAC permissions](#tab/rbac)
 | Resource provider | Service principal app ID / assignee | Key vault RBAC role |
 |--|--|--|
 | **Microsoft Azure App Service** or **Microsoft.Azure.WebSites** | - `abfa0a7c-a6b6-4736-8310-5855508787cd` for public Azure cloud environment <br><br>- `6a02c803-dafd-4136-b4c3-5a6f318b4714` for Azure Government cloud environment | Certificate User |
 
 The service principal app ID or assignee value is the ID for the App Service resource provider. To learn how to authorize key vault permissions for the App Service resource provider using an access policy, see the [provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control documentation](/azure/key-vault/general/rbac-guide?tabs=azure-portal#key-vault-scope-role-assignment).
 
-> [!NOTE]
-> Do not delete these RBAC permissions from key vault. If you do, App Service will not be able to sync your web app with the latest key vault certificate version.
-
 ### [Access policy permissions](#tab/accesspolicy)
 
 | Resource provider | Service principal app ID | Key vault secret permissions | Key vault certificate permissions |
@@ -159,6 +156,23 @@ The service principal app ID or assignee value is the ID for the App Service res
 
 ---
 
+#### [Azure CLI](#tab/azure-cli/rbac)
+```azurecli-interactive
+az role assignment create --role "Key Vault Certificate User" --assignee "abfa0a7c-a6b6-4736-8310-5855508787cd" --scope "/subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}/providers/Microsoft.KeyVault/vaults/{key-vault-name}"
+```
+
+#### [Azure PowerShell](#tab/azure-powershell/rbac)
+```azurepowershell
+#Assign by Service Principal ApplicationId
+New-AzRoleAssignment -RoleDefinitionName "Key Vault Certificate User" -ApplicationId "abfa0a7c-a6b6-4736-8310-5855508787cd" -Scope "/subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}/providers/Microsoft.KeyVault/vaults/{key-vault-name}"
+```
+
+> [!NOTE]
+> Do not delete these RBAC permissions from key vault. If you do, App Service will not be able to sync your web app with the latest key vault certificate version.
+
+---
+
+
 ### Import a certificate from your vault to your app
 
 1. In the [Azure portal](https://portal.azure.com), from the left menu, select **App Services** > **\<app-name>**.

articles/application-gateway/for-containers/toc.yml

@@ -130,5 +130,5 @@
   - name: Regional availability
     href: https://azure.microsoft.com/global-infrastructure/services/
   - name: Stack Overflow
-    href: https://stackoverflow.com/questions/tagged/azure-application-gateway-for-containers
+    href: https://stackoverflow.com/questions/tagged/azure-app-gateway-for-containers
 

articles/azure-cache-for-redis/cache-best-practices-client-libraries.md

@@ -4,13 +4,13 @@ description: Learn about client libraries for Azure Cache for Redis.
 
 
 ms.topic: conceptual
-ms.date: 01/04/2022
+ms.date: 02/06/2025
 ms.custom: devx-track-java, devx-track-javaee, devx-track-javaee-liberty, devx-track-javaee-liberty-aks, devx-track-extended-java, ignite-2024
 ---
 
 # Client libraries
 
-Azure Cache for Redis is based on the popular open-source in-memory data store, open-source Redis. Azure Cache for Redis can be accessed by a wide variety of Redis clients for many programming languages. Each client library has its own API that makes calls to Redis server using Redis commands, but the client libraries are built to talk to any Redis server.
+Azure Cache for Redis is based on the popular open-source in-memory data store, open-source Redis. Redis clients for many programming languages can access Azure Managed Redis. Each client library has its own API that makes calls to Redis server using Redis commands, but the client libraries are built to talk to any Redis server.
 
 Each client maintains its own reference documentation for its library. The clients also provide links to get support through the client library developer community. The Azure Cache for Redis team doesn't own the development, or the support for any client libraries.
 
@@ -33,7 +33,6 @@ Although we don't own or support any client libraries, we do recommend some libr
 For information on client library-specific guidance best practices, see the following links:
 
 - [StackExchange.Redis (.NET)](cache-best-practices-connection.md#using-forcereconnect-with-stackexchangeredis)
-- [Java - Which client should I use?](https://gist.github.com/warrenzhu25/1beb02a09b6afd41dff2c27c53918ce7#file-azure-redis-java-best-practices-md)
 - [Lettuce (Java)](https://github.com/Azure/AzureCacheForRedis/blob/main/Lettuce%20Best%20Practices.md)
 - [Jedis (Java)](https://gist.github.com/JonCole/925630df72be1351b21440625ff2671f#file-redis-bestpractices-java-jedis-md)
 - [Redisson (Java)](cache-best-practices-client-libraries.md#redisson-java)
@@ -48,9 +47,9 @@ We _recommend_ you  use redisson 3.14.1 or higher. Older versions contain known
 
 Other notes:
 
-- Redisson defaults to 'read from replica' strategy, unlike some other clients. To change this, modify the 'readMode' config setting.
-- Redisson has a connection pooling strategy with configurable minimum and maximum settings, and the default minimum values are large. The large defaults could contribute to aggressive reconnect behaviors or 'connection storms'. To reduce the risk, consider using fewer connections because you can efficiently pipeline commands, or batches of commands, over a few connections.
-- Redisson has a default idle connection timeout of 10 seconds, which leads to more closing and reopening of connections than ideal.
+- Redisson defaults to 'read from replica' strategy, unlike some other clients. To change this default, modify the 'readMode' config setting.
+- Redisson has a connection pooling strategy with configurable minimum and maximum settings, and the default minimum values are large. The large defaults could contribute to aggressive reconnect behaviors or 'connection storms.' To reduce the risk, consider using fewer connections because you can efficiently pipeline commands, or batches of commands, over a few connections.
+- Redisson has a default idle connection time out of 10 seconds, which leads to more closing and reopening of connections than ideal.
 
 Here's a recommended baseline configuration for cluster mode that you can modify as needed:
 
@@ -83,7 +82,7 @@ clusterServersConfig:
   tcpNoDelay: true
 ```
 
-For an article demonstrating how to use Redisson's support for JCache as the store for HTTP session state in IBM Liberty on Azure, see [Use Java EE JCache with Open Liberty or WebSphere Liberty on an Azure Kubernetes Service (AKS) cluster](/azure/developer/java/ee/how-to-deploy-java-liberty-jcache).
+For an article about Redisson's support for JCache as the store for HTTP session state in IBM Liberty on Azure, see [Use Java EE JCache with Open Liberty or WebSphere Liberty on an Azure Kubernetes Service (AKS) cluster](/azure/developer/java/ee/how-to-deploy-java-liberty-jcache).
 
 ## How to use client libraries