Sync release-local-2506 with main

Sync release-local-2506 with main

Author: sethmanheim

.acrolinx-config.edn

@@ -1,2 +1,2 @@
 {:allowed-branchname-matches ["main" "release-.*"]
-:allowed-filename-matches ["azure-stack" "AKS-Hybrid" "azure-managed-lustre" "azure-local"]}
+:allowed-filename-matches ["azure-stack" "azure-managed-lustre" "azure-local" "(?i)(AKS-Arc)(?!/reference)"]}

AKS-Arc/TOC.yml

@@ -5,6 +5,8 @@
   items:
   - name: What is AKS enabled by Azure Arc?
     href: aks-overview.md
+  - name: Compare AKS across platforms
+    href: aks-platforms-compare.md 
   - name: Supported Kubernetes versions
     href: supported-kubernetes-versions.md  
   - name: Data collection

AKS-Arc/aks-platforms-compare.md

@@ -3,7 +3,7 @@ title: Monitor Kubernetes audit events in AKS enabled by Azure Arc
 description: Learn how to create a diagnostic setting to access Kubernetes audit logs.
 author: sethmanheim
 ms.topic: how-to
-ms.date: 05/08/2024
+ms.date: 06/12/2025
 ms.author: sethm 
 ms.lastreviewed: 02/26/2024
 ms.reviewer: guanghu
@@ -18,7 +18,7 @@ You can access Kubernetes audit logs in Kubernetes control plane logs. Control p
 
 ## Create a diagnostic setting
 
-Before creating the diagnostic setting, install the **Arc K8S** extension, which enables log collection from the AKS cluster.
+Before you create the diagnostic setting, install the **Arc K8S** extension, which enables log collection from the AKS cluster.
 
 Install the Arc K8S extension by running the following command:
 
@@ -56,4 +56,4 @@ az k8s-extension delete -g <resouerce-group-name> -c <cluster-name> --cluster-ty
 
 ## Next steps
 
-[Monitor Kubernetes object events](kubernetes-monitor-object-events.md)
+[Monitor Kubernetes object events](kubernetes-monitor-object-events.md)

AKS-Arc/kubernetes-monitor-audit-events.md

@@ -4,7 +4,7 @@ description: Learn how to use enhanced Azure management for Azure Local. This en
 ms.topic: article
 author: alkohli
 ms.author: alkohli
-ms.date: 05/12/2023
+ms.date: 06/10/2025
 ---
 
 # Enhanced management of Azure Local from Azure
@@ -30,7 +30,7 @@ The managed identity serves as an identity for the various components of your ma
 
     For more information, see [Monitor Azure Local with Azure Monitor Insights](./monitor-single-23h2.md).
 
-- **Protection of VM workloads via Azure Site Recovery** - You can protect your business critical VM workloads running on Azure Local by replicating the VMs using the Azure Site Recovery agent which is deployed as an Arc for Server extension. The Azure Local managed identity is used to download a key credential file from Azure. This file lets the agent know which service to talk to and which Recovery services vault to communicate with. This mechanism allows us to scope the access to the Recovery services vault to only the applicable Azure Local.
+- **Protection of VM workloads via Azure Site Recovery** - You can protect your business critical virtual machine (VM) workloads running on Azure Local by replicating the VMs using the Azure Site Recovery agent which is deployed as an Arc for Server extension. The Azure Local managed identity is used to download a key credential file from Azure. This file lets the agent know which service to talk to and which Recovery services vault to communicate with. This mechanism allows us to scope the access to the Recovery services vault to only the applicable Azure Local.
 
     The Arc for Server extension uses the system managed identity to download the key credential file to every machine of the system. If a new machine is added to your system, Azure Local automatically triggers the installation of Arc for Server extension for Azure Site Recovery on the new machine. In the absence of managed identity, this was previously a manual step that required you to install the agent to each machine that was added to the system.
 
@@ -43,7 +43,7 @@ With this feature enhancement, the following actions can be initiated from Azure
 
 ## Enable enhanced management
 
-To enable the enhanced management feature, you will need to install the latest cumulative update for Azure Local, version 22H2 and rerun registration for your system.
+To enable the enhanced management feature, you'll need to install the latest cumulative update for Azure Local, version 22H2 and rerun registration for your system.
 
 ## Prerequisites
 
@@ -73,15 +73,15 @@ For systems running version 22H2, to enable Azure management and managed identit
         Update-Module -Name Az.StackHCI
         ```
 
-1. Skip this step and go to the next step if your system is already registered. If your system has not been previously registered to Azure, [register your system with Azure](../deploy/register-with-azure.md). The registration process configures a managed identity and Azure Service Bus to enable the new management feature.
-1. If the system is already registered to Azure, rerun the registration. Use of `RepairRegistration` parameter will help configure a managed identity and Azure Service Bus while retaining other information such as resource name, resource group and other settings.
+1. Skip this step and go to the next step if your system is already registered. If your system hasn't been previously registered to Azure, [register your system with Azure](../deploy/register-with-azure.md). The registration process configures a managed identity and Azure Service Bus to enable the new management feature.
+1. If the system is already registered to Azure, rerun the registration. Use of the `RepairRegistration` parameter helps configure a managed identity and Azure Service Bus while retaining other information such as resource name, resource group, and other settings.
 
     ```powershell
     Register-AzStackHCI  -SubscriptionId "<subscription_ID>" -RepairRegistration
     ```
 
 > [!NOTE]
-> The registration fails if you use an older version, earlier than 1.4.1 for your `Az.StackHCI` PowerShell module. The updated module is backward compatible and will run on OS versions with or without the new feature update installed.
+> The registration fails if you use an older version, earlier than 1.4.1 for your `Az.StackHCI` PowerShell module. The updated module is backward compatible and runs on OS versions with or without the new feature update installed.
 
 
 ## Next steps

azure-local/manage/azure-enhanced-management-managed-identity.md

@@ -42,8 +42,6 @@ Trusted launch is a security type that can be specified when you create Azure Lo
 
 - VM live migration network traffic isn't encrypted. We strongly recommend that you enable a network layer encryption technology such as IPsec to protect live migration network traffic.
 
-<!--- VM live migration network traffic is not encrypted. We strongly recommend that you enable IPsec to protect live migration network traffic. For more information, see [Network Recommendations for a Hyper-V Cluster](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn550728(v=ws.11)#How_to_isolate_the_network_traffic_on_a_Hyper-V_cluster).-->
-
 ## Guest operating system images
 
 All Windows 11 images (excluding 24H2 Windows 11 SKUs) and Windows Server 2022 images from Azure Marketplace supported by Azure Local VMs are supported. See [Create Azure Local VM image using Azure Marketplace images](/azure-stack/hci/manage/virtual-machine-image-azure-marketplace?tabs=azurecli) for a list of all supported Windows 11 images.

azure-local/manage/trusted-launch-vm-overview.md

@@ -3,7 +3,7 @@ title: Migrate Hyper V VMs to Azure Local using Azure Migrate (preview)
 description: Learn about how to to migrate Windows and Linux VMs to your Azure Local instance using Azure Migrate  (preview).
 author: alkohli
 ms.topic: how-to
-ms.date: 10/31/2024
+ms.date: 06/12/2025
 ms.author: alkohli
 ms.reviewer: alkohli
 ms.custom: linux-related-content
@@ -21,8 +21,8 @@ This article describes how to migrate Hyper-V virtual machines (VMs) to Azure Lo
 
 Before you migrate your VMs:
 
-- Make sure that you have replicated the VM on your Azure Local instance. To replicate a VM, use the instructions in [Replicate Hyper-V VMs to Azure Local using Azure Migrate](migrate-hyperv-replicate.md).
-- Make sure the replication has completed and the migration status is **Ready to migrate**.
+- Make sure that you replicate the VM on your Azure Local instance. To replicate a VM, use the instructions in [Replicate Hyper-V VMs to Azure Local using Azure Migrate](migrate-hyperv-replicate.md).
+- Make sure the replication is completed and that the migration status is **Ready to migrate**.
 
 
 ## Migrate VMs
@@ -69,7 +69,7 @@ Once the migration is complete, the VMs are running on your Azure Local instance
 ## Verify and complete migration
 
 > [!IMPORTANT]
-> After verifying the status of the migrated VM, be sure to **complete migration** as detailed below. Failing to do so may lead to unexpected behavior.
+> After verifying the status of the migrated VM, be sure to **complete migration** as follows. Failing to do so may lead to unexpected behavior.
 
 1. In the Azure portal, go to your Azure Local resource, then select **Virtual machines**.
 1. In the list of VMs in the right-pane, verify that the VMs that you migrated are present.
@@ -98,19 +98,19 @@ Once the migration is complete, the VMs are running on your Azure Local instance
 
     :::image type="content" source="./media/migrate-azure-migrate/complete-migration-virtual-machine-3.png" alt-text="Screenshot of confirmation to complete migration in Azure portal."lightbox="./media/migrate-azure-migrate/complete-migration-virtual-machine-3.png":::
 
-    The **Complete migrate** action starts the **Delete protected item** job that you can track from the  **Jobs**  page. This job will only clean up the replication by deleting the delete protected item job - this will not affect your migrated VM.  
+    The **Complete migrate** action starts the **Delete protected item** job that you can track from the  **Jobs**  page. This job only cleans up the replication by deleting the delete protected item job - this won't affect your migrated VM.  
 
     :::image type="content" source="./media/migrate-azure-migrate/complete-migration-virtual-machine-4.png" alt-text="Screenshot of Jobs page with deletion job selected in Azure portal."lightbox="./media/migrate-azure-migrate/complete-migration-virtual-machine-4.png":::
 
-    Completing the migration or deleting the protected item will automatically remove any leftover seed files, such as the seed.iso file attached to the migrated VM and seed disks used during replication. These files can occupy significant space on the target Azure Local system, so it's important to finalize the migration after verifying the VMs. If migrations are not completed, these files will continue to occupy space on the target system.
+    Completing the migration or deleting the protected item will automatically remove any leftover seed files, such as the seed.iso file attached to the migrated VM and seed disks used during replication. These files can occupy significant space on the target Azure Local system, so it's important to finalize the migration after verifying the VMs. If migrations aren't completed, these files continue to occupy space on the target system.
 
-    After the migrate resource is deleted, it is also removed from the **Replications** view. You'll also see the migrated VM job disappear from the **Replications** view.
+    After the migrate resource is deleted, it's also removed from the **Replications** view. You also see the migrated VM job disappear from the **Replications** view.
 
     :::image type="content" source="./media/migrate-azure-migrate/complete-migration-virtual-machine-5.png" alt-text="Screenshot of Replications page with VM not showing in the list in Azure portal."lightbox="./media/migrate-azure-migrate/complete-migration-virtual-machine-5.png":::
 
 ## Clean up
 
-Once you have verified that migration is complete and no more machines need to be migrated, the last step is to clean up. Cleanup requires deletion of the following resources created during migration:
+Once you verify that migration is complete and no more machines need to be migrated, the last step is to clean up. Cleanup requires deletion of the following resources created during migration:
 
 - Source VMs and the associated VM disks from the Hyper-V server and the Failover Cluster Manager.
 - Source and target appliance VMs.

azure-local/migrate/migrate-azure-migrate.md

@@ -3,7 +3,7 @@ title: Install solution upgrade on Azure Local
 description: Learn how to install the solution upgrade on your Azure Local instance.
 author: alkohli
 ms.topic: how-to
-ms.date: 06/10/2025
+ms.date: 06/11/2025
 ms.author: alkohli
 ms.reviewer: alkohli
 ms.service: azure-local
@@ -27,12 +27,12 @@ Throughout this article, we refer to OS version 23H2 as the *new* version and ve
 
 Before you install the solution upgrade, make sure that you:
 
-- Validate the system using the Environment Checker as per the instructions  in [Assess solution upgrade readiness](./validate-solution-upgrade-readiness.md#run-the-validation).
+- Validate the system using the Environment Checker as per the instructions in [Assess solution upgrade readiness](./validate-solution-upgrade-readiness.md#run-the-validation).
 - Verify that latest `AzureEdgeLifecycleManager` extension on each machine is installed as per the instructions in [Check the Azure Arc extension](./validate-solution-upgrade-readiness.md#remediation-9-check-the-azure-arc-lifecycle-extension).
 
     :::image type="content" source="media/install-solution-upgrade/verify-lcmextension-installed.png" alt-text="Screenshot of Extensions page showing AzureEdgeLifeCycleManager extension install on an Azure Local machine." lightbox="./media/install-solution-upgrade/verify-lcmextension-installed.png":::
 - Have failover cluster name between 3 to 15 characters.
-- Have an Active Directory user credential that's a member of the local Administrator group. Work with your Active Directory administrator to obtain this credential.  
+- Create an Active Directory Lifecycle Manager (LCM) user account that's a member of the local Administrator group. For instructions, see [Prepare Active Directory for Azure Local deployment](../deploy/deployment-prep-active-directory.md).
 - Have IPv4 network range that matches your host IP address subnet with six, contiguous IP addresses available for new Azure Arc services. Work with your network administrator to ensure that the IP addresses aren't in use and meet the outbound connectivity requirement.
 - Have Azure subscription permissions for [Azure Stack HCI Administrator and Reader](../manage/assign-vm-rbac-roles.md#about-built-in-rbac-roles).  
 

azure-local/upgrade/install-solution-upgrade.md

@@ -3,7 +3,7 @@ title: Upgrade Azure Stack HCI OS to version 26100.xxxx using PowerShell
 description: Learn how to use PowerShell to upgrade Azure Stack HCI OS to version 26100.xxxx.
 author: alkohli
 ms.topic: how-to
-ms.date: 06/10/2025
+ms.date: 06/11/2025
 ms.author: alkohli
 ms.reviewer: alkohli
 ms.service: azure-local
@@ -79,12 +79,6 @@ To ensure Resilient File System (ReFS) functions properly during and after OS up
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" -Name "RefsEnableMetadataValidation" -Value 0 -Type DWord  -ErrorAction Stop
    ```
 
-1. Create the parameters key if it doesn't exist. If it already exists, the command may fail with an error, which is expected.
-
-   ```powershell
-   New-Item -Path HKLM:\SYSTEM\CurrentControlSet\Services\Vid\Parameters
-   ```
-
 1. Restart the machine to apply changes. If ReFS volumes fail to come online after reboot and the `RefsEnableMetadataValidation` key is reset, toggle the key. Set `RefsEnableMetadataValidation` to **1** and then back to **0**. To check volume status, run the `Get-ClusterSharedVolumeState` command.
 
 1. Update and verify that the registry keys have been applied on each machine in the system before moving to the next step.

azure-local/upgrade/upgrade-to-24h2-powershell.md

@@ -123,11 +123,10 @@ This release has the following features and improvements:
 
     The following preview features aren't supported for Azure Local in Azure Government cloud:
 
-    - [Azure Arc Gateway](./deploy/deployment-azure-arc-gateway-overview.md).
-    - [Deploy using local identity with Key Vault](./deploy/deployment-local-identity-with-key-vault.md).
-    - [Azure Site Recovery](./manage/azure-site-recovery.md).
-    - [Windows Admin Center in Azure portal](/windows-server/manage/windows-admin-center/azure/manage-vm).
-<!--- [Azure Backup](/backup/back-up-azure-stack-hyperconverged-infrastructure-virtual-machines).-->
+  - [Azure Arc Gateway](./deploy/deployment-azure-arc-gateway-overview.md).
+  - [Deploy using local identity with Key Vault](./deploy/deployment-local-identity-with-key-vault.md).
+  - [Azure Site Recovery](./manage/azure-site-recovery.md).
+  - [Windows Admin Center in Azure portal](/windows-server/manage/windows-admin-center/azure/manage-vm).
 
 - **Registration and deployment changes**
   - **Extension installation**: Extensions are no longer installed during the registration of Azure Local machines. Instead, the extensions are installed in the machine validation step during the Azure Local instance deployment. For more information, see [Register with Azure Arc via console](./deploy/deployment-arc-register-server-permissions.md) and [Deploy via Azure portal](./deploy/deploy-via-portal.md).