Merge branch 'main' of https://github.com/MicrosoftDocs/azure-stack-docs-pr into hci-vm-cli

Author: v-sissondan

azure-local/TOC.yml

@@ -110,7 +110,7 @@ items:
   items:
   - name: Virtual deployment
     href: deploy/deployment-virtual.md
-  - name: Jumpstart
+  - name: Azure Local jumpstart
     href: https://arcjumpstart.com/azure_jumpstart_hcibox/getting_started
 
 - name: Plan

azure-local/concepts/firewall-requirements.md

@@ -15,7 +15,7 @@ This article provides guidance on how to configure firewalls for the Azure Stack
 
 This article also describes how to optionally use a highly locked-down firewall configuration to block all traffic to all destinations except those included in your allowlist.
 
-If your network uses a proxy server for internet access, see [Configure proxy settings for Azure Local](../manage/configure-proxy-settings.md).
+If your network uses a proxy server for internet access, see [Configure proxy settings for Azure Local](../manage/configure-proxy-settings-23h2.md).
 
 > [!IMPORTANT]
 > Azure Express Route and Azure Private Link are not supported for Azure Local, version 23H2 or any of its components as it is not possible to access the public endpoints required for Azure Local, version 23H2.
@@ -182,3 +182,4 @@ This section shows how to configure Microsoft Defender firewall to allow IP addr
 For more information, see also:
 
 - The Windows Firewall and WinRM 2.0 ports section of [Installation and configuration for Windows Remote Management](/windows/win32/winrm/installation-and-configuration-for-windows-remote-management#windows-firewall-and-winrm-20-ports)
+- See [About Azure Local, version 23H2 deployment](../deploy/deployment-introduction.md)

azure-local/concepts/physical-network-requirements.md

@@ -75,6 +75,7 @@ If your switch isn't included, contact your switch vendor to ensure that your sw
 |-----  |---| :-:  | :-:  | :-:   | :-:   |
 | [CX 8100 series](https://www.arubanetworks.com/resource/cx-8100-series-switch-data-sheet/) <br>(10 GbE)|AOS CX version 10.12.0006 or later |&check;| &check;| &check;| &check; |
 | [CX 8325 series](https://www.arubanetworks.com/resource/aruba-8325-switch-series-data-sheet/) <br>(10, 25, 100 GbE)|AOS CX version 10.11.1010 or later |&check;| &check;| &check;| &check; |
+| [CX 8325P series](https://www.hpe.com/psnow/doc/a00059009enw) <br>(40, 100 GbE)| AOS CX version 10.15.0005 or later |&check;| &check;| &check;| &check; |
 | [CX 8360 series](https://www.arubanetworks.com/resource/aruba-cx-8360-switch-series-data-sheet/) <br>(10, 25 GbE) |AOS CX version 10.11.1010 or later |&check;| &check;| &check;| &check; |
 | [CX 10000 series](https://www.arubanetworks.com/resource/aruba-cx-10000-switch-series-data-sheet/) <br>(10, 25 GbE)|AOS CX version 10.11.1010 or later|&check;| &check;| &check;| &check; |
 | [CX 9300 series](https://www.arubanetworks.com/resource/aruba-cx-9300-switch-series-data-sheet/)<br>(100, 400 GbE) |AOS CX version 10.11.1010 or later|&check;| &check;| &check;| &check; |
@@ -88,6 +89,7 @@ If your switch isn't included, contact your switch vendor to ensure that your sw
 |-----  |---| :-:  | :-:  | :-:   | :-:   |
 | [CX 8100 series](https://www.arubanetworks.com/resource/cx-8100-series-switch-data-sheet/) <br>(10 GbE)|AOS CX version 10.12.0006 or later |&check;| &check;| &check;| &check; |
 | [CX 8325 series](https://www.arubanetworks.com/resource/aruba-8325-switch-series-data-sheet/) <br>(10, 25, 100 GbE)|AOS CX version 10.11.1010 or later |&check;| &check;| &check;| &check; |
+| [CX 8325P series](https://www.hpe.com/psnow/doc/a00059009enw) <br>(40, 100 GbE)| AOS CX version 10.15.0005 or later |&check;| &check;| &check;| &check; |
 | [CX 8360 series](https://www.arubanetworks.com/resource/aruba-cx-8360-switch-series-data-sheet/) <br>(10, 25 GbE) |AOS CX version 10.11.1010 or later |&check;| &check;| &check;| &check; |
 | [CX 10000 series](https://www.arubanetworks.com/resource/aruba-cx-10000-switch-series-data-sheet/) <br>(10, 25 GbE)|AOS CX version 10.11.1010 or later|&check;| &check;| &check;| &check; |
 | [CX 9300 series](https://www.arubanetworks.com/resource/aruba-cx-9300-switch-series-data-sheet/)<br>(100, 400 GbE) |AOS CX version 10.11.1010 or later|&check;| &check;| &check;| &check; |

azure-local/includes/hci-download-vhdx.md

@@ -12,7 +12,7 @@ SDN uses a VHDX file containing either the Azure Stack HCI or Windows Server ope
 > [!NOTE]
 > The version of the OS in your VHDX must match the version used by the Azure Local Hyper-V machines. This VHDX file is used by all SDN infrastructure components.
 
-To download an English-language version of the VHDX file, see [Download the operating system from the Azure portal](../deploy/download-azure-stack-hci-23h2-software.md). Make sure to select **English VHDX** from the **Choose language** dropdown list.
+To download an English-language version of the VHDX file, see [Download the operating system from the Azure portal](../deploy/download-23h2-software.md). Make sure to select **English VHDX** from the **Choose language** dropdown list.
 
 Currently, a non-English VHDX file isn't available for download. If you require a non-English version, download the corresponding ISO file and convert it to VHDX using the `Convert-WindowsImage` cmdlet. You must run this script from a Windows client computer. You'll probably need to run this script as Administrator and modify the execution policy for scripts using the `Set-ExecutionPolicy` command.
 

azure-local/manage/disconnected-operations-overview.md

@@ -40,12 +40,12 @@ Disconnected operations for Azure Local support the following services:
 | Azure portal                      | Delivers an Azure portal experience that's similar to Azure Public. |
 | Azure Resource Manager (ARM)      | Manage and utilize subscriptions, resource groups, ARM templates, and Azure Command-Line Interface (CLI). |
 | Role Based Access Control (RBAC)  | Implement RBAC for subscriptions and resource groups. |
-| Managed Service Identity (MSI)    | Access resources with MSI support for user workloads. |
+| Managed Identity                  | Use **system-assigned** managed identity for resource types that support managed identity. |
 | Arc-enabled servers               | Manage VM Guests for Arc VMs on Azure Local. |
 | Arc VMs for Azure Local           | Set up and manage Windows or Linux virtual machines using the disconnected operations feature for Azure Local. |
 | Arc-enabled Kubernetes (K8s)      | Connect and manage Cloud Native Computing Foundation (CNCF) Kubernetes clusters deployed on Azure Local virtual machines, enabling unified configuration and management. |
 | Azure Kubernetes Service enabled by Arc for Azure Local | Set up and manage Azure Kubernetes (AKS) on Azure Local. |
-| Azure Local device management     | Create and manage Azure Local instances, add, and remove nodes. |
+| Azure Local device management     | Create and manage Azure Local instances including the ability to add and remove nodes. |
 | Container Registry                | Create and manage container registries to store and retrieve container images and artifacts. |
 | Key Vault                         | Create and manage Key Vaults to store and access secrets. |
 | Policy                            | Enforce standards through policies when creating new resources. |
@@ -82,10 +82,10 @@ The following table lists the requirements to successfully deploy and run discon
 
 | Area          | Supported system         | Use                          |
 | --------------| -------------------------| -----------------------------|
-| Identity      | Active Directory Federation Service (ADFS) on Windows Server 2022 | Lightweight Directory Access Protocol (LDAP) provides group membership and synchronization. <br><br> ADFS authenticates users to the Azure Local portal to manage disconnected operations using Open-ID Connect (OIDC). <br><br> Active Directory (AD) is required for disconnected operations. |
-| Public Key Infrastructure (PKI)   | Both Private and Public PKI are supported and required <br><br> Active Directory Certificate Services (ADCS) validated as a Private PKI solution | Issue certificates to secure Azure Local disconnected operations endpoints (TLS). |
-| Network Time Protocol (NTP) optional  | Local or Public time server | Time server synchronizes the system clock. |
-| Domain Name System (DNS)   | Any DNS server, such as DNS role on Windows Server | DNS service is required in the local network to resolve Azure Local-disconnected operations endpoints and configure ingress IPs. <br><br> When you run the appliance for disconnected operations in a connected mode, a DNS server is required to resolve Microsoft domain names for logging and telemetry. |
+| Identity      | Active Directory Federation Service (ADFS) on Windows Server 2022. | Lightweight Directory Access Protocol (LDAP) provides group membership and synchronization. <br><br> ADFS authenticates users to the Azure Local portal to manage disconnected operations using Open-ID Connect (OIDC). <br><br> Active Directory (AD) is required for disconnected operations. |
+| Public Key Infrastructure (PKI)   | Private and Public PKIs are supported. <br><br> If you use a public PKI, the certificate revocation list (CRL) endpoints must be reachable from your infrastructure. <br><br> Active Directory Certificate Services (ADCS) validated as a Private PKI solution. | Issue certificates to secure Azure Local disconnected operations endpoints (TLS). |
+| Network Time Protocol (NTP) optional  | Local or Public time server. | Time server synchronizes the system clock. |
+| Domain Name System (DNS)   | Any DNS server, such as DNS role on Windows Server. | DNS service is required in the local network to resolve Azure Local-disconnected operations endpoints and configure ingress IPs. <br><br> When you run the appliance for disconnected operations in a connected mode, a DNS server is required to resolve Microsoft domain names for logging and telemetry. |
 
 For information on deploying and configuring the integration components, refer to:
 
@@ -114,7 +114,7 @@ To participate in the preview, you must meet the following criteria:
 
 - **Enterprise agreement**: A current enterprise agreement with Microsoft, typically covering a period of at least three years.
 
-- **Business needs to operate disconnected**: The disconnected operations feature is for those who can't connect to Azure due to connectivity issues or regulatory restrictions. To be eligible for the preview, you must demonstrate a valid business need for operating disconnected. For more information, see [Why use disconnected operations?](./disconnected-operations-overview.md#why-use-disconnected-operations)
+- **Business needs to operate disconnected**: The disconnected operations feature is for those who can't connect to Azure due to connectivity issues or regulatory restrictions. To be eligible for the preview, you must demonstrate a valid business need for operating disconnected. For more information, see [Why use disconnected operations?](./disconnected-operations-overview.md#why-use-disconnected-operations).
 
 - **Technical prerequisites**: Your organization must meet the technical requirements to ensure secure and reliable operation when operating disconnected for Azure Local. For more information, see [Prerequisites](../manage/disconnected-operations-overview.md#prerequisites).
 

azure-local/manage/virtual-machine-image-azure-marketplace.md

@@ -16,6 +16,8 @@ ms.date: 10/24/2024
 
 This article describes how to create virtual machine (VM) images for Azure Local using source images from Azure Marketplace. You can create VM images using the Azure portal or Azure CLI and then use these VM images to create Arc VMs on Azure Local.
 
+> [!IMPORTANT]
+> The latest updates may take some time to reflect on your VM images as additional validations are performed.
 
 ## Prerequisites