MicrosoftDocs
diff --git a/‎azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md
Lines changed: 17 additions & 13 deletions b/‎azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md
Lines changed: 17 additions & 13 deletions
diff --git a/‎azure-sql/database/active-geo-replication-overview.md
Lines changed: 41 additions & 46 deletions b/‎azure-sql/database/active-geo-replication-overview.md
Lines changed: 41 additions & 46 deletions
diff --git a/‎azure-sql/database/authentication-azure-ad-only-authentication-policy-how-to.md
Lines changed: 22 additions & 26 deletions b/‎azure-sql/database/authentication-azure-ad-only-authentication-policy-how-to.md
Lines changed: 22 additions & 26 deletions
diff --git a/‎azure-sql/database/azure-sql-dotnet-entity-framework-core-quickstart.md
Lines changed: 13 additions & 15 deletions b/‎azure-sql/database/azure-sql-dotnet-entity-framework-core-quickstart.md
Lines changed: 13 additions & 15 deletions
diff --git a/‎azure-sql/database/azure-sql-dotnet-quickstart.md
Lines changed: 20 additions & 23 deletions b/‎azure-sql/database/azure-sql-dotnet-quickstart.md
Lines changed: 20 additions & 23 deletions
@@ -5,7 +5,7 @@ description: This article guides you through using Azure Policy to enforce Micro
 author: VanMSFT
 ms.author: vanto
 ms.reviewer: wiassaf, vanto, mathoma
-ms.date: 06/30/2025
+ms.date: 08/07/2025
 ms.service: azure-sql
 ms.subservice: security
 ms.topic: how-to
@@ -19,12 +19,12 @@ monikerRange: "=azuresql || =azuresql-db || =azuresql-mi"
 This article guides you through creating an Azure Policy that would enforce Microsoft Entra-only authentication when users create an Azure SQL Managed Instance, or a [logical server](logical-servers.md) for Azure SQL Database. To learn more about Microsoft Entra-only authentication during resource creation, see [Create server with Microsoft Entra-only authentication enabled in Azure SQL](authentication-azure-ad-only-authentication-create-server.md).
 
 > [!NOTE]
-> Although Azure Active Directory (Azure AD) has been [renamed to Microsoft Entra ID](/entra/fundamentals/new-name), Microsoft Entra-only and Azure AD-only authentication are used interchangeably in this article.
+> Azure Active Directory (Azure AD) has been [renamed to Microsoft Entra ID](/entra/fundamentals/new-name).
 
 In this article, you learn how to:
 
 > [!div class="checklist"]
-> - Create an Azure Policy that enforces logical server or managed instance creation with [Microsoft Entra-only authentication](authentication-azure-ad-only-authentication.md) enabled
+> - Create an Azure Policy that enforces logical server or managed instance creation with [Microsoft Entra-only authentication with Azure SQL](authentication-azure-ad-only-authentication.md) enabled
 > - Check Azure Policy compliance
 
 ## Prerequisite
@@ -40,41 +40,38 @@ Start off by creating an Azure Policy enforcing SQL Database or SQL Managed Inst
 1. Under the Authoring settings, select **Definitions**.
 1. In the **Search** box, search for *Microsoft Entra-only authentication*.
 
-   There are a few built-in policies available to enforce Microsoft Entra-only authentication. Look for the one available for your service:
-
-   - Azure SQL Database should have Microsoft Entra-only Authentication enabled
-   - Azure SQL Managed Instance should have Microsoft Entra-only Authentication enabled
+    There are a few built-in policies available to enforce Microsoft Entra-only authentication. Look for the one available for your service:
+    
+    - Azure SQL Database should have Microsoft Entra-only Authentication enabled
+    - Azure SQL Managed Instance should have Microsoft Entra-only Authentication enabled
 
 1. Select the policy name for your service. In this example, we'll use Azure SQL Database. Select **Azure SQL Database should have Microsoft Entra-only authentication enabled**.
 1. Select **Assign policy** in the new menu.
 
-   > [!NOTE]
-   > The JSON script in the menu shows the built-in policy definition that can be used as a template to build a custom Azure Policy for SQL Database. The default is set to `Audit`.
-
-   :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/assign-policy-azure-ad-only-authentication.png" alt-text="Screenshot of assigning Azure Policy for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/assign-policy-azure-ad-only-authentication.png":::
-
+    > [!NOTE]
+    > The JSON script in the menu shows the built-in policy definition that can be used as a template to build a custom Azure Policy for SQL Database. The default is set to `Audit`.
+    
+    :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/assign-policy-azure-ad-only-authentication.png" alt-text="Screenshot of assigning Azure Policy for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/assign-policy-azure-ad-only-authentication.png":::
+    
 1. In the **Basics** tab, add a **Scope** by using the selector (**...**) on the side of the box.
 1. In the **Scope** pane, select your **Subscription** from the dropdown list menu, and select a **Resource Group** for this policy. Once you're done, use the **Select** button to save the selection.
 
-   > [!NOTE]
-   > If you don't select a resource group, the policy applies to the whole subscription.
-
-   :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/adding-scope-policy-azure-ad-only-authentication.png" alt-text="Screenshot of adding Azure Policy scope for Microsoft Entra-only authentication.":::
-
+    > [!NOTE]
+    > If you don't select a resource group, the policy applies to the whole subscription.
+    
+    :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/adding-scope-policy-azure-ad-only-authentication.png" alt-text="Screenshot of adding Azure Policy scope for Microsoft Entra-only authentication.":::
+    
 1. Once you're back on the **Basics** tab, customize the **Assignment name** and provide an optional **Description**. Make sure the **Policy enforcement** is **Enabled**.
 1. Go over to the **Parameters** tab. Unselect the option **Only show parameters that require input**.
 1. Under **Effect**, select **Deny**. This setting prevents creating a logical server without Microsoft Entra-only authentication enabled.
 
-   :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/deny-policy-azure-ad-only-authentication.png" alt-text="Screenshot of  Azure Policy effect parameter for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/deny-policy-azure-ad-only-authentication.png":::
+   :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/deny-policy-azure-ad-only-authentication.png" alt-text="Screenshot of Azure Policy effect parameter for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/deny-policy-azure-ad-only-authentication.png":::
 
 1. In the **Non-compliance messages** tab, you can customize the policy message that displays if a violation of the policy has occurred. The message will let users know what policy was enforced during server creation.
 
-   :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/non-compliance-message-policy-azure-ad-only-authentication.png" alt-text="Screenshot of Azure Policy noncompliance message for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/non-compliance-message-policy-azure-ad-only-authentication.png":::
-
-1. Select **Review + create**. Review the policy and select the **Create** button.
-
-> [!NOTE]
-> It can take some time for the newly created policy to be enforced.
+    :::image type="content" source="media/authentication-azure-ad-only-authentication-policy-how-to/non-compliance-message-policy-azure-ad-only-authentication.png" alt-text="Screenshot of Azure Policy noncompliance message for Microsoft Entra-only authentication." lightbox="media/authentication-azure-ad-only-authentication-policy-how-to/non-compliance-message-policy-azure-ad-only-authentication.png":::
+    
+1. Select **Review + create**. Review the policy and select the **Create** button. It can take some time for the newly created policy to be enforced.
 
 ## Check policy compliance
 
@@ -86,8 +83,7 @@ Once the logical server is created with Microsoft Entra-only authentication, the
 
 If the resource group that the policy was chosen to cover contains already created servers, the policy report will indicate those resources that are compliant and noncompliant.
 
-> [!NOTE]
-> Updating the compliance report can take some time. Changes related to resource creation or Microsoft Entra-only authentication settings aren't reported immediately.
+Updating the compliance report can take some time. Changes related to resource creation or Microsoft Entra-only authentication settings aren't reported immediately.
 
 ## Provision a server
 
 
@@ -4,15 +4,15 @@ description: Learn how to connect to a database in Azure SQL Database and query
 author: WilliamDAssafMSFT
 ms.author: wiassaf
 ms.reviewer: alexwolf, mathoma, vanto, randolphwest
-ms.date: 04/10/2025
+ms.date: 08/07/2025
 ms.service: azure-sql-database
 ms.subservice: security
 ms.topic: quickstart
-monikerRange: "=azuresql || =azuresql-db"
 ms.custom:
   - passwordless-dotnet
   - sfi-image-nochange
   - sfi-ropc-nochange
+monikerRange: "=azuresql || =azuresql-db"
 ---
 
 # Connect to and query Azure SQL Database using .NET and Entity Framework Core
@@ -219,7 +219,7 @@ To update the database schema to match your data model using Entity Framework Co
 
    ---
 
-3. A `Migrations` folder should appear in your project directory, along with a file called `InitialCreate` with unique numbers prepended. Run the migration to create the database using the following command:
+3. A `Migrations` folder should appear in your project directory, along with a file called `InitialCreate` with unique numbers prepended. Run the migration to create the database using the following command, and the Entity Framework Core tooling creates the database schema in Azure defined by the `PersonDbContext` class.
 
    ## [Visual Studio](#tab/visual-studio)
 
@@ -235,8 +235,6 @@ To update the database schema to match your data model using Entity Framework Co
 
    ---
 
-   The Entity Framework Core tooling creates the database schema in Azure defined by the `PersonDbContext` class.
-
 ## Test the app locally
 
 The app is ready to be tested locally. Make sure you're signed in to Visual Studio or the Azure CLI with the same account you set as the admin for your database.
@@ -247,9 +245,9 @@ The app is ready to be tested locally. Make sure you're signed in to Visual Stud
 
 1. Modify the sample JSON to include values for the first name and family name. Select **Execute** to add a new record to the database. The API returns a successful response.
 
-   :::image type="content" source="media/passwordless-connections/api-testing-small.png" alt-text="Screenshot showing how to test the API." lightbox="media/passwordless-connections/api-testing.png":::
+   :::image type="content" source="media/azure-sql-dotnet-entity-framework-core-quickstart/api-testing-small.png" alt-text="Screenshot showing how to test the API." lightbox="media/azure-sql-dotnet-entity-framework-core-quickstart/api-testing.png":::
 
-1. Expand the **GET** method on the Swagger UI page and select **Try it**. Select **Execute**, and the person you just created is returned.
+1. Expand the `GET` method on the Swagger UI page and select **Try it**. Select **Execute**, and the person you just created is returned.
 
 ## Deploy to Azure App Service
 
@@ -261,13 +259,13 @@ The app is ready to be deployed to Azure. Visual Studio can create an Azure App
 1. For the specific target, select **Azure App Service (Windows)**, and then select **Next**.
 1. Select the green **+** icon to create a new App Service to deploy to and enter the following values:
 
-   - **Name**: Leave the default value.
-   - **Subscription name**: Select the subscription to deploy to.
-   - **Resource group**: Select **New** and create a new resource group called *msdocs-dotnet-sql*.
-   - **Hosting Plan**: Select **New** to open the hosting plan dialog. Leave the default values and select **OK**.
-   - Select **Create** to close the original dialog. Visual Studio creates the App Service resource in Azure.
-
-     :::image type="content" source="media/passwordless-connections/create-app-service-small.png" alt-text="Screenshot showing how to deploy with Visual Studio." lightbox="media/passwordless-connections/create-app-service.png":::
+    - **Name**: Leave the default value.
+    - **Subscription name**: Select the subscription to deploy to.
+    - **Resource group**: Select **New** and create a new resource group called *msdocs-dotnet-sql*.
+    - **Hosting Plan**: Select **New** to open the hosting plan dialog. Leave the default values and select **OK**.
+    - Select **Create** to close the original dialog. Visual Studio creates the App Service resource in Azure.
+    
+    :::image type="content" source="media/azure-sql-dotnet-entity-framework-core-quickstart/create-app-service-small.png" alt-text="Screenshot showing how to deploy with Visual Studio." lightbox="media/azure-sql-dotnet-entity-framework-core-quickstart/create-app-service.png":::
 
 1. Once the resource is created, make sure you select in the list of app services, and then select **Next**.
 
@@ -341,7 +339,7 @@ The Azure portal allows you to work with managed identities and run queries agai
    GO
    ```
 
-   :::image type="content" source="media/passwordless-connections/query-editor-small.png" alt-text="Screenshot showing how to use the Azure Query editor." lightbox="media/passwordless-connections/query-editor.png":::
+   :::image type="content" source="media/azure-sql-dotnet-entity-framework-core-quickstart/query-editor-small.png" alt-text="Screenshot showing how to use the Azure Query editor." lightbox="media/azure-sql-dotnet-entity-framework-core-quickstart/query-editor.png":::
 
    This SQL script creates a SQL database user that maps back to the managed identity of your App Service instance. It also assigns the necessary SQL roles to the user to allow your app to read, write, and modify the data and schema of your database. After this step is completed, your services are connected.
 
 
@@ -1,17 +1,17 @@
 ---
-title: Connect to and query Azure SQL Database using .NET and the Microsoft.Data.SqlClient library
+title: "Connect to and Query Azure SQL Database Using .NET and the Microsoft.Data.SqlClient Library"
 description: Learn how to connect to a database in Azure SQL Database and query data using .NET
 author: WilliamDAssafMSFT
 ms.author: wiassaf
 ms.reviewer: alexwolf, mathoma, vanto
-ms.date: 09/17/2024
+ms.date: 08/07/2025
 ms.service: azure-sql-database
 ms.subservice: security
 ms.topic: quickstart
-monikerRange: "=azuresql || =azuresql-db"
 ms.custom:
   - passwordless-dotnet
   - sfi-ropc-nochange
+monikerRange: "=azuresql || =azuresql-db"
 ---
 
 # Connect to and query Azure SQL Database using .NET and the Microsoft.Data.SqlClient library
@@ -123,8 +123,8 @@ Replace the contents of the `Program.cs` file with the following code, which per
 
 - Retrieves the passwordless connection string from `appsettings.json`
 - Creates a `Persons` table in the database during startup (for testing scenarios only)
-- Creates an HTTP GET endpoint to retrieve all records stored in the `Persons` table
-- Creates an HTTP POST endpoint to add new records to the `Persons` table
+- Creates an `HTTP GET` endpoint to retrieve all records stored in the `Persons` table
+- Creates an `HTTP` POST endpoint to add new records to the `Persons` table
 
 ```csharp
 using Microsoft.Data.SqlClient;
@@ -226,9 +226,9 @@ The app is ready to be tested locally. Make sure you're signed in to Visual Stud
 
 1) Modify the sample JSON to include values for the `first` and `last` name. Select **Execute** to add a new record to the database. The API returns a successful response.
 
-    :::image type="content" source="media/passwordless-connections/api-testing-small.png" alt-text="Screenshot showing how to test the API." lightbox="media/passwordless-connections/api-testing.png":::
+   :::image type="content" source="media/azure-sql-dotnet-quickstart/api-testing-small.png" alt-text="Screenshot showing how to test the API." lightbox="media/azure-sql-dotnet-quickstart/api-testing.png":::
 
-1) Expand the **GET** method on the Swagger UI page and select **Try it**. Choose **Execute**, and the person you just created is returned.
+1) Expand the `GET` method on the Swagger UI page and select **Try it**. Choose **Execute**, and the person you just created is returned.
 
 ## Deploy to Azure App Service
 
@@ -240,18 +240,17 @@ The app is ready to be deployed to Azure. Visual Studio can create an Azure App
 1. For the specific target, select **Azure App Service (Windows)**, and then select **Next**.
 1. Select the **+** icon to create a new App Service to deploy to and enter the following values:
 
-    * **Name**: Leave the default value.
-    * **Subscription name**: Select the subscription to deploy to.
-    * **Resource group**: Select **New** and create a new resource group called *msdocs-dotnet-sql*.
-    * **Hosting Plan**: Select **New** to open the hosting plan dialog. Leave the default values and select **OK**.
-    * Select **Create** to close the original dialog. Visual Studio creates the App Service resource in Azure.
+    - **Name**: Leave the default value.
+    - **Subscription name**: Select the subscription to deploy to.
+    - **Resource group**: Select **New** and create a new resource group called *msdocs-dotnet-sql*.
+    - **Hosting Plan**: Select **New** to open the hosting plan dialog. Leave the default values and select **OK**.
+    - Select **Create** to close the original dialog. Visual Studio creates the App Service resource in Azure.
 
-        :::image type="content" source="media/passwordless-connections/create-app-service-small.png" alt-text="Screenshot showing how to deploy with Visual Studio." lightbox="media/passwordless-connections/create-app-service.png":::
+   :::image type="content" source="media/azure-sql-dotnet-quickstart/create-app-service-small.png" alt-text="Screenshot showing how to deploy with Visual Studio." lightbox="media/azure-sql-dotnet-quickstart/create-app-service.png":::
 
 1. Once the resource is created, make sure it's selected in the list of app services, and then select **Next**.
 1. On the **API Management** step, select the **Skip this step** checkbox at the bottom and then choose **Finish**.
 1. On the Finish step, select **Close** if the dialog doesn't close automatically.
-
 1. Select **Publish** in the upper right of the publishing profile summary to deploy the app to Azure.
 
 When the deployment finishes, Visual Studio launches the browser to display the hosted app, but at this point the app doesn't work correctly on Azure. You still need to configure the secure connection between the App Service and the SQL database to retrieve your data.
@@ -270,19 +269,17 @@ When the deployment finishes, Visual Studio launches the browser to display the
 
 ## Test the deployed application
 
-1) Select the **Browse** button at the top of App Service overview page to launch the root url of your app.
-
-2) Append the `/swagger/index.html` path to the URL to load the same Swagger test page you used locally.
-
-3) Execute test GET and POST requests to verify that the endpoints work as expected.
-
-> [!TIP]  
-> If you receive a 500 Internal Server error while testing, it might be due to your database networking configurations. Verify that your logical server is configured with the settings outlined in the [Configure the database](/azure/azure-sql/database/azure-sql-dotnet-quickstart#configure-the-database) section.
+1. Select the **Browse** button at the top of App Service overview page to launch the root url of your app.
+1. Append the `/swagger/index.html` path to the URL to load the same Swagger test page you used locally.
+1. Execute test `GET` and POST requests to verify that the endpoints work as expected.
 
+    > [!TIP]  
+    > If you receive a 500 Internal Server error while testing, it might be due to your database networking configurations. Verify that your logical server is configured with the settings outlined in the [Configure the database](/azure/azure-sql/database/azure-sql-dotnet-quickstart#configure-the-database) section.
+    
 Your application is now connected to Azure SQL Database in both local and hosted environments.
 
 [!INCLUDE [passwordless-resource-cleanup](../includes/passwordless-resource-cleanup.md)]
 
 ## Related content
 
-- [Quickstart: Create an Azure SQL Database single database](single-database-create-quickstart.md)
+- [Quickstart: Create a single database - Azure SQL Database](single-database-create-quickstart.md)