Merge branch 'main' of https://github.com/MicrosoftDocs/visualstudio-docs-pr into deopt

Author: TylerMSFT

.github/workflows/clean-repo.yml

@@ -39,7 +39,7 @@ jobs:
 
       # Create the PR for the work done by the "clean repo" tool
       - name: create-pull-request
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
         with:
           branch: create-cleanrepo-pull-request/patch
           title: "Monthly chores: Automated repo cleanup"

.github/workflows/whats-new.yml

@@ -41,7 +41,7 @@ jobs:
           savefile: './docs/ide/whats-new-visual-studio-docs.md'
 
       - name: create-pull-request
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
         with:
           branch: create-whatsnew-pull-request/patch
           title: "What's new article"

.openpublishing.redirection.json

@@ -128,7 +128,7 @@ The connected service functionality adds all the needed references and connectio
 
 ## Understand authentication
 
-After you run the previous procedure, your app is set up to use authentication to access the storage account. The connection information for this authentication are stored locally, if you chose the *secrets.json* method, or in your Azure key vault.
+After you run the previous procedure, your app is set up to use authentication to access the storage account. The connection information for this authentication are stored locally, if you chose the *secrets.json* method, or in your Azure Key Vault.
 
 If you used the *secrets.json* file, open the file by using the three dots next to **Secrets.json** on the **Connected Services** tab to open a menu, and choose **Manage user secrets**. With Visual Studio 2022 version 17.12 and later, this file contains settings that reference a URI to obtain the secure connection string, rather than the connection string itself.
 

docs/azure/vs-azure-tools-connected-services-storage.md

@@ -101,4 +101,4 @@ If your key vault is running on a different Microsoft account than the one you'r
 
 Learn more about Key Vault development by reading the [Key Vault Developer's Guide](/azure/key-vault/general/developers-guide).
 
-If your goal is to store configuration for an ASP.NET Core app in an Azure key vault, see [Azure Key Vault configuration provider in ASP.NET Core](/aspnet/core/security/key-vault-configuration).
+If your goal is to store configuration for an ASP.NET Core app in an Azure Key Vault, see [Azure Key Vault configuration provider in ASP.NET Core](/aspnet/core/security/key-vault-configuration).

docs/azure/vs-key-vault-add-connected-service.md

@@ -50,3 +50,4 @@ For more information about using SSL with ASP.NET Core apps in containers, see [
 
 For a code sample that demonstrates creating custom certificates for a multi-service app that are trusted on the host and in the containers for HTTPS service-to-service communication, see [CertExample](https://github.com/NCarlsonMSFT/CertExample).
 
+If you plan to deploy your containerized app to Azure, see [Configure HTTPS when deploying containerized applications to Azure](manage-certificates.md).

docs/containers/container-certificate-management.md

@@ -0,0 +1,39 @@
+---
+title: Manage certificates when deploying containerized apps
+author: ghogen
+description: Learn how to set up TLS (SSL) certificates for secure traffic over HTTPS in containerized applications when you deploy to Azure from Visual Studio.
+ms.author: ghogen
+ms.date: 2/19/2025
+ms.subservice: container-tools
+ms.topic: how-to
+---
+# Configure HTTPS when deploying containerized applications to Azure
+
+When you deploy a containerized application, you typically use the HTTPS protocol for encrypted, secure communication. The secure communication is implemented by Transport Layer Security (TLS), which replaces the earlier method using Secure Sockets Layer (SSL). During development, Visual Studio uses a self-signed certificate, sometimes called a *devtest* certificate.  You get a prompt asking you to trust the certificate when you launch the application on your local machine for the first time. This is acceptable for development and testing, but when you deploy to Azure and expose your application on a custom domain, you need to switch to a certificate issued by a Certificate Authority (CA), either Azure or a third-party CA.
+
+## Security for deployment options in Azure
+
+Many Azure services simplify the configuration and management burden by handling certificate management automatically. The configuration and procedure for setting up TLS for containers in Azure depends on the service you deploy to. 
+
+In general, Azure services can support multiple ways of obtaining and storing certificates. You may obtain trusted certificates from Azure's own certificate authority (CA), or you may upload private trusted certificates issued by a third-party CA. You may make use of the service's own certificate store, or you may use Azure Key Vault to store the certificate, along with other secrets.
+
+The following table shows the services and includes links that explain how HTTPS security works when you deploy to these services and how-to guides for managing the certificates.
+
+| Azure Service | Notes |
+| - | - |
+| [Azure App Service](/azure/app-service/overview) | Azure App Service is a suitable deployment service for a single container that provides a default experience that means you get a secure endpoint with a trusted certificate provided by Azure without any additional overhead. For greater control, you can choose from multiple options for obtaining and storing the certificate. You may use your own trusted certificate obtained from a third-party CA instead of the default trusted certificate provided by Azure. Optionally, you can store certificates in Azure Key Vault. See [App Service TLS overview](/azure/app-service/overview-tls). |
+| [Azure Container Apps](/azure/container-apps/overview) | Azure Container Apps is a suitable hosting service for containerized apps using one or more containers. Like Azure App Service, it provides a default experience that uses trusted Azure-provided certificates automatically, but also provides a range of networking architecture options to support different scenarios. See [Networking in Azure Container Apps](/azure/container-apps/networking?tabs=workload-profiles-env%2Cazure-cli).  |
+| [Azure Container Instances](/azure/container-instances/container-instances-overview) | To configure HTTPS public endpoint for a container hosted in Azure Container Instances, see [Enable a TLS endpoint in a sidecar container](/azure/container-instances/container-instances-container-group-ssl). This option minimizes the impact to the container itself. |
+| [Service Fabric](/azure/service-fabric/overview-managed-cluster) | See [Service Fabric application and service security](/azure/service-fabric/service-fabric-application-and-service-security). You typically set up a reverse proxy to handle security for incoming requests. See [Reverse proxy in Azure Service Fabric](/azure/service-fabric/service-fabric-reverseproxy). |
+| [Azure Kubernetes Service (AKS)](/azure/aks/what-is-aks) | See the [guidance](/azure/aks/app-routing-dns-ssl) in the AKS documentation for setting up TLS for an ingress to your cluster. AKS provides the most advanced management capabilities, handling rotation and renewal of certificates with maximum flexibility. |
+
+### Network security options for multiple containers
+
+If your scenario involves multiple containers, you have the option of securing the ingress traffic only (that is, at the externally facing load balancer or reverse proxy), or you can apply secure communications between every container in the application. The latter option provides security for deeper layers of the system, even if there's a breach in the outer layer. Using HTTPS for all container-to-container communication is outside the scope of this article.
+
+For Azure Container Apps, you can configure ingress which uses HTTPS for external callers, and within the network of multiple containers, use HTTP or TCP. For secure communication between containers, you can use mTLS (mutual TLS), which requires certificates on both sides of a request, client and server, or between microservices. See [Ingress in Azure Container Apps](/azure/container-apps/ingress-overview) and [Configure client certificate authentication in Azure Container Apps](/azure/container-apps/client-certificate-authorization).
+
+## Related content
+
+- [Deploy an ASP.NET Core container to Azure App Service using Visual Studio](deploy-app-service.md)
+- [Use SSL for containerized ASP.NET Core apps](container-certificate-management.md)

docs/containers/manage-certificates.md

@@ -48,6 +48,8 @@
       href: container-entry-point.md
     - name: Use SSL for containerized ASP.NET Core apps
       href: container-certificate-management.md
+    - name: Configure HTTPS for Azure deployment
+      href: manage-certificates.md
   - name: Troubleshooting
     href: /troubleshoot/developer/visualstudio/ide/troubleshooting-docker-errors?toc=%2Fvisualstudio%2Fcontainers%2Ftoc.json
   - name: Reference

docs/containers/toc.yml

@@ -1,7 +1,7 @@
 ---
 title: Connect to Access database in .NET Framework apps
 description: Connect to data stored in an Access database (.mdb file or .accdb file) from .NET Framework applications with ADO.NET in Visual Studio.
-ms.date: 05/02/2024
+ms.date: 03/12/2025
 ms.topic: how-to
 helpviewer_keywords:
 - data [Visual Studio], connecting
@@ -20,20 +20,20 @@ ms.subservice: data-tools
 You can connect to an Access database (either an `.mdb` file or an `.accdb` file) by using Visual Studio. After you define the connection, the data appears in the **Data Sources** window. From there, you can drag tables or views onto your design surface.
 
 > [!NOTE]
-> If you're using Visual Studio to connect to Access databases, you will need to be aware that versions of Visual Studio prior to Visual Studio 2022 are all 32-bit processes. This means some of the data tools in Visual Studio 2019 and earlier will only be able to connect to Access databases using 32-bit data providers.
+> If you're using Visual Studio to connect to Access databases, be aware that versions of Visual Studio prior to Visual Studio 2022 are all 32-bit processes. This means some of the data tools in Visual Studio 2019 and earlier can only connect to Access databases using 32-bit data providers.
 >
-> If you're using Visual Studio 2022 to connect to Access databases, you will need to be aware that Visual Studio 2022 is now a 64-bit process. This means some of the data tools in Visual Studio will not be able to connect to Access databases using 32-bit data providers.
+> If you're using Visual Studio 2022 to connect to Access databases, be aware that Visual Studio 2022 is now a 64-bit process. This means some of the data tools in Visual Studio can't connect to Access databases using 32-bit data providers.
 >
-> If you need to maintain 32-bit applications that connect to Access databases, you will still be able to build and run the application with Visual Studio 2022. However, if you need to use any of the Visual Studio Data Tools such as Server Explorer, Data Source Wizard, or the DataSet Designer, you will need to use an earlier version of Visual Studio that is still a 32-bit process. The last version of Visual Studio that was a 32-bit process was Visual Studio 2019.
+> If you need to maintain 32-bit applications that connect to Access databases, you can still build and run the application with Visual Studio 2022. However, if you need to use any of the Visual Studio Data Tools such as Server Explorer, Data Source Wizard, or the DataSet Designer, you need to use an earlier version of Visual Studio that is still a 32-bit process. The last version of Visual Studio that was a 32-bit process was Visual Studio 2019.
 >
-> If you plan on converting the project to be a 64-bit process, it's recommended that you use the 64-bit Microsoft Access database Engine, also called Access Connectivity Engine (ACE). Please see [OLE DB Provider for Jet and ODBC driver are 32-bit versions only](/office/troubleshoot/access/jet-odbc-driver-available-32-bit-version) for more information.
+> If you plan on converting the project to be a 64-bit process, it's recommended that you use the 64-bit Microsoft Access database Engine, also called Access Connectivity Engine (ACE). See [OLE DB Provider for Jet and ODBC driver are 32-bit versions only](/office/troubleshoot/access/jet-odbc-driver-available-32-bit-version).
 
 ## Prerequisites
 
 To use these procedures, you need:
 
 - [Visual Studio](../install/install-visual-studio.md)
-- A Windows Forms or WPF project
+- A Windows Forms or Windows Presentation Foundation (WPF) project
 - Either an Access database (`.accdb` file), or an Access 2000-2003 database (`.mdb` file). Follow the procedure that corresponds to your file type.
 
 :::moniker range=">=vs-2022"
@@ -77,7 +77,7 @@ Connect to databases created with Microsoft 365, Access 2016, Access 2013, Acces
 8. Choose **Browse** next to **Database file name**, and then navigate to your `.accdb` file and choose **Open**.
 
    > [!NOTE]
-   > If the bitness (32-bit or 64-bit) of Microsoft Office and Visual Studio do not match, you will see an error while connecting to an Access database. In Visual Studio 2019, you will get an error that the database provider is not registered. In Visual Studio 2022, you will see an error that you can't connect to a 32-bit data provider. To resolve this error, make sure that if you are using a 32-bit version of Office, you are using Visual Studio 2019 or earlier; for a 64-bit version of Office, you need Visual Studio 2022 or later.
+   > If the bitness (32-bit or 64-bit) of Microsoft Office and Visual Studio do not match, you see an error while connecting to an Access database. In Visual Studio 2019, you get an error that the database provider is not registered. In Visual Studio 2022, you see an error that you can't connect to a 32-bit data provider. To resolve this error, make sure that if you are using a 32-bit version of Office, you are using Visual Studio 2019 or earlier; for a 64-bit version of Office, you need Visual Studio 2022 or later.
 
 9. Enter a user name and password (if necessary), and then choose **OK**.
 
@@ -99,7 +99,7 @@ Connect to databases created with Microsoft 365, Access 2016, Access 2013, Acces
 
     ![Screenshot of Data Sources Window, populated with database objects](media/vs-2022/data-sources-window-populated.png)
 
-14. On 64-bit machines with the 64-bit Access database engine, you need to ensure that the application runs as a 64-bit application. Open the project properties (press **Alt**+**Enter** or right-click on the project node, and select **Properties**). In the **Build** tab, clear the **Prefer 32-bit** checkbox.
+14. On 64-bit machines with the 64-bit Access database engine, you need to ensure that the application runs as a 64-bit application. Open the project properties (press **Alt**+**Enter** or right-click on the project node, and select **Properties**). In the **Build** tab for C#, or the **Compile** tab for Visual Basic, clear the **Prefer 32-bit** checkbox.
 
 The connection string is stored in *app.config*, and in the *Settings.settings* file under **Properties** in Solution Explorer.
 
@@ -144,7 +144,7 @@ Connect to databases created with Microsoft 365, Access 2016, Access 2013, Acces
 8. Choose **Browse** next to **Database file name**, and then navigate to your `.accdb` file and choose **Open**.
 
    > [!NOTE]
-   > If the bitness (32-bit or 64-bit) of Microsoft Office and Visual Studio do not match, you will see an error while connecting to an Access database. In Visual Studio 2019, you will get an error that the database provider is not registered. In Visual Studio 2022, you will see an error that you can't connect to a 32-bit data provider. To resolve this error, make sure that if you are using a 32-bit version of Office, you are using Visual Studio 2019 or earlier; for a 64-bit version of Office, you need Visual Studio 2022 or later.
+   > If the bitness (32-bit or 64-bit) of Microsoft Office and Visual Studio do not match, you see an error while connecting to an Access database. In Visual Studio 2019, you get an error that the database provider is not registered. In Visual Studio 2022, you see an error that you can't connect to a 32-bit data provider. To resolve this error, make sure that if you're using a 32-bit version of Office, you're using Visual Studio 2019 or earlier; for a 64-bit version of Office, you need Visual Studio 2022 or later.
 
 9. Enter a user name and password (if necessary), and then choose **OK**.
 
@@ -206,7 +206,7 @@ Congratulations! With a little help from Visual Studio, you've created a form-ba
 
 ## Next steps
 
-The dataset that you just created is available in the **Data Sources** window. You can now perform any of the following tasks:
+The dataset that you created is available in the **Data Sources** window. You can now perform any of the following tasks:
 
 - Select items in the **Data Sources** window and drag them onto your form or design surface (see [Bind Windows Forms controls to data in Visual Studio](../data-tools/bind-windows-forms-controls-to-data-in-visual-studio.md) or [WPF data binding overview](/dotnet/desktop-wpf/data/data-binding-overview)).