Merge pull request #39304 from github/repo-sync

Repo sync

Author: docs-bot

content/admin/backing-up-and-restoring-your-instance/backup-service-for-github-enterprise-server/configuring-the-backup-service.md

@@ -21,7 +21,7 @@ Before configuring the backup service, ensure you have:
 
 To ensure reliable and performant backups, your storage must meet the following requirements:
 
-* **Capacity:** Allocate at least five times the amount of storage used by your primary {% data variables.product.github %} appliance disk. This accounts for historical snapshots and future growth.
+* **Capacity:** Allocate at least five times the amount of storage used by your primary {% data variables.product.github %} appliance data disk. This accounts for historical snapshots and future growth.
 * **Filesystem support:** The backup service uses hard links for efficient storage, and your {% data variables.product.github %} instance uses symbolic links. The backup target must support both symbolic and hard links, and it must use a case-sensitive filesystem to prevent conflicts.
 
   You can test whether your filesystem supports hardlinking symbolic links by running:

content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md

@@ -23,6 +23,9 @@ redirect_from:
 
 By default, authorized users can access your enterprise's resources from any IP address. You can restrict access to your enterprise's private resources by configuring a list that allows or denies access from specific IP addresses. {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %}
 
+> [!NOTE]
+> If your enterprise uses {% data variables.product.prodname_emus %}, enabling the IP allow list does not restrict user provisioning actions performed through SAML/SCIM, OpenID Connect (OIDC) with Entra ID, or via REST API endpoints. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim).
+
 If your enterprise uses {% data variables.product.prodname_emus %} with Microsoft Entra ID (previously known as Azure AD) and OIDC, you can choose whether to use {% data variables.product.company_short %}'s IP allow list feature or to use the allow list restrictions for your identity provider (IdP). If your enterprise does not use {% data variables.product.prodname_emus %} with Azure and OIDC, you can use {% data variables.product.company_short %}'s allow list feature.
 
 {% data reusables.identity-and-permissions.ip-allow-lists-which-resources-are-protected %}
@@ -56,8 +59,8 @@ To ensure seamless use of the OIDC CAP while still applying the policy to OAuth
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security %}
-1. If you're using {% data variables.product.prodname_emus %} with OIDC, under "IP allow list", select the **IP allow list configuration** dropdown menu and click **GitHub**.
-1. Under "IP allow list", select **Enable IP allow list**.
+1. If you're using {% data variables.product.prodname_emus %} with OIDC, under "IP allow list," select the **IP allow list configuration** dropdown menu and click **GitHub**.
+1. Under "IP allow list," select **Enable IP allow list**.
 1. Click **Save**.
 
 ### Adding an allowed IP address
@@ -119,7 +122,7 @@ To ensure seamless use of the OIDC CAP while still applying the policy to OAuth
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security %}
-1. Under "IP allow list", select the **IP allow list configuration** dropdown menu and click **Identity Provider**.
+1. Under "IP allow list," select the **IP allow list configuration** dropdown menu and click **Identity Provider**.
 1. Optionally, to allow installed {% data variables.product.company_short %} and {% data variables.product.prodname_oauth_apps %} to access your enterprise from any IP address, select **Skip IdP check for applications**.
 1. Click **Save**.