Merge branch 'main' into release-asr-cost-articles

Author: v-alje

articles/app-service/app-service-configure-premium-v4-tier.md

@@ -141,7 +141,7 @@ If your app runs where Premium v4 isn't available (either the deployment or the
 
   When creating the plan, select the desired Premium v4 tier. This ensures the plan is in a deployment unit supporting Premium V4. Then, redeploy your application code to the new app. Even if you scale the new plan down to save costs, you can always scale back up to Premium v4 because the deployment unit supports it.
 
-- Use the **Development tools** > **Clone app** page to create an App Service plan with Premium v4 in your desired region, specifying the app settings and configuration to clone.
+- Use the **Development tools** > **Clone app** page to create an App Service plan with Premium v4 in your desired region, specifying the app settings and configuration to clone. Refer to the [current restrictions](app-service-web-app-cloning.md#current-restrictions) for app cloning.
 
   :::image type="content" source="media/app-service-configure-premium-tier/clone-app.png" alt-text="Screenshot showing how to clone your app.":::
 

articles/artifact-signing/how-to-signing-integrations.md

@@ -146,21 +146,29 @@ To sign by using Artifact Signing, you need to provide the details of your Artif
      "CorrelationId": "<Optional CorrelationId value>"
    }
    ```
+  <sup>1</sup> The optional `"CorrelationId"` field is an opaque string value that you can provide to correlate sign requests with your own workflows, such as build identifiers or machine names.
 
   > [!IMPORTANT]
   > The `"Endpoint"` URI value must match the region where you created your Artifact Signing account **and** the certificate profile. Use one of the region-specific URIs in the table below. A region/endpoint mismatch commonly causes a 403 Forbidden error and an internal `SignerSign()` failure during signing.
 
    | Region       | Region class fields  | Endpoint URI value  |
    |--------------|-----------|------------|
+   | Brazil South | BrazilSouth | `https://brs.codesigning.azure.net` |
+   | Central US  | CentralUS  | `https://cus.codesigning.azure.net` |
    | East US  | EastUS  | `https://eus.codesigning.azure.net` |
-   | West US3 <sup>[1]</sup>   | WestUS3  | `https://wus3.codesigning.azure.net` |
+   | Japan East | JapanEast | `https://jpe.codesigning.azure.net` |
+   | Korea Central | KoreaCentral | `https://krc.codesigning.azure.net` |
+   | North Central US  | NorthCentralUS  | `https://ncus.codesigning.azure.net` |
+   | North Europe   | NorthEurope   | `https://neu.codesigning.azure.net`   |
+   | Poland Central | PolandCentral  | `https://plc.codesigning.azure.net` |
+   | South Central US  | SouthCentralUS  | `https://scus.codesigning.azure.net` |
+   | Switzerland North  | SwitzerlandNorth  | `https://swn.codesigning.azure.net` |
    | West Central US  | WestCentralUS  | `https://wcus.codesigning.azure.net` |
+   | West Europe  | WestEurope   | `https://weu.codesigning.azure.net`   |
+   | West US  | WestUS  | `https://wus.codesigning.azure.net` |
    | West US 2   | WestUS2   | `https://wus2.codesigning.azure.net` |
-   | North Europe   | NorthEurope   | `https://neu.codesigning.azure.net`   |
-   | West Europe   | WestEurope   | `https://weu.codesigning.azure.net`  |
-
-   <sup>1</sup> The optional `"CorrelationId"` field is an opaque string value that you can provide to correlate sign requests with your own workflows, such as build identifiers or machine names.
-
+   | West US 3   | WestUS3   | `https://wus3.codesigning.azure.net` |
+   
 ### Authentication
 
 This Task performs authentication using [DefaultAzureCredential](/dotnet/api/azure.identity.defaultazurecredential), which attempts a series of authentication methods in order. If one method fails, it attempts the next one until authentication is successful.

articles/artifact-signing/quickstart.md

@@ -117,14 +117,23 @@ An Artifact Signing account is a logical container that holds identity validatio
 
 You can create Artifact Signing resources only in Azure regions where the service is currently available. The following table lists the Azure regions that currently support Artifact Signing resources:
 
-| Region                               | Region class fields  | Endpoint URI value                   |
-| :----------------------------------- | :------------------- |:-------------------------------------|
-| East US                              | EastUS               | `https://eus.codesigning.azure.net`  |
-| West US                              | WestUS               | `https://wus.codesigning.azure.net`  |
-| West Central US                      | WestCentralUS        | `https://wcus.codesigning.azure.net` |
-| West US 2                            | WestUS2              | `https://wus2.codesigning.azure.net` |
-| North Europe                         | NorthEurope          | `https://neu.codesigning.azure.net`  |
-| West Europe                          | WestEurope           | `https://weu.codesigning.azure.net`  |
+ | Region            | Region class fields  | Endpoint URI value                   |
+ | :---------------- | :------------------- | :----------------------------------- |
+ | Brazil South      | BrazilSouth          | `https://brs.codesigning.azure.net`  |
+ | Central US        | CentralUS            | `https://cus.codesigning.azure.net`  |
+ | East US           | EastUS               | `https://eus.codesigning.azure.net`  |
+ | Japan East        | JapanEast            | `https://jpe.codesigning.azure.net`  |
+ | Korea Central     | KoreaCentral         | `https://krc.codesigning.azure.net`  |
+ | North Central US  | NorthCentralUS       | `https://ncus.codesigning.azure.net` |
+ | North Europe      | NorthEurope          | `https://neu.codesigning.azure.net`  |
+ | Poland Central    | PolandCentral        | `https://plc.codesigning.azure.net`  |
+ | South Central US  | SouthCentralUS       | `https://scus.codesigning.azure.net` |
+ | Switzerland North | SwitzerlandNorth     | `https://swn.codesigning.azure.net`  |
+ | West Central US   | WestCentralUS        | `https://wcus.codesigning.azure.net` |
+ | West Europe       | WestEurope           | `https://weu.codesigning.azure.net`  |
+ | West US           | WestUS               | `https://wus.codesigning.azure.net`  |
+ | West US 2         | WestUS2              | `https://wus2.codesigning.azure.net` |
+ | West US 3         | WestUS3              | `https://wus3.codesigning.azure.net` |
 
 ### Naming constraints for Artifact Signing accounts
 

articles/azure-app-configuration/concept-enable-rbac.md

@@ -60,5 +60,66 @@ Follow these steps to assign App Configuration Data roles to your credential.
 3. On the **Members** tab, follow the wizard to select the credential you're granting access to and then select **Next**.
 4. Finally, on the **Review + assign** tab, select **Review + assign** to assign the role.
 
+## Configuring cloud-specific audience for Entra ID authentication
+
+When using Entra ID and the following Azure App Configuration libraries in clouds other than Azure cloud, Azure Government, and Microsoft Azure operated by 21Vianet, an appropriate Entra ID audience must be configured to enable authentication.
+
+### [.NET](#tab/dotnet)
+
+The Audience for the target cloud must be configured for the following packages.
+
+- Azure SDK for .NET: Azure.Data.AppConfiguration >= 1.6.0
+- .NET configuration provider: Microsoft.Extensions.Configuration.AzureAppConfiguration >= 8.2.0
+
+In the **Azure SDK for .NET**, audience is configured by utilizing the following API calls:
+
+* The ConfigurationClient constructor [accepts ConfigurationClientOptions](/dotnet/api/azure.data.appconfiguration.configurationclient.-ctor#azure-data-appconfiguration-configurationclient-ctor(system-uri-azure-core-tokencredential-azure-data-appconfiguration-configurationclientoptions))
+* ConfigurationClientOptions allows [Audience](/dotnet/api/azure.data.appconfiguration.configurationclientoptions.audience#azure-data-appconfiguration-configurationclientoptions-audience) to be set
+
+The following code snippet demonstrates how to instantiate a configuration client with a cloud-specific audience.
+
+```
+var configurationClient = new ConfigurationClient(
+    myStoreEndpoint,
+    new DefaultAzureCredential(),
+    new ConfigurationClientOptions
+    {
+        Audience = "{Cloud specific audience here}"
+    });
+```
+
+In the **.NET configuration provider**, audience is configured by utilizing the following API calls:
+
+* AzureAppConfigurationOptions exposes a [ConfigureClientOptions](/dotnet/api/microsoft.extensions.configuration.azureappconfiguration.azureappconfigurationoptions.configureclientoptions#microsoft-extensions-configuration-azureappconfiguration-azureappconfigurationoptions-configureclientoptions(system-action((azure-data-appconfiguration-configurationclientoptions)))) method
+
+The following code snippet demonstrates how to add the Azure App Configuration provider into a .NET application with a cloud-specific audience.
+
+```
+builder.AddAzureAppConfiguration(o =>
+    {
+        o.Connect(
+            myStoreEndpoint,
+            new DefaultAzureCredential());
+
+        o.ConfigureClientOptions(clientOptions => clientOptions.Audience = "{Cloud specific audience here}");
+    });
+```
+
+---
+
+### Audience
+
+For Azure App Configuration in the global Azure cloud, use the following audience: 
+
+`https://appconfig.azure.com`
+
+For Azure App Configuration in the national clouds, use the applicable audience specified in the table below:
+
+| **National cloud**                   | **Audience**                        |
+| ------------------------------------ | ----------------------------------- |
+| Azure Government                     | `https://appconfig.azure.us`        |
+| Microsoft Azure operated by 21Vianet | `https://appconfig.azure.cn`        |
+| Bleu                                 | `https://appconfig.sovcloud-api.fr` |
+
 ## Next steps
 Learn how to [use managed identities to access your App Configuration store](howto-integrate-azure-managed-service-identity.md).

articles/azure-app-configuration/configuration-provider-overview.md

@@ -72,7 +72,7 @@ Snapshots | [GA](./reference-dotnet-provider.md#snapshot) | GA | GA | WIP | [GA]
 Distributed Tracing | [GA](./reference-dotnet-provider.md#distributed-tracing) | WIP | WIP | WIP | WIP | N/A
 Health Check | [GA](./reference-dotnet-provider.md#health-check) | GA | WIP | WIP | WIP | N/A 
 Select by Tag Filters | [GA](./reference-dotnet-provider.md#load-specific-key-values-using-selectors) | WIP | GA | GA | [GA](./reference-javascript-provider.md#tag-filters) | [GA](./reference-go-provider.md#tag-filters)
-Snapshot Reference | [GA](./reference-dotnet-provider.md#snapshot-reference) | WIP | WIP | WIP | WIP | WIP
+Snapshot Reference | [GA](./reference-dotnet-provider.md#snapshot-reference) | WIP | WIP | WIP | [GA](./reference-javascript-provider.md#snapshot-reference) | WIP
 Load from Azure Front Door | [Preview](./reference-dotnet-provider.md#connect-to-azure-front-door) | WIP | WIP | WIP | [Preview](./reference-javascript-provider.md#connect-to-azure-front-door)  | WIP
 
 

articles/azure-app-configuration/reference-dotnet-provider.md

@@ -651,6 +651,8 @@ For information about using snapshots, go to [Create and use snapshots](./howto-
 
 A snapshot reference is a configuration setting that references a snapshot in the same App Configuration store. When loaded, the provider resolves it and adds all key-values from that snapshot. Using snapshot references enables switching between snapshots at runtime, unlike `SelectSnapshot("...")`, which requires code changes and/or restarts to switch to a new snapshot.
 
+For more information about creating a snapshot reference, go to [snapshot reference concept](./concept-snapshot-references.md).
+
 > [!NOTE] 
 > To use snapshot references, use the version *8.4.0* or later of `Microsoft.Extensions.Configuration.AzureAppConfiguration`.
 

articles/azure-app-configuration/reference-javascript-provider.md

@@ -461,6 +461,15 @@ const appConfig = await load(endpoint, credential, {
 });
 ```
 
+### Snapshot reference
+
+A snapshot reference is a configuration setting that references a snapshot in the same App Configuration store. When loaded, the provider resolves it and adds all key-values from that snapshot. Using snapshot references enables switching between snapshots at runtime, unlike adding a snapshot selector, which requires code changes and/or restarts to switch to a new snapshot.
+
+For more information about creating a snapshot reference, go to [snapshot reference concept](./concept-snapshot-references.md).
+
+> [!NOTE] 
+> To use snapshot references, use the version *2.3.0* or later of `@azure/app-configuration-provider`.
+
 ## Startup retry
 
 Configuration loading is a critical path operation during application startup. To ensure reliability, the Azure App Configuration provider implements a robust retry mechanism during the initial configuration load. This helps protect your application from transient network issues that might otherwise prevent successful startup.

articles/azure-app-configuration/rest-api-authentication-azure-ad.md

@@ -39,17 +39,7 @@ Before acquiring a Microsoft Entra token, you must identify what user you want t
 
 Request the Microsoft Entra token with a proper audience. The audience can also be referred to as the *resource* that the token is being requested for.
 
-For Azure App Configuration in the global Azure cloud, use the following audience: 
-
-`https://appconfig.azure.com`
-
-For Azure App Configuration in the national clouds, use the applicable audience specified in the table below:
-
-| **National cloud**                   | **Audience**                        |
-| ------------------------------------ | ----------------------------------- |
-| Azure Government                     | `https://appconfig.azure.us`        |
-| Microsoft Azure operated by 21Vianet | `https://appconfig.azure.cn`        |
-| Bleu                                 | `https://appconfig.sovcloud-api.fr` |
+For details on which audience to use for which cloud, refer to the [audience section of the  Entra ID access overview](./concept-enable-rbac.md#audience).
 
 <a name='azure-ad-authority'></a>
 

articles/backup/azure-file-share-backup-overview.md

@@ -16,7 +16,7 @@ ms.author: v-mallicka
 
 Azure Files backup is a native cloud solution that protects your data and eliminates on-premises maintenance overheads. Azure Backup integrates with Azure File Sync, centralizing your File Share data and backups. The secure, managed backup solution supports **snapshot** and **vaulted** backups to protect your enterprise File Shares, ensuring data recovery from accidental or malicious deletion.
 
-Azure Backup now offers general availability of Vaulted Backup for Azure Files (Standard tier), enabling secure, long-term protection with ransomware defense, cross-region recovery, and compliance-ready retention—all managed through a unified backup policy. For more insights, see the [Microsoft Community Hub blog](https://techcommunity.microsoft.com/blog/azurestorageblog/general-availability-vaulted-backup-for-azure-files---boost-your-data-security-a/4395344). To know the latest product enhancements and feature updates in Azure, see [Microsoft Azure Updates](https://azure.microsoft.com/updates?id=482659).
+Azure Backup now offers general availability of Vaulted Backup for Azure Files, enabling secure, long-term protection with ransomware defense, cross-region recovery, and compliance-ready retention—all managed through a unified backup policy. For more insights, see the [Microsoft Community Hub blog](https://techcommunity.microsoft.com/blog/azurestorageblog/general-availability-vaulted-backup-for-azure-files---boost-your-data-security-a/4395344). To know the latest product enhancements and feature updates in Azure, see [Microsoft Azure Updates](https://azure.microsoft.com/updates?id=482659).
 
 ## Key benefits of Azure Files backup
 

articles/baremetal-infrastructure/workloads/nc2-on-azure/available-regions-skus.md

@@ -48,10 +48,10 @@ When planning your NC2 on Azure design, use the following table to understand wh
 | Germany West Central | AN36P, AN64 |
 | Japan East | AN36P |
 | North Central US | AN36P, AN64 |
-| Qatar Central | AN36P |
+| Qatar Central | AN36P, AN64 |
 | Southeast Asia | AN36P |
 | South India | AN36P |
-| UAE North | AN36P |
+| UAE North | AN36P, AN64 |
 | UK South | AN36P, AN64 |
 | West Europe | AN36P |
 | West US 2 | AN36 |