Merge pull request #306770 from fauhse/ga

Massive set of changes to get ready for GA.

Author: denrea

articles/storage-discovery/TOC.yml

@@ -8,10 +8,10 @@ items:
   expanded: true
 - name: Concepts
   items:
-  - name: Management components
-    href: management-components.md
   - name: Planning for deployment
     href: deployment-planning.md
+  - name: Management components
+    href: management-components.md  
   - name: Pricing
     href: pricing.md
   - name: Reliability
@@ -32,6 +32,8 @@ items:
     items:
     - name: Get Started on Storage Discovery reports
       href: get-started-reports.md
+    - name: Access your insights through Azure Copilot
+      href: /azure/copilot/discover-storage-estate-insights?toc=/azure/storage-discovery/toc.json
   - name: Manage
     items:
     - name: Move resources to other locations in Azure

articles/storage-discovery/create-workspace-bicep.md

@@ -65,7 +65,7 @@ The template lists [Discovery workspace properties](/azure/templates/microsoft.s
 
 | Name             | Description |
 |------------------|-------------|
-|`workspaceRoots`  | The workspace root designates the storage resources to get insights for. This `string[]` can contain subscription URIs, resource group URIs, or individual storage account resource URIs. You may mix and match these resource types in the array. The identity under which you deploy this template [must have permissions](deployment-planning.md#permissions-to-your-storage-resources) to all resources you list at the time of deployment. Alternatively, you may also provide a single tenant URI in this array. All storage resources under the tenant are then covered by this workspace. When choosing this option, you must not provide any other resource URIs. |
+|`workspaceRoots`  | The workspace root designates the storage resources to get insights for. This `string[]` can contain a combination of subscription IDs and resource group IDs. You may mix and match these resource types. The identity under which you deploy this template [must have permissions](deployment-planning.md#permissions-to-your-storage-resources) to all resources you list at the time of deployment. Alternatively, you may also provide a single tenant URI in this array. All storage resources under the tenant are then covered by this workspace. When choosing this option, you must not provide any other resource IDs. |
 |`scopes`          | You can create several scopes in a workspace. A scope allows you to filter the storage resources the workspace covers and obtain different reports for each of these scopes. Filtering is based on ARM resource tags on your storage resources. This property expects a `JSON` object containing sections for `tag key name` : `value` combinations or `tag key names` only. When your storage resources have matching ARM resource tags, they're included in this scope.|
 
 Here's an example of the `JSON` structure defining a single scope in a Discovery workspace.

articles/storage-discovery/create-workspace.md

@@ -3,16 +3,15 @@ title: Create and manage an Azure Storage Discovery Workspace
 titleSuffix: Azure Storage Discovery
 description: Learn how to create an Azure Storage Discovery Workspace.
 author: fauhse
-
 ms.service: azure-storage-discovery
-ms.topic: overview
-ms.date: 07/22/2025
+ms.topic: how-to
+ms.date: 10/09/2025
 ms.author: fauhse
 ---
 
-# Create and manage a storage discovery preview workspace
+# Deploy the Azure Storage Discovery service
 
-The Azure Storage Discovery workspace is a central resource within the Azure Storage Discovery (preview) platform. A discovery workspace is designed to help users manage and visualize storage data across various scopes such as tenants, subscriptions, and resource groups.
+To deploy the Azure Storage Discovery service, you need to create a Discovery workspace resource in one of your resource groups. With this resource, you define which storage resources you want to cover across your Microsoft Entra tenant and how you want to segment reporting for them. The workspace offers prebuilt reports in the Azure portal that you can use to retrieve the insights you need about your storage resources.
 
 Follow the steps in this article to create an Azure Storage Discovery workspace resource.
 
@@ -24,7 +23,7 @@ You can create a storage discovery workspace using the Azure portal, Azure Power
 
 Create an Azure Storage Discovery Workspace resource in the Azure portal by selecting **Create** as shown in the following image.
 
-:::image source="media/create-workspace/create-resource-sml.png" alt-text="Screenshot of the Create ASDW page."  lightbox="media/create-workspace/create-resource.png":::
+:::image source="media/create-workspace/create-resource-sml.png" alt-text="Screenshot of the Create workspace page."  lightbox="media/create-workspace/create-resource.png":::
 
 Choose the **Subscription** and **Resource group** in which to create the discovery workspace. The following table describes each element.
 
@@ -46,7 +45,7 @@ Select the subscriptions and/or resource groups you want to include in the works
 
 > [!NOTE]
 > - Ensure that the user or service principal deploying the workspace is granted at least **Reader** access to each specified root.
-> - Up to 100 resources - subscriptions and/or resource groups can be included in one ASDW.
+> - Up to 100 resources - subscriptions and/or resource groups can be included in one workspace.
 
 :::image source="media/create-workspace/workspace-roots-checks-sml.png" alt-text="Screenshot of the workspaceRoots."  lightbox="media/create-workspace/workspace-roots-checks.png":::
 
@@ -64,7 +63,7 @@ Scopes are logical groupings of storage accounts within the defined workspaceRoo
 > [!IMPORTANT]
 > A **default Scope** is added automatically, which includes all storage accounts within subscriptions or resource groups added in the **workspaceRoots**.
 
-Add tags on the ASDW resource, if needed, and select **Review and Create**. You aren't able to deploy the resource until an access validation is complete. If the check for the workspaceRoots resources isn't complete, a message is displayed.
+You can optionally add tags to this workspace resource. Then select **Review and Create**. If the access validation is still running, you can't create the workspace resource yet. Wait for this check to finish, correct any issues, then confirm by selecting **Create**.
 
 :::image source="media/create-workspace/access-check-sml.png" alt-text="Screenshot of access checks running."  lightbox="media/create-workspace/access-check.png":::
 
@@ -126,8 +125,8 @@ az storage-discovery workspace create \
 | resource-group | The resource group where the workspace is created. |
 | name | The name of the workspace. |
 | location | Azure region for deployment. |
-| workspace-roots | Defines the root scope (subscriptions/resource groups) for discovery. |
-| scopes | Logical groupings of storage accounts to analyze. |
+| workspace-roots | The workspace root designates the storage resources to get insights for. This `string[]` can contain a combination of subscription IDs and resource group IDs. You may mix and match these resource types. The identity under which you deploy the workspace [must have permissions](deployment-planning.md#permissions-to-your-storage-resources) to all resources you list at the time of deployment. Alternatively, you may also provide a single tenant ID in this array. All storage resources under the tenant are then covered by this workspace. When choosing this option, you must not provide any other resource IDs. |
+| scopes | You can create several scopes in a workspace. A scope allows you to filter the storage resources the workspace covers and obtain different reports for each of these scopes. Filtering is based on ARM resource tags on your storage resources. This property expects a `JSON` object containing sections for `tag key name` : `value` combinations or `tag key names` only. When your storage resources have matching ARM resource tags, they're included in this scope. |
 | sku | Pricing tier (Free or Standard). |
 
 #### Optional parameters

articles/storage-discovery/deployment-planning.md

@@ -3,9 +3,9 @@ title: Planning for an Azure Storage Discovery deployment
 titleSuffix: Azure Storage Discovery
 description: Considerations and best-practices for deploying the Azure Storage Discovery service
 author: fauhse
-ms.service: azure-storage-mover
+ms.service: azure-storage-discovery
 ms.topic: overview
-ms.date: 08/01/2025
+ms.date: 10/09/2025
 ms.author: fauhse
 ---
 
@@ -65,9 +65,6 @@ Since you can only configure a limited number of scopes in a workspace, you may
 If a workspace is to be used for higher-level insights, you can create one with one scope for your entire Azure Storage estate and then add scopes for each department.
 If a workspace is designated to provide insights for specific workloads, then you can create a workspace containing a scope for each workload.
 
-> [!IMPORTANT]
-> During the Azure Storage Discovery preview period, the Discovery service covers only storage accounts located in select regions. <br>The [Understand region limitations](#understand-region-limitations) section in this article has details.
-
 ### Review your Azure resource tags
 
 You can select which storage resources are included in a [workspace scope](management-components.md) by first selecting specific subscriptions or resource groups, and then filtering the storage resources within them by [Azure resource tags](../azure-resource-manager/management/tag-resources.md).
@@ -77,21 +74,11 @@ It's important that you familiarize yourself with the available resource tags on
 
 When you deploy a Storage Discovery workspace, you need to choose a region. The region you select determines where the computed insights about your Azure Storage resources are stored. You can still capture insights for Azure Storage resources that are located in other regions. A general best practice is to choose the region for your workspace according to metadata residency requirements that apply to you and in closer proximity to your location. Visualizing your insights from a workspace closer to you can have a slight performance advantage.
 
-Storage Discovery workspaces can be created in the following regions. More regions are added throughout the preview period.
+Storage Discovery workspaces can be created in the following regions:
 
 [!INCLUDE [control-plane-regions](includes/control-plane-regions.md)]
 
-## Understand region limitations
-
-While a Storage Discovery workspace can cover storage accounts from other subscriptions and resource groups, and even other regions, there's an important region limitation you need to be aware of for a successful Storage Discovery deployment.
-
-The Discovery service covers only storage accounts located in the following regions:
-<br><br>
-[!INCLUDE [data-plane-regions](includes/data-plane-regions.md)]
-<br>
-
-> [!WARNING]
-> The Discovery service currently can't consider storage accounts located in regions not included in the previously listed locations. Including storage accounts from unsupported regions in a scope can lead to an incomplete set of insights. A short-term limitation of the preview period.
+A Storage Discovery workspace can cover storage accounts located in any public cloud region. If a new Azure public cloud region becomes available, there may be a delay until storage resources from this new region get covered by the Storage Discovery service.
 
 ## Permissions
 
@@ -113,9 +100,8 @@ The Azure Storage Discovery workspace stores the computed insights for your stor
 |:--------|--------------------------------------------------------------------------------:|
 |Register a resource provider namespace with a subscription|	Subscription: `Contributor`	|
 |Deploy a Storage Discovery workspace <br>*([Resource provider namespace already registered](#resource-provider-namespace))*|	Resource group: `Contributor` |
-|Share the Storage Discovery insights with another person | Storage Discovery workspace: `Reader`|
+|Share the Storage Discovery insights with another person | Storage Discovery workspace: `Owner`|
 |Enable a person to make changes to the workspace configuration| Storage Discovery workspace: `Contributor`|
-|Enable a person to share these insights with others | Storage Discovery workspace: `Owner`|
 
 > [!CAUTION]
 > When you provide other users access to a workspace, you're disclosing all insights of the workspace. Other users might not be privileged to know about the existence of the Azure resources or insights about the data they store. Providing access to a workspace doesn't provide access to an individual storage account, resource group, or subscription. Individual resources remain governed by RBAC.