Merge pull request #311791 from MicrosoftDocs/main

Auto Publish – main to live - 2026-02-13 12:00 UTC

Author: learn-build-service-prod[bot]

articles/active-directory-b2c/custom-email-mailjet.md

@@ -46,7 +46,7 @@ If you don't already have one, start by setting up a Mailjet account (Azure cust
 2. Navigate to the [API Key Management page](https://dev.mailjet.com/email/guides/senders-and-domains/#use-a-sender-on-all-api-keys-(metasender)). Record the **API Key** and **Secret Key** for use in a later step. Both keys are generated automatically when your account is created.
 
 > [!IMPORTANT]
-> Mailjet offers customers the ability to send emails from shared IP and [dedicated IP addresses](https://documentation.mailjet.com/hc/en-us/articles/1260803352789-Dedicated-IPs-What-They-Are-and-How-to-Warm-Them-Up). When using dedicated IP addresses, you need to build your own reputation properly with an IP address warm-up. For more information, see [How do I warm up my IP ?](https://documentation.mailjet.com/hc/articles/1260803352789-How-do-I-warm-up-my-IP-).
+> Mailjet offers customers the ability to send emails from shared IP and [dedicated IP addresses](https://documentation.mailjet.com/hc/en-us/articles/1260803352789-Dedicated-IPs-What-They-Are-and-How-to-Warm-Them-Up). When using dedicated IP addresses, you need to build your own reputation properly with an IP address warm-up. For more information, see [How do I warm up my IP ?](https://documentation.mailjet.com/hc/articles/1260803352789-How-do-I-warm-up-my-IP-)
 
 ## Create Azure AD B2C policy key
 

articles/api-management/api-management-howto-use-managed-service-identity.md

@@ -19,7 +19,7 @@ ms.custom:
 
 [!INCLUDE [api-management-availability-all-tiers](../../includes/api-management-availability-all-tiers.md)]
 
-This article shows how to create a managed identity for an Azure API Management instance and how to use it to access other resources. A managed identity generated by Microsoft Entra ID enables API Management to easily and securely access other resources that are protected by Microsoft Entra, like Azure Key Vault. Azure manages these identities, so you don't have to provision or rotate any secrets. For more information about managed identities, see [What are managed identities for Azure resources?](../active-directory/managed-identities-azure-resources/overview.md).
+This article shows how to create a managed identity for an Azure API Management instance and how to use it to access other resources. A managed identity generated by Microsoft Entra ID enables API Management to easily and securely access other resources that are protected by Microsoft Entra, like Azure Key Vault. Azure manages these identities, so you don't have to provision or rotate any secrets. For more information about managed identities, see [What are managed identities for Azure resources?](../active-directory/managed-identities-azure-resources/overview.md)
 
 You can grant two types of identities to an API Management instance:
 

articles/api-management/virtual-network-injection-resources.md

@@ -32,7 +32,7 @@ The following are virtual network resource requirements for injection of an API
 
 The minimum size of the subnet in which API Management can be deployed is /29, which provides three usable IP addresses. Each extra scale [unit](api-management-capacity.md) of API Management requires two more IP addresses. The minimum size requirement is based on the following considerations:
 
-* Azure reserves five IP addresses within each subnet that can't be used. The first and last IP addresses of the subnets are reserved for protocol conformance. Three more addresses are used for Azure services. For more information, see [Are there any restrictions on using IP addresses within these subnets?](../virtual-network/virtual-networks-faq.md#are-there-any-restrictions-on-using-ip-addresses-within-these-subnets).
+* Azure reserves five IP addresses within each subnet that can't be used. The first and last IP addresses of the subnets are reserved for protocol conformance. Three more addresses are used for Azure services. For more information, see [Are there any restrictions on using IP addresses within these subnets?](../virtual-network/virtual-networks-faq.md#are-there-any-restrictions-on-using-ip-addresses-within-these-subnets)
 
 * In addition to the IP addresses used by the Azure virtual network infrastructure, each API Management instance in the subnet uses:
     * Two IP addresses per unit of Basic, Standard, or Premium SKU, or 

articles/app-service/configure-custom-container.md

@@ -100,7 +100,7 @@ Use the following steps to configure your web app to pull from Azure Container R
    - *\<principal-id>* with the service principal ID from the `az webapp identity assign` command
    - *\<registry-resource-id>* with the ID of your container registry from the `az acr show` command
 
-   For more information about these permissions, see [What is Azure role-based access control?](../role-based-access-control/overview.md).
+   For more information about these permissions, see [What is Azure role-based access control?](../role-based-access-control/overview.md)
 
 1. Configure your app to use the managed identity to pull from Azure Container Registry.
 

articles/app-service/manage-backup.md

@@ -168,7 +168,7 @@ To restore a database included in a custom backup:
 1. Follow the steps in [Restore a backup](#restore-a-backup).
 1. In **Advanced options**, select **Include database**.
 
-For troubleshooting information, see [Why is my linked database not backed up?](#why-is-my-linked-database-not-backed-up).
+For troubleshooting information, see [Why is my linked database not backed up?](#why-is-my-linked-database-not-backed-up)
 
 ## Deprecation of linked database backups
 Starting **3/31/2028**, Azure App Service custom backups will **no longer support backing up linked databases**. We recommend using the native backup and restore tools provided by each database service instead.

articles/app-service/overview-arc-integration.md

@@ -25,7 +25,7 @@ You can run App Service, Functions, and Logic Apps on an Azure Arc-enabled Kuber
 
 In most cases, app developers need to know nothing more than how to deploy to the correct Azure region that represents the deployed Kubernetes environment. For operators who provide the environment and maintain the underlying Kubernetes infrastructure, you must be aware of the following Azure resources:
 
-- The connected cluster, which is an Azure projection of your Kubernetes infrastructure. For more information, see [What is Azure Arc-enabled Kubernetes?](/azure/azure-arc/kubernetes/overview).
+- The connected cluster, which is an Azure projection of your Kubernetes infrastructure. For more information, see [What is Azure Arc-enabled Kubernetes?](/azure/azure-arc/kubernetes/overview)
 - A cluster extension, which is a subresource of the connected cluster resource. The App Service extension [installs the required pods into your connected cluster](#pods-created-by-the-app-service-extension). For more information about cluster extensions, see [Cluster extensions on Azure Arc-enabled Kubernetes](/azure/azure-arc/kubernetes/conceptual-extensions).
 - A custom location, which bundles together a group of extensions and maps them to a namespace for created resources. For more information, see [Custom locations on top of Azure Arc-enabled Kubernetes](/azure/azure-arc/kubernetes/conceptual-custom-locations).
 - An App Service Kubernetes environment, which enables configuration common across apps but not related to cluster operations. Conceptually, it's deployed into the custom location resource, and app developers create apps into this environment. This resource is described in greater detail in [App Service Kubernetes environment](#app-service-kubernetes-environment).

articles/app-service/overview-managed-identity.md

@@ -23,7 +23,7 @@ The managed identity configuration is specific to the slot. To configure a manag
 > [!NOTE]
 > Managed identities aren't available for [apps deployed in Azure Arc](overview-arc-integration.md).
 >
-> Because [managed identities don't support cross-directory scenarios](../active-directory/managed-identities-azure-resources/managed-identities-faq.md#can-i-use-a-managed-identity-to-access-a-resource-in-a-different-directorytenant), they don't behave as expected if your app is migrated across subscriptions or tenants. To re-create the managed identities after such a move, see [Will managed identities be re-created automatically if I move a subscription to another directory?](../active-directory/managed-identities-azure-resources/managed-identities-faq.md#will-managed-identities-be-recreated-automatically-if-i-move-a-subscription-to-another-directory). Downstream resources also need to have access policies updated to use the new identity.
+> Because [managed identities don't support cross-directory scenarios](../active-directory/managed-identities-azure-resources/managed-identities-faq.md#can-i-use-a-managed-identity-to-access-a-resource-in-a-different-directorytenant), they don't behave as expected if your app is migrated across subscriptions or tenants. To re-create the managed identities after such a move, see [Will managed identities be re-created automatically if I move a subscription to another directory?](../active-directory/managed-identities-azure-resources/managed-identities-faq.md#will-managed-identities-be-recreated-automatically-if-i-move-a-subscription-to-another-directory) Downstream resources also need to have access policies updated to use the new identity.
 
 ## Prerequisites
 

articles/application-gateway/secure-application-gateway.md

@@ -34,7 +34,7 @@ Network security for Application Gateway involves controlling traffic flow, impl
 
 Web Application Firewall provides essential protection against common web vulnerabilities and attacks targeting your applications.
 
-* **Deploy Web Application Firewall**: Enable WAF on your Application Gateway to protect against OWASP Top 10 threats including SQL injection, cross-site scripting, and other common web attacks. Start in Detection mode to understand traffic patterns, then switch to Prevention mode to actively block threats. For more information, see [What is Azure Web Application Firewall on Azure Application Gateway?](/azure/web-application-firewall/ag/ag-overview).
+* **Deploy Web Application Firewall**: Enable WAF on your Application Gateway to protect against OWASP Top 10 threats including SQL injection, cross-site scripting, and other common web attacks. Start in Detection mode to understand traffic patterns, then switch to Prevention mode to actively block threats. For more information, see [What is Azure Web Application Firewall on Azure Application Gateway?](/azure/web-application-firewall/ag/ag-overview)
 
 * **Configure custom WAF rules**: Create custom rules to address specific threats targeting your applications, including rate limiting, IP blocking, and geo-filtering. Custom rules provide targeted protection beyond managed rule sets. For more information, see [Create and use v2 custom rules](/azure/web-application-firewall/ag/create-custom-waf-rules).
 

articles/automation/automation-secure-asset-encryption.md

@@ -284,7 +284,7 @@ To revoke access to customer-managed keys, use PowerShell or the Azure CLI. For
 ## Next steps
 
 - To learn about security guidelines, see [Security best practices in Azure Automation](automation-security-guidelines.md).
-- To understand Azure Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview).
+- To understand Azure Key Vault, see [What is Azure Key Vault?](/azure/key-vault/general/overview)
 - To work with certificates, see [Manage certificates in Azure Automation](shared-resources/certificates.md).
 - To handle credentials, see [Manage credentials in Azure Automation](shared-resources/credentials.md).
 - To use Automation variables, [Manage variables in Azure Automation](shared-resources/variables.md).

articles/automation/automation-security-overview.md

@@ -72,7 +72,7 @@ To renew the service principal, you need to be a member of one of the following
 - [Application Administrator](../active-directory/roles/permissions-reference.md#application-administrator)
 - [Application Developer](../active-directory/roles/permissions-reference.md#application-developer)
 
-Membership can be assigned to **ALL** users in the tenant at the directory level, which is the default behavior. You can grant membership to either role at the directory level. For more information, see [Who has permission to add applications to my Microsoft Entra instance?](../active-directory/develop/how-applications-are-added.md#who-has-permission-to-add-applications-to-my-azure-ad-instance).
+Membership can be assigned to **ALL** users in the tenant at the directory level, which is the default behavior. You can grant membership to either role at the directory level. For more information, see [Who has permission to add applications to my Microsoft Entra instance?](../active-directory/develop/how-applications-are-added.md#who-has-permission-to-add-applications-to-my-azure-ad-instance)
 
 ### Automation account permissions