Merge pull request #304400 from MicrosoftDocs/main

Auto Publish – main to live - 2025-08-19 17:00 UTC

Author: learn-build-service-prod[bot]

.openpublishing.redirection.json

@@ -6429,6 +6429,31 @@
       "redirect_url": "/azure/managed-grafana/how-to-service-accounts",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/service-connector/quickstart-cli-spring-cloud-connection.md",
+      "redirect_url": "/azure/service-connector/quickstart-portal-spring-cloud-connection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/service-connector/quickstart-cli-app-service-connection.md",
+      "redirect_url": "/azure/service-connector/quickstart-portal-app-service-connection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/service-connector/quickstart-cli-aks-connection.md",
+      "redirect_url": "/azure/service-connector/quickstart-portal-aks-connection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/service-connector/quickstart-cli-container-apps.md",
+      "redirect_url": "/azure/service-connector/quickstart-portal-container-apps",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/service-connector/quickstart-cli-functions-connection.md",
+      "redirect_url": "/azure/service-connector/quickstart-portal-functions-connection",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/load-balancer/move-across-regions-external-load-balancer-portal.md",
       "redirect_url": "/azure/load-balancer/move-across-regions-azure-load-balancer",

articles/app-service/configure-language-java-data-sources.md

@@ -201,47 +201,46 @@ You can't directly modify a Tomcat installation for server-wide configuration be
 
 #### Add a startup file
 
-Create a file named `startup.cmd` `%HOME%\site\wwwroot` directory. This file runs automatically before the Tomcat server starts. The file should have the following content:
+Create a file named `startup.cmd` in the `%HOME%\site\wwwroot` directory. This file runs automatically before the Tomcat server starts. The file should have the following content:
 
 ```dos
-C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File  %HOME%\site\configure.ps1
+C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File  %HOME%\site\configure.ps1 > %HOME%\site\configure.log
 ```
 
 #### Add the PowerShell configuration script
 
-Next, add the configuration script called *configure.ps1* to the *%HOME%_\site* directory with the following code:
+Next, add the configuration script called `configure.ps1` to the `%HOME%\site` directory with the following code:
 
 ```powershell
 # Locations of xml and xsl files
-$target_xml="$Env:LOCAL_EXPANDED\tomcat\conf\server.xml"
-$target_xsl="$Env:HOME\site\server.xsl"
+$source_xml = "$Env:AZURE_TOMCAT90_HOME\conf\server.xml"
+$target_xml = "$Env:LOCAL_EXPANDED\tomcat\conf\server.xml"
+$target_xsl = "$Env:HOME\site\server.xsl"
+$marker_file = "$Env:HOME\site\config_done_marker"
 
 # Define the transform function
 # Useful if transforming multiple files
-function TransformXML{
+function TransformXML {
     param ($xml, $xsl, $output)
 
-    if (-not $xml -or -not $xsl -or -not $output)
-    {
+    if (-not $xml -or -not $xsl -or -not $output) {
         return 0
     }
 
-    Try
-    {
+    Try {
         $xslt_settings = New-Object System.Xml.Xsl.XsltSettings;
         $XmlUrlResolver = New-Object System.Xml.XmlUrlResolver;
         $xslt_settings.EnableScript = 1;
 
         $xslt = New-Object System.Xml.Xsl.XslCompiledTransform;
-        $xslt.Load($xsl,$xslt_settings,$XmlUrlResolver);
+        $xslt.Load($xsl, $xslt_settings, $XmlUrlResolver);
         $xslt.Transform($xml, $output);
     }
 
-    Catch
-    {
+    Catch {
         $ErrorMessage = $_.Exception.Message
         $FailedItem = $_.Exception.ItemName
-        echo  'Error'$ErrorMessage':'$FailedItem':' $_.Exception;
+        Write-Error 'Error'$ErrorMessage':'$FailedItem':' $_.Exception;
         return 0
     }
     return 1
@@ -250,29 +249,27 @@ function TransformXML{
 # Start here
 
 # Check for marker file indicating that config has already been done
-if(Test-Path "$Env:LOCAL_EXPANDED\tomcat\config_done_marker"){
+if (Test-Path "$marker_file") {
     return 0
 }
 
 # Delete previous Tomcat directory if it exists
 # In case previous config isn't completed or a new config should be forcefully installed
-if(Test-Path "$Env:LOCAL_EXPANDED\tomcat"){
-    Remove-Item "$Env:LOCAL_EXPANDED\tomcat" Recurse
+if (Test-Path "$Env:LOCAL_EXPANDED\tomcat") {
+    Remove-Item -Path "$Env:LOCAL_EXPANDED\tomcat" -Recurse -Force
 }
 
-md -Path "$Env:LOCAL_EXPANDED\tomcat"
-
 # Copy Tomcat to local
 # Using the environment variable $AZURE_TOMCAT90_HOME uses the 'default' version of Tomcat
 New-Item "$Env:LOCAL_EXPANDED\tomcat" -ItemType Directory
 Copy-Item -Path "$Env:AZURE_TOMCAT90_HOME\*" "$Env:LOCAL_EXPANDED\tomcat" -Recurse
 
 # Perform the required customization of Tomcat
-$success = TransformXML -xml $target_xml -xsl $target_xsl -output $target_xml
+$success = TransformXML -xml $source_xml -xsl $target_xsl -output $target_xml
 
 # Mark that the operation was a success if successful
-if($success){
-    New-Item -Path "$Env:LOCAL_EXPANDED\tomcat\config_done_marker" -ItemType File
+if ($success) {
+    New-Item -Path "$marker_file" -ItemType File
 }
 ```
 

articles/application-gateway/application-gateway-private-deployment.md

@@ -6,7 +6,7 @@ services: application-gateway
 author: mbender-ms
 ms.service: azure-application-gateway
 ms.topic: how-to
-ms.date: 8/11/2025
+ms.date: 8/19/2025
 ms.author: mbender
 #Customer intent: As an administrator, I want to evaluate Azure Private Application Gateway
 # Customer intent: "As a cloud administrator, I want to configure a Private Application Gateway with enhanced network controls, so that I can improve security and restrict data egress while managing inbound and outbound traffic effectively."
@@ -35,7 +35,7 @@ Each of these features can be configured independently. For example, a public IP
 
 ## Onboard to the feature
 
-The functionality of the new controls of private IP frontend configuration, control over NSG rules, and control over route tables, are generally available and supported in production.  To join enable the feature, you must opt in to the experience using the Azure portal, PowerShell, CLI, or REST API.
+The functionality of the new controls of private IP frontend configuration, control over NSG rules, and control over route tables, are generally available and supported in production.  To use the features, you must opt in to the experience using the Azure portal, PowerShell, CLI, or REST API.
 
 When enrolled, all new Application Gateways provision with the ability to define any combination of the NSG, Route Table, or private IP configuration features.  If you wish to opt out from the new functionality, you can do so by [unregistering from the feature](#unregister-the-feature).
 

articles/azure-netapp-files/manage-file-access-logs.md

@@ -11,7 +11,7 @@ ms.custom: references_regions
 # Customer intent: As a storage administrator, I want to enable file access logs on Azure NetApp Files volumes so that I can monitor file access operations and troubleshoot access issues effectively.
 ---
 
-# Manage file access logs in Azure NetApp Files (preview)
+# Manage file access logs in Azure NetApp Files
 
 File access logs provide file access logging for individual volumes, capturing file system operations on selected volumes. The logs capture [standard file operation](#recognized-events). File access logs provide insights beyond the platform logging captured in the [Azure Activity Log](/azure/azure-monitor/essentials/activity-log).
 
@@ -75,10 +75,10 @@ The events capture in file access logs depend on the protocol of your volume.
 * Set attribute 
 * Unlink
 * Write
-
+<!--
 ## Register the feature
 
-The file access logs feature is currently in preview. If you're using this feature for the first time, you need to register the feature first. 
+If you're using file access logs for the first time, you need to register the feature. 
 
 1. Register the feature:
 
@@ -96,7 +96,7 @@ The file access logs feature is currently in preview. If you're using this featu
     ```
 
 You can also use [Azure CLI commands](/cli/azure/feature) `az feature register` and `az feature show` to register the feature and display the registration status.
-
+-->
 ## Supported regions
 
 Availability for file access log is limited to the following regions: 

articles/azure-netapp-files/whats-new.md

@@ -8,17 +8,21 @@ ms.custom:
   - linux-related-content
   - build-2025
 ms.topic: overview
-ms.date: 08/14/2025
+ms.date: 08/18/2025
 ms.author: anfdocs
 # Customer intent: As a cloud administrator, I want to learn about the latest enhancements in Azure NetApp Files, so that I can effectively utilize new features for improved data security, resilience, and operational efficiency in my organization's cloud storage solutions.
 ---
 
 # What's new in Azure NetApp Files
 
 Azure NetApp Files is updated regularly. This article provides a summary about the latest new features and enhancements.
-
+  
 ## August 2025
 
+* [File access logs](manage-file-access-logs.md) is now generally available (GA)
+
+    File access logs provide enterprise-grade visibility into file-level operations across SMB3, NFSv4.1, and dual-protocol volumes. This capability enhances security, reliability, and operational insight by capturing detailed access activity—including user identity, operation type, and timestamps. Organizations can use file access logs to monitor access patterns, detect unauthorized activity, support compliance investigations, and optimize data usage. By integrating this feature, you strengthen your security posture and align with the Well-Architected Framework's best practices for operational excellence.
+
 * [Flexible service level](manage-cool-access.md?tabs=flexible#register-the-feature) now supports storage with cool access (Preview)
 
     Azure NetApp Files now supports cool access for the Flexible service level, enabling you to further optimize performance and cost by automatically tiering infrequently accessed data to lower-cost Azure storage accounts. This enhancement builds on the Flexible service level's ability to decouple storage capacity and throughput, allowing precise resource alignment for diverse workloads while maintaining configured throughput levels—even with cool access enabled. These features help organizations reduce total cost of ownership without compromising performance. You must be registered for the [Flexible service level](azure-netapp-files-set-up-capacity-pool.md) before enrolling in [the preview for the Flexible service level with cool access](manage-cool-access.md#register-the-feature). 

articles/azure-resource-manager/bicep/deploy-cloud-shell.md

@@ -3,15 +3,21 @@ title: Deploy Bicep files with Cloud Shell
 description: Use Azure Resource Manager and Azure Cloud Shell to deploy resources to Azure. The resources are defined in a Bicep file.
 ms.topic: how-to
 ms.custom: devx-track-bicep, devx-track-arm-template
-ms.date: 04/28/2025
+ms.date: 08/15/2025
 ---
 
 # Deploy Bicep files from Azure Cloud Shell
 
-You can use [Azure Cloud Shell](../../cloud-shell/overview.md) to deploy a Bicep file. Currently you can only deploy  a local Bicep file from the Cloud Shell.
+You can use [Azure Cloud Shell](../../cloud-shell/overview.md) to deploy a Bicep file. Currently you can only deploy a local Bicep file from the Cloud Shell.
 
 You can deploy to any scope. This article shows deploying to a resource group.
 
+In this article, you'll learn how to:
+
+- Upload a Bicep file to Cloud Shell
+- Deploy the file using Azure CLI or PowerShell
+- Verify your deployment was successful
+
 ## Deploy local Bicep file
 
 To deploy a local Bicep file, you must first upload your Bicep file to your Cloud Shell session.
@@ -26,7 +32,7 @@ To deploy a local Bicep file, you must first upload your Bicep file to your Clou
     :::image type="content" source="./media/deploy-cloud-shell/bicep-cloud-shell-upload.png" alt-text="Upload file":::
 
 1. Select the Bicep file you want to upload, and then select **Open**.
-1. To deploy the Bicep file, use the following commands:
+1. To deploy the Bicep file, use the following commands. These commands create a resource group and deploy your Bicep template to it:
 
    ### [Azure CLI](#tab/azure-cli)
 
@@ -53,5 +59,8 @@ To deploy a local Bicep file, you must first upload your Bicep file to your Clou
 
 ## Next steps
 
-- For more information about deployment commands, see [Deploy resources with Bicep and Azure CLI](deploy-cli.md) and [Deploy resources with Bicep and Azure PowerShell](deploy-powershell.md).
-- To preview changes before deploying a Bicep file, see [Bicep deployment what-if operation](./deploy-what-if.md).
+Now that you've learned to deploy Bicep files from Cloud Shell, explore these related topics:
+
+- **Learn advanced deployment techniques**: [Deploy resources with Bicep and Azure CLI](deploy-cli.md) and [Deploy resources with Bicep and Azure PowerShell](deploy-powershell.md)
+- **Preview changes before deployment**: [Bicep deployment what-if operation](./deploy-what-if.md)
+- **Troubleshoot deployment issues**: Review common deployment errors and solutions

articles/azure-resource-manager/bicep/deploy-to-tenant.md

@@ -10,41 +10,44 @@ ms.date: 02/10/2025
 
 As your organization matures, you may need to define and assign [policies](../../governance/policy/overview.md) or [Azure role-based access control (Azure RBAC)](../../role-based-access-control/overview.md) across your Microsoft Entra tenant. With tenant level templates, you can declaratively apply policies and assign roles at a global level.
 
-### Training resources
+**What you'll learn:**
 
-If you would rather learn about deployment scopes through step-by-step guidance, see [Deploy resources to subscriptions, management groups, and tenants by using Bicep](/training/modules/deploy-resources-scopes-bicep/).
+- How to deploy resources at the tenant scope
+- Required permissions and setup steps
+- Deployment commands for tenant-level resources
+- Examples for creating management groups and role assignments
 
 ## Supported resources
 
 Not all resource types can be deployed to the tenant level. This section lists which resource types are supported.
 
 For Azure role-based access control (Azure RBAC), use:
 
-* [roleAssignments](/azure/templates/microsoft.authorization/roleassignments)
+- [roleAssignments](/azure/templates/microsoft.authorization/roleassignments)
 
 For nested templates that deploy to management groups, subscriptions, or resource groups, use:
 
-* [deployments](/azure/templates/microsoft.resources/deployments)
+- [deployments](/azure/templates/microsoft.resources/deployments)
 
 For creating management groups, use:
 
-* [managementGroups](/azure/templates/microsoft.management/managementgroups)
+- [managementGroups](/azure/templates/microsoft.management/managementgroups)
 
 For creating subscriptions, use:
 
-* [aliases](/azure/templates/microsoft.subscription/aliases)
+- [aliases](/azure/templates/microsoft.subscription/aliases)
 
 For managing costs, use:
 
-* [billingProfiles](/azure/templates/microsoft.billing/billingaccounts/billingprofiles)
-* [billingRoleAssignments](/azure/templates/microsoft.billing/billingaccounts/billingroleassignments)
-* [instructions](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/instructions)
-* [invoiceSections](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/invoicesections)
-* [policies](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/policies)
+- [billingProfiles](/azure/templates/microsoft.billing/billingaccounts/billingprofiles)
+- [billingRoleAssignments](/azure/templates/microsoft.billing/billingaccounts/billingroleassignments)
+- [instructions](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/instructions)
+- [invoiceSections](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/invoicesections)
+- [policies](/azure/templates/microsoft.billing/billingaccounts/billingprofiles/policies)
 
 For configuring the portal, use:
 
-* [tenantConfigurations](/azure/templates/microsoft.portal/tenantconfigurations)
+- [tenantConfigurations](/azure/templates/microsoft.portal/tenantconfigurations)
 
 Built-in policy definitions are tenant-level resources, but you can't deploy custom policy definitions at the tenant. For an example of assigning a built-in policy definition to a resource, see [tenantResourceId example](./bicep-functions-resource.md#tenantresourceid).
 
@@ -106,9 +109,9 @@ New-AzTenantDeployment `
 
 For more detailed information about deployment commands and options for deploying ARM templates, see:
 
-* [Deploy resources with ARM templates and Azure CLI](deploy-cli.md)
-* [Deploy resources with ARM templates and Azure PowerShell](deploy-powershell.md)
-* [Deploy ARM templates from Cloud Shell](deploy-cloud-shell.md)
+- [Deploy resources with ARM templates and Azure CLI](deploy-cli.md)
+- [Deploy resources with ARM templates and Azure PowerShell](deploy-powershell.md)
+- [Deploy ARM templates from Cloud Shell](deploy-cloud-shell.md)
 
 ## Deployment location and name
 
@@ -128,10 +131,10 @@ To deploy resources at multiple scopes within a single deployment, use [modules]
 
 You can deploy a resource from within a tenant scope Bicep file at the following scopes:
 
-* [The tenant](#scope-to-tenant)
-* [The management group](#scope-to-management-group)
-* [The subscription](#scope-to-subscription)
-* [The resource group](#scope-to-resource-group)
+- [The tenant](#scope-to-tenant)
+- [The management group](#scope-to-management-group)
+- [The subscription](#scope-to-subscription)
+- [The resource group](#scope-to-resource-group)
 
 ### Scope to tenant
 
@@ -237,8 +240,10 @@ resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
 
 ## Next steps
 
-To learn about other scopes, see:
+Now that you understand tenant deployments, explore these related deployment scopes:
 
-* [Resource group deployments](deploy-to-resource-group.md)
-* [Subscription deployments](deploy-to-subscription.md)
-* [Management group deployments](deploy-to-management-group.md)
+- **[Resource group deployments](deploy-to-resource-group.md)** - Deploy resources to a specific resource group
+- **[Subscription deployments](deploy-to-subscription.md)** - Deploy resources at the subscription level
+- **[Management group deployments](deploy-to-management-group.md)** - Deploy resources to management groups
+
+For hands-on practice, try the training module: [Deploy resources to subscriptions, management groups, and tenants by using Bicep](/training/modules/deploy-resources-scopes-bicep/).