Merge pull request #309020 from MicrosoftDocs/main

Auto Publish – main to live - 2025-12-03 23:00 UTC

Author: learn-build-service-prod[bot]

.openpublishing.redirection.json

@@ -6355,6 +6355,11 @@
       "redirect_url": "/azure/storage/container-storage/install-container-storage-aks",
       "redirect_document_id": true
     },
+    {
+      "source_path": "articles/reliability/reliability-cosmos-mongodb.md",
+      "redirect_url": "/azure/reliability/reliability-documentdb",
+      "redirect_document_id": true
+    },
     {
       "source_path": "articles/communications-gateway/connectivity.md",
       "redirect_url": "/previous-versions/azure/communications-gateway/connectivity",

articles/app-service/environment/overview.md

@@ -65,6 +65,9 @@ If you require physical isolation down to the hardware level, you can deploy you
 
 Only I1v2, I2v2, and I3v2 SKU sizes are available in an App Service Environment deployed on dedicated hosts. Extra charges apply for dedicated host deployments.
 
+> [!NOTE]
+> Dedicated host deployments are available only in limited regions, and expansion to additional regions isn't planned.
+
 Most customers don't require isolation down to the hardware level, so consider the limitations of dedicated host deployments before you use this feature. To determine whether a dedicated host deployment is right for you, review your security and compliance requirements before deployment.
 
 ## Virtual network support

articles/application-gateway/private-link-configure.md

@@ -30,30 +30,30 @@ You can configure Application Gateway Private Link using multiple methods:
 - Azure PowerShell
 - Azure CLI
 
-# [Azure portal](#tab/portal)
-
 ## Prerequisites
 
 Before configuring Private Link, ensure you have:
 - An existing Application Gateway
 - A virtual network with a dedicated subnet for Private Link (separate from the Application Gateway subnet)
 - Appropriate permissions to create and configure Private Link resources
 
-## Define a subnet for Private Link configuration
+## Subnet considerations for Private Link configuration
 
-To enable Private Link configuration, you must create a dedicated subnet that's separate from the Application Gateway subnet. This subnet is used exclusively for Private Link IP configurations and can't contain any Application Gateway instances.
+To enable Private Link configuration, you must have a dedicated subnet that's separate from the Application Gateway subnet. This subnet is used exclusively for Private Link IP configurations and can't contain any Application Gateway instances.
 
-**Subnet sizing considerations:**
 - Each IP address allocated to this subnet supports up to 65,536 concurrent TCP connections through Private Link
 - To calculate required IP addresses: `n × 65,536` connections, where `n` is the number of IP addresses provisioned
 - Maximum of eight IP addresses per Private Link configuration
 - Only dynamic IP address allocation is supported
+- The subnet must have [Private Link Service Network Policies](../private-link/disable-private-endpoint-network-policy.md#disable-network-policy) disabled
 
 > [!IMPORTANT]
 > The combined length of the Application Gateway name and Private Link configuration name must not exceed 70 characters to avoid deployment failures.
 
 To create a dedicated subnet for Private Link, see [Add, change, or delete a virtual network subnet](../virtual-network/virtual-network-manage-subnet.md).
 
+# [Azure portal](#tab/portal)
+
 ## Disable network policies on the Private Link subnet
 
 To allow Private Link connectivity, you must [disable the Private Link Service Network Policies](../private-link/disable-private-endpoint-network-policy.md#disable-network-policy) on the subnet designated for Private Link IP configurations.
@@ -67,15 +67,14 @@ To disable network policies, follow these steps:
 1. Under **Private link service network policies**, select **Disabled**.
 1. Select **Save** to apply the changes.
     1. Wait a few minutes for the changes to take effect.
-1. verify that the **Private link service network policies** setting is now **Disabled**.
+1. Verify the **Private link service network policies** setting is now **Disabled**.
 
 ## Configure Private Link
 
 The Private Link configuration defines the infrastructure that enables connections from Private Endpoints to your Application Gateway. Before creating the Private Link configuration, ensure that a listener is actively configured to use the target frontend IP configuration.
 
 Follow these steps to create the Private Link configuration:
 
-
 1. Search for and select **Application Gateways**.
 1. Select your Application Gateway instance.
 1. In the left navigation pane, select **Private link**, then select **+ Add**.
@@ -87,9 +86,6 @@ Follow these steps to create the Private Link configuration:
 1. Select **Add** to create the configuration.
 1. From your Application Gateway settings, copy and save the **Resource ID**. This identifier is required when setting up Private Endpoints from different Microsoft Entra tenants.
 
->[!CAUTION]
->Private link configuration will momentarily cause traffic disruption (less than 1 minute) while the change is applied. Changes are recommended to be conducted during a maintenance window or period of low-traffic.  During this time, you may see connection timeouts or 4XX http status codes returned on request.  Add/Remove/Approval/Rejection of private endpoints will not cause traffic disruption.
-
 ## Configure Private Endpoint
 
 A Private Endpoint is a network interface that uses a private IP address from your virtual network to connect securely to Azure Application Gateway. Clients use the Private Endpoint's private IP address to establish connections to the Application Gateway through a secure tunnel.
@@ -122,20 +118,9 @@ To create a Private Endpoint, follow these steps:
 > When provisioning a Private Endpoint from a different Microsoft Entra tenant, you must use the Azure Application Gateway Resource ID and specify the frontend IP configuration name as the target sub-resource. 
 For example, if your private IP configuration is named `PrivateFrontendIp` in the portal, use `PrivateFrontendIp` as the target sub-resource value.
 
-> [!CAUTION]
-> When moving a Private Endpoint to a different subscription, you must first delete the existing connection between the Private Link and Private Endpoint. After deletion, create a new Private Endpoint connection in the target subscription to reestablish connectivity.
-
-
 
 # [Azure PowerShell](#tab/powershell)
 
-## Prerequisites
-
-Before using PowerShell commands, ensure you have:
-- Azure PowerShell module installed and configured
-- Appropriate permissions to modify Application Gateway and network resources
-- An existing Application Gateway and virtual network (VNet) service
-
 ## Configure Private Link using PowerShell
 
 Use the following PowerShell commands to configure Private Link on an existing Application Gateway:
@@ -211,13 +196,6 @@ The following Azure PowerShell cmdlets are available for managing Application Ga
 
 # [Azure CLI](#tab/cli)
 
-## Prerequisites
-
-Before using Azure CLI commands, ensure you have:
-- Azure CLI installed and configured
-- Appropriate permissions to modify Application Gateway and network resources
-- An existing Application Gateway and virtual network (VNet) service
-
 ## Configure Private Link using Azure CLI
 
 Use the following Azure CLI commands to configure Private Link on an existing Application Gateway:
@@ -269,6 +247,12 @@ az network private-endpoint create \
     --connection-name AppGW-PL-Connection
 ```
 
+> [!Note]
+> To move a Private Endpoint to a different subscription, you must delete the existing connection between the Private Link and Private Endpoint. After deletion, create a new Private Endpoint connection in the target subscription to reestablish connectivity.
+
+>[!CAUTION]
+>Private link configuration will momentarily cause traffic disruption (less than 1 minute) when enabled or disabled. Changes are recommended to be conducted during a maintenance window or period of low-traffic.  During this time, you may see connection timeouts or 4XX http status codes returned on request.  Add/Remove/Approval/Rejection of private endpoints will not cause traffic disruption.
+
 ## Azure CLI reference
 
 For comprehensive Azure CLI command reference for Application Gateway Private Link configuration, see [Azure CLI - Application Gateway Private Link](/cli/azure/network/application-gateway/private-link).
@@ -282,4 +266,4 @@ To learn more about Azure Private Link and related services:
 - [What is Azure Private Link?](../private-link/private-link-overview.md)
 - [Application Gateway Private Link overview](private-link.md)
 - [Private Link service overview](../private-link/private-link-service-overview.md)
-- [Private endpoints overview](../private-link/private-endpoint-overview.md)
+- [Private endpoints overview](../private-link/private-endpoint-overview.md)

articles/azure-functions/TOC.yml

@@ -19,6 +19,7 @@
     href: functions-scale.md
 - name: Quickstarts
   displayName: quickstart, get started
+  expanded: true
   items:
   - name: Scenarios
     expanded: true
@@ -52,12 +53,13 @@
   - name: Developer tools
     items:
     - name: Azure Developer CLI
-      displayName: Flex Consumption plan
+      displayName: azd
       href: create-first-function-azure-developer-cli.md
-    - name: Command line
-      displayName: quickstart, get started
+    - name: Command line (Core Tools)
+      displayName: quickstart, get started, go, rust
       href: how-to-create-function-azure-cli.md
     - name: Visual Studio Code
+      displayName: quickstart, get started, go, rust
       href: how-to-create-function-vs-code.md
     - name: Visual Studio
       href: functions-create-your-first-function-visual-studio.md
@@ -84,8 +86,6 @@
     - name: Terraform
       displayName: Terraform, quickstart, get started
       href: functions-create-first-function-terraform.md
-    - name: Custom handlers (Go/Rust)
-      href: create-first-function-vs-code-other.md
   - name: Connect to services  
     items:
     - name: Storage