fixes MicrosoftDocs/azure-docs#108099

KarlErickson · KarlErickson · commit 0009c0a48f0e · 2023-04-12T12:42:02.000-07:00
diff --git a/articles/spring-apps/tutorial-managed-identities-key-vault.md b/articles/spring-apps/tutorial-managed-identities-key-vault.md
@@ -39,7 +39,7 @@ The following video describes how to manage secrets using Azure Key Vault.
 A resource group is a logical container into which Azure resources are deployed and managed. Create a resource group to contain both the Key Vault and Spring Cloud using the command [az group create](/cli/azure/group#az-group-create):
 
 ```azurecli
-az group create --name "myResourceGroup" -l "EastUS"
+az group create --name "myResourceGroup" --location "EastUS"
 ```
 
 ## Set up your Key Vault
@@ -55,7 +55,7 @@ az keyvault create \
     --name "<your-keyvault-name>" 
 ```
 
-Make a note of the returned `vaultUri`, which will be in the format `https://<your-keyvault-name>.vault.azure.net`. It will be used in the following step.
+Make a note of the returned `vaultUri`, which is in the format `https://<your-keyvault-name>.vault.azure.net`. You use this value in the following step.
 
 You can now place a secret in your Key Vault with the command [az keyvault secret set](/cli/azure/keyvault/secret#az-keyvault-secret-set):
 
@@ -84,11 +84,15 @@ The following example creates an app named `springapp` with a system-assigned ma
 ```azurecli
 az spring app create \
     --resource-group <your-resource-group-name> \
-    --name "springapp" \
     --service <your-Azure-Spring-Apps-instance-name> \
+    --name "springapp" \
     --assign-endpoint true \
     --system-assigned
-export SERVICE_IDENTITY=$(az spring app show --name "springapp" -s "myspringcloud" -g "myResourceGroup" | jq -r '.identity.principalId')
+export SERVICE_IDENTITY=$(az spring app show \
+    --resource-group "<your-resource-group-name>" \
+    --service "<your-Azure-Spring-Apps-instance-name>" \
+    --name "springapp" \
+    | jq -r '.identity.principalId')
 ```
 
 ### [User-assigned managed identity](#tab/user-assigned-managed-identity)
@@ -97,29 +101,29 @@ First, create a user-assigned managed identity in advance with its resource ID s
 
 :::image type="content" source="media/tutorial-managed-identities-key-vault/app-user-managed-identity-key-vault.png" alt-text="Screenshot of Azure portal showing the Managed Identity Properties screen with 'Resource ID', 'Principle ID' and 'Client ID' highlighted." lightbox="media/tutorial-managed-identities-key-vault/app-user-managed-identity-key-vault.png":::
 
-```azurecli
-export SERVICE_IDENTITY={principal ID of user-assigned managed identity}
-export USER_IDENTITY_RESOURCE_ID={resource ID of user-assigned managed identity}
+```bash
+export SERVICE_IDENTITY=<principal-ID-of-user-assigned-managed-identity>
+export USER_IDENTITY_RESOURCE_ID=<resource-ID-of-user-assigned-managed-identity>
 ```
 
 The following example creates an app named `springapp` with a user-assigned managed identity, as requested by the `--user-assigned` parameter.
 
 ```azurecli
 az spring app create \
     --resource-group <your-resource-group-name> \
-    --name "springapp" \
     --service <your-Azure-Spring-Apps-instance-name> \
-    --assign-endpoint true \
-    --user-assigned $USER_IDENTITY_RESOURCE_ID
+    --name "springapp" \
+    --user-assigned $USER_IDENTITY_RESOURCE_ID \
+    --assign-endpoint true
 az spring app show \
     --resource-group <your-resource-group-name> \
-    --name "springapp" \
-    --service <your-Azure-Spring-Apps-instance-name>
+    --service <your-Azure-Spring-Apps-instance-name> \
+    --name "springapp"
 ```
 
 ---
 
-Make a note of the returned URL, which will be in the format `https://<your-app-name>.azuremicroservices.io`. This URL will be used in the following step.
+Make a note of the returned URL, which is in the format `https://<your-app-name>.azuremicroservices.io`. You use this value in the following step.
 
 ## Grant your app access to Key Vault
 
@@ -137,17 +141,17 @@ az keyvault set-policy \
 
 ## Build a sample Spring Boot app with Spring Boot starter
 
-This app will have access to get secrets from Azure Key Vault. Use the Azure Key Vault Secrets Spring boot starter.  Azure Key Vault is added as an instance of Spring **PropertySource**.  Secrets stored in Azure Key Vault can be conveniently accessed and used like any externalized configuration property, such as properties in files.
+This app has access to get secrets from Azure Key Vault. Use the Azure Key Vault Secrets Spring boot starter.  Azure Key Vault is added as an instance of Spring **PropertySource**.  Secrets stored in Azure Key Vault can be conveniently accessed and used like any externalized configuration property, such as properties in files.
 
 1. Use the following command to generate a sample project from `start.spring.io` with Azure Key Vault Spring Starter.
 
-   ```azurecli
+   ```bash
    curl https://start.spring.io/starter.tgz -d dependencies=web,azure-keyvault -d baseDir=springapp -d bootVersion=2.7.2 -d javaVersion=1.8 | tar -xzvf -
    ```
 
 1. Specify your Key Vault in your app.
 
-   ```azurecli
+   ```bash
    cd springapp
    vim src/main/resources/application.properties
    ```
@@ -208,7 +212,7 @@ spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id={Cli
    }
    ```
 
-   If you open the *pom.xml* file, you'll see the dependency of `spring-cloud-azure-starter-keyvault`.
+   If you open the *pom.xml* file, you can see the `spring-cloud-azure-starter-keyvault` dependency, as shown in the following example:
 
    ```xml
    <dependency>
@@ -219,7 +223,7 @@ spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id={Cli
 
 1. Use the following command to package your sample app.
 
-   ```azurecli
+   ```bash
    ./mvnw clean package -DskipTests
    ```
 
@@ -228,18 +232,18 @@ spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id={Cli
    ```azurecli
    az spring app deploy \
        --resource-group <your-resource-group-name> \
-       --name "springapp" \
        --service <your-Azure-Spring-Apps-instance-name> \
+       --name "springapp" \
        --artifact-path target/demo-0.0.1-SNAPSHOT.jar
    ```
 
 1. To test your app, access the public endpoint or test endpoint by using the following command:
 
-   ```azurecli
+   ```bash
    curl https://myspringcloud-springapp.azuremicroservices.io/get
    ```
 
-   You'll see the message `Successfully got the value of secret connectionString from Key Vault https://<your-keyvault-name>.vault.azure.net/: jdbc:sqlserver://SERVER.database.windows.net:1433;database=DATABASE;`.
+   You're shown the message `Successfully got the value of secret connectionString from Key Vault https://<your-keyvault-name>.vault.azure.net/: jdbc:sqlserver://SERVER.database.windows.net:1433;database=DATABASE;`.
 
 ## Next steps
 
