Moving warning to be an include

nzthiago · nzthiago · commit 137f693b0ff9 · 2025-06-06T10:01:23.000-07:00
diff --git a/articles/azure-functions/function-keys-how-to.md b/articles/azure-functions/function-keys-how-to.md
@@ -74,8 +74,7 @@ When using Key Vault for key storage, the app settings you need depend on the ma
 | [AzureWebJobsSecretStorageKeyVaultClientSecret](functions-app-settings.md#azurewebjobssecretstoragekeyvaultclientsecret) | X | X | ✓ |
 | [AzureWebJobsSecretStorageKeyVaultTenantId](functions-app-settings.md#azurewebjobssecretstoragekeyvaulttenantid) | X | X | ✓ |
 
-> [!IMPORTANT]
-> When using Key Vault for key storage, there is no scoping of the secrets to each function app. If you configure `AzureWebJobsSecretStorageKeyVaultUri` with the same Key Vault resource for multiple function apps there can be inadvertent behavior, like apps will share the same key and keys getting overwritten. It is recommended to use different Key Vault resources for different function apps.
+[!INCLUDE [functions-key-vault-secrets-storage-warning](../../includes/functions-key-vault-secrets-storage-warning.md)]
 
 ## Use access keys
 
diff --git a/articles/azure-functions/functions-app-settings.md b/articles/azure-functions/functions-app-settings.md
@@ -274,7 +274,9 @@ The vault must have an access policy corresponding to the system-assigned manage
 |---|------------|
 |AzureWebJobsSecretStorageKeyVaultUri|`https://<VAULT_NAME>.vault.azure.net`|
 
-To learn more, see [Use Key Vault references for Azure Functions](../app-service/app-service-key-vault-references.md?toc=/azure/azure-functions/toc.json).
+[!INCLUDE [functions-key-vault-secrets-storage-warning](../../includes/functions-key-vault-secrets-storage-warning.md)]
+
+To learn more, see [Manage Key Storage](../azure-functions/function-keys-how-to.md#manage-key-storage).
 
 ## AzureWebJobsSecretStorageSas
 
diff --git a/includes/functions-key-vault-secrets-storage-warning.md b/includes/functions-key-vault-secrets-storage-warning.md
@@ -0,0 +1,10 @@
+---
+author: nzthiago
+ms.service: azure-functions
+ms.topic: include
+ms.date: 06/06/2025
+ms.author: thalme
+---
+
+> [!IMPORTANT]
+> When using Azure Key Vault for key storage via the `AzureWebJobsSecretStorageKeyVaultUri` setting, secrets are not automatically scoped to individual function apps. If multiple function apps are configured to use the same Key Vault, they will share the same secret store, potentially leading to key collisions or overwrites. To avoid unintended behavior, it is strongly recommended to use a separate Key Vault instance for each function app.
