Merge pull request #178686 from jlichwa/patch-188

Update overview-storage-keys.md

Author: PRMerger-2

articles/key-vault/secrets/overview-storage-keys-powershell.md

@@ -27,6 +27,9 @@ When you use the managed storage account key feature, consider the following poi
 - Only a single Key Vault object should manage storage account keys. Don't allow key management from multiple objects.
 - Regenerate keys by using Key Vault only. Don't manually regenerate your storage account keys.
 
+> [!IMPORTANT]
+> Regenerating key directly in storage account breaks managed storage account setup and can invalidate SAS tokens in use and cause an outage.
+
 [!INCLUDE [updated-for-az](../../../includes/updated-for-az.md)]
 
 ## Service principal application ID
@@ -266,4 +269,4 @@ The output of this command will show your SAS definition string.
 ## Next steps
 
 - [Managed storage account key samples](https://github.com/Azure-Samples?utf8=%E2%9C%93&q=key+vault+storage&type=&language=)
-- [Key Vault PowerShell reference](/powershell/module/az.keyvault/#key_vault)
+- [Key Vault PowerShell reference](/powershell/module/az.keyvault/#key_vault)

articles/key-vault/secrets/overview-storage-keys.md

@@ -28,6 +28,9 @@ When you use the managed storage account key feature, consider the following poi
 - Only a single Key Vault object should manage storage account keys. Don't allow key management from multiple objects.
 - Regenerate keys by using Key Vault only. Don't manually regenerate your storage account keys.
 
+> [!IMPORTANT]
+> Regenerating key directly in storage account breaks managed storage account setup and can invalidate SAS tokens in use and cause an outage.
+
 ## Service principal application ID
 
 An Azure AD tenant provides each registered application with a [service principal](../../active-directory/develop/developer-glossary.md#service-principal-object). The service principal serves as the Application ID, which is used during authorization setup for access to other Azure resources via Azure RBAC.