Skip to content

Commit 1e54861

Browse files
author
Andrew
committed
Clean up KV FW instructions
1 parent 191a0a4 commit 1e54861

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

articles/operator-nexus/howto-cluster-managed-identity-user-provided-resources.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ The following steps should be followed for using UAMIs with Nexus Clusters and a
8585
1. Select **Member**: AFOI-NC-MGMT-PME-PROD application.
8686
1. Review and assign.
8787
1. To limit access to the Key Vault to a select set of IP or virtual networks, see [Configure Azure Key Vault firewalls and virtual networks](/azure/key-vault/general/network-security?WT.mc_id=Portal-Microsoft_Azure_KeyVault).
88-
1. The IPs for all users executing run-\* commands need to be added to the Storage Account's `Virtual Networks` and/or `Firewall` lists.
88+
1. The IPs for all users requiring access to the Key Vault need to be added to the Key Vault's `Virtual Networks` and/or `Firewall` lists.
8989
1. Ensure the `Allow trusted Microsoft services to bypass this firewall.` under `Exceptions` is selected.
9090

9191
### Create or update the Nexus Cluster to use User Assigned Managed Identities and user provided resources
@@ -311,7 +311,7 @@ System-assigned identity example:
311311
1. Assign the `Operator Nexus Key Vault Writer Service Role (Preview)` role to the SAMI for the Key Vault. See [Assign role](/azure/key-vault/general/rbac-guide?tabs=azure-cli#assign-role).
312312
1. The role definition ID for the Operator Nexus Key Vault Writer Service Role is `44f0a1a8-6fea-4b35-980a-8ff50c487c97`. This format is required if using the Azure command line to do the role assignment.
313313
1. To limit access to the Key Vault to a select set of IP or virtual networks, see [Configure Azure Key Vault firewalls and virtual networks](/azure/key-vault/general/network-security?WT.mc_id=Portal-Microsoft_Azure_KeyVault).
314-
1. The IPs for all users executing run-\* commands need to be added to the Storage Account's `Virtual Networks` and/or `Firewall` lists.
314+
1. The IPs for all users requiring access to the Key Vault need to be added to the Key Vault's `Virtual Networks` and/or `Firewall` lists.
315315
1. Ensure the `Allow trusted Microsoft services to bypass this firewall.` under `Exceptions` is selected.
316316

317317
### Update the Cluster with the user provided resources information

0 commit comments

Comments
 (0)