MicrosoftDocs
diff --git a/‎articles/managed-instance-apache-cassandra/customer-managed-keys.md
Lines changed: 45 additions & 47 deletions b/‎articles/managed-instance-apache-cassandra/customer-managed-keys.md
Lines changed: 45 additions & 47 deletions
diff --git a/‎articles/managed-instance-apache-cassandra/jaeger.md
Lines changed: 9 additions & 9 deletions b/‎articles/managed-instance-apache-cassandra/jaeger.md
Lines changed: 9 additions & 9 deletions
@@ -1,6 +1,6 @@
 ---
-title: Azure Managed Instance for Apache Cassandra Customer-managed keys
-description: Customer-managed keys
+title: Azure Managed Instance for Apache Cassandra customer-managed keys
+description: Learn how to implement customer-managed keys in Azure Managed Instance for Apache Cassandra by using Azure Key Vault.
 author: TheovanKraay
 ms.author: thvankra
 ms.service: managed-instance-apache-cassandra
@@ -10,32 +10,32 @@ ms.custom: references_regions, devx-track-azurecli
 
 ---
 
-# Customer-managed keys - overview
+# Customer-managed keys in Azure Managed Instance for Apache Cassandra
 
-Azure Managed Instance for Apache Cassandra provides the capability to encrypt data on disk using your own key. This article describes how to implement customer-managed keys with Azure Key Vault.
+In Azure Managed Instance for Apache Cassandra, you can encrypt data on disk by using your own key. This article describes how to implement customer-managed keys by using Azure Key Vault.
 
 ## Prerequisites
 
-- Set up a secret using Azure Key Vault. Learn more about Azure Key Vault [here](../key-vault/secrets/about-secrets.md).
-- Deployed a virtual network in your resource group, and applied the network contributor role with the Azure Cosmos DB service principal as a member. See [Create an Azure Managed Instance for Apache Cassandra cluster using Azure CLI](create-cluster-cli.md) for more detail. 
+- Set up a secret by using Azure Key Vault. For more information, see [About Azure Key Vault secrets](../key-vault/secrets/about-secrets.md).
+- Deploy a virtual network in your resource group.
+- Apply the network contributor role with the Azure Cosmos DB service principal as a member. Use the following command:
 
-> [!IMPORTANT]
-> This article requires the Azure CLI version 2.30.0 or higher. If you are using Azure Cloud Shell, the latest version is already installed.
+  ```azurecli-interactive  
+      az role assignment create \
+      --assignee a232010e-820c-4083-83bb-3ace5fc29d0b \
+      --role 4d97b98b-1d4f-4787-a291-c67834d212e7 \
+      --scope /subscriptions/<subscriptionID>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>
+  ```
 
-## <a id="create-cluster"></a>Create a cluster with system assigned identity
+  Applying the appropriate role to your virtual network helps you avoid failure when you deploy an Azure Managed Instance for Apache Cassandra cluster. For more information, see [Create an Azure Managed Instance for Apache Cassandra cluster by using the Azure CLI](create-cluster-cli.md).
 
-   > [!NOTE]
-   > As mentioned in pre-requisites, to avoid deployment failure, make sure you have applied the appropriate role to your virtual network before attempting to deploy a managed instance cluster:
-   > ```azurecli-interactive  
-   >     az role assignment create \
-   >     --assignee a232010e-820c-4083-83bb-3ace5fc29d0b \
-   >     --role 4d97b98b-1d4f-4787-a291-c67834d212e7 \
-   >     --scope /subscriptions/<subscriptionID>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>
-   > ```
+This article requires Azure CLI version 2.30.0 or later. If you're using Azure Cloud Shell, the latest version is already installed.
 
-1. Create a cluster by specifying identity type as SystemAssigned, replacing `<subscriptionID>`, `<resourceGroupName>`, `<vnetName>`, and `<subnetName>` with the appropriate values:
+## <a id="create-cluster"></a>Create a cluster with a system-assigned identity
 
-    ```azurecli-interactive    
+1. Create a cluster by using the following command. Replace `<subscriptionID>`, `<resourceGroupName>`, `<vnetName>`, and `<subnetName>` with the appropriate values.
+
+    ```azurecli-interactive
     subnet="/subscriptions/<subscriptionID>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>/subnets/<subnetName>"
     cluster="thvankra-cmk-test-wcus"
     group="thvankra-nova-cmk-test"
@@ -51,13 +51,13 @@ Azure Managed Instance for Apache Cassandra provides the capability to encrypt d
         --initial-cassandra-admin-password $password
     ```
 
-1. Get the identity information of the created cluster
+1. Get the identity information of the created cluster:
 
     ```azurecli-interactive
     az managed-cassandra cluster show -c $cluster -g $group
     ```
 
-    The output will include an identity section like the below. Copy `principalId` for later use:
+    The output includes an identity section like the following example. Copy the `principalId` value for later use.
 
     ```shell
       "identity": {
@@ -66,37 +66,35 @@ Azure Managed Instance for Apache Cassandra provides the capability to encrypt d
         "type": "SystemAssigned"
       }
     ```
- 
-1. In Azure Key Vault, create an access policy to your keys:
 
-   :::image type="content" source="./media/cmk/key-vault-access-policy-1.png" alt-text="Key Vault Access policy 1" lightbox="./media/cmk/key-vault-access-policy-1.png" border="true":::
+1. In the Azure portal, go to your key vault and select **Access policies**. Then select **Add Access Policy** to create an access policy for your keys:
+
+   :::image type="content" source="./media/cmk/key-vault-access-policy-1.png" alt-text="Screenshot that shows the pane for access policies in the Azure portal." lightbox="./media/cmk/key-vault-access-policy-1.png" border="true":::
 
-1. Assign `get`, `wrap` and `unwrap` key permissions on the key vault to the cluster's `principalId` retrieved above. In the portal, you can also look up the Principal ID of the cluster by the cluster's name:
- 
+1. For **Key permissions**, select **get**, **wrap**, and **unwrap**. Choose the **Select principal** box to open the **Principal** pane. Enter the cluster's `principalId` value that you retrieved earlier, and then choose the **Select** button. (In the portal, you can also look up the principal ID of the cluster by the cluster's name.)
 
-   :::image type="content" source="./media/cmk/key-vault-access-policy-2.png" alt-text="Key Vault Access policy 2" lightbox="./media/cmk/key-vault-access-policy-2.png" border="true":::
+   :::image type="content" source="./media/cmk/key-vault-access-policy-2.png" alt-text="Screenshot that shows an example of adding a principal for an access policy." lightbox="./media/cmk/key-vault-access-policy-2.png" border="true":::
 
    > [!WARNING]
-   > Make sure the key vault has Purge Protection enabled. Datacenter deployments will fail without it. 
+   > Make sure that the key vault has purge protection turned on. Datacenter deployments will fail without it.
 
-1. After you click on `add` to add the access policy, make sure you save it:
+1. Select **Add** to add the access policy, and then select **Save**.
 
-   :::image type="content" source="./media/cmk/save.png" alt-text="Save Access policy" lightbox="./media/cmk/key-vault-access-policy-2.png" border="true":::
+   :::image type="content" source="./media/cmk/save.png" alt-text="Screenshot that shows the button for saving an access policy." lightbox="./media/cmk/key-vault-access-policy-2.png" border="true":::
 
-1. To get the key identifier, select your key:
+1. To get the key identifier, select your key.
 
    :::image type="content" source="./media/cmk/select-key.png" alt-text="Select key" lightbox="./media/cmk/key-identifier-1.png" border="true":::
 
-1. Click on current version:
+1. Select the current version:
 
    :::image type="content" source="./media/cmk/current-version.png" alt-text="Select current version" lightbox="./media/cmk/key-identifier-1.png" border="true":::
 
-1. Save the key identifier for later use:
+1. Save the key identifier for later use.
 
    :::image type="content" source="./media/cmk/key-identifier-2.png" alt-text="Key identifier step 2" lightbox="./media/cmk/key-identifier-1.png" border="true":::
 
-
-1. Create the datacenter by replacing `<key identifier>` with the same key (the uri you copied in previous step) for both managed disk (managed-disk-customer-key-uri) and backup storage (backup-storage-customer-key-uri) encryption as shown below (use the same value for `subnet` you used earlier): 
+1. Create the datacenter by replacing `<key identifier>` with the same key (the uri you copied in previous step) for both managed disk (managed-disk-customer-key-uri) and backup storage (backup-storage-customer-key-uri) encryption as shown below (use the same value for `subnet` you used earlier):
 
     ```azurecli-interactive
     managedDiskKeyUri = "<key identifier>"
@@ -126,18 +124,18 @@ Azure Managed Instance for Apache Cassandra provides the capability to encrypt d
     az managed-cassandra cluster update --identity-type SystemAssigned -g $group -c $cluster
     ```
 
-## <a id="update-cluster"></a>Rotating the key
+## <a id="update-cluster"></a>Rotate the key
 
-1. Below is the command to update the key:
+To update the key, use this command:
 
-    ```azurecli-interactive
-    managedDiskKeyUri = "<key identifier>"
-    backupStorageKeyUri = "<key identifier>"
+```azurecli-interactive
+managedDiskKeyUri = "<key identifier>"
+backupStorageKeyUri = "<key identifier>"
     
-    az managed-cassandra datacenter update \
-        --resource-group $group \
-        --cluster-name $cluster \ 
-        --data-center-name $dc \
-        --managed-disk-customer-key-uri $managedDiskKeyUri \
-        --backup-storage-customer-key-uri $backupStorageKeyUri
-    ```
+az managed-cassandra datacenter update \
+    --resource-group $group \
+    --cluster-name $cluster \ 
+    --data-center-name $dc \
+    --managed-disk-customer-key-uri $managedDiskKeyUri \
+    --backup-storage-customer-key-uri $backupStorageKeyUri
+```
@@ -13,7 +13,7 @@ ms.date: 12/08/2023
 
 Jaeger is a distributed tracing platform for monitoring microservices. It enables the fast identification of performance challenges and optimization through features like tracing instrumentation and logging integration.
 
-The article details the use of the sample application HotROD and Jaeger alongside Azure Managed Instance for Apache Cassandra for efficient storage monitoring.
+This article details the use of the sample application HotROD and Jaeger alongside Azure Managed Instance for Apache Cassandra for efficient storage monitoring.
 
 ## Prerequisites and setup
 
@@ -42,7 +42,7 @@ The article details the use of the sample application HotROD and Jaeger alongsid
         ...
     ```
 
-1. To connect your Azure Managed Instance Cassandra cluster, add the Cassandra sign-in credentials to the `cassandra-schema` section:
+1. To connect your Azure Managed Instance for Apache Cassandra cluster, add the Cassandra sign-in credentials to the `cassandra-schema` section:
 
     ```yml
       environment:
@@ -59,19 +59,19 @@ The article details the use of the sample application HotROD and Jaeger alongsid
     :::image type="content" source="./media/jaeger/jaeger-running.png" alt-text="Screenshot of a running Jaeger application." lightbox="./media/jaeger/jaeger-running.png" border="true":::
 
     > [!TIP]
-    > Five containers are created, and you should be able to access the test application at `http://localhost:8080/` to generate traces that can be viewed at `http://localhost:16686/search`.
+    > The command creates five containers. You can access the test application at `http://localhost:8080/` to generate traces that you can view at `http://localhost:16686/search`.
 
-1. Once the containers are running, access the Jaeger UI to view traces from the application.
+1. After the containers are running, use the Jaeger UI to view traces from the application.
 
-    :::image type="content" source="./media/jaeger/jaeger-page-1.png" alt-text="Screenshot of jaeger web interface." lightbox="./media/jaeger/jaeger-page-1.png" border="true":::
+    :::image type="content" source="./media/jaeger/jaeger-page-1.png" alt-text="Screenshot of the Jaeger web interface." lightbox="./media/jaeger/jaeger-page-1.png" border="true":::
 
-1. Verify by inspecting your Azure Managed Instance cluster.
+1. Verify by inspecting your Azure Managed Instance for Apache Cassandra cluster.
 
-    :::image type="content" source="./media/jaeger/jaeger-table-1.png" alt-text="Screenshot of jaeger tables in managed instance cluster." lightbox="./media/jaeger/jaeger-table-1.png" border="true":::
+    :::image type="content" source="./media/jaeger/jaeger-table-1.png" alt-text="Screenshot of Jaeger tables in a managed instance cluster." lightbox="./media/jaeger/jaeger-table-1.png" border="true":::
 
-1. Refer to the traces table to view the data related to step 7.
+1. Refer to the `traces` table to view the data related to step 7.
 
-    :::image type="content" source="./media/jaeger/jaeger-table-2.png" alt-text="Screenshot of jaeger trace table." lightbox="./media/jaeger/jaeger-table-2.png" border="true":::
+    :::image type="content" source="./media/jaeger/jaeger-table-2.png" alt-text="Screenshot of the Jaeger traces table." lightbox="./media/jaeger/jaeger-table-2.png" border="true":::
 
 ## Support