Update operator-best-practices-cluster-security.md

miwithro · web-flow · commit 36634f42ced4 · 2022-02-14T08:12:17.000-05:00
diff --git a/articles/aks/operator-best-practices-cluster-security.md b/articles/aks/operator-best-practices-cluster-security.md
@@ -69,7 +69,7 @@ spec:
 ```
 
 > [!NOTE]
-> Alternatively you can use [Pod Identity](https://docs.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity) thought this is in Public Preview.  It has a pod (NMI) that runs as a DaemonSet on each node in the AKS cluster. NMI intercepts security token requests to the Azure Instance Metadata Service on each node, redirect them to itself and validates if the pod has access to the identity it's requesting a token for and fetch the token from the Azure AD tenant on behalf of the application.
+> Alternatively you can use [Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) thought this is in Public Preview.  It has a pod (NMI) that runs as a DaemonSet on each node in the AKS cluster. NMI intercepts security token requests to the Azure Instance Metadata Service on each node, redirect them to itself and validates if the pod has access to the identity it's requesting a token for and fetch the token from the Azure AD tenant on behalf of the application.
 >
 
 ## Secure container access to resources

Original file line number	Diff line number	Diff line change
`@@ -69,7 +69,7 @@ spec:`
`69`	`69`	```
`70`	`70`
`71`	`71`	`> [!NOTE]`
`72`		`-> Alternatively you can use [Pod Identity](https://docs.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity) thought this is in Public Preview. It has a pod (NMI) that runs as a DaemonSet on each node in the AKS cluster. NMI intercepts security token requests to the Azure Instance Metadata Service on each node, redirect them to itself and validates if the pod has access to the identity it's requesting a token for and fetch the token from the Azure AD tenant on behalf of the application.`
	`72`	`+> Alternatively you can use [Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) thought this is in Public Preview. It has a pod (NMI) that runs as a DaemonSet on each node in the AKS cluster. NMI intercepts security token requests to the Azure Instance Metadata Service on each node, redirect them to itself and validates if the pod has access to the identity it's requesting a token for and fetch the token from the Azure AD tenant on behalf of the application.`
`73`	`73`	`>`
`74`	`74`
`75`	`75`	`## Secure container access to resources`