Fixing doc bugs

HeidiSteen · HeidiSteen · commit 3c2db2c83a4a · 2024-06-10T16:25:12.000-07:00
diff --git a/articles/search/search-howto-managed-identities-data-sources.md b/articles/search/search-howto-managed-identities-data-sources.md
@@ -16,9 +16,9 @@ ms.date: 06/10/2024
 
 # Configure a search service to connect using a managed identity in Azure AI Search
 
-You can use Microsoft Entra ID and role assignments for outbound connections from Azure AI Search to resources providing data, applied AI, or vectorization during during indexing or queries. Managed identities and role assignments eliminate the need for passing secrets and credentials in a connection string or code.
+You can use Microsoft Entra ID and role assignments for outbound connections from Azure AI Search to resources providing data, applied AI, or vectorization during indexing or queries. 
 
-To use roles on an outbound connection, first configure your search service to use either a [system-assigned or user-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md) as the security principle for your search service in a Microsoft Entra tenant. Once you have a managed identity, you can assign roles for authorized access. 
+To use roles on an outbound connection, first configure your search service to use either a [system-assigned or user-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md) as the security principle for your search service in a Microsoft Entra tenant. Once you have a managed identity, you can assign roles for authorized access. Managed identities and role assignments eliminate the need for passing secrets and credentials in a connection string or code.
 
 ## Prerequisites
 
diff --git a/articles/search/search-howto-managed-identities-storage.md b/articles/search/search-howto-managed-identities-storage.md
@@ -91,7 +91,7 @@ POST https://[service name].search.windows.net/datasources?api-version=2023-11-0
 
 You must have a [user-assigned managed identity already configured](search-howto-managed-identities-data-sources.md) and associated with your search service, and the identity must have a role-assignment on Azure Storage. 
 
-Connections made through user-assigned managed identities use the same credentials as a system-assigned managed identity, plus an extra identity property that contains the collection of user-assigned managed identities. Only one user-assigned managed identity should be provided when creating the data source. Set `userAssignedIdentity` to the user-assigned managed identity..
+Connections made through user-assigned managed identities use the same credentials as a system-assigned managed identity, plus an extra identity property that contains the collection of user-assigned managed identities. Only one user-assigned managed identity should be provided when creating the data source. Set `userAssignedIdentity` to the user-assigned managed identity.
 
 Provide a `ResourceId` that has no account key or password. The `ResourceId` must include the subscription ID of the storage account, the resource group of the storage account, and the storage account name.
 
diff --git a/articles/search/search-security-enable-roles.md b/articles/search/search-security-enable-roles.md
@@ -16,12 +16,12 @@ ms.date: 06/10/2024
 
 If you want to use Azure role-based access control for connections into Azure AI Search, this article explains how to enable it for your search service.
 
-Role-based access for data plane operations is optional, but recommended. The alternative is [key-based authentication](search-security-api-keys.md), which is the default. Before you can use role for data plane operations, you must enable role-based access on your search service.
+Role-based access for data plane operations is optional, but recommended. The alternative is [key-based authentication](search-security-api-keys.md), which is the default. 
 
-Roles for service administration (control plane) are mandatory and can't be disabled. 
+Roles for service administration (control plane) are built-in and can't be enabled or disabled. 
 
 > [!NOTE]
-> *Data plane* refers to operations against the search service endpoint, such as indexing or queries, or any other operation specified in the [Search REST API](/rest/api/searchservice/) or equivalent client libraries.
+> *Data plane* refers to operations against the search service endpoint, such as indexing or queries, or any other operation specified in the [Search REST API](/rest/api/searchservice/) or equivalent Azure SDK client libraries.
 
 ## Prerequisites
 
@@ -31,7 +31,7 @@ Roles for service administration (control plane) are mandatory and can't be disa
 
 ## Enable role-based access for data plane operations
 
-When you enable roles, the change is effective immediately, but wait a few seconds before assigning roles.
+When you enable roles for the data plane, the change is effective immediately, but wait a few seconds before assigning roles.
 
 The default failure mode is `http401WithBearerChallenge`. Alternatively, you can set the failure mode to `http403`. 
 
