Merge pull request #288210 from cynthn/patch-415962

v-shils · web-flow · commit 41534f63924d · 2024-10-11T11:57:06.000-07:00
Conceptual - Akash - ACC metadata update
diff --git a/articles/confidential-computing/overview.md b/articles/confidential-computing/overview.md
@@ -5,7 +5,7 @@ services: virtual-machines
 author: ju-shim
 ms.service: azure-virtual-machines
 ms.subservice: azure-confidential-computing
-ms.topic: conceptual
+ms.topic: overview
 ms.date: 06/09/2023
 ms.author: jushiman #ananyagarg #sgallagher #michamcr
 ms.custom: inspire-july-2022
@@ -25,7 +25,7 @@ Microsoft is one of the founding members of the CCC and provides Trusted Executi
 
 :::image type="content" source="media/overview/three-states-and-confidential-computing-consortium-definition.png" alt-text="Diagram of three states of data protection, with confidential computing's data in use highlighted.":::
 
-Azure already encrypts data at rest and in transit. Confidential computing helps protect data in use, including cryptographic keys. Azure confidential computing helps customers prevent unauthorized access to data in use, including from the cloud operator, by processing data in a hardware-based and attested Trusted Execution Environment (TEE).  When Azure confidential computing is enabled and properly configured, Microsoft is not able to access unencrypted customer data.
+Azure already encrypts data at rest and in transit. Confidential computing helps protect data in use, including cryptographic keys. Azure confidential computing helps customers prevent unauthorized access to data in use, including from the cloud operator, by processing data in a hardware-based and attested Trusted Execution Environment (TEE).  When Azure confidential computing is enabled and properly configured, Microsoft isn't able to access unencrypted customer data.
 
 The threat model aims to reduce trust or remove the ability for a cloud provider operator or other actors in the tenant's domain accessing code and data while it's being executed. This is achieved in Azure using a hardware root of trust not controlled by the cloud provider, which is designed to ensure unauthorized access or modification of the environment.
 
