Merge pull request #212126 from jlichwa/patch-27

prmerger-automator[bot] · web-flow · commit 653328c2a9b4 · 2022-09-22T00:40:00.000Z
Update rbac-guide.md
diff --git a/articles/key-vault/general/rbac-guide.md b/articles/key-vault/general/rbac-guide.md
@@ -36,7 +36,6 @@ Individual keys, secrets, and certificates permissions should be used
 only for specific scenarios:
 
 -   Sharing individual secrets between multiple applications, e.g., one application needs to access data from the other application
--   Cross-tenant encryption with customer key, e.g., ISV using a key from a customer key vault to encrypt its data
 
 More about Azure Key Vault management guidelines, see:
 
@@ -199,6 +198,9 @@ For full details, see [Assign Azure roles using Azure PowerShell](../../role-bas
 
 ### Secret scope role assignment
 
+> [!NOTE]
+> Key vault secret, certificate, key scope role assignments should only be used for limited scenarios described [here](rbac-guide.md?i#best-practices-for-individual-keys-secrets-and-certificates-role-assignments) to comply with security best practices.
+
 1. Open a previously created secret.
 
 1. Click the Access control(IAM) tab
