Merge pull request #223799 from msmbaldwin/freshness

Freshness updates

Author: Stacyrch140

articles/key-vault/general/common-error-codes.md

@@ -8,7 +8,7 @@ tags: azure-resource-manager
 ms.service: key-vault
 ms.subservice: general
 ms.topic: reference
-ms.date: 09/29/2020
+ms.date: 01/12/2023
 ms.author: mbaldwin
 
 #Customer intent: As an Azure Key Vault administrator, I want to react to soft-delete being turned on for all key vaults.
@@ -25,7 +25,7 @@ The error codes listed in the following table may be returned by an operation on
 | VaultNameNotValid |  The vault name should be string of 3 to 24 characters and can contain only numbers (0-9), letters (a-z, A-Z), and hyphens (-) |
 | AccessDenied |  You may be missing permissions in access policy to do that operation. |
 | ForbiddenByFirewall |  Client address isn't authorized and caller isn't a trusted service. |
-| ConflictError |  You're requesting multiple operations on the same item, e.g., Key Vault, secret, key, certificate, or common components within a Key Vault like VNET. It's recommended to sequence operations or to implement retry logic. |
+| ConflictError |  You're requesting multiple operations on the same item, for example, Key Vault, secret, key, certificate, or common components within a Key Vault like VNET. It's recommended to sequence operations or to implement retry logic. |
 | RegionNotSupported |  Specified Azure region isn't supported for this resource. |
 | SkuNotSupported |  Specified SKU type isn't supported for this resource. |
 | ResourceNotFound |  Specified Azure resource isn't found. |

articles/key-vault/general/common-parameters-and-headers.md

@@ -1,29 +1,29 @@
 ---
 title: Common parameters and headers 
-description: The parameters and headers common to all operations that you might do related to Key Vault resources.
+description: The parameters and headers common to all operations that you might perform on Key Vault resources.
 services: key-vault
 author: msmbaldwin
 tags: azure-resource-manager
 
 ms.service: key-vault
 ms.subservice: general
 ms.topic: conceptual
-ms.date: 01/07/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin
 
 ---
 
 # Common parameters and headers
 
-The following information is common to all operations that you might do related to Key Vault resources:
+The following information is common to all operations that you might perform on Key Vault resources:
 
-- The HTTP `Host` header must always be present and must specify the vault hostname. Example: `Host: contoso.vault.azure.net`. Note that most client technologies populate the `Host` header from the URI. For instance, `GET https://contoso.vault.azure.net/secrets/mysecret{...}` will set the `Host` as `contoso.vault.azure.net`. This means that if you access Key Vault using raw IP address like `GET https://10.0.0.23/secrets/mysecret{...}`, the automatic value of `Host` header will be wrong and you will have to manually insure that the `Host` header contains the vault hostname.
+- The HTTP `Host` header must always be present and must specify the vault hostname. Example: `Host: contoso.vault.azure.net`. Note that most client technologies populate the `Host` header from the URI. For instance, `GET https://contoso.vault.azure.net/secrets/mysecret{...}` will set the `Host` as `contoso.vault.azure.net`. If you access Key Vault using raw IP address like `GET https://10.0.0.23/secrets/mysecret{...}`, the automatic value of `Host` header will be wrong, and you'll have to manually ensure that the `Host` header contains the vault hostname.
 - Replace `{api-version}` with the api-version in the URI.
 - Replace `{subscription-id}` with your subscription identifier in the URI
 - Replace `{resource-group-name}` with the resource group. For more information, see Using Resource groups to manage your Azure resources.
 - Replace `{vault-name}` with your key vault name in the URI.
 - Set the Content-Type header to application/json.
-- Set the Authorization header to a JSON Web Token that you obtain from Azure Active Directory (AAD). For more information, see [Authenticating Azure Resource Manager](authentication-requests-and-responses.md) requests.
+- Set the Authorization header to a JSON Web Token that you obtain from Azure Active Directory (Azure AD). For more information, see [Authenticating Azure Resource Manager](authentication-requests-and-responses.md) requests.
 
 ## Common error response
 The service will use HTTP status codes to indicate success or failure. In addition, failures contain a response in the following format:

articles/key-vault/general/customer-data.md

@@ -7,7 +7,7 @@ tags: azure-resource-manager
 
 ms.service: key-vault
 ms.topic: reference
-ms.date: 01/07/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin
 
 ---
@@ -35,7 +35,7 @@ The following information identifies customer data within Azure Key Vault:
 
 The same REST APIs, Portal experience, and SDKs used to create vaults, keys, secrets, certificates, and managed storage accounts, are also able to update and delete these objects.
 
-Soft-delete allows you to recover deleted data for 90 days after deletion. When using soft-delete, the data may be permanently deleted prior to the 90 days retention period expires by performing a purge operation. If the vault or subscription has been configured to block purge operations, it is not possible to permanently delete data until the scheduled retention period has passed.
+Soft-delete allows you to recover deleted data for 90 days after deletion. When using soft-delete, the data may be permanently deleted prior to the 90 days retention period expires by performing a purge operation. If the vault or subscription has been configured to block purge operations, it isn't possible to permanently delete data until the scheduled retention period has passed.
 
 ## Exporting customer data
 

articles/key-vault/general/event-grid-logicapps.md

@@ -8,13 +8,13 @@ tags: azure-resource-manager
 ms.service: key-vault
 ms.subservice: general
 ms.topic: how-to
-ms.date: 11/11/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin
 
 ---
 # Use Logic Apps to receive email about status changes of key vault secrets
 
-In this guide you will learn how to respond to Azure Key Vault events that are received via [Azure Event Grid](../../event-grid/index.yml) by using [Azure Logic Apps](../../logic-apps/index.yml). By the end, you will have an Azure logic app set up to send a notification email every time a secret is created in Azure Key Vault.
+In this guide, you will learn how to respond to Azure Key Vault events that are received via [Azure Event Grid](../../event-grid/index.yml) by using [Azure Logic Apps](../../logic-apps/index.yml). By the end, you will have an Azure logic app set up to send a notification email every time a secret is created in Azure Key Vault.
 
 For an overview of Azure Key Vault / Azure Event Grid integration, see [Monitoring Key Vault with Azure Event Grid](event-grid-overview.md).
 
@@ -27,16 +27,16 @@ For an overview of Azure Key Vault / Azure Event Grid integration, see [Monitori
 
 ## Create a Logic App via Event Grid
 
-First, create Logic App with event grid handler and subscribe to Azure Key Vault "SecretNewVersionCreated" events.
+First, create Logic App with Event Grid handler and subscribe to Azure Key Vault "SecretNewVersionCreated" events.
 
 To create an Azure Event Grid subscription, follow these steps:
 
-1. In the Azure portal, go to your key vault, select **Events > Get Started** and click **Logic Apps**
+1. In the Azure portal, go to your key vault, select **Events > Get Started** and select **Logic Apps**
 
 
     ![Key Vault - events page](../media/eventgrid-logicapps-kvsubs.png)
 
-1. On **Logic Apps Designer** validate the connection and click **Continue** 
+1. On **Logic Apps Designer** validate the connection and select **Continue** 
 
     ![Logic App Designer - connection](../media/eventgrid-logicappdesigner1.png)
 
@@ -61,8 +61,8 @@ To create an Azure Event Grid subscription, follow these steps:
 
     ![Logic App Designer - email body](../media/eventgrid-logicappdesigner4.png)
 
-8. Click **Save as**.
-9. Enter a **name** for new logic app and click **Create**.
+8. Select **Save as**.
+9. Enter a **name** for new logic app and select **Create**.
 
     ![Logic App Designer - create](../media/eventgrid-logicappdesigner5.png)
 

articles/key-vault/general/event-grid-overview.md

@@ -1,13 +1,13 @@
 ---
-title: 'Monitoring Key Vault with Azure Event Grid'
-description: 'Use Azure Event Grid to subscribe to Key Vault events'
+title: Monitoring Key Vault with Azure Event Grid
+description: Use Azure Event Grid to subscribe to Key Vault events
 services: key-vault
 author: msmbaldwin
 
 ms.service: key-vault
 ms.subservice: general
 ms.topic: conceptual
-ms.date: 11/12/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin
 ---
 
@@ -19,7 +19,7 @@ Applications can react to these events using modern serverless architectures, wi
 
 ## Key Vault events and schemas
 
-Event grid uses [event subscriptions](../../event-grid/concepts.md#event-subscriptions) to route event messages to subscribers. Key Vault events contain all the information you need to respond to changes in your data. You can identify a Key Vault event because the eventType property starts with "Microsoft.KeyVault".
+Event Grid uses [event subscriptions](../../event-grid/concepts.md#event-subscriptions) to route event messages to subscribers. Key Vault events contain all the information you need to respond to changes in your data. You can identify a Key Vault event because the eventType property starts with "Microsoft.KeyVault".
 
 For more information, see the [Key Vault event schema](../../event-grid/event-schema-key-vault.md).
 
@@ -30,8 +30,8 @@ For more information, see the [Key Vault event schema](../../event-grid/event-sc
 
 Applications that handle Key Vault events should follow a few recommended practices:
 
-* Multiple subscriptions can be configured to route events to the same event handler. It is important not to assume events are from a particular source, but to check the topic of the message to ensure that it comes from the key vault you are expecting.
-* Similarly, check that the eventType is one you are prepared to process, and do not assume that all events you receive will be the types you expect.
+* Multiple subscriptions can be configured to route events to the same event handler. It's important not to assume events are from a particular source, but to check the topic of the message to ensure that it comes from the key vault you're expecting.
+* Similarly, check that the eventType is one you're prepared to process, and do not assume that all events you receive will be the types you expect.
 * Ignore fields you don't understand.  This practice will help keep you resilient to new features that might be added in the future.
 * Use the "subject" prefix and suffix matches to limit events to a particular event.
 

articles/key-vault/general/event-grid-tutorial.md

@@ -8,7 +8,7 @@ tags: azure-resource-manager
 ms.service: key-vault
 ms.subservice: general
 ms.topic: how-to
-ms.date: 10/25/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin
 
 ---
@@ -52,7 +52,7 @@ After your Automation account is ready, create a runbook.
 
 ![Create a runbook UI](../media/event-grid-tutorial-3.png)
 
-1.  Select the Automation account you just created.
+1.  Select the Automation account you created.
 
 1.  Select **Runbooks** under **Process Automation**.
 
@@ -94,7 +94,7 @@ write-Error "No input data found."
 
 Create a webhook to trigger your newly created runbook.
 
-1.  Select **Webhooks** from the **Resources** section of the runbook you just published.
+1.  Select **Webhooks** from the **Resources** section of the runbook you published.
 
 1.  Select **Add Webhook**.
 
@@ -107,7 +107,7 @@ Create a webhook to trigger your newly created runbook.
     > [!IMPORTANT] 
     > You can't view the URL after you create it. Make sure you save a copy in a secure location where you can access it for the remainder of this guide.
 
-1. Select **Parameters and run settings** and then select **OK**. Don't enter any parameters. This will enable the **Create** button.
+1. Select **Parameters and run settings** and then select **OK**. Don't enter any parameters. The **Create** button will be enabled.
 
 1. Select **OK** and then select **Create**.
 

articles/key-vault/general/manage-with-cli2.md

@@ -7,7 +7,7 @@ author: msmbaldwin
 ms.service: key-vault
 ms.subservice: general
 ms.topic: tutorial
-ms.date: 08/12/2019
+ms.date: 01/11/2023
 ms.author: mbaldwin 
 ms.custom: devx-track-azurecli
 
@@ -143,15 +143,15 @@ If you have an existing key in a .pem file, you can upload it to Azure Key Vault
 az keyvault key import --vault-name "ContosoKeyVault" --name "ContosoFirstKey" --pem-file "./softkey.pem" --pem-password "hVFkk965BuUv" --protection software
 ```
 
-You can now reference the key that you created or uploaded to Azure Key Vault, by using its URI. Use `https://ContosoKeyVault.vault.azure.net/keys/ContosoFirstKey` to always get the current version. Use https://[keyvault-name].vault.azure.net/keys/[keyname]/[key-unique-id] to get this specific version. For example, `https://ContosoKeyVault.vault.azure.net/keys/ContosoFirstKey/cgacf4f763ar42ffb0a1gca546aygd87`. 
+You can now reference the key that you created or uploaded to Azure Key Vault, by using its URI. Use `https://ContosoKeyVault.vault.azure.net/keys/ContosoFirstKey` to always get the current version. Use `https://<keyvault-name>.vault.azure.net/keys/<keyname>/<key-unique-id>` to get this specific version. For example, `https://ContosoKeyVault.vault.azure.net/keys/ContosoFirstKey/cgacf4f763ar42ffb0a1gca546aygd87`.
 
-Add a secret to the vault, which is a password named SQLPassword, and that has the value of "hVFkk965BuUv" to Azure Key Vaults. 
+Add a secret to the vault, which is a password named SQLPassword, and that has the value of "hVFkk965BuUv" to Azure Key Vaults.
 
 ```azurecli
 az keyvault secret set --vault-name "ContosoKeyVault" --name "SQLPassword" --value "hVFkk965BuUv "
 ```
 
-Reference this password by using its URI. Use **https://ContosoVault.vault.azure.net/secrets/SQLPassword** to always get the current version, and https://[keyvault-name].vault.azure.net/secret/[secret-name]/[secret-unique-id] to get this specific version. For example, **https://ContosoVault.vault.azure.net/secrets/SQLPassword/90018dbb96a84117a0d2847ef8e7189d**.
+Reference this password by using its URI. Use **https://ContosoVault.vault.azure.net/secrets/SQLPassword** to always get the current version, and `https://<keyvault-name>.vault.azure.net/secret/<secret-name>/<secret-unique-id>` to get this specific version. For example, `https://ContosoVault.vault.azure.net/secrets/SQLPassword/90018dbb96a84117a0d2847ef8e7189d`.
 
 Import a certificate to the vault using a .pem or .pfx.
 
@@ -161,19 +161,19 @@ az keyvault certificate import --vault-name "ContosoKeyVault" --file "c:\cert\ce
 
 Let's view the key, secret, or certificate that you created:
 
-* To view your keys, type: 
+* To view your keys, type:
 
 ```azurecli
 az keyvault key list --vault-name "ContosoKeyVault"
 ```
 
-* To view your secrets, type: 
+* To view your secrets, type:
 
 ```azurecli
 az keyvault secret list --vault-name "ContosoKeyVault"
 ```
 
-* To view certificates, type: 
+* To view certificates, type:
 
 ```azurecli
 az keyvault certificate list --vault-name "ContosoKeyVault"
@@ -215,7 +215,7 @@ To authorize the same application to read secrets in your vault, type the follow
 az keyvault set-policy --name "ContosoKeyVault" --spn 8f8c4bbd-485b-45fd-98f7-ec6300b7b4ed --secret-permissions get
 ```
 
-## <a name="bkmk_KVperCLI"></a> Setting key vault advanced access policies
+## Setting key vault advanced access policies
 
 Use [az keyvault update](/cli/azure/keyvault#az-keyvault-update) to enable advanced policies for the key vault.