preexisting acrolinx

v-dirichards · web-flow · commit 784f896a7506 · 2024-03-21T10:04:39.000-05:00
diff --git a/articles/defender-for-cloud/faq-permissions.yml b/articles/defender-for-cloud/faq-permissions.yml
@@ -104,7 +104,7 @@ sections:
             | Resources | arn:aws:kms::${AWS::AccountId}:key/ |
             | Effect | Allow |
             
-          - GCP permissions: during onboarding - a new custom role is created with minimal permissions required to get instances status and create snapshots. on top of that permissions to an existing GCP KMS role are granted to support scanning disks that are encrypted with CMEK. The roles are:
+          - GCP permissions: during onboarding - a new custom role is created with minimal permissions required to get instances status and create snapshots. On top of that permissions to an existing GCP KMS role are granted to support scanning disks that are encrypted with CMEK. The roles are:
             - roles/MDCAgentlessScanningRole granted to Defender for Cloud’s service account with permissions: compute.disks.createSnapshot, compute.instances.get
             - roles/cloudkms.cryptoKeyEncrypterDecrypter granted to Defender for Cloud’s compute engine service agent
 
