Merge pull request #116340 from kummanish/patch-6

Updating the setup process for BYOK

Author: PRMerger9

articles/mysql/concepts-data-encryption-mysql.md

@@ -62,8 +62,6 @@ The following are requirements for configuring Key Vault:
 * You must enable the soft-delete feature on the key vault, to protect from data loss if an accidental key (or Key Vault) deletion happens. Soft-deleted resources are retained for 90 days, unless the user recovers or purges them in the meantime. The recover and purge actions have their own permissions associated in a Key Vault access policy. The soft-delete feature is off by default, but you can enable it through PowerShell or the Azure CLI (note that you can't enable it through the Azure portal).
 * Grant the Azure Database for MySQL access to the key vault with the get, wrapKey, and unwrapKey permissions by using its unique managed identity. In the Azure portal, the unique identity is automatically created when data encryption is enabled on the MySQL. See [Configure data encryption for MySQL](howto-data-encryption-portal.md) for detailed, step-by-step instructions when you're using the Azure portal.
 
-* When you're using a firewall with Key Vault, you must enable the option **Allow trusted Microsoft services to bypass the firewall**.
-
 The following are requirements for configuring the customer-managed key:
 
 * The customer-managed key to be used for encrypting the DEK can be only asymmetric, RSA 2028.