Merge pull request #205981 from JackStromberg/patch-76

PRMerger8 · web-flow · commit 84e3abec0645 · 2022-07-26T08:39:55.000-07:00
Article split + Acrolinx fixes
diff --git a/articles/application-gateway/application-gateway-key-vault-common-errors.md b/articles/application-gateway/application-gateway-key-vault-common-errors.md
@@ -5,21 +5,21 @@ description: This article identifies key vault-related problems, and helps you r
 author: jaesoni
 ms.service: application-gateway
 ms.topic: reference
-ms.date: 07/12/2021
+ms.date: 07/26/2022
 ms.author: jaysoni
 
 ---
 
 # Common key vault errors in Azure Application Gateway
 
-Application Gateway enables customers to securely store TLS certificates in Azure Key Vault. When using a key vault resource, it is important that the gateway always has access to the linked key vault. If your Application Gateway is unable to fetch the certificate, the associated HTTPS listeners will be placed in a disabled state. [Learn more](../application-gateway/disabled-listeners.md).
+Application Gateway enables customers to securely store TLS certificates in Azure Key Vault. When using a key vault resource, it's important that the gateway always has access to the linked key vault. If your Application Gateway is unable to fetch the certificate, the associated HTTPS listeners will be placed in a disabled state. [Learn more](../application-gateway/disabled-listeners.md).
 
 This article helps you understand the details of the error codes and the steps to resolve such key vault misconfigurations.
 
 > [!TIP]
 > Use a secret identifier that doesn't specify a version. This way, Azure Application Gateway will automatically rotate the certificate, if a newer version is available in Azure Key Vault. An example of a secret URI without a version is: `https://myvault.vault.azure.net/secrets/mysecret/`.
 
-## List of error codes and their details
+## Azure Advisor error codes
 
 The following sections describe the various errors you might encounter. You can verify if your gateway has any such problem by visiting [**Azure Advisor**](./key-vault-certs.md#investigating-and-resolving-key-vault-errors) for your account, and use this troubleshooting article to fix the problem. We recommend configuring Azure Advisor alerts to stay informed when a key vault problem is detected for your gateway.
 
@@ -48,11 +48,11 @@ For more information, see [Assign a Key Vault access policy by using the Azure p
   1. Go to the linked key vault in the Azure portal.
   1. Open the **Access policies** blade.
   1. For **Permission model**, select **Azure role-based access control**.
-  1. After this, navigate to **Access Control (IAM)** blade to configure permissions.
+  1. Navigate to **Access Control (IAM)** blade to configure permissions.
   1. **Add role assignment** for your managed identity by choosing the following<br>
     a. **Role**: Key Vault Secrets User<br>
     b. **Assign access to**: Managed identity<br>
-    c. **Members**: select the user-assigned managed identity which you've associated with your application gateway.<br>
+    c. **Members**: select the user-assigned managed identity that you've associated with your application gateway.<br>
   1. Select **Review + assign**.
 
 For more information, see [Azure role-based access control in Key Vault](../key-vault/general/rbac-guide.md).
@@ -83,7 +83,7 @@ For more information, see [Azure role-based access control in Key Vault](../key-
 1. Open the **Certificates** pane.
 1. Use the **Managed deleted certificates** tab to recover a deleted certificate.
 
-On the other hand, if a certificate object is permanently deleted, you will need to create a new certificate and update Application Gateway with the new certificate details. When you're configuring through the Azure CLI or Azure PowerShell, use a secret identifier URI without a version. This choice allows instances to retrieve a renewed version of the certificate, if it exists.
+On the other hand, if a certificate object is permanently deleted, you'll need to create a new certificate and update Application Gateway with the new certificate details. When you're configuring through the Azure CLI or Azure PowerShell, use a secret identifier URI without a version. This choice allows instances to retrieve a renewed version of the certificate, if it exists.
 
 :::image type="content" source="./media/application-gateway-key-vault-common-errors/secret-deleted.png" alt-text="Screenshot that shows how to recover a deleted certificate in Key Vault.":::
 
@@ -101,7 +101,7 @@ On the other hand, if a certificate object is permanently deleted, you will need
 
 **Description:** There's a restricted network setting for Key Vault. 
 
-**Resolution:** You will encounter this error when you enable the Key Vault firewall for restricted access. You can still configure Application Gateway in a restricted network of Key Vault, by following these steps:
+**Resolution:** You'll encounter this error when you enable the Key Vault firewall for restricted access. You can still configure Application Gateway in a restricted network of Key Vault, by following these steps:
 1. In Key Vault, open the **Networking** pane.
 1. Select the **Firewalls and virtual networks** tab, and select **Private endpoint and selected networks**.
 1. Then, using Virtual Networks, add your Application Gateway's virtual network and subnet. During the process, also configure 'Microsoft.KeyVault' service endpoint by selecting its checkbox.
@@ -128,12 +128,12 @@ Select **Managed deleted vaults**. From here, you can find the deleted Key Vault
 
 **Resolution:** Your Azure subscription can get disabled for various reasons. To take the necessary action to resolve, see [Reactivating a disabled Azure subscription](../cost-management-billing/manage/subscription-disabled.md).
 
-[comment]: # (Error Code 8)
-### Error code: ApplicationGatewayCertificateDataOrKeyVaultSecretIdMustBeSpecified/ApplicationGatewaySslCertificateDataMustBeSpecified  
+## Application Gateway Error Codes
+### Error code: ApplicationGatewayCertificateDataOrKeyVaultSecretIdMustBeSpecified / ApplicationGatewaySslCertificateDataMustBeSpecified  
 
-**Description:** You may encounter this error when trying to update a listener certificate. When this error occurs, the change to update the certificate will be discarded and the listener will continue to handle traffic with the previously defined configuration.
+**Description:** You may encounter this error when trying to update a listener certificate. When this error occurs, the change to update the certificate will be discarded, and the listener will continue to handle traffic with the previously defined configuration.
 
-**Resolution:** To resolve this issue please try uploading the certificate again.  For example, the following PowerShell commands may be used to update certificates uploaded to Application Gateway or referenced via Azure Key Vault.
+**Resolution:** To resolve this issue, please try uploading the certificate again.  For example, the following PowerShell commands may be used to update certificates uploaded to Application Gateway or referenced via Azure Key Vault.
 
 Update certificate uploaded directly to Application Gateway:
 ```
