Review feedback changes

pauljewellmsft · pauljewellmsft · commit 928127a2f24a · 2024-05-10T08:53:06.000-04:00
diff --git a/articles/storage/blobs/anonymous-read-access-prevent.md b/articles/storage/blobs/anonymous-read-access-prevent.md
@@ -382,56 +382,6 @@ end {
 }
 ```
 
-## Verify that anonymous access has been remediated
-
-To verify that you've remediated anonymous access for a storage account, you can test that anonymous access to a blob isn't permitted, that modifying a container's access setting isn't permitted, and that it's not possible to create a container with anonymous access enabled.
-
-### Verify that anonymous access to a blob isn't permitted
-
-To verify that anonymous access to a specific blob is disallowed, you can attempt to download the blob via its URL. If the download succeeds, then the blob is still publicly available. If the blob isn't publicly accessible because anonymous access has been disallowed for the storage account, then you'll see an error message indicating that anonymous access isn't permitted on this storage account.
-
-The following example shows how to use PowerShell to attempt to download a blob via its URL. Remember to replace the placeholder values in brackets with your own values:
-
-```powershell
-$url = "<absolute-url-to-blob>"
-$downloadTo = "<file-path-for-download>"
-Invoke-WebRequest -Uri $url -OutFile $downloadTo -ErrorAction Stop
-```
-
-### Verify that modifying the container's access setting isn't permitted
-
-To verify that a container's access setting can't be modified after anonymous access is disallowed for the storage account, you can attempt to modify the setting. Changing the container's access setting fails if anonymous access is disallowed for the storage account.
-
-The following example shows how to use PowerShell to attempt to change a container's access setting. Remember to replace the placeholder values in brackets with your own values:
-
-```powershell
-$rgName = "<resource-group>"
-$accountName = "<storage-account>"
-$containerName = "<container-name>"
-
-$storageAccount = Get-AzStorageAccount -ResourceGroupName $rgName -Name $accountName
-$ctx = $storageAccount.Context
-
-Set-AzStorageContainerAcl -Context $ctx -Container $containerName -Permission Blob
-```
-
-### Verify that a container can't be created with anonymous access enabled
-
-If anonymous access is disallowed for the storage account, then you won't be able to create a new container with anonymous access enabled. To verify, you can attempt to create a container with anonymous access enabled.
-
-The following example shows how to use PowerShell to attempt to create a container with anonymous access enabled. Remember to replace the placeholder values in brackets with your own values:
-
-```powershell
-$rgName = "<resource-group>"
-$accountName = "<storage-account>"
-$containerName = "<container-name>"
-
-$storageAccount = Get-AzStorageAccount -ResourceGroupName $rgName -Name $accountName
-$ctx = $storageAccount.Context
-
-New-AzStorageContainer -Name $containerName -Permission Blob -Context $ctx
-```
-
 ### Check the anonymous access setting for multiple accounts
 
 To check the anonymous access setting across a set of storage accounts with optimal performance, you can use the Azure Resource Graph Explorer in the Azure portal. To learn more about using the Resource Graph Explorer, see [Quickstart: Run your first Resource Graph query using Azure Resource Graph Explorer](../../governance/resource-graph/first-query-portal.md).
diff --git a/articles/storage/blobs/authorize-access-azure-active-directory.md b/articles/storage/blobs/authorize-access-azure-active-directory.md
@@ -6,7 +6,7 @@ author: pauljewellmsft
 ms.author: pauljewell
 ms.service: azure-blob-storage
 ms.topic: conceptual
-ms.date: 03/17/2023
+ms.date: 05/10/2024
 
 ---
 
diff --git a/articles/storage/common/authorize-data-access.md b/articles/storage/common/authorize-data-access.md
@@ -7,7 +7,7 @@ author: pauljewellmsft
 ms.author: pauljewell
 ms.service: azure-storage
 ms.topic: conceptual
-ms.date: 05/31/2023
+ms.date: 05/10/2024
 ms.reviewer: nachakra
 ms.subservice: storage-common-concepts
 ---
diff --git a/articles/storage/common/shared-key-authorization-prevent.md b/articles/storage/common/shared-key-authorization-prevent.md
@@ -319,16 +319,6 @@ az storage account show \
 
 The command returns **false** if Shared Key authorization is disallowed for the storage account.
 
-You can further verify by attempting to call a data operation with the account access key. The following example attempts to create a container using the access key. This call will fail when Shared Key authorization is disallowed for the storage account. Replace the placeholder values in brackets with your own values:
-
-```azurecli-interactive
-az storage container create \
-    --account-name <storage-account-name> \
-    --name sample-container \
-    --account-key <key> \
-    --auth-mode key
-```
-
 > [!NOTE]
 > Anonymous requests are not authorized and will proceed if you have configured the storage account and container for anonymous read access. For more information, see [Configure anonymous read access for containers and blobs](../blobs/anonymous-read-access-configure.md).
 
diff --git a/articles/storage/common/storage-account-keys-manage.md b/articles/storage/common/storage-account-keys-manage.md
@@ -7,7 +7,7 @@ author: pauljewellmsft
 ms.author: pauljewell
 ms.service: azure-storage
 ms.topic: how-to
-ms.date: 10/26/2023
+ms.date: 05/10/2024
 ms.reviewer: nachakra 
 ms.custom: engagement-fy23, devx-track-azurecli
 ---
diff --git a/articles/storage/common/storage-configure-connection-string.md b/articles/storage/common/storage-configure-connection-string.md
@@ -8,7 +8,7 @@ ms.author: pauljewell
 ms.service: azure-storage
 ms.subservice: storage-common-concepts
 ms.topic: how-to
-ms.date: 01/24/2023
+ms.date: 05/10/2024
 ms.reviewer: nachakra
 ---
 
diff --git a/includes/storage-dev-guides/storage-dev-guide-stored-access-policy.md b/includes/storage-dev-guides/storage-dev-guide-stored-access-policy.md
@@ -5,7 +5,7 @@ services: storage
 author: pauljewellmsft
 ms.service: azure-blob-storage
 ms.topic: include
-ms.date: 05/22/2023
+ms.date: 05/10/2024
 ms.author: pauljewell
 ms.custom: include file
 ---
@@ -35,9 +35,9 @@ You can also modify an existing policy. The following code example shows how to
 
 ### Revoke or delete a stored access policy
 
-To revoke a stored access policy, you can delete it, rename it by changing the signed identifier, or change the expiry time to a value in the past. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Changing the expiry time to a value in the past causes any associated signatures to expire. Deleting or modifying the stored access policy immediately affects all of the shared access signatures associated with it.
+To revoke a stored access policy, Microsoft recommends deleting the signed identifier and making a new one. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or modifying the stored access policy immediately affects all of the shared access signatures associated with it.
 
-The following code example shows how to revoke a policy by changing the `Id` property for the signed identifier:
+The following code example shows how to revoke a policy by changing the `Id` property for the signed identifier. This approach effectively deletes the signed identifier and makes a new one:
 
 :::code language="csharp" source="~/azure-storage-snippets/blobs/howto/dotnet/BlobDevGuideBlobs/CreateSas.cs" id="Snippet_RevokeStoredAccessPolicy":::
 
