format updates

SnehaGunda · SnehaGunda · commit 93828beeade0 · 2020-04-30T17:05:35.000-07:00
diff --git a/articles/cosmos-db/TOC.yml b/articles/cosmos-db/TOC.yml
@@ -1059,16 +1059,18 @@
           href: monitor-server-side-latency.md
         - name: Monitor request unit usage
           href: monitor-request-unit-usage.md
-      - name: Monitor with diagnostic logs
-        href: cosmosdb-monitor-resource-logs.md
-      - name: Audit control plane logs
-        href: audit-control-plane-logs.md
+      - name : Use Azure monitor metrics
+        items:
+        - name: Monitor with diagnostic logs
+          href: cosmosdb-monitor-resource-logs.md
+        - name: Audit control plane logs
+          href: audit-control-plane-logs.md
       - name: View metrics from Cosmos DB account
         href: use-metrics.md
-      - name: Application logging with Logic Apps
-        href: ../logic-apps/logic-apps-scenario-error-and-exception-handling.md?toc=/azure/cosmos-db/toc.json&bc=/azure/cosmos-db/breadcrumb/toc.json
       - name: Monitoring data reference
         href: monitor-cosmos-db-reference.md
+      - name: Application logging with Logic Apps
+        href: ../logic-apps/logic-apps-scenario-error-and-exception-handling.md?toc=/azure/cosmos-db/toc.json&bc=/azure/cosmos-db/breadcrumb/toc.json
     - name: Develop locally
       items:
       - name: Use the emulator
diff --git a/articles/cosmos-db/audit-control-plane-logs.md b/articles/cosmos-db/audit-control-plane-logs.md
@@ -23,7 +23,9 @@ The following are some example scenarios where auditing control plane operations
 
 ## Disable key based metadata write access
 
-Before you audit the control plane operations in Azure Cosmos DB, disable the key-based metadata write access on your account. When key based metadata write access is disabled, clients connecting to the Azure Cosmos account through account keys are prevented from accessing the account. You can disable write access by setting the `disableKeyBasedMetadataWriteAccess` property to true. After you set this property, changes to any resource can happen from a user with the proper Role-based access control(RBAC) role and credentials. To learn more on how to set this property, see the [Preventing changes from SDKs](role-based-access-control.md#preventing-changes-from-cosmos-sdk) article.  Once this option - disableKeyBasedMetadataWriteAccess - is switched on - SDK based clients will see an error "Operation 'POST' on resource 'ContainerNameorDatabaseName' is not allowed through Azure Cosmos DB endpoint. Please switch on such operations for your account, or perform this operation through Azure Resource Manager, Azure CLI or Azure Powershell. The way to switch back is to reset disableKeyBasedMetadataWriteAccess to false using CLI as described [here](role-based-access-control.md#preventing-changes-from-cosmos-sdk) - remember to change true to false in the cli command.
+Before you audit the control plane operations in Azure Cosmos DB, disable the key-based metadata write access on your account. When key based metadata write access is disabled, clients connecting to the Azure Cosmos account through account keys are prevented from accessing the account. You can disable write access by setting the `disableKeyBasedMetadataWriteAccess` property to true. After you set this property, changes to any resource can happen from a user with the proper Role-based access control(RBAC) role and credentials. To learn more on how to set this property, see the [Preventing changes from SDKs](role-based-access-control.md#preventing-changes-from-cosmos-sdk) article. 
+
+After the `disableKeyBasedMetadataWriteAccess` is turned on, if the SDK based clients run create or update operations, an error *"Operation 'POST' on resource 'ContainerNameorDatabaseName' is not allowed through Azure Cosmos DB endpoint* is returned. You have to turn on access to such operations for your account, or perform the create/update operations through Azure Resource Manager, Azure CLI or Azure Powershell. To switch back, set the disableKeyBasedMetadataWriteAccess to **false** by using Azure CLI as described in the [Preventing changes from Cosmos SDK](role-based-access-control.md#preventing-changes-from-cosmos-sdk) article. Make sure to change the value of `disableKeyBasedMetadataWriteAccess` to false instead of true.
 
 Consider the following points when turning off the metadata write access:
 
