Merge pull request #114876 from itechedit/keyvault-moveregion

edit pass: keyvault-moveregion

Author: v-dihans

articles/key-vault/general/keyvault-moveregion.md

@@ -1,6 +1,6 @@
 ---
-title: Azure Key Vault moving a vault to a different region | Microsoft Docs
-description: Guidance on moving a key vault to a different region.
+title: Move a key vault to a different region - Azure Key Vault | Microsoft Docs
+description: This article offers guidance on moving a key vault to a different region.
 services: key-vault
 author: ShaneBala-keyvault
 manager: ravijan
@@ -14,36 +14,31 @@ ms.author: sudbalas
 Customer intent: As a key vault administrator, I want to move my vault to another region.
 ---
 
-# Moving an Azure Key Vault across regions
+# Move an Azure key vault across regions
 
-## Overview
+Azure Key Vault doesn't support a resource move operation that permits moving a key vault from one region to another. This article covers workarounds for organizations that have a business need to move a key vault to another region. Each workaround option has limitations. It's critical to understand the implications of these workarounds before you attempt to apply them in a production environment.
 
-Key Vault does not support a resource move operation that permits moving a key vault to another region. This article will cover  workarounds if you have a business need to move a key vault to another region. Each option has limitations and it is critical to understand the implications of these workarounds before attempting them in a production environment.
+To move a key vault to another region, you create a key vault in that other region and then manually copy each individual secret from your existing key vault to the new key vault. You can do this by using either of the following two options.
 
-If you need to move a key vault to another region, the solution is to create a new key vault in the desired region and manually copy over each individual secret from your existing key vault to the new key vault. This operation can be done in either of the following ways listed below.
+## Design considerations
 
-## Design Considerations
+Before you begin, keep in mind the following concepts:
 
-* Key Vault names are globally unique. You will not be able to reuse the same vault name.
+* Key vault names are globally unique. You can't reuse a vault name.
+* You need to reconfigure your access policies and network configuration settings in the new key vault.
+* You need to reconfigure soft-delete and purge protection in the new key vault.
+* The backup and restore operation won't preserve your autorotation settings. You might need to reconfigure the settings.
 
-* You will need to reconfigure access policies and network configuration settings in the new key vault.
+## Option 1: Use the key vault backup and restore commands
 
-* You will need to reconfigure soft-delete and purge protection in the new key vault.
+You can back up each individual secret, key, and certificate in your vault by using the backup command. Your secrets are downloaded as an encrypted blob. You can then restore the blob into your new key vault. For a list of commands, see [Azure Key Vault commands](https://docs.microsoft.com/powershell/module/azurerm.keyvault/?view=azurermps-6.13.0#key_vault).
 
-* The back up and restore operation will not preserve autorotation settings you may need to reconfigure these settings.
+Using the backup and restore commands has two limitations:
 
-## Option 1 - Use the key vault backup and restore commands
+* You can't back up a key vault in one geography and restore it into another geography. For more information, see [Azure geographies](https://azure.microsoft.com/global-infrastructure/geographies/).
 
-You can back up each individual secret, key, and certificate in your vault using the backup command. Your secrets will be downloaded as an encrypted blob. You can then restore the blob into your new key vault. The commands are documented in the link below.
+* The backup command backs up all versions of each secret. If you have a secret with a large number of previous versions (more than 10), the request size might exceed the allowed maximum and the operation might fail.
 
-[Azure Key Vault Commands](https://docs.microsoft.com/powershell/module/azurerm.keyvault/?view=azurermps-6.13.0#key_vault)
+## Option 2: Manually download and upload the key vault secrets
 
-### Limitations
-
-* You cannot back up a key vault in one geography and restore it into another geography. Learn more about Azure geographies. [Link](https://azure.microsoft.com/global-infrastructure/geographies/)
-
-* The backup command backs up all versions of each secret. If you have a secret with a large number of previous versions (greater than 10) there is a chance the request will exceed the maximum allowed request size and the operation may fail.
-
-## Option 2 - Manually download and upload secrets
-
-Certain secret types can be manually downloaded. For example, you can download certificates as a .pfx file. This option eliminates the geographical restrictions for some secret types such as certificates. You can upload the .pfx files to any key vault in any region. Your secret will be downloaded in a non-password protected format. You will be responsible for securing your secrets once they leave Key Vault while the move is performed.
+You can download certain secret types manually. For example, you can download certificates as a PFX file. This option eliminates the geographical restrictions for some secret types, such as certificates. You can upload the PFX files to any key vault in any region. The secrets are downloaded in a non-password protected format. You are responsible for securing your secrets during the move.