Update azure-kubernetes-service-cluster-backup-policy.md

rajats22 · web-flow · commit bfd81e265894 · 2024-09-13T15:04:01.000+05:30
diff --git a/articles/backup/azure-kubernetes-service-cluster-backup-policy.md b/articles/backup/azure-kubernetes-service-cluster-backup-policy.md
@@ -16,11 +16,11 @@ Azure Backup provides various built-in policies (using [Azure Policy](../governa
 
 ## Policy 1 - Azure Backup Extension should be installed in AKS clusters
 
-It is an [audit-only](../governance/policy/concepts/effects.md#audit) policy. This policy identifies which AKS clusters don't have backup extension installed but doesn't automatically install backup extension for these AKS clusters. It is useful when you're only looking to evaluate the overall preparedness of the AKS clusters for backup compliance but not looking to take action immediately.
+Use this [audit-only](../governance/policy/concepts/effects.md#audit) policy to identify the AKS clusters that don't have the backup extension installed. However, this policy doesn't automatically install the backup extension to these AKS clusters. It's useful only to evaluate the overall readiness of the AKS clusters for backup compliance, and not to take action immediately.
 
 ## Policy 2 - Azure Backup should be enabled for AKS clusters
 
-It is an [audit-only](../governance/policy/concepts/effects.md#audit) policy. This policy identifies which clusters don't have backup enabled but doesn't automatically configure backups for these clusters. It's useful when you're only looking to evaluate the overall compliance of the clusters but not looking to take action immediately.
+Use this [audit-only](../governance/policy/concepts/effects.md#audit) policy to identify the clusters that don't have backups enabled. However, this policy doesn't automatically configure backups for these clusters. It's useful only to evaluate the overall compliance of the clusters, and not to take action immediately.
 
 ## Policy 3 - Install Azure Backup Extension in AKS clusters (Managed Cluster) with a given tag.
 
@@ -32,6 +32,8 @@ A central backup team in an organization can use this policy to install backup e
 
 ## Supported Scenarios
 
+Before you audit and enforce backups for AKS clusters, see the following scenarios supported:
+
 * The built-in policy is currently supported only for Azure Kubernetes Service clusters. 
 
 * Users must take care to ensure that the necessary [prerequisites](azure-kubernetes-service-cluster-backup-concept.md#Backup Extension) are enabled before Policies 3 and 4 are assigned.
@@ -42,25 +44,35 @@ A central backup team in an organization can use this policy to install backup e
 
 ## Using the built-in policies
 
-The below steps describe the end-to-end process of assigning Policy 3: **Install Azure Backup Extension in AKS clusters (Managed Cluster) with a given tag**. Similar instructions apply for the other policies. Once assigned, any new AKS cluster created under this scope has backup extension installed automatically.
+This section describes the end-to-end process of assigning Policy 3: **Install Azure Backup Extension in AKS clusters (Managed Cluster) with a given tag**. Similar instructions apply for the other policies. Once assigned, any new AKS cluster created under this scope has backup extension installed automatically.
+
+To assign Policy 3, follow these steps:
 
 1. Sign in to the Azure portal and navigate to the **Policy** Dashboard.
+   
 2. Select **Definitions** in the left menu to get a list of all built-in policies across Azure Resources.
+   
 3. Filter the list for **Category=Backup** and select the policy named *Install Azure Backup Extension in AKS clusters (Managed Cluster) with a given tag*.
 :::image type="content" source="./media/azure-kubernetes-service-cluster-backup-policy/policy-dashboard-inline.png" alt-text="Screenshot showing how to filter the list by category on Policy dashboard." lightbox="./media/backup-azure-auto-enable-backup/policy-dashboard-expanded.png":::
+
 4. Select the name of the policy. You're then redirected to the detailed definition for this policy.
 ![Screenshot showing the Policy Definition pane.](./media/azure-kubernetes-service-cluster-backup-policy/policy-definition-blade.png)
+
 5. Select the **Assign** button at the top of the pane. This redirects you to the **Assign Policy** pane.
+   
 6. Under **Basics**, select the three dots next to the **Scope** field. It opens up a right context pane where you can select the subscription for the policy to be applied on. You can also optionally select a resource group, so that the policy is applied only for AKS clusters in a particular resource group.
 ![Screenshot showing the Policy Assignment Basics tab.](./media/azure-kubernetes-service-cluster-backup-policy/policy-assignment-basics.png)
+
 7. In the **Parameters** tab, choose a location from the drop-down, and select the storage account to which the backup extension installed in the AKS cluster in the scope must be associated. You can also choose to specify a tag name and an array of tag values. An AKS cluster that contains any of the specified values for the given tag are excluded from the scope of the policy assignment.
 ![Screenshot showing the Policy Assignment Parameters pane.](./media/azure-kubernetes-service-cluster-backup-policy/policy-assignment-parameters.png)
+
 8. Ensure that **Effect** is set to deployIfNotExists.
+   
 9. Navigate to **Review+create** and select **Create**.
 
 > [!NOTE]
 >
-> - Azure Policy can also be used on existing AKS clusters, using [remediation](../governance/policy/how-to/remediate-resources.md).
+> - Use [remediation](../governance/policy/how-to/remediate-resources.md) to enable these policies on existing AKS clusters.
 
 ## Next step
 
