fixing doc bugs

Author: HeidiSteen

articles/search/search-howto-managed-identities-cosmos-db.md

@@ -34,11 +34,22 @@ Indexer support for Azure Cosmos DB for Gremlin and MongoDB Collections is curre
 ### [**Azure portal**](#tab/portal)
 
 1. Sign in to Azure portal and find your Cosmos DB for NoSQL account.
+
 1. Select **Access control (IAM)**.
+
 1. Select **Add** and then select **Role assignment**.
-1. From the list of job function roles, assign the **Cosmos DB Account Reader**.
 
-* Data Plane Role assignment: Follow [Data plane Role assignment](../cosmos-db/how-to-setup-rbac.md) to know more.
+1. From the list of job function roles, select **Cosmos DB Account Reader**.
+
+1. Select **Next**.
+
+1. Select **Managed identity** and then select **Members**.
+
+1. Filter by system-assigned managed identities or user-assigned managed identities. You should see the managed identity that you previously created for your search service. If you don't have one, see [Configure search to use a managed identity](search-howto-managed-identities-data-sources.md). If you already set one up but it's not available, give it a few minutes.
+
+1. Select the identity and save the role assignment.
+
+For more information, see [Configure role-based access control with Microsoft Entra ID for your Azure Cosmos DB account](../cosmos-db/how-to-setup-rbac.md).
 
 ### [**PowerShell**](#tab/powershell)
 

articles/search/search-howto-managed-identities-data-sources.md

@@ -16,11 +16,9 @@ ms.date: 06/10/2024
 
 # Configure a search service to connect using a managed identity in Azure AI Search
 
-You can use Microsoft Entra ID and role assignments for outbound connections from Azure AI Search to resources providing data, applied AI, or vectorization during during indexing or queries.
+You can use Microsoft Entra ID and role assignments for outbound connections from Azure AI Search to resources providing data, applied AI, or vectorization during during indexing or queries. Managed identities and role assignments eliminate the need for passing secrets and credentials in a connection string or code.
 
-To use roles on an outbound connection, first configure your search service to use a managed identity. You can configure a [system-assigned or user-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md) as the security principle for your search service in a Microsoft Entra tenant. 
-
-Once you have a managed identity, the next step is to assign roles for authorized access. Managed identities and role assignments eliminate the need for passing secrets and credentials in a connection string or code.
+To use roles on an outbound connection, first configure your search service to use either a [system-assigned or user-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md) as the security principle for your search service in a Microsoft Entra tenant. Once you have a managed identity, you can assign roles for authorized access. 
 
 ## Prerequisites
 

articles/search/search-howto-managed-identities-storage.md

@@ -30,8 +30,11 @@ You can use a system-assigned managed identity or a user-assigned managed identi
 ## Create a role assignment in Azure Storage
 
 1. Sign in to Azure portal and find your storage account.
+
 1. Select **Access control (IAM)**.
+
 1. Select **Add** and then select **Role assignment**.
+
 1. From the list of job function roles, select the roles needed for your search service:
 
    | Task | Role assignment |
@@ -45,8 +48,11 @@ You can use a system-assigned managed identity or a user-assigned managed identi
    | Save debug session state | Add **Storage Blob Data Contributor**  |
 
 1. Select **Next**.
+
 1. Select **Managed identity** and then select **Members**.
-1. Filter by system-assigned managed identities or user-assigned managed identities. If you don't have a managed identity, see [Configure search to use a managed identity](search-howto-managed-identities-data-sources.md). If you already set one up but it's not available, give it a few minutes.
+
+1. Filter by system-assigned managed identities or user-assigned managed identities. You should see the managed identity that you previously created for your search service. If you don't have one, see [Configure search to use a managed identity](search-howto-managed-identities-data-sources.md). If you already set one up but it's not available, give it a few minutes.
+
 1. Select the identity and save the role assignment.
 
 ## Specify a managed identity in a connection string

articles/search/search-security-enable-roles.md

@@ -16,7 +16,7 @@ ms.date: 06/10/2024
 
 If you want to use Azure role-based access control for connections into Azure AI Search, this article explains how to enable it for your search service.
 
-Role-based access for data plane operations is optional, but recommended. The alternative is [key-based authentication](search-security-api-keys.md), which is the default. However, if you want to use role-based authentication for data plane operations, you must enable role-based access on your service.
+Role-based access for data plane operations is optional, but recommended. The alternative is [key-based authentication](search-security-api-keys.md), which is the default. Before you can use role for data plane operations, you must enable role-based access on your search service.
 
 Roles for service administration (control plane) are mandatory and can't be disabled.