Merge pull request #241973 from MGoedtel/update-use-kms-etcd-encrypt

prmerger-automator[bot] · web-flow · commit c4c61e0754db · 2023-06-19T15:41:04.000Z
Update updates to use-kms-etcd-encrypt
diff --git a/articles/aks/use-kms-etcd-encryption.md b/articles/aks/use-kms-etcd-encryption.md
@@ -347,58 +347,58 @@ Use the following command to update all secrets. Otherwise, the old secrets will
 kubectl get secrets --all-namespaces -o json | kubectl replace -f -
 ```
 
-## KMS V2 support 
+## KMS v2 support
 
-Since AKS version 1.27 and above, enabling the KMS feature configures KMS V2. With KMS V2, you aren't limited to the 2,000 secrets support. For more information, you can refer to the [KMS V2 Improvements](https://kubernetes.io/blog/2023/05/16/kms-v2-moves-to-beta/).
+Starting with AKS version 1.27, enabling the KMS feature configures KMS v2. With KMS v2, you aren't limited to the 2,000 secrets it supports. For more information, review [KMS V2 Improvements](https://kubernetes.io/blog/2023/05/16/kms-v2-moves-to-beta/).
 
 ### Migration to KMS v2
 
-If your cluster version is less than 1.27 and you already enabled KMS, use the following steps to migrate to KMS V2:
+If your cluster version is less than 1.27 and you already enabled KMS, use the following steps to migrate to KMS v2:
 
 1. Disable KMS on the cluster.
 2. Perform the storage migration.
 3. Upgrade the cluster to version 1.27 or higher.
 4. Re-enable KMS on the cluster.
-5. Perform the storage migration 
+5. Perform the storage migration.
 
 #### Disable KMS
 
-Disable KMS on an existing cluster using the `az aks update` command with the `--disable-azure-keyvault-kms` flag.
+To disable KMS on an existing cluster, use the `az aks update` command with the `--disable-azure-keyvault-kms` argument.
 
 ```azurecli-interactive
 az aks update --name myAKSCluster --resource-group MyResourceGroup --disable-azure-keyvault-kms
 ```
 
 #### Storage migration
 
-Update all secrets using the `kubectl get secrets` command with the `--all-namespaces` flag.
+To update all secrets, use the `kubectl get secrets` command with the `--all-namespaces` argument.
 
 ```azurecli-interactive
 kubectl get secrets --all-namespaces -o json | kubectl replace -f -
 ```
 
 #### Upgrade AKS cluster
 
-Upgrade the AKS cluster using the `az aks upgrade` command and specify your desired version as `1.27.x` or higher for `--kubernetes-version`.
+To upgrade an AKS cluster, use the `az aks upgrade` command and specify the desired version as `1.27.x` or higher with the `--kubernetes-version` argument.
 
 ```azurecli-interactive
 az aks upgrade --resource-group myResourceGroup --name myAKSCluster --kubernetes-version <AKS version>
 ```
 
-Example:
+For example:
 
 ```azurecli-interactive
 az aks upgrade --resource-group myResourceGroup --name myAKSCluster --kubernetes-version 1.27.1
 ```
 
 #### Re-enable KMS
 
-You can reenable the KMS feature on the cluster to encrypt the secrets. After that, the AKS cluster uses KMS V2.
-If you don’t want to do the KMS v2 migration, you can create a new 1.27+ cluster with KMS enabled.
+You can reenable the KMS feature on the cluster to encrypt the secrets. Afterwards, the AKS cluster uses KMS v2.
+If you don't want to do the KMS v2 migration, you can create a new version 1.27 and higher cluster with KMS enabled.
 
 #### Storage migration
 
-Re-encrypt all secrets under KMS V2 using the `kubectl get secrets` command with the `--all-namespaces` flag.
+To re-encrypt all secrets under KMS v2, use the `kubectl get secrets` command with the `--all-namespaces` argument.
 
 ```azurecli-interactive
 kubectl get secrets --all-namespaces -o json | kubectl replace -f -
