Merge pull request #190355 from JamesTran-MSFT/patch-93

PRMerger5 · web-flow · commit e325345d4bc5 · 2022-03-02T13:44:11.000-08:00
Added KV note
diff --git a/articles/storage/common/customer-managed-keys-configure-key-vault.md b/articles/storage/common/customer-managed-keys-configure-key-vault.md
@@ -25,7 +25,7 @@ This article shows how to configure encryption with customer-managed keys stored
 
 ## Configure a key vault
 
-You can use a new or existing key vault to store customer-managed keys. The storage account and the key vault must be in the same region, but they can be in different subscriptions. To learn more about Azure Key Vault, see [Azure Key Vault Overview](../../key-vault/general/overview.md) and [What is Azure Key Vault?](../../key-vault/general/basic-concepts.md).
+You can use a new or existing key vault to store customer-managed keys. The Storage Account and Key Vault can be in different regions or subscriptions in the same tenant. To learn more about Azure Key Vault, see [Azure Key Vault Overview](../../key-vault/general/overview.md) and [What is Azure Key Vault?](../../key-vault/general/basic-concepts.md).
 
 Using customer-managed keys with Azure Storage encryption requires that both soft delete and purge protection be enabled for the key vault. Soft delete is enabled by default when you create a new key vault and cannot be disabled. You can enable purge protection either when you create the key vault or after it is created.
 
