Merge pull request Azure#4738 from Azure/cabailey-azurepowershell

cormacpayne · web-flow · commit 6a689a93a2d4 · 2017-10-13T16:08:56.000-04:00
Text-only updates for 2 Key Vault files to carry thru to next version
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md
@@ -96,7 +96,9 @@ Accept wildcard characters: False
 ```
 
 ### -EnableSoftDelete
-If specified, 'soft delete' functionality is enabled for this key vault.
+Specifies that the soft-delete functionality is enabled for this key vault. When soft-delete is enabled, for a grace period, you can recover this key vault and its contents after it is deleted.
+
+For more information about this functionality, see [Azure Key Vault soft-delete overview](https://docs.microsoft.com/azure/key-vault/key-vault-ovw-soft-delete). For how-to instructions, see [How to use Key Vault soft-delete with PowerShell](https://docs.microsoft.com/azure/key-vault/key-vault-soft-delete-powershell).
 
 ```yaml
 Type: SwitchParameter
@@ -111,9 +113,7 @@ Accept wildcard characters: False
 ```
 
 ### -Location
-Specifies the Azure region in which to create the key vault. Use the command Get-AzureLocation
-(https://msdn.microsoft.com/ library/azure/mt589064.aspx) to see your choices. For more
-information, type `Get-Help Get-AzureLocation`.
+Specifies the Azure region in which to create the key vault. Use the command [Get-AzureLocation](https://docs.microsoft.com/powershell/module/Azure/Get-AzureLocation) to see your choices.
 
 ```yaml
 Type: String
@@ -143,8 +143,7 @@ Accept wildcard characters: False
 ```
 
 ### -Sku
-Specifies the SKU of the key vault instance. For information about which features are available for
-each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlink/?linkid=512521).
+Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing website (https://go.microsoft.com/fwlink/?linkid=512521).
 
 ```yaml
 Type: SkuName
@@ -239,4 +238,4 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 [Get-AzureRmKeyVault](./Get-AzureRmKeyVault.md)
 
-[Remove-AzureRmKeyVault](./Remove-AzureRmKeyVault.md)
+[Remove-AzureRmKeyVault](./Remove-AzureRmKeyVault.md)
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md
@@ -51,8 +51,7 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] <String> [[-ResourceGroupName] <Str
 ```
 
 ## DESCRIPTION
-The **Set-AzureRmKeyVaultAccessPolicy** cmdlet grants or modifies existing permissions for a user, application, or security group to perform the specified operations with a key vault.
-It does not modify the permissions that other users, applications, or security groups have on the key vault.
+The **Set-AzureRmKeyVaultAccessPolicy** cmdlet grants or modifies existing permissions for a user, application, or security group to perform the specified operations with a key vault. It does not modify the permissions that other users, applications, or security groups have on the key vault.
 
 If you are setting permissions for a security group, this operation affects only users in that security group.
 
@@ -72,7 +71,7 @@ Note that although specifying the resource group is optional for this cmdlet, yo
 
 ## EXAMPLES
 
-### Example 1: Grant permissions to a user for a key vault Key Vault and modify the permissionskey vault
+### Example 1: Grant permissions to a user for a key vault and modify the permissions
 ```
 PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -UserPrincipalName 'PattiFuller@contoso.com' -PermissionsToKeys create,import,delete,list -PermissionsToSecrets 'set,delete'
 PS C:\> Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -UserPrincipalName 'PattiFuller@contoso.com' -PermissionsToSecrets set,delete,get -PassThru
@@ -81,23 +80,19 @@ PS C:\> Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -UserPrincip
 
 The first command grants permissions for a user in your Azure Active Directory, PattiFuller@contoso.com, to perform operations on keys and secrets with a key vault named Contoso03Vault.
 
-The second command modifies the permissions that were granted to PattiFuller@contoso.com in the first command, to now allow getting secrets in addition to setting and deleting them.
-The permissions to key operations remain unchanged after this command.
-The *PassThru* parameter results in the updated object being returned by the cmdlet.
+The second command modifies the permissions that were granted to PattiFuller@contoso.com in the first command, to now allow getting secrets in addition to setting and deleting them. The permissions to key operations remain unchanged after this command. The *PassThru* parameter results in the updated object being returned by the cmdlet.
 
-The final command further modifies the existing permissions for PattiFuller@contoso.com to remove all permissions to key operations.
-The permissions to secret operations remain unchanged after this command.
-The *PassThru* parameter results in the updated object being returned by the cmdlet.
+The final command further modifies the existing permissions for PattiFuller@contoso.com to remove all permissions to key operations. The permissions to secret operations remain unchanged after this command. The *PassThru* parameter results in the updated object being returned by the cmdlet.
 
 ### Example 2: Grant permissions for an application service principal to read and write secrets
 ```
 PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -ServicePrincipalName 'http://payroll.contoso.com' -PermissionsToSecrets Get,Set
 ```
 
-This command grants permissions for an application for a key vault named Contoso03Vault.
-The *ServicePrincipalName* parameter specifies the application.
-The application must be registered in your Azure Active Directory.
-The value of the *ServicePrincipalName* parameter must be either the service principal name of the application or the application ID GUID.
+This command grants permissions for an application for a key vault named Contoso03Vault. 
+
+The *ServicePrincipalName* parameter specifies the application. The application must be registered in your Azure Active Directory. The value of the *ServicePrincipalName* parameter must be either the service principal name of the application or the application ID GUID.
+
 This example specifies the service principal name http://payroll.contoso.com, and the command grants the application permissions to read and write secrets.
 
 ### Example 3: Grant permissions for an application using its object ID
@@ -106,6 +101,7 @@ PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -ObjectId 345
 ```
 
 This command grants the application permissions to read and write secrets.
+
 This example specifies the application using the object ID of the service principal of the application.
 
 ### Example 4: Grant permissions for a user principal name
@@ -115,7 +111,7 @@ PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -UserPrincipa
 
 This command grants get, list, and set permissions for the specified user principal name for access to secrets.
 
-### Example 5: Enable secrets to be retrieved from a key vault vault by the Microsoft.Compute resource providerkey vault
+### Example 5: Enable secrets to be retrieved from a key vault vault by the Microsoft.Compute resource provider
 ```
 PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso03Vault' -ResourceGroupName 'Group14' -EnabledForDeployment
 ```
@@ -133,23 +129,21 @@ group2                                                        b8a401eb-63ad-4a30
 group3                                                        da07a6be-2c1e-4e42-934d-ceb57cf652b4
 ```
 
-The first command uses the Get-AzureRmADGroup cmdlet to get all Active Directory groups.
-From the output, you see 3 groups returned, named **group1**, **group2**, and **group3**.
-Multiple groups can have the same name but always have a unique ObjectId.
-When more than one group that has the same name is returned, use the ObjectId in the output to identify the one you want to use.
+The first command uses the Get-AzureRmADGroup cmdlet to get all Active Directory groups. From the output, you see 3 groups returned, named **group1**, **group2**, and **group3**. Multiple groups can have the same name but always have a unique ObjectId. When more than one group that has the same name is returned, use the ObjectId in the output to identify the one you want to use.
+
+You then use the output of this command with Set-AzureRmKeyVaultAccessPolicy to grant permissions to group2 for your key vault, named **myownvault**. This example enumerates the groups named 'group2' inline in the same command line.
 
-You then use the output of this command with Set-AzureRmKeyVaultAccessPolicy to grant permissions to group2 for your key vault, named **myownvault**.
-This example enumerates the groups named 'group2' inline in the same command line.
 There may be multiple groups in the returned list that are named 'group2'.
 This example picks the first one, indicated by index \[0\] in the returned list.
 
 ### Example 7: Grant Azure Information Protection access to the customer-managed tenant key (BYOK)
 ```
-PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso04Vault' -ServicePrincipalName 00000012-0000-0000-c000-000000000000 -PermissionsToKeys decrypt,encrypt,unwrapkey,wrapkey,verify,sign,get
+PS C:\>Set-AzureRmKeyVaultAccessPolicy -VaultName 'Contoso04Vault' -ServicePrincipalName 00000012-0000-0000-c000-000000000000 -PermissionsToKeys decrypt,sign,get
 ```
 
 This command authorizes Azure Information Protection to use a customer-managed key (the bring your own key, or "BYOK" scenario) as the Azure Information Protection tenant key.
-When you run this command, specify your own vault name but you must specify the *ServicePrincipalName* parameter with the GUID **00000012-0000-0000-c000-000000000000** and specify all the permissions in the example.
+
+When you run this command, specify your own key vault name but you must specify the *ServicePrincipalName* parameter with the GUID **00000012-0000-0000-c000-000000000000** and specify the permissions in the example.
 
 ## PARAMETERS
 
@@ -170,6 +164,7 @@ Accept wildcard characters: False
 
 ### -BypassObjectIdValidation
 Enables you to specify an object ID without validating that the object exists in Azure Active Directory.
+
 Use this parameter only if you want to grant access to your key vault to an object ID that refers to a delegated security group from another Azure tenant.
 
 ```yaml
@@ -186,6 +181,7 @@ Accept wildcard characters: False
 
 ### -EmailAddress
 Specifies the user email address of the user to whom to grant permissions.
+
 This email address must exist in the directory associated with the current subscription and be unique.
 
 ```yaml
@@ -262,6 +258,7 @@ Accept wildcard characters: False
 
 ### -PassThru
 Returns an object representing the item with which you are working.
+
 By default, this cmdlet does not generate any output.
 
 ```yaml
@@ -278,7 +275,8 @@ Accept wildcard characters: False
 
 ### -PermissionsToCertificates
 Specifies an array of certificate permissions to grant to a user or service principal.
-The acceptable values for this parameter are:
+
+The acceptable values for this parameter:
 
 - Get
 - List
@@ -308,7 +306,8 @@ Accept wildcard characters: False
 
 ### -PermissionsToKeys
 Specifies an array of key operation permissions to grant to a user or service principal.
-The acceptable values for this parameter are:
+
+The acceptable values for this parameter:
 
 - Decrypt
 - Encrypt
@@ -342,7 +341,8 @@ Accept wildcard characters: False
 
 ### -PermissionsToSecrets
 Specifies an array of secret operation permissions to grant to a user or service principal.
-The acceptable values for this parameter are:
+
+The acceptable values for this parameter:
 
 - Get
 - List
@@ -367,7 +367,7 @@ Accept wildcard characters: False
 ```
 
 ### -PermissionsToStorage
-Specifies managed storage account and sas definition operation permissions to grant to a user or service principal.
+Specifies managed storage account and SaS-definition operation permissions to grant to a user or service principal.
 
 ```yaml
 Type: String[]
@@ -399,8 +399,8 @@ Accept wildcard characters: False
 
 ### -ServicePrincipalName
 Specifies the service principal name of the application to which to grant permissions.
-Specify the application ID, also known as client ID, registered for the application in AzureActive Directory.
-The application with the service principal name that this parameter specifies must be registered in the Azure directory that contains your current subscription.
+
+Specify the application ID, also known as client ID, registered for the application in AzureActive Directory. The application with the service principal name that this parameter specifies must be registered in the Azure directory that contains your current subscription.
 
 ```yaml
 Type: String
@@ -416,6 +416,7 @@ Accept wildcard characters: False
 
 ### -UserPrincipalName
 Specifies the user principal name of the user to whom to grant permissions.
+
 This user principal name must exist in the directory associated with the current subscription.
 
 ```yaml
@@ -432,6 +433,7 @@ Accept wildcard characters: False
 
 ### -VaultName
 Specifies the name of a key vault.
+
 This cmdlet modifies the access policy for the key vault that this parameter specifies.
 
 ```yaml
@@ -462,8 +464,7 @@ Accept wildcard characters: False
 ```
 
 ### -WhatIf
-Shows what would happen if the cmdlet runs.
-The cmdlet is not run.
+Shows what would happen if the cmdlet runs. The cmdlet is not run.
 
 ```yaml
 Type: SwitchParameter
