Standardize placeholders in key-vault/includes

- Convert non-standard placeholders to lowercase kebab-case
- Fix Acrolinx issues in rbac includes
- Update ms.date for modified files

Part of placeholder standardization series.

Author: msmbaldwin

articles/key-vault/includes/key-management-policy-grammar.md

@@ -2,7 +2,7 @@
 author: msmbaldwin
 ms.service: azure-key-vault
 ms.topic: include
-ms.date: 04/14/2025
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 ---
@@ -72,8 +72,8 @@ A Claim Condition is a JSON object that identifies a claim name, a condition for
 
 ```json
 { 
-  "claim": "<claim name>", 
-  "equals": <value to match>
+  "claim": "<claim-name>", 
+  "equals": <value-to-match>
 } 
 ```
 
@@ -84,7 +84,7 @@ Claim names allow "dot notation" to enable JSON object navigation, for example:
 ```json
 { 
   "claim": "object.object.claim", 
-  "equals": <value to match>
+  "equals": <value-to-match>
 }
 ```
 
@@ -101,12 +101,12 @@ Examples are shown below. In the first, allOf requires all conditions to be met:
   "allOf":
   [
     { 
-      "claim": "<claim_1>", 
-      "equals": <value_1>
+      "claim": "<claim-1>", 
+      "equals": <value-1>
     },
     { 
-      "claim": "<claim_2>", 
-      "equals": <value_2>
+      "claim": "<claim-2>", 
+      "equals": <value-2>
     }
   ]
 }
@@ -121,12 +121,12 @@ In this example, anyOf requires that any condition match:
   "anyOf":
   [
     { 
-      "claim": "<claim_1>", 
-      "equals": <value_1>
+      "claim": "<claim-1>", 
+      "equals": <value-1>
     },
     { 
-      "claim": "<claim_2>", 
-      "equals": <value_2>
+      "claim": "<claim-2>", 
+      "equals": <value-2>
     }
   ]
 }
@@ -140,19 +140,19 @@ The anyOf and allOf condition objects may be nested:
   "allOf":
   [
     { 
-      "claim": "<claim_1>", 
-      "equals": <value_1>
+      "claim": "<claim-1>", 
+      "equals": <value-1>
     },
     {
       "anyOf":
       [
         { 
-          "claim": "<claim_2>", 
-          "equals": <value_2>
+          "claim": "<claim-2>", 
+          "equals": <value-2>
         },
         { 
-          "claim": "<claim_3>", 
-          "equals": <value_3>
+          "claim": "<claim-3>", 
+          "equals": <value-3>
         }
       ]
     }
@@ -166,26 +166,26 @@ Or:
   "allOf":
   [
     { 
-      "claim": "<claim_1>", 
-      "equals": <value_1>
+      "claim": "<claim-1>", 
+      "equals": <value-1>
     },
     {
       "anyOf":
       [
         { 
-          "claim": "<claim_2>", 
-          "equals": <value_2>
+          "claim": "<claim-2>", 
+          "equals": <value-2>
         },
         {
           "allOf":
           [
             { 
-              "claim": "<claim_3>", 
-              "equals": <value_3>
+              "claim": "<claim-3>", 
+              "equals": <value-3>
             },
             { 
-              "claim": "<claim_4>", 
-              "equals": <value_4>
+              "claim": "<claim-4>", 
+              "equals": <value-4>
             }
           ]
         }
@@ -205,8 +205,8 @@ Conditions are collected into Authority statements and combined:
   "allOf":
   [
     { 
-      "claim": "<claim_1>", 
-      "equals": <value_1>
+      "claim": "<claim-1>", 
+      "equals": <value-1>
     }
   ]
 }
@@ -248,7 +248,7 @@ The encoding is as follows:
 ```json
 {
   "contentType": "application/json; charset=utf-8",
-  "data": "<BASE64URL(JSON serialization of policy)>"
+  "data": "<base64url-encoded-policy>"
 }
 ```
 

articles/key-vault/includes/key-vault-create-secret.md

@@ -13,12 +13,12 @@ To add a secret to your newly created key vault, use the following command:
 
 # [Azure CLI](#tab/azure-cli)
 ```azurecli
-az keyvault secret set --vault-name "<your-unique-keyvault-name>" --name "mySecret" --value "Success!"
+az keyvault secret set --vault-name "<vault-name>" --name "mySecret" --value "Success!"
 ```
 # [Azure PowerShell](#tab/azurepowershell)
 
 ```azurepowershell
 $secret = ConvertTo-SecureString -String 'Success!' -AsPlainText
-Set-AzKeyVaultSecret -VaultName <your-unique-keyvault-name> -Name mySecret -SecretValue $secret
+Set-AzKeyVaultSecret -VaultName <vault-name> -Name mySecret -SecretValue $secret
 ```
 ---

articles/key-vault/includes/key-vault-python-qs-rg-kv-creation.md

@@ -14,35 +14,35 @@ ms.author: msmbaldwin
 1. Use the `az group create` command to create a resource group:
 
     ```azurecli
-    az group create --name myResourceGroup --location eastus
+    az group create --name <resource-group> --location eastus
     ```
 
     You can change "eastus" to a location nearer to you, if you prefer.
 
 1. Use `az keyvault create` to create the key vault:
 
     ```azurecli
-    az keyvault create --name <your-unique-keyvault-name> --resource-group myResourceGroup --enable-rbac-authorization true --enable-purge-protection true
+    az keyvault create --name <vault-name> --resource-group <resource-group> --enable-rbac-authorization true --enable-purge-protection true
     ```
 
-    Replace `<your-unique-keyvault-name>` with a name that's unique across all of Azure. You typically use your personal or company name along with other numbers and identifiers.
+    Replace `<vault-name>` with a name that's unique across all of Azure. You typically use your personal or company name along with other numbers and identifiers.
 
 # [Azure PowerShell](#tab/azure-powershell)
 
 1. Use the `New-AzResourceGroup` command to create a resource group:
 
     ```azurepowershell
-    New-AzResourceGroup -Name myResourceGroup -Location eastus
+    New-AzResourceGroup -Name <resource-group> -Location eastus
     ```
 
     You can change "eastus" to a location nearer to you, if you prefer.
 
 1. Use `New-AzKeyVault` to create the key vault:
 
     ```azurepowershell
-    New-AzKeyVault -Name <your-unique-keyvault-name> -ResourceGroupName myResourceGroup -Location eastus -EnableRbacAuthorization $true -EnablePurgeProtection
+    New-AzKeyVault -Name <vault-name> -ResourceGroupName <resource-group> -Location eastus -EnableRbacAuthorization $true -EnablePurgeProtection
     ```
 
-    Replace `<your-unique-keyvault-name>` with a name that's unique across all of Azure. You typically use your personal or company name along with other numbers and identifiers.
+    Replace `<vault-name>` with a name that's unique across all of Azure. You typically use your personal or company name along with other numbers and identifiers.
 
 ---

articles/key-vault/includes/key-vault-set-environmental-variables.md

@@ -11,5 +11,5 @@ ms.author: msmbaldwin
 Our script will use the value assigned to the `KEY_VAULT_NAME` environment variable as the name of the key vault. You must therefore set this value using the following command:
 
 ```console
-export KEY_VAULT_NAME=<your-unique-keyvault-name>
+export KEY_VAULT_NAME=<vault-name>
 ````

articles/key-vault/includes/rbac/upn-certificate-officer-cli.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure CLI command [az role assignment create](/cli/azure/role/assignment#az-role-assignment-create).
 
 ```azurecli
-az role assignment create --role "Key Vault Certificates Officer" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+az role assignment create --role "Key Vault Certificates Officer" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).

articles/key-vault/includes/rbac/upn-certificate-officer-powershell.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure PowerShell cmdlet [New-AzRoleAssignment](/powershell/module/az.resources/new-azroleassignment).
 
 ```azurepowershell
-New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Certificates Officer" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Certificates Officer" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).

articles/key-vault/includes/rbac/upn-certificate-user-cli.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure CLI command [az role assignment create](/cli/azure/role/assignment#az-role-assignment-create).
 
 ```azurecli
-az role assignment create --role "Key Vault Certificate User" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+az role assignment create --role "Key Vault Certificate User" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).

articles/key-vault/includes/rbac/upn-certificate-user-powershell.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure PowerShell cmdlet [New-AzRoleAssignment](/powershell/module/az.resources/new-azroleassignment).
 
 ```azurepowershell
-New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Certificate User" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Certificate User" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).

articles/key-vault/includes/rbac/upn-crypto-officer-cli.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure CLI command [az role assignment create](/cli/azure/role/assignment#az-role-assignment-create).
 
 ```azurecli
-az role assignment create --role "Key Vault Crypto Officer" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+az role assignment create --role "Key Vault Crypto Officer" --assignee "<upn>" --scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).

articles/key-vault/includes/rbac/upn-crypto-officer-powershell.md

@@ -13,7 +13,7 @@ ms.author: msmbaldwin
 To gain permissions to your key vault through [Role-Based Access Control (RBAC)](/azure/key-vault/general/rbac-guide), assign a role to your "User Principal Name" (UPN) using the Azure PowerShell cmdlet [New-AzRoleAssignment](/powershell/module/az.resources/new-azroleassignment).
 
 ```azurepowershell
-New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Crypto Officer" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.KeyVault/vaults/<your-unique-keyvault-name>"
+New-AzRoleAssignment -SignInName "<upn>" -RoleDefinitionName "Key Vault Crypto Officer" -Scope "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.KeyVault/vaults/<vault-name>"
 ```
 
-Replace \<upn\>, \<subscription-id\>, \<resource-group-name\> and \<your-unique-keyvault-name\> with your actual values. Your UPN will typically be in the format of an email address (e.g., [email protected]).
+Replace `<upn>`, `<subscription-id>`, `<resource-group>`, and `<vault-name>` with your actual values. Your UPN is typically in the format of an email address (for example, [email protected]).