Improve readability of whats-new.md for Acrolinx compliance

Fix sentence fragments, break up long sentences, remove non-breaking
space, add missing periods, replace 'please visit' and 'leveraging',
fix 'here' link text, and improve clarity throughout the article.

Co-authored-by: Copilot <[email protected]>

Author: msmbaldwin

articles/key-vault/general/whats-new.md

@@ -29,9 +29,9 @@ Azure Key Vault is deprecating older preview control plane API versions in accor
 
 ### Supported control plane API versions
 
-The following Azure Key Vault control plane API versions are currently supported.
+Use the latest stable version for production workloads. Preview versions are for early testing only and aren't covered by Azure support SLAs. Each link points to the API specification in the `azure-rest-api-specs` repository.
 
-#### Stable
+#### Stable API versions
 
 - [2026-02-01](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/stable/2026-02-01) (recommended)
 - [2025-05-01](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/stable/2025-05-01)
@@ -46,7 +46,7 @@ The following Azure Key Vault control plane API versions are currently supported
 - [2016-10-01](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/stable/2016-10-01)
 - [2015-06-01](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/stable/2015-06-01)
 
-#### Preview
+#### Preview API versions
 
 - [2024-12-01-preview](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/preview/2024-12-01-preview) (recommended)
 - [2024-04-01-preview](https://github.com/Azure/azure-rest-api-specs/tree/main/specification/keyvault/resource-manager/Microsoft.KeyVault/KeyVault/preview/2024-04-01-preview)
@@ -103,60 +103,60 @@ For more information, see [Apps, API keys, and Azure Key Vault secrets](apps-api
 
 ## July 2023
 
-Built-in policy to govern the key rotation configuration in Azure Key Vault. With this policy, you can audit existing keys in key vaults to ensure that all keys are configured for rotation and comply with your organization's standards. 
+A built-in policy now governs key rotation configuration in Azure Key Vault. With this policy, you can audit existing keys in key vaults to ensure that all keys are configured for rotation and comply with your organization's standards.
 
-For more information, see [Configure key rotation governance](../keys/how-to-configure-key-rotation.md#configure-key-rotation-policy-governance)
+For more information, see [Configure key rotation governance](../keys/how-to-configure-key-rotation.md#configure-key-rotation-policy-governance).
 
 ## June 2023
 
-Key Vault enforces TLS 1.2 or higher for enhanced security. If you're still using an older TLS version, see [Enable support for TLS 1.2 in your environment](/troubleshoot/entra/entra-id/ad-dmn-services/enable-support-tls-environment#why-this-change-is-being-made) to update your clients and ensure uninterrupted access to Key Vault services. You can monitor TLS version used by clients by monitoring Key Vault logs with sample Kusto query [here](monitor-key-vault.md#sample-kusto-queries).
+Key Vault enforces TLS 1.2 or higher for enhanced security. If you're still using an older TLS version, see [Enable support for TLS 1.2 in your environment](/troubleshoot/entra/entra-id/ad-dmn-services/enable-support-tls-environment#why-this-change-is-being-made) to update your clients and ensure uninterrupted access to Key Vault services. To monitor the TLS version that clients use, see the [sample Kusto queries](monitor-key-vault.md#sample-kusto-queries) in the Key Vault monitoring guide.
 
 ## May 2023
 
-Azure RBAC is now the recommended authorization system for the Azure Key Vault data plane. Azure RBAC is built on Azure Resource Manager and provides fine-grained access management of Azure resources. With Azure RBAC you control access to resources by creating role assignments, which consist of three elements: a security principal, a role definition (predefined set of permissions), and a scope (group of resources or individual resource).
+Azure RBAC is now the recommended authorization system for the Azure Key Vault data plane. Azure RBAC is built on Azure Resource Manager and provides fine-grained access management of Azure resources. With Azure RBAC, you control access to resources by creating role assignments. Each role assignment consists of three elements: a security principal, a role definition (predefined set of permissions), and a scope (group of resources or individual resource).
 
-For more information, please visit [Azure role-based access control (Azure RBAC) vs. access policies | Microsoft Learn](rbac-access-policy.md)
+For more information, see [Azure role-based access control (Azure RBAC) vs. access policies](rbac-access-policy.md).
 
 ## February 2023
 
-Built-in policy to govern the migration to Azure role-based access control (Azure RBAC) is now in preview. With the built-in policy you can audit existing key vaults and enforce all new key vaults to use the Azure RBAC permission model. See [Azure RBAC migration governance](../general/rbac-migration.md#migration-governance-with-azure-policy) to learn how to enforce the new built-in policy.
+A built-in policy to govern the migration to Azure role-based access control (Azure RBAC) is now in preview. With the built-in policy, you can audit existing key vaults and enforce all new key vaults to use the Azure RBAC permission model. To learn how to enforce the new built-in policy, see [Azure RBAC migration governance](../general/rbac-migration.md#migration-governance-with-azure-policy).
 
 ## April 2022
 
 Automated encryption key rotation in Key Vault is now generally available.
 
-For more information, see [Configure key auto-rotation in Key Vault](../keys/how-to-configure-key-rotation.md)
+For more information, see [Configure key auto-rotation in Key Vault](../keys/how-to-configure-key-rotation.md).
 
 ## January 2022
 
-Azure Key Vault service throughput limits have been increased to serve double its previous quota for each vault to help ensure high performance for applications. That is, for secret GET and RSA 2,048-bit software keys, you'll receive 4,000 GET transactions per 10 seconds versus 2,000 per 10 seconds previously. The service quotas are specific to operation type and the entire list can be accessed in [Azure Key Vault Service Limits](./service-limits.md). 
+Azure Key Vault service throughput limits doubled for each vault to help ensure high performance for applications. For example, for secret GET and RSA 2,048-bit software keys, you now receive 4,000 GET transactions per 10 seconds instead of 2,000. The service quotas are specific to operation type. For the full list, see [Azure Key Vault service limits](./service-limits.md).
 
-For Azure update announcement, see [General availability: Azure Key Vault increased service limits for all its customers](https://azure.microsoft.com/updates/azurekeyvaultincreasedservicelimits/).
+For the Azure update announcement, see [General availability: Azure Key Vault increased service limits for all its customers](https://azure.microsoft.com/updates/azurekeyvaultincreasedservicelimits/).
 
 
 ## December 2021
 
-Automated encryption key rotation in Key Vault is now in preview. You can set a rotation policy on a key to schedule automated rotation and configure expiry notifications through Event Grid integration. 
+Automated encryption key rotation in Key Vault is now in preview. You can set a rotation policy on a key to schedule automated rotation and configure expiry notifications through Event Grid integration.
 
-For more information, see [Configure key auto-rotation in Key Vault](../keys/how-to-configure-key-rotation.md)
+For more information, see [Configure key auto-rotation in Key Vault](../keys/how-to-configure-key-rotation.md).
 
 ## October 2021
 
-Integration of Azure Key Vault with Azure Policy has reached general availability and is now ready for production use. This capability is a step towards our commitment to simplifying secure secrets management in Azure, while also enhancing policy enforcements that you can define on Key Vault, keys, secrets and certificates. Azure Policy allows you to place guardrails on Key Vault and its objects to ensure they're compliant with your organizations security recommendations and compliance regulations. It allows you to perform real time policy-based enforcement and on-demand compliance assessment of existing secrets in your Azure environment. The results of audits performed by policy will be available to you in a compliance dashboard where you'll be able to see a drill-down of which resources and components are compliant and which aren't. Azure policy for Key Vault will provide you with a full suite of built-in policies offering governance of your keys, secrets, and certificates.  
+Integration of Azure Key Vault with Azure Policy has reached general availability. Azure Policy lets you place guardrails on Key Vault and its objects to ensure they comply with your organization's security recommendations and compliance regulations. You can perform real-time policy-based enforcement and on-demand compliance assessment of existing secrets in your Azure environment. A compliance dashboard shows which resources and components are compliant.
 
-You can learn more about how to [Integrate Azure Key Vault with Azure Policy](./azure-policy.md?tabs=certificates) and assign a new policy. See the [Azure Key Vault policy announcement](https://azure.microsoft.com/updates/gaazurepolicyforkeyvault) for more details.
+Azure Policy for Key Vault provides a full suite of built-in policies for governance of your keys, secrets, and certificates. To learn more, see [Integrate Azure Key Vault with Azure Policy](./azure-policy.md?tabs=certificates). For the announcement, see [Azure Key Vault policy general availability](https://azure.microsoft.com/updates/gaazurepolicyforkeyvault).
 
 ## June 2021
 
-Azure Key Vault Managed HSM is generally available. Managed HSM offers a fully managed, highly available, single-tenant, high-throughput, standards-compliant cloud service to safeguard cryptographic keys for your cloud applications, using FIPS 140-2 Level 3 validated HSMs. 
+Azure Key Vault Managed HSM is generally available. Managed HSM offers a fully managed, highly available, single-tenant cloud service to safeguard cryptographic keys for your cloud applications using FIPS 140-2 Level 3 validated HSMs.
 
-For more information, see [Azure Key Vault Managed HSM Overview](../managed-hsm/overview.md)
+For more information, see [Azure Key Vault Managed HSM overview](../managed-hsm/overview.md).
 
 ## February 2021
 
-Azure role-based access control (RBAC) for Azure Key Vault data plane authorization is now generally available. With this capability, you can now manage RBAC for Key Vault keys, certificates, and secrets with roles assignment scope available from management group to individual key, certificate, and secret. 
+Azure role-based access control (RBAC) for Azure Key Vault data plane authorization is now generally available. You can now manage RBAC for Key Vault keys, certificates, and secrets with role assignment scopes from management group to individual key, certificate, and secret.
 
-For more information, see [Provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control](rbac-guide.md)
+For more information, see [Provide access to Key Vault keys, certificates, and secrets with Azure role-based access control](rbac-guide.md).
 
 ## October 2020
 
@@ -197,7 +197,7 @@ Private endpoints now available in preview. Azure Private Link Service enables y
 
 New features and integrations released this year:
 
-- Integration with Azure Functions. For an example scenario leveraging [Azure Functions](/azure/azure-functions/) for key vault operations, see [Automate the rotation of a secret](../secrets/tutorial-rotation.md).
+- Integration with Azure Functions. For an example scenario that uses [Azure Functions](/azure/azure-functions/) for key vault operations, see [Automate the rotation of a secret](../secrets/tutorial-rotation.md).
 - [Integration with Azure Databricks](./integrate-databricks-blob-storage.md). With this, Azure Databricks now supports two types of secret scopes: Azure Key Vault-backed and Databricks-backed. For more information, see [Create an Azure Key Vault-backed secret scope](/azure/databricks/security/secrets/secret-scopes#--create-an-azure-key-vault-backed-secret-scope)
 - [Virtual network service endpoints for Azure Key Vault](overview-vnet-service-endpoints.md).
 
@@ -232,7 +232,7 @@ Second preview version (version 2015-02-01-preview) was announced April 20, 2015
 - Create a secret - added tags as optional information.
 - Update a key - added tags as optional information.
 - Update a secret - added tags as optional information.
-- Changed max size for secrets from 10 K to 25 K Bytes. See, [About keys, secrets, and certificates](about-keys-secrets-certificates.md).
+- Changed max size for secrets from 10 K to 25 K Bytes. See [About keys, secrets, and certificates](about-keys-secrets-certificates.md).
 
 ## 2014