Merge pull request #2384 from chen-karen/main

Update backup and restore prerequisites for clarity

Author: prmerger-automator[bot]

articles/key-vault/managed-hsm/backup-restore.md

@@ -42,7 +42,7 @@ You must provide the following information to execute a full backup:
 
 1. Ensure you have the Azure CLI version 2.56.0 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install the Azure CLI](/cli/azure/install-azure-cli).
 2. Create a user assigned managed identity.
-3. Create a storage account (or use an existing storage account).
+3. Create a storage account (or use an existing storage account). The storage account cannot have an immutability policy applied to it.
 4. If public network access is disabled on your storage account, enable trusted service bypass on the storage account in the "Networking" tab, under "Exceptions."
 5. Provide 'storage blob data contributor' role access to the user assigned managed identity created in step 2, by going to the "Access Control" tab on the portal and selecting "Add Role Assignment". Then select "managed identity" and select the managed identity created in step#2 -> Review + Assign
 6. Create the Managed HSM and associate the managed identity:
@@ -60,6 +60,9 @@ Backup is a long running operation but immediately returns a Job ID. You can che
 
 While the backup is in progress, the HSM might not operate at full throughput as some HSM partitions are busy performing the backup operation.
 
+> [!NOTE]
+> Backups to storage accounts with an immutability policy applied is not supported.
+
 ### Backup HSM using user assigned managed identity
 ```azurecli-interactive
 az keyvault backup start --use-managed-identity true --hsm-name mhsmdemo2 --storage-account-name mhsmdemobackup --blob-container-name mhsmdemobackupcontainer