Fix include files to use site-relative links

msmbaldwin · msmbaldwin · commit c8910b937837 · 2026-03-13T12:03:44.000-07:00
diff --git a/articles/key-vault/includes/key-management-policy-grammar.md b/articles/key-vault/includes/key-management-policy-grammar.md
@@ -257,7 +257,7 @@ The encoding is as follows:
 An Environment Assertion is a signed assertion, in JSON Web Token form, from a trusted authority. An Environment Asserting contains at least a key encryption key and one or more claims about the target environment (for example, TEE type, publisher, version) that are matched against the Key Release Policy. The key encryption key is a public RSA key owned and protected by the target execution environment that is used for key export. It must appear in the TEE keys claim (x-ms-runtime/keys). This claim is a JSON object representing a JSON Web Key Set. Within the JWKS, one of the keys must meet the requirements for use as an encryption key (key_use is "enc", or key_ops contains "encrypt"). The first suitable key is chosen.
 
 ## Key Vault and Managed HSM Attestation Token Requirements
-Azure Key Vault Premium and Managed HSM Secure Key Release were designed alongside [Microsoft Azure Attestation Service](../../attestation/overview.md) but may work with any attestation server’s tokens if it conforms to the expected token structure, supports OpenID connect, and has the expected claims. DigiCert is presently the only public CA that Azure Key Vault Premium and Managed HSM trust for attestation token signing certificates. 
+Azure Key Vault Premium and Managed HSM Secure Key Release were designed alongside [Microsoft Azure Attestation Service](/azure/attestation/overview) but may work with any attestation server's tokens if it conforms to the expected token structure, supports OpenID connect, and has the expected claims. DigiCert is presently the only public CA that Azure Key Vault Premium and Managed HSM trust for attestation token signing certificates.
 
  
 
@@ -279,4 +279,4 @@ The full set of requirements are:
 
   - Marked with **key_use** of encryption or a **key_ops** array containing the Encrypt operation. 
 
-For a sample token see [Examples of an Azure Attestation token](../../attestation/attestation-token-examples.md#sample-jwt-generated-for-sev-snp-attestation).
+For a sample token see [Examples of an Azure Attestation token](/azure/attestation/attestation-token-examples#sample-jwt-generated-for-sev-snp-attestation).
diff --git a/articles/key-vault/includes/managed-hsm/cleanup-warning.md b/articles/key-vault/includes/managed-hsm/cleanup-warning.md
@@ -9,4 +9,4 @@ ms.date: 03/13/2026
 ---
 
 > [!WARNING]
-> Deleting the resource group puts the Managed HSM into a soft-deleted state. The Managed HSM continues to be billed until it is purged. See [Managed HSM soft-delete and purge protection](../../managed-hsm/recovery.md)
+> Deleting the resource group puts the Managed HSM into a soft-deleted state. The Managed HSM continues to be billed until it is purged. See [Managed HSM soft-delete and purge protection](/azure/key-vault/managed-hsm/recovery)
diff --git a/articles/key-vault/includes/managed-hsm/intro.md b/articles/key-vault/includes/managed-hsm/intro.md
@@ -8,4 +8,4 @@ ms.date: 03/13/2026
 # Include: Managed HSM intro description
 ---
 
-Managed HSM is a fully managed, highly available, single-tenant, standards-compliant cloud service that enables you to safeguard cryptographic keys for your cloud applications, using **FIPS 140-3 Level 3** validated HSMs. For more information on Managed HSM, review the [Overview](../../managed-hsm/overview.md).
+Managed HSM is a fully managed, highly available, single-tenant, standards-compliant cloud service that enables you to safeguard cryptographic keys for your cloud applications, using **FIPS 140-3 Level 3** validated HSMs. For more information on Managed HSM, review the [Overview](/azure/key-vault/managed-hsm/overview).
diff --git a/articles/key-vault/includes/managed-hsm/sdk-prereqs.md b/articles/key-vault/includes/managed-hsm/sdk-prereqs.md
@@ -9,7 +9,7 @@ ms.date: 03/13/2026
 ---
 
 - An Azure subscription. [Create one for free](https://azure.microsoft.com/free/).
-- A provisioned and activated Managed HSM. See [Quickstart: Provision and activate a managed HSM using Azure CLI](../../managed-hsm/quick-create-cli.md).
-- A key created in your Managed HSM. See [Manage keys in a Managed HSM](../../managed-hsm/key-management.md).
+- A provisioned and activated Managed HSM. See [Quickstart: Provision and activate a managed HSM using Azure CLI](/azure/key-vault/managed-hsm/quick-create-cli).
+- A key created in your Managed HSM. See [Manage keys in a Managed HSM](/azure/key-vault/managed-hsm/key-management).
 - An Azure resource with a managed identity (such as a VM, App Service, or Azure Function) or Azure CLI for local development.
-- The managed identity must have the appropriate Managed HSM local RBAC role assigned. See [Secure access to your managed HSMs](../../managed-hsm/how-to-secure-access.md).
+- The managed identity must have the appropriate Managed HSM local RBAC role assigned. See [Secure access to your managed HSMs](/azure/key-vault/managed-hsm/how-to-secure-access).
diff --git a/articles/key-vault/includes/managed-hsm/sdk-role-assignment.md b/articles/key-vault/includes/managed-hsm/sdk-role-assignment.md
@@ -24,4 +24,4 @@ az keyvault role assignment create \
     --scope /keys
 ```
 
-For more information on roles and permissions, see [Managed HSM local RBAC built-in roles](../../managed-hsm/built-in-roles.md).
+For more information on roles and permissions, see [Managed HSM local RBAC built-in roles](/azure/key-vault/managed-hsm/built-in-roles).
