updates to applies to

julieMSFT · julieMSFT · commit 5e04ee4e2478 · 2020-06-17T17:09:22.000-07:00
diff --git a/azure-sql/database/transparent-data-encryption-tde-overview.md b/azure-sql/database/transparent-data-encryption-tde-overview.md
@@ -16,14 +16,14 @@ ms.date: 06/15/2020
 # Transparent data encryption for SQL Database, SQL Managed Instance, and Azure Synapse Analytics
 [!INCLUDE[appliesto-sqldb-sqlmi-asa](../includes/appliesto-sqldb-sqlmi-asa.md)]
 
-[Transparent data encryption (TDE)](/sql/relational-databases/security/encryption/transparent-data-encryption) helps protect Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics against the threat of malicious offline activity by encrypting data at rest. It performs real-time encryption and decryption of the database, associated backups, and transaction log files at rest without requiring changes to the application. By default, TDE is enabled for all newly deployed databases and must be manually enabled for older databases of Azure SQL Database, Azure SQL Managed Instance, or Azure Synapse Analytics.
+[Transparent data encryption (TDE)](/sql/relational-databases/security/encryption/transparent-data-encryption) helps protect Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics against the threat of malicious offline activity by encrypting data at rest. It performs real-time encryption and decryption of the database, associated backups, and transaction log files at rest without requiring changes to the application. By default, TDE is enabled for all newly deployed SQL Databases and must be manually enabled for older databases of Azure SQL Database, Azure SQL Managed Instance. TDE must be manually enabled for Azure Synapse Analytics.
 
 TDE performs real-time I/O encryption and decryption of the data at the page level. Each page is decrypted when it's read into memory and then encrypted before being written to disk. TDE encrypts the storage of an entire database by using a symmetric key called the Database Encryption Key (DEK). On database startup, the encrypted DEK is decrypted and then used for decryption and re-encryption of the database files in the SQL Server database engine process. DEK is protected by the TDE protector. TDE protector is either a service-managed certificate (service-managed transparent data encryption) or an asymmetric key stored in [Azure Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault) (customer-managed transparent data encryption).
 
 For Azure SQL Database and Azure Synapse, the TDE protector is set at the [server](logical-servers.md) level and is inherited by all databases associated with that server. For Azure SQL Managed Instance (BYOK feature in preview), the TDE protector is set at the instance level and it is inherited by all encrypted databases on that instance. The term *server* refers both to server and instance throughout this document, unless stated differently.
 
 > [!IMPORTANT]
-> All newly created databases in SQL Database and Azure Synapse are encrypted by default by using service-managed transparent data encryption. Existing SQL databases created before May 2017 and SQL databases created through restore, geo-replication, and database copy are not encrypted by default. Existing SQL Managed Instance databases created before February 2019 are not encrypted by default. SQL Managed Instance databases created through restore inherit encryption status from the source.
+> All newly created databases in SQL Database are encrypted by default by using service-managed transparent data encryption. Existing SQL databases created before May 2017 and SQL databases created through restore, geo-replication, and database copy are not encrypted by default. Existing SQL Managed Instance databases created before February 2019 are not encrypted by default. SQL Managed Instance databases created through restore inherit encryption status from the source.
 
 > [!NOTE]
 > TDE cannot be used to encrypt the **master** database in SQL Database.  The **master** database contains objects that are needed to perform the TDE operations on the user databases.
diff --git a/azure-sql/includes/appliesto-sqldb-asa.md b/azure-sql/includes/appliesto-sqldb-asa.md
@@ -1,2 +1,2 @@
-<Token>**APPLIES TO:** ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure Synapse Analytics (Preview) </Token>
+<Token>**APPLIES TO:** ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure Synapse Analytics (SQL DW) </Token>
 
diff --git a/azure-sql/includes/appliesto-sqldb-sqlmi-asa.md b/azure-sql/includes/appliesto-sqldb-sqlmi-asa.md
@@ -1,2 +1,2 @@
-<Token>**APPLIES TO:** ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure SQL Managed Instance ![yes](../media/applies-to/yes.png) Azure Synapse Analytics (Preview) </Token>
+<Token>**APPLIES TO:** ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure SQL Managed Instance ![yes](../media/applies-to/yes.png) Azure Synapse Analytics (SQL DW) </Token>
 

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`		`-<Token>APPLIES TO: ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure Synapse Analytics (Preview) </Token>`
	`1`	`+<Token>APPLIES TO: ![yes](../media/applies-to/yes.png)Azure SQL Database ![yes](../media/applies-to/yes.png)Azure Synapse Analytics (SQL DW) </Token>`
`2`	`2`