Merge pull request #19615 from MicrosoftDocs/master

6/22 AM Publish

Author: huypub

docs/integration-services/connection-manager/integration-services-ssis-connections.md

@@ -244,6 +244,10 @@ Use the **Add SSIS Connection Manager** dialog box to select the type of connect
 
 2.  Configure the parameter settings in the **Parameterize** dialog box. For more information, see [Parameterize Dialog Box](../integration-services-ssis-package-and-project-parameters.md).  
 
+> [!NOTE]
+> Property **ConnectionString** is not sensitive and designed not to contain sensitive password information.
+> it is recommended to use property **Password** to parameterize sensitive password.
+
 ## Delete a connection manager 
 ###  <a name="DeletePackageLevel"></a> Delete a connection manager from a package  
 

docs/relational-databases/security/encryption/setup-steps-for-extensible-key-management-using-the-azure-key-vault.md

@@ -442,6 +442,20 @@ For a note about the minimum permission levels needed for each action in this se
     WITH PROVIDER_KEY_NAME = 'ContosoRSAKey0',  
     CREATION_DISPOSITION = OPEN_EXISTING;  
     ```  
+  
+   Beginning with updated version 1.0.5.0 of the SQL Server connector, you can refer to a specific key version in the Azure key vault:
+   
+   ```sql  
+   CREATE ASYMMETRIC KEY EKMSampleASYKey
+   FROM PROVIDER [AzureKeyVault_EKM]  
+   WITH PROVIDER_KEY_NAME = 'ContosoRSAKey0/1a4d3b9b393c4678831ccc60def75379',  
+   CREATION_DISPOSITION = OPEN_EXISTING; 
+   ```
+
+   In the preceding example script, `1a4d3b9b393c4678831ccc60def75379` represents the specific version of the key that will be used. If you use this script, it doesn't matter if you update the key with a new version. The key version (for example) `1a4d3b9b393c4678831ccc60def75379` will always be used for database operations. For this scenario, you must complete two prerequisites:
+   
+   1. Create a **SQL Server Cryptographic Provider** key on **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\\**.
+   1. Delegate access permissions on the **SQL Server Cryptographic Provider** key to the user account running the SQL Server database engine service.
 
 1. Create a new login by using the asymmetric key in [!INCLUDE[ssNoVersion](../../../includes/ssnoversion-md.md)] that you created in the preceding step.
 
@@ -481,8 +495,7 @@ For a note about the minimum permission levels needed for each action in this se
     CREATE DATABASE ENCRYPTION KEY
     WITH ALGORITHM = AES_256
     ENCRYPTION BY SERVER ASYMMETRIC KEY EKMSampleASYKey;
-    ```
-  
+    ``` 
 1. Encrypt the test database. Enable TDE by setting ENCRYPTION ON.
 
      ```sql  

docs/sql-server/index.yml

@@ -60,7 +60,7 @@ landingContent:
         url: ../azure-data-studio/what-is-azure-data-studio.md
       - text: SQL Server on Linux
         url: ../linux/sql-server-linux-overview.md
-      - text: SQL Server for Azure Arc (preview)
+      - text: Azure Arc enabled SQL Server (preview)
         url: azure-arc/overview.md
     - linkListType: quickstart
       links: