[ReleasePR sql] Update VA API documentation (#1693)

msftbot[bot] · web-flow · commit 05e0b6e9250d · 2021-05-10T06:22:14.000Z
Create to sync Azure/azure-rest-api-specs#14327 [ReCreate this PR](https://github.com/azure-resource-manager-schemas/compare/master...AzureSDKAutomation:sdkAuto/sql?expand=1)
diff --git a/schemas/2020-11-01-preview/Microsoft.Sql.json b/schemas/2020-11-01-preview/Microsoft.Sql.json
@@ -5865,15 +5865,15 @@
         },
         "storageAccountAccessKey": {
           "type": "string",
-          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required."
+          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall"
         },
         "storageContainerPath": {
           "type": "string",
           "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/)."
         },
         "storageContainerSasKey": {
           "type": "string",
-          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required."
+          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall"
         }
       },
       "required": [
@@ -8196,15 +8196,15 @@
         },
         "storageAccountAccessKey": {
           "type": "string",
-          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required."
+          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall"
         },
         "storageContainerPath": {
           "type": "string",
           "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/)."
         },
         "storageContainerSasKey": {
           "type": "string",
-          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required."
+          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall"
         }
       },
       "required": [
