diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ManagedInstanceVulnerabilityAssessments.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ManagedInstanceVulnerabilityAssessments.json
index 3d66679fb9f4..9307739fd88a 100644
--- a/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ManagedInstanceVulnerabilityAssessments.json
+++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ManagedInstanceVulnerabilityAssessments.json
@@ -76,7 +76,7 @@
         "tags": [
           "ManagedInstanceVulnerabilityAssessments"
         ],
-        "description": "Creates or updates the managed instance's vulnerability assessment.",
+        "description": "Creates or updates the managed instance's vulnerability assessment. Learn more about setting SQL vulnerability assessment with managed identity - https://docs.microsoft.com/azure/azure-sql/database/sql-database-vulnerability-assessment-storage",
         "operationId": "ManagedInstanceVulnerabilityAssessments_CreateOrUpdate",
         "parameters": [
           {
@@ -265,7 +265,7 @@
           ]
         },
         "storageContainerSasKey": {
-          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.",
+          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
           "type": "string",
           "x-ms-mutability": [
             "create",
@@ -273,7 +273,7 @@
           ]
         },
         "storageAccountAccessKey": {
-          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.",
+          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
           "type": "string",
           "x-ms-mutability": [
             "create",
diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ServerVulnerabilityAssessments.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ServerVulnerabilityAssessments.json
index 87767d8389fe..f448d544eaa8 100644
--- a/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ServerVulnerabilityAssessments.json
+++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2020-11-01-preview/ServerVulnerabilityAssessments.json
@@ -76,7 +76,7 @@
         "tags": [
           "ServerVulnerabilityAssessments"
         ],
-        "description": "Creates or updates the server's vulnerability assessment.",
+        "description": "Creates or updates the server's vulnerability assessment. Learn more about setting SQL vulnerability assessment with managed identity - https://docs.microsoft.com/azure/azure-sql/database/sql-database-vulnerability-assessment-storage",
         "operationId": "ServerVulnerabilityAssessments_CreateOrUpdate",
         "parameters": [
           {
@@ -261,7 +261,7 @@
           ]
         },
         "storageContainerSasKey": {
-          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.",
+          "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
           "type": "string",
           "x-ms-mutability": [
             "create",
@@ -269,7 +269,7 @@
           ]
         },
         "storageAccountAccessKey": {
-          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.",
+          "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
           "type": "string",
           "x-ms-mutability": [
             "create",