Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

website/content/docs/security/acl/tokens/create/create-a-consul-esm-token.mdx

@@ -11,7 +11,7 @@ This topic describes how to create a token for the Consul External Service Monit
 
 ## Introduction
 
-Consul External Service Monitor (ESM) can monitor third party or external services in contexts where it is not possible to run a Consul agent. To learn more about Consul ESM, refer to the [Register External Services with Consul Service Discovery](/consul/tutorials/developer-discovery/service-registration-external-services) tutorial.
+Consul external service monitor (ESM) can monitor third-party or external services in contexts where you are unable to run a Consul agent. To learn more about Consul ESM, refer to the [Register External Services with Consul Service Discovery](/consul/tutorials/developer-discovery/service-registration-external-services) tutorial.
 
 
 ## Requirements
@@ -28,7 +28,7 @@ Consul ESM must present a token linked to policies that grant the following perm
 * `session:write`: Enables Consul ESM is registered to acquire a leader lock
 * `acl:read`: (Enterprise-only) Enables Consul ESM to scan namespaces for nodes and health checks to monitor
 
--> Note: Consul ESM does not currently support non-default partitions.
+Consul ESM only supports `default` admin partitions.
 
 @include 'create-token-requirements.mdx'
 

website/content/docs/security/acl/tokens/create/create-a-dns-token.mdx

@@ -7,11 +7,11 @@ description: >-
 
 # Create a DNS token
 
-This topic describes how to create a token that you can use to enable using Consul DNS.
+This topic describes how to create a token that enables the Consul DNS to query services in the network when ACLs are enabled.
 
 ## Introduction
 
-A Consul agent must be configured with a token linked to policies that grant the appropriate set of permissions. To enable catalog lookups over DNS, the token must be linked to policies that grant the following permissions:
+A Consul agent must be configured with a token linked to policies that grant the appropriate set of permissions. 
 
 Specify the [`default`](/consul/docs/agent/config/config-files#acl_tokens_default) token to the Consul agent to authorize the agent to respond to DNS queries. Refer to [DNS usage overview](/consul/docs/services/discovery/dns-overview) for details on configuring and using Consul DNS.
 

website/content/docs/security/acl/tokens/create/create-a-replication-token.mdx

@@ -7,14 +7,13 @@ description: >-
 
 # Create a replication token
 
-This topic describes how to configure an ACL token for ACL replication between WAN-federated datacenters.
+This topic describes how to configure an ACL token for ACL replication between WAN-federated datacenters. If your Consul clusters are connected through peer connections, ACL replication is not required. To learn more about cluster peering, refer to the [comparison between WAN federation and cluster peering](/consul/docs/connect/cluster-peering#compared-with-wan-federation).
 
 ## Introduction
 
 Consul agents must present a token linked to policies that grant the appropriate set of permissions.
-Specify the [`replication`](/consul/docs/agent/config/config-files#acl_tokens_replication) token on each server in a non-primary datacenter. To learn about configuring ACL replication, refer to the ACL Replication for Multiple Datacenters tutorial.
+Specify the [`replication`](/consul/docs/agent/config/config-files#acl_tokens_replication) token on each server in a non-primary datacenter. For hands-on instructions on how to configure ACL replication across datacenters, refer to the [ACL Replication for Multiple Datacenters](/consul/tutorials/security-operations/access-control-replication-multiple-datacenters) tutorial.
 
--> Note: ACL replication is only supported for WAN-federated datacenters. When using cluster peering to connect Consul datacenters, ACL replication is not required. To learn more about cluster peering, refer to Differences between WAN federation and cluster peering.
 
 ## Requirements
 

website/content/docs/security/acl/tokens/create/create-a-snapshot-agent-token.mdx

@@ -11,10 +11,6 @@ This topic describes how to create a token for the Consul snapshot agent.
 
 <EnterpriseAlert />
 
-~> The [`agent`](/consul/commands/snapshot/agent) subcommand described here is
-available only in [Consul Enterprise](https://www.hashicorp.com/products/consul/)
-version 0.7.1 and later. All other [snapshot subcommands](/consul/commands/snapshot)
-are available in the open source version of Consul.
 
 ## Introduction
 
@@ -24,7 +20,10 @@ servers and either saves them locally or pushes them to a remote storage service
 ## Requirements
 
 Core ACL functionality is available in all versions of Consul.
+### `agent` command requirements
 
+The [`agent`](/consul/commands/snapshot/agent) subcommand requires [Consul Enterprise](https://www.hashicorp.com/products/consul/). All other [snapshot subcommands](/consul/commands/snapshot)
+are available in the open source version of Consul.
 The Consul snapshot agent must present a token linked to policies that grant the following set of permissions.
 
 * `acl:write`: Enables the agent read and snapshot ACL data

website/content/docs/security/acl/tokens/create/create-a-token-for-vault-consul-storage.mdx

@@ -31,10 +31,8 @@ To create a token for Vault’s Consul storage backend, you must define a policy
 
 ### Define a policy
 
-
 You can send policy definitions as command line or API arguments or define them in an external HCL or JSON file. Refer to [ACL Rules](/consul/docs/security/acl/acl-rules) for details about all of the rules you can use in your policies.
 
-
 The following example policy is defined in a file. The policy grants the appropriate permissions to enable Vault to register as a service named `vault` and provides access to the `vault/` path in Consul's KV store.
 
 <CodeTabs>