update role info

Author: JnHs

articles/azure-arc/kubernetes/conceptual-gitops-flux2.md

@@ -1,7 +1,7 @@
 ---
 title: "GitOps Flux v2 configurations with AKS and Azure Arc-enabled Kubernetes"
 description: "This article provides a conceptual overview of GitOps in Azure for use in Azure Arc-enabled Kubernetes and Azure Kubernetes Service (AKS) clusters."
-ms.date: 03/17/2023
+ms.date: 03/20/2023
 ms.topic: conceptual
 ms.custom: devx-track-azurecli, references-regions
 ---
@@ -365,7 +365,7 @@ If you use `azblob` source, here are the blob-specific command arguments.
 | `--mi_client_id` | String | The client ID of the managed identity for authentication with Azure Blob |
 
 > [!IMPORTANT]
-> When using managed identity authentication for AKS clusters and `azblob` source, the managed identity must be assigned the [Storage Blob Data Reader](/azure/role-based-access-control/built-in-roles#storage-blob-data-reader) or [Storage Blob Data Contributor](/azure/role-based-access-control/built-in-roles#storage-blob-data-contributor) role. Authentication using a managed identity is not yet available for Azure Arc-enabled Kubernetes clusters.
+> When using managed identity authentication for AKS clusters and `azblob` source, the managed identity must be assigned at minimum the [Storage Blob Data Reader](/azure/role-based-access-control/built-in-roles#storage-blob-data-reader) role. Authentication using a managed identity is not yet available for Azure Arc-enabled Kubernetes clusters.
 
 ### Local secret for authentication with source