Learn Editor: Update cluster-connect.md

alt-key · alt-key · commit 68adb3519545 · 2024-06-04T12:51:26.000-10:00
diff --git a/articles/azure-arc/kubernetes/cluster-connect.md b/articles/azure-arc/kubernetes/cluster-connect.md
@@ -78,22 +78,28 @@ Before you begin, review the [conceptual overview of the cluster connect feature
 
 ## Set up authentication
 
-On the existing Arc-enabled cluster, create the ClusterRoleBinding with either Microsoft Entra authentication, or a service account token.
+On the existing Arc-enabled cluster, create the ClusterRoleBinding with either Microsoft Entra authentication or service account token.
 
 <a name='azure-active-directory-authentication-option'></a>
 
 ### Microsoft Entra authentication option
 
 #### [Azure CLI](#tab/azure-cli)
 
-1. Get the `objectId` associated with your Microsoft Entra entity.
-
-   - For a Microsoft Entra user account:
+1. Get the `objectId` associated with your Microsoft Entra entity. 
 
+   - For a Microsoft Entra group account:
+   
      ```azurecli
      AAD_ENTITY_OBJECT_ID=$(az ad signed-in-user show --query id -o tsv)
      ```
 
+   - For a Microsoft Entra single user account:
+   
+     ```azurecli
+     AAD_ENTITY_OBJECT_ID=$(az ad signed-in-user show --query userPrincipalName -o tsv)
+     ```
+
    - For a Microsoft Entra application:
 
      ```azurecli
@@ -119,12 +125,18 @@ On the existing Arc-enabled cluster, create the ClusterRoleBinding with either M
 
 1. Get the `objectId` associated with your Microsoft Entra entity.
 
-   - For a Microsoft Entra user account:
+   - For a Microsoft Entra group account:
 
      ```azurepowershell
      $AAD_ENTITY_OBJECT_ID = (az ad signed-in-user show --query id -o tsv)
      ```
 
+   - For a Microsoft Entra single user account:
+
+     ```azurepowershell
+     $AAD_ENTITY_OBJECT_ID = (az ad signed-in-user show --query userPrincipalName -o tsv)
+     ```
+
    - For a Microsoft Entra application:
 
      ```azurepowershell
@@ -133,7 +145,7 @@ On the existing Arc-enabled cluster, create the ClusterRoleBinding with either M
 
 1. Authorize the entity with appropriate permissions.
 
-   - If you're using Kubernetes native ClusterRoleBinding or RoleBinding for authorization checks on the cluster, with the `kubeconfig` file pointing to the `apiserver` of your cluster for direct access, you can create one mapped to the Microsoft Entra entity (service principal or user) that needs to access this cluster. For example:
+   - If you're using native Kubernetes ClusterRoleBinding or RoleBinding for authorization checks on the cluster, with the `kubeconfig` file pointing to the `apiserver` of your cluster for direct access, you can create one mapped to the Microsoft Entra entity (service principal or user) that needs to access this cluster. For example:
 
       ```console
       kubectl create clusterrolebinding demo-user-binding --clusterrole cluster-admin --user=$AAD_ENTITY_OBJECT_ID
