proxy cert alias and misc changes

anraghun · anraghun · commit be60271e2e31 · 2022-10-20T16:11:24.000+05:30
diff --git a/articles/azure-arc/kubernetes/agent-upgrade.md b/articles/azure-arc/kubernetes/agent-upgrade.md
@@ -88,10 +88,10 @@ Azure Arc-enabled Kubernetes follows the standard [semantic versioning scheme](h
 
 While the schedule may vary, a new minor version of Azure Arc-enabled Kubernetes agents is released approximately once per month.
 
-The following command upgrades the agent to version 1.1.0:
+The following command upgrades the agent to version 1.8.14:
 
 ```azurecli
-az connectedk8s upgrade -g AzureArcTest1 -n AzureArcTest --agent-version 1.1.0
+az connectedk8s upgrade -g AzureArcTest1 -n AzureArcTest --agent-version 1.8.14
 ```
 
 ## Check agent version
diff --git a/articles/azure-arc/kubernetes/azure-rbac.md b/articles/azure-arc/kubernetes/azure-rbac.md
@@ -7,7 +7,7 @@ ms.topic: how-to
 description: "Use Azure RBAC for authorization checks on Azure Arc-enabled Kubernetes clusters."
 ---
 
-# Integrate Azure Active Directory with Azure Arc-enabled Kubernetes clusters
+# Use Azure RBAC for Azure Arc-enabled Kubernetes clusters
 
 Kubernetes [ClusterRoleBinding and RoleBinding](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding) object types help to define authorization in Kubernetes natively. By using this feature, you can use Azure Active Directory (Azure AD) and role assignments in Azure to control authorization checks on the cluster. This implies that you can now use Azure role assignments to granularly control who can read, write, and delete Kubernetes objects like deployment, pod, and service.
 
@@ -17,9 +17,9 @@ A conceptual overview of this feature is available in the [Azure RBAC on Azure A
 
 ## Prerequisites
 
-- [Install or upgrade the Azure CLI](/cli/azure/install-azure-cli) to version 2.16.0 or later.
+- [Install or upgrade the Azure CLI](/cli/azure/install-azure-cli) to the latest version.
 
-- Install the `connectedk8s` Azure CLI extension, version 1.1.0 or later:
+- Install the latest version of `connectedk8s` Azure CLI extension:
 
     ```azurecli
     az extension add --name connectedk8s
@@ -33,7 +33,7 @@ A conceptual overview of this feature is available in the [Azure RBAC on Azure A
 
 - Connect an existing Azure Arc-enabled Kubernetes cluster:
     - If you haven't connected a cluster yet, use our [quickstart](quickstart-connect-cluster.md).
-    - [Upgrade your agents](agent-upgrade.md#manually-upgrade-agents) to version 1.1.0 or later.
+    - [Upgrade your agents](agent-upgrade.md#manually-upgrade-agents) to the latest version.
 
 > [!NOTE]
 > You can't set up this feature for managed Kubernetes offerings of cloud providers like Elastic Kubernetes Service or Google Kubernetes Engine where the user doesn't have access to the API server of the cluster. For Azure Kubernetes Service (AKS) clusters, this [feature is available natively](../../aks/manage-azure-rbac.md) and doesn't require the AKS cluster to be connected to Azure Arc. This feature isn't supported on AKS on Azure Stack HCI.
diff --git a/articles/azure-arc/kubernetes/quickstart-connect-cluster.md b/articles/azure-arc/kubernetes/quickstart-connect-cluster.md
@@ -28,9 +28,9 @@ For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enable
   > * The identity must have 'Read' and 'Write' permissions on the Azure Arc-enabled Kubernetes resource type (`Microsoft.Kubernetes/connectedClusters`).
   > * The [Kubernetes Cluster - Azure Arc Onboarding built-in role](../../role-based-access-control/built-in-roles.md#kubernetes-cluster---azure-arc-onboarding) can be used for this identity. This role is useful for at-scale onboarding, as it has only the granular permissions required to connect clusters to Azure Arc, and doesn't have permission to update, delete, or modify any other clusters or other Azure resources.
 
-* [Install or upgrade Azure CLI](/cli/azure/install-azure-cli) to version >= 2.16.0
+* [Install or upgrade Azure CLI](/cli/azure/install-azure-cli) to the latest version.
 
-* Install the **connectedk8s** Azure CLI extension of version >= 1.2.0:
+* Install the latest version of **connectedk8s** Azure CLI extension:
 
   ```azurecli
   az extension add --name connectedk8s
@@ -307,6 +307,10 @@ If your cluster is behind an outbound proxy server, requests must be routed via
 
 For outbound proxy servers where only a trusted certificate needs to be provided without the proxy server endpoint inputs, `az connectedk8s connect` can be run with just the `--proxy-cert` input specified. In case multiple trusted certificates are expected, the combined certificate chain can be provided in a single file using the `--proxy-cert` parameter.
 
+> [!NOTE]
+>
+> * `--custom-ca-cert` is an alias for `--proxy-cert`. Either parameters can be used interchangeably. Passing both parameters in the same command will honour the one passed last.
+
 ### [Azure CLI](#tab/azure-cli)
 
 Run the connect command with the `--proxy-cert` parameter specified:
