Merge pull request #188090 from sefriend/svmonc-doc-updates

PRMerger4 · web-flow · commit ce1d0eeb4a1f · 2022-02-11T09:27:08.000-08:00
Updated SVMONC doc to be accurate
diff --git a/articles/virtual-desktop/start-virtual-machine-connect.md b/articles/virtual-desktop/start-virtual-machine-connect.md
@@ -30,14 +30,14 @@ The following Remote Desktop clients support the Start VM on Connect feature:
 
 ## Create a custom role for Start VM on Connect
 
-Before you can configure the Start VM on Connect feature, you'll need to assign your VM a custom RBAC (role-based access control) role. This role will let Azure Virtual Desktop manage the VMs in your subscription. You can also use this role to turn on VMs, check their status, and report diagnostic info. If you want to know more about what each role does, take a look at [Azure custom roles](../role-based-access-control/custom-roles.md).
+Before you can configure the Start VM on Connect feature, you'll need to assign a subscription-level custom RBAC (role-based access control) role to the Azure Virtual Desktop service principal . This role will let Azure Virtual Desktop manage the VMs in your subscription. This role grants Azure Virtual Desktop the permissions to turn on VMs, check their status, and report diagnostic info. If you want to know more about Azure custom RBAC roles, take a look at [Azure custom roles](../role-based-access-control/custom-roles.md).
 
 >[!NOTE]
->If your VMs and host pool are in different subscriptions, the RBAC role needs to be assigned to the subscription that the VMs are in.
+>If your VMs and host pool are in different subscriptions, the RBAC role needs to be created in the subscription that the VMs are in.
 
 ### Use the Azure portal
 
-To use the Azure portal to assign a custom role for Start VM on Connect:
+To use the Azure portal to create a custom role for Start VM on Connect:
 
 1. Open the Azure portal and go to **Subscriptions**.
 
@@ -48,9 +48,9 @@ To use the Azure portal to assign a custom role for Start VM on Connect:
     > [!div class="mx-imgBorder"]
     > ![A screenshot of a drop-down menu from the Add button in Access control (IAM). "Add a custom role" is highlighted in red.](media/add-custom-role.png)
 
-4. Next, name the custom role and add a description. We recommend you name it “start VM on connect.”
+4. Next, name the custom role and add a description. We recommend you name it “Start VM on Connect.”
 
-5. On the **Permissions** tab, add one of the two following sets of permissions to the subscription you're assigning the role to: 
+5. On the **Permissions** tab, add one of the two following sets of permissions to the role: 
  
    - Microsoft.Compute/virtualMachines/start/action
    - Microsoft.Compute/virtualMachines/read 
@@ -61,20 +61,20 @@ To use the Azure portal to assign a custom role for Start VM on Connect:
    - Microsoft.Compute/virtualMachines/start/action
    - Microsoft.Compute/virtualMachines/*/read 
 
-6. When you're finished, select **Ok**.
+6. When you're finished, select **Review + create**. It may take a few minutes for the RBAC service to create the custom role.
 
-After that, you'll need to assign the role to grant access to Azure Virtual Desktop.
+After that, you'll need to assign the role to the Azure Virtual Desktop service principal.
 
 To assign the custom role:
 
-1. In the **Access control (IAM) tab**, select **Add role assignments**.
+1. In the **Access control (IAM) tab**, select **Add role assignment**.
 
-2. Select the role you just created.
+2. Search for and select the role you just created.
 
-3. In the search bar, enter and select **Windows Virtual Desktop** (this will soon be updated to "Azure Virtual Desktop").
+3. On the **Members** tab, enter and select **Windows Virtual Desktop** in the search bar.
 
       >[!NOTE]
-      >You might see two apps if you have deployed Azure Virtual Desktop (classic). Assign the role to both apps you see.
+      >You might see both the Windows Virtual Desktop and Windows Virtual Desktop Azure Resource Manager Provider first party applications appear if you've deployed Azure Virtual Desktop (classic). Assign the role to both apps.
       >
       > [!div class="mx-imgBorder"]
       > ![A screenshot of the Access control (IAM) tab. In the search bar, both Azure Virtual Desktop and Azure Virtual Desktop (classic) are highlighted in red.](media/add-role-assignment.png)
