Merge pull request #78799 from tylerfox/hdinsight-cluster-config

Update hdinsight-migrate-granular-access-cluster-configurations.md

Author: PRMerger17

articles/hdinsight/hdinsight-migrate-granular-access-cluster-configurations.md

@@ -17,8 +17,8 @@ We are introducing some important changes to support more fine-grained role-base
 
 Previously, secrets could be obtained via the HDInsight API by cluster users
 possessing the Owner, Contributor, or Reader [RBAC
-roles](https://docs.microsoft.com/azure/role-based-access-control/rbac-and-directory-admin-roles).
-Going forward, these secrets will no longer be accessible to users with the
+roles](https://docs.microsoft.com/azure/role-based-access-control/rbac-and-directory-admin-roles), as they were available to anyone with the `*/read` permission was required.
+Going forward, accessing these secrets will require the `Microsoft.HDInsight/clusters/configurations/*` permission, meaning they can no longer be accessed by users with the
 Reader role. Secrets are defined as values that could be used to obtain more elevated access than a user's role should allow. These include values such as cluster gateway HTTP credentials, storage account keys, and database credentials.
 
 We are also introducing a new [HDInisght Cluster Operator](https://docs.microsoft.com/azure/role-based-access-control/built-in-roles#hdinsight-cluster-operator) role