Merge pull request #203988 from anraghun/aak8s-updates

PRMerger6 · web-flow · commit f49be41b6cef · 2022-07-07T03:29:48.000-07:00
Refreshing stale Arc K8s docs
diff --git a/articles/azure-arc/kubernetes/azure-rbac.md b/articles/azure-arc/kubernetes/azure-rbac.md
@@ -36,7 +36,7 @@ A conceptual overview of this feature is available in the [Azure RBAC on Azure A
     - [Upgrade your agents](agent-upgrade.md#manually-upgrade-agents) to version 1.1.0 or later.
 
 > [!NOTE]
-> You can't set up this feature for managed Kubernetes offerings of cloud providers like Elastic Kubernetes Service or Google Kubernetes Engine where the user doesn't have access to the API server of the cluster. For Azure Kubernetes Service (AKS) clusters, this [feature is available natively](../../aks/manage-azure-rbac.md) and doesn't require the AKS cluster to be connected to Azure Arc.
+> You can't set up this feature for managed Kubernetes offerings of cloud providers like Elastic Kubernetes Service or Google Kubernetes Engine where the user doesn't have access to the API server of the cluster. For Azure Kubernetes Service (AKS) clusters, this [feature is available natively](../../aks/manage-azure-rbac.md) and doesn't require the AKS cluster to be connected to Azure Arc. This feature isn't supported on AKS on Azure Stack HCI.
 
 ## Set up Azure AD applications
 
diff --git a/articles/azure-arc/kubernetes/cluster-connect.md b/articles/azure-arc/kubernetes/cluster-connect.md
@@ -84,14 +84,6 @@ A conceptual overview of this feature is available in [Cluster connect - Azure A
 
 ---
 
-## Enable Cluster Connect feature
-
-You can enable the Cluster Connect on any Azure Arc-enabled Kubernetes cluster by running the following command on a machine where the `kubeconfig` file is pointed to the cluster of concern:
-
-```azurecli
-az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $RESOURCE_GROUP
-```
-
 ## Azure Active Directory authentication option
 
 ### [Azure CLI](#tab/azure-cli)
@@ -101,7 +93,7 @@ az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $
    - For an Azure AD user account:
 
      ```azurecli
-     AAD_ENTITY_OBJECT_ID=$(az ad signed-in-user show --query objectId -o tsv)
+     AAD_ENTITY_OBJECT_ID=$(az ad signed-in-user show --query userPrincipalName -o tsv)
      ```
 
    - For an Azure AD application:
diff --git a/articles/azure-arc/kubernetes/kubernetes-resource-view.md b/articles/azure-arc/kubernetes/kubernetes-resource-view.md
@@ -17,8 +17,6 @@ The Azure portal includes a Kubernetes resource view for easy access to the Kube
 
 - An existing Kubernetes cluster [connected](quickstart-connect-cluster.md) to Azure as an Azure Arc-enabled Kubernetes resource.
 
-- [Cluster Connect feature has to be enabled](cluster-connect.md#enable-cluster-connect-feature) on the Azure Arc-enabled Kubernetes cluster.
-
 - [Service account token](cluster-connect.md#service-account-token-authentication-option) for authentication to the cluster.
 
 ## View Kubernetes resources
diff --git a/articles/azure-arc/kubernetes/quickstart-connect-cluster.md b/articles/azure-arc/kubernetes/quickstart-connect-cluster.md
@@ -40,11 +40,6 @@ For a conceptual look at connecting clusters to Azure Arc, see [Azure Arc-enable
   * [Kubernetes in Docker (KIND)](https://kind.sigs.k8s.io/)
   * Create a Kubernetes cluster using Docker for [Mac](https://docs.docker.com/docker-for-mac/#kubernetes) or [Windows](https://docs.docker.com/docker-for-windows/#kubernetes)
   * Self-managed Kubernetes cluster using [Cluster API](https://cluster-api.sigs.k8s.io/user/quick-start.html)
-  * If you want to connect a OpenShift cluster to Azure Arc, execute the following command one time on your cluster before running `az connectedk8s connect`:
-
-    ```bash
-    oc adm policy add-scc-to-user privileged system:serviceaccount:azure-arc:azure-arc-kube-aad-proxy-sa
-    ```
 
     >[!NOTE]
     > The cluster needs to have at least one node of operating system and architecture type `linux/amd64`. Clusters with only `linux/arm64` nodes aren't yet supported.
diff --git a/articles/azure-arc/kubernetes/troubleshooting.md b/articles/azure-arc/kubernetes/troubleshooting.md
@@ -457,7 +457,7 @@ If your cluster is behind an outbound proxy or firewall, verify that websocket c
 
 ### Cluster Connect feature disabled
 
-If the Cluster Connect feature is disabled on the cluster, then `az connectedk8s proxy` will fail to establish a session with the cluster.
+If the `clusterconnect-agent` and `kube-aad-proxy` pods are missing, then the cluster connect feature is likely disabled on the cluster, and `az connectedk8s proxy` will fail to establish a session with the cluster.
 
 ```azurecli
 az connectedk8s proxy -n AzureArcTest -g AzureArcTest
@@ -467,7 +467,11 @@ az connectedk8s proxy -n AzureArcTest -g AzureArcTest
 Cannot connect to the hybrid connection because no agent is connected in the target arc resource.
 ```
 
-To resolve this error, [enable the Cluster Connect feature](cluster-connect.md#enable-cluster-connect-feature) on your cluster.
+To resolve this error, enable the Cluster Connect feature on your cluster.
+
+```azurecli
+az connectedk8s enable-features --features cluster-connect -n $CLUSTER_NAME -g $RESOURCE_GROUP
+```
 
 ## Enable custom locations using service principal
 
