Add notes to selfAuth with Azure docs (flyteorg#4835)

* Add notes from recent Azure deployments Signed-off-by: davidmirror-ops <david [email protected]> * Rephrase multicluster auth Signed-off-by: davidmirror-ops <david [email protected]> * Rephrase multicluster auth v2 Signed-off-by: davidmirror-ops <david [email protected]> --------- Signed-off-by: davidmirror-ops <david [email protected]> Co-authored-by: davidmirror-ops <david [email protected]>
yubofredwang · Mar 26, 2024 · b132163 · b132163
1 parent c994839
commit b132163
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/docs/deployment/configuration/auth_setup.rst b/docs/deployment/configuration/auth_setup.rst
@@ -120,7 +120,7 @@ browser.
 
           - ``http://localhost:30081/callback`` for sandbox or ``https://<your deployment url>/callback`` for other Flyte deployment types.
 
-   .. group-tab:: Microsoft Azure AD
+   .. group-tab:: Microsoft Entra ID (Azure AD)
 
        1. From the Azure homepage go to **Azure Active Directory**
        2. From the **Ovierview** page, take note of the **Tenant ID**
@@ -330,7 +330,7 @@ Apply OIDC Configuration
                userAuth:
                  openId:
                 # baseUrl: https://accounts.google.com # Uncomment for Google
-                # baseUrl: https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/authorize # Uncomment for Azure AD
+                # baseUrl: https://login.microsoftonline.com/<tenant-id>/v2.0 # Uncomment for Azure AD
                   # For Okta, use the Issuer URI of the default auth server
                   baseUrl: https://dev-<org-id>.okta.com/oauth2/default
                   # Use the client ID generated by your IdP
@@ -351,28 +351,28 @@ Apply OIDC Configuration
            # Use the non-encoded version of the random password 
              clientSecret: "<your-random-password>" 
              clientId: flytepropeller
-         
-      8. Save and exit your editor.
 
-      9. Restart ``flyteadmin`` for the changes to take effect:
+.. note::
 
-      .. prompt:: bash $
+   For `multi-cluster deployments <https://docs.flyte.org/en/latest/deployment/deployment/multicluster.html>`__, 
+   you must add this Secret definition block to the `values-dataplane.yaml` file.
+   If you are not running `flytepropeller` in the control plane cluster, you do not need to create this secret there.
 
-         kubectl rollout restart deployment/flyteadmin -n flyte
+      8. Save and exit your editor.
 
-      10. Restart ``flytepropeller`` to start using authenticated requests:
+      9. Upgrade your Helm release with the new configuration:
 
       .. prompt:: bash $
 
-          kubectl rollout restart deployment/flytepropeller -n flyte
+         helm upgrade <release-name> flyteorg/flyte-binary -n <your-namespace> --values <your-values-file>.yaml
 
-      11. Restart ``flytescheduler``` to start using authenticated requests:
+      10. Verify that the `flytepropeller`, `flytescheduler` and `flyteadmin` Pods are restarted and running: 
 
       .. prompt:: bash $
 
-         kubectl rollout restart deployment/flytescheduler -n flyte
+          kubectl get pods -n flyte
 
-      12. For flytectl/pyflyte, make sure that your local config file (``$HOME/.flyte/config.yaml``) includes the following option:
+      11. For flytectl/pyflyte, make sure that your local config file (``$HOME/.flyte/config.yaml``) includes the following option:
 
       .. code-block:: yaml