diff --git a/docs/docs-content/clusters/cluster-management/remove-clusters.md b/docs/docs-content/clusters/cluster-management/remove-clusters.md
index c7edb6fb9d..c48eadddc5 100644
--- a/docs/docs-content/clusters/cluster-management/remove-clusters.md
+++ b/docs/docs-content/clusters/cluster-management/remove-clusters.md
@@ -56,20 +56,17 @@ The cluster you deleted is now listed along with other previously deleted cluste
## Force Delete a Cluster
-If a cluster is stuck in the **Deleting** state for a minimum of 15 minutes, it becomes eligible for force deletion. You can force delete a cluster from the tenant and project admin scope.
+If a cluster is stuck in the **Deleting** state for 15 minutes, it becomes eligible for force deletion. You can force delete a cluster from the tenant and project admin scope.
-To force delete a cluster, follow the same steps outlined above. After 15 minutes, a **Force Delete Cluster** option is available in the **Settings drop-down Menu**. The drop-down menu will provide you with an estimated remaining time left before the force deletion becomes available.
+To force delete a cluster, follow the steps to delete the cluster. After 15 minutes, a **Force Delete Cluster** option is available in the **Settings Menu**. The **drop-down Menu** will provide you with an estimated remaining time left before the force deletion becomes available.
-
-
-
-A force delete can result in Palette-provisioned resources being missed in the removal process. Verify there are no remaining resources. Use the following list to help you identify resources to remove.
+A force delete can result in Palette-provisioned resources being missed in the removal process. Verify there are no remaining resources by visiting the deployed resources in the target cluster's infrastructure provider environment. Use one of the following lists for your environment to help you identify resources to remove.
:::caution
-Failure in removing provisioned resources can result in unexpected costs.
+Failure to remove provisioned resources can result in unexpected costs.
:::
@@ -78,10 +75,10 @@ Failure in removing provisioned resources can result in unexpected costs.
**Azure**
- Virtual Network (VNet)
-- Static Public IPs
+- Static Public IP addresses
- Virtual Network Interfaces
- Load Balancers
-- VHD
+- Virtual Hard Disk (VHD)
- Managed Disks
- Virtual Network Gateway
@@ -90,18 +87,18 @@ Failure in removing provisioned resources can result in unexpected costs.
**AWS**
- VPC
-- Elastic IP
+- Elastic IP addresses
- Elastic Network Interfaces
- Internet Gateway
- Elastic Load Balancers
- EBS Volumes
-- NAT Gateway
+- Network Address Translation (NAT) Gateway
**GCP**
- Virtual Private Cloud (VPC) Network
-- Static External IP Address
+- Static External IP addresses
- Network Interfaces
- Cloud NAT
- Cloud Load Balancing
diff --git a/docs/docs-content/clusters/public-cloud/azure/azure-cloud.md b/docs/docs-content/clusters/public-cloud/azure/azure-cloud.md
index 30c50132cb..38a63ca745 100644
--- a/docs/docs-content/clusters/public-cloud/azure/azure-cloud.md
+++ b/docs/docs-content/clusters/public-cloud/azure/azure-cloud.md
@@ -7,135 +7,86 @@ tags: ["public cloud", "azure"]
sidebar_position: 10
---
-Palette supports deploying and managing Kubernetes clusters in an Azure account. This section guides you on how to create a Kubernetes cluster in Azure that is managed by Palette.
+
+Palette supports integration with Azure cloud accounts. This section explains how to create an Azure cloud account in Palette. You can use any of the following authentication methods to register your cloud account.
## Prerequisites
-* A [Palette Account](https://console.spectrocloud.com/)
+* A [Palette Account](https://console.spectrocloud.com/).
* An active [Azure cloud account](https://portal.azure.com/) with sufficient resource limits and permissions to provision compute, network, and security resources in the desired regions.
* An [Azure App](https://learn.microsoft.com/en-us/azure/app-service/overview) with valid credentials.
-## Enable Azure Cloud Account Registration to Palette
-To register an Azure cloud account in the Palette console
+## Add Azure Cloud Account
-1. Log in to [Palette](https://console.spectrocloud.com).
+1. Log in to [Palette](https://console.spectrocloud.com) as a tenant admin.
+2. From the left **Main Menu**, select **Tenant Settings**.
-2. Navigate to the **Project Overview** drop-down and switch to the **Tenant Admin**.
+3. Next, select **Cloud Accounts** in the **Tenant Settings Menu**.
+4. Locate **Azure**, and click **+ Add Azure Account**.
-3. Select **Tenant Settings** from the left **Main Menu**.
+5. Fill out the following information, and click **Confirm** to complete the registration.
+| **Basic Information** |**Description**|
+|-------------------------|-----------|
+|**Account Name**| A custom account name.|
+|**Tenant ID**| Unique tenant ID from Azure Management Portal.|
+|**Client ID**| Unique client ID from Azure Management Portal.|
+|**Client Secret**| Azure secret for authentication. Refer to Microsoft's reference guide for creating a [Client Secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#create-an-azure-active-directory-application). After providing the client secret, click the **Validate** button. If the client secret you provided is correct, a *Credentials validated* success message with a green check is displayed. |
+|**Tenant Name**| An optional tenant name.|
+|**Disable Properties**| This option disables Palette importing Azure networking details. Disabling this option requires you to create a Microsoft Entra application and manually obtain account information. To learn more, refer to the [Disable Palette Network Calls to the Account](#disable-palette-network-calls-to-the-account) section below. |
+|**Connect Private Cloud Gateway**| If you will be launching Managed Kubernetes Service (AKS), use the **drop-down Menu** to select a [self-hosted PCG](gateways.md) that you created to link to the cloud account.|
-4. From the Tenant Settings go to **Cloud Accounts** and click on **+ Add Azure Account**.
+### Disable Palette Network Calls to Azure Account
-5. The Azure cloud account wizard requires the following information:
+When you provide your cloud account information, Azure networking details are sent to Palette unless you disable network calls from Palette to the account. To disable network calls, select the **Disable Properties** option.
-| **Basic Information** |Description|
-|-------------------------|-----------|
-|Account Name| A custom account name|
-|Client ID| Unique client Id from Azure console|
-|Tenant ID| Unique tenant Id from Azure console|
-|[Client Secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#create-an-azure-active-directory-application)| Azure secret for authentication|
-|Tenant Name| An optional tenant name|
-|[Disable Properties](/clusters/public-cloud/azure/azure-cloud#disableproperties)| To disable the import of Azure networking details.|
-|Toggle **Connect Private Cloud Gateway**| An option to select the [Self-Hosted PCG](gateways.md) already created from the drop-down menu to link it to the cloud account. |
+Disabling network calls requires that you create a [Microsoft Entra](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal#create-an-azure-active-directory-application) application, which can be used with Role-Based Access Control (RBAC). Follow the summary steps below to create a new Microsoft Entra application, assign roles, and create the client secret.
:::info
- For existing cloud accounts go to **Edit** and toggle the **Connect Private Cloud Gateway** option to select the created Gateway from the drop-down menu.
-:::
-
-
-6. Click on the **Confirm** button to complete the wizard.
+Microsoft Entra replaces the Azure Active Directory (AAD) application. For more information, review the [Microsoft Entra](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal#create-an-azure-active-directory-application) reference guide.
+:::
-### Disable Properties
-When the above information is provided to the cloud account creation wizard, Azure networking details will be sent to Palette console, which you can disable. To disable network calls from the Palette console to the Azure account, you can click **Disable Properties**.
+1. Create a new Microsoft Entra application and note down your ClientID and TenantID. Refer to the [Create a Microsoft Entra application and service principal](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#create-an-azure-active-directory-application) reference guide.
-For this, we first need to create an Azure Active Directory (AAD) Application which can be used with role-based access control. Follow the steps below to create a new AAD application, assign roles, and create the client secret:
+2. Next, assign yourself the [User Access Administrator](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#user-access-administrator) role to allow you to manage user access to Azure resources. You need this role assignment to assign the role in step 3. For guidance, refer to [Assign a Role to the Application](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#assign-a-role-to-the-application).
+3. With User Access Administrator privilege, you can now assign yourself the minimum required [Contributor](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#contributor) role, which grants full access to manage all resources.
-1. Follow the steps described [here](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#create-an-azure-active-directory-application) to create a new Azure Active Directory application. Note down your ClientID and TenantID.
+ To learn about Azure roles, review [Azure Roles, Microsoft Entra Roles, and Administrator Roles](https://learn.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles).
+4. Create a client secret. Refer to [Create a Client Secret](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal#option-3-create-a-new-client-secret) for guidance.
-2. On creating the application, a minimum required [ContributorRole](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#contributor) needs to be assigned. To assign any kind of role, the user must have a minimum role of [UserAccessAdministrator](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#user-access-administrator). The role can be assigned by following the [Assign Role To Application](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#assign-a-role-to-the-application) link.
+ :::caution
+ Safely store your client secret, as it will not be available later as plain text.
-3. Follow the steps described in the [Create an Application Secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#create-a-new-application-secret) section to create the client application secret. Store the Client Secret safely as it will not be available as plain text later.
+ :::
-
## Validate
-To validate the Azure Cloud account creation in Palette console:
-
-1. Log in to [Palette](https://console.spectrocloud.com).
-
-
-2. Navigate to the **Project Overview** drop-down and switch to the **Tenant Admin**.
-
-
-3. Select **Tenant Settings** from the left **Main Menu**.
-
-
-4. From the Tenant Settings go to **Cloud Accounts**
-
-
-5. Below the label **Azure**, the available Azure cloud accounts are listed.
-
-
-
-## Manage Azure Accounts
-After an Azure cloud account has been registered with Palette, you can change the integration settings or remove the Azure account with **Edit and Delete** capabilities respectively.
-
-### Edit an Azure Account
-
-To edit the Azure Cloud account created in Palette console:
+You can verify your account is added.
1. Log in to [Palette](https://console.spectrocloud.com).
+2. From the left **Main Menu**, select **Tenant Settings**.
-2. Navigate to the **Project Overview** drop-down and switch to the **Tenant Admin**.
+3. Next, on the **Tenant Settings Menu**, select **Cloud Accounts**.
+4. The added cloud account is listed under **Azure** with all other available Azure cloud accounts.
-3. Select **Tenant Settings** from the left **Main Menu**.
+:::tip
-4. From the Tenant Settings go to **Cloud Accounts**
-
-
-5. Towards the name of the cloud account you want to remove, click the **three-dots Menu** and select **Edit**.
-
-
-6. Make the required changes and click on the **Confirm** button to complete the wizard.
-
-
-
-### Remove an Azure Account
-
-Use the following steps to delete an Azure cloud account from Palette,.
-
-1. Log in to [Palette](https://console.spectrocloud.com).
-
-
-2. Navigate to the **Project Overview** drop-down and switch to the **Tenant Admin**.
-
-
-3. Select **Tenant Settings** from the left **Main Menu**.
-
-
-4. From the Tenant Settings go to **Cloud Accounts**
-
-
-5. Towards the name of the cloud account you want to remove, click the **three-dots Menu** and select **Edit**.
-
-
-6. Towards the name of the cloud account you want to remove, click the **three-dots Menu** and select **Delete**.
-
+Use the **three-dot Menu** in the row of the cloud account to edit Azure account information in Palette or remove the account from Palette.
+:::
diff --git a/docs/docs-content/clusters/public-cloud/azure/azure.md b/docs/docs-content/clusters/public-cloud/azure/azure.md
index b52233539f..e082bf3a82 100644
--- a/docs/docs-content/clusters/public-cloud/azure/azure.md
+++ b/docs/docs-content/clusters/public-cloud/azure/azure.md
@@ -10,7 +10,11 @@ tags:
Palette supports integration with [Microsoft Azure](https://azure.microsoft.com/en-us). You can deploy and manage [Host Clusters](../../../glossary-all.md#hostcluster) in Azure. To get started check out the [Register and Manage Azure Cloud Account](azure-cloud.md#manage-azure-accounts).
-
+
+
+## Get Started
+
+Learn how to deploy a cluster to Azure by using Palette. Check out the [Deploy a Cluster](../deploy-k8s-cluster.md) with Palette tutorial to get started.
## Resources
diff --git a/docs/docs-content/clusters/public-cloud/azure/create-azure-cluster.md b/docs/docs-content/clusters/public-cloud/azure/create-azure-cluster.md
index b65ff5db80..33f3c93c8e 100644
--- a/docs/docs-content/clusters/public-cloud/azure/create-azure-cluster.md
+++ b/docs/docs-content/clusters/public-cloud/azure/create-azure-cluster.md
@@ -1,198 +1,257 @@
---
sidebar_label: "Create and Manage Azure IaaS Cluster"
title: "Create and Manage Azure IaaS Cluster"
-description: "The methods of creating an Azure cluster in Palette"
+description: "Learn how to deploy and manage Azure clusters with Palette."
hide_table_of_contents: false
tags: ["public cloud", "azure"]
sidebar_position: 20
---
-You can deploy Azure clusters in the Palette platform. This section highlights the prerequisites and deployment steps of Palette Azure clusters.
+Palette supports creating and managing Kubernetes clusters deployed to an Azure account. This section guides you on how to create an IaaS Kubernetes cluster in Azure that Palette manages.
-Azure clusters can be created under the following scopes:
+:::caution
+
+Autoscaling is not supported for Azure IaaS clusters.
-* Tenant Admin
+:::
-* Project Scope - This is the recommended scope.
-Be aware that clusters that are created under the **Tenant Admin** scope are not visible under Project scope .
## Prerequisites
-The following prerequisites must be met before deploying a workload cluster in Azure:
+- Access to an Azure cloud account.
-1. You must have an active Azure cloud account with sufficient resource limits and permissions to provision compute, network, and security resources in the desired regions.
+- Palette integration with Azure account. Review [Register and Manage Azure Cloud Account](azure-cloud.md) for guidance.
+- A Secure Shell (SSH) key pre-configured in your Azure environment. Refer to the [SSH Keys](../../cluster-management/ssh-keys.md) guide for more information about creating and managing SSH keys in Palette.
-2. Register your Azure cloud account in Palette as described in the [Creating an Azure Cloud account](azure-cloud.md#enable-azure-cloud-account-registration-to-palette) section.
+- An infrastructure cluster profile for Azure. Review [Create an Infrastructure Profile](../../../profiles/cluster-profiles/create-cluster-profiles/create-infrastructure-profile.md) for guidance.
+- To use custom storage accounts or containers, you must create them before you create your cluster. All custom storage accounts and containers will be listed on the Cluster config page during the cluster creation process. For information about use cases for custom storage, review [Azure Storage](../azure/architecture.md/#azure-storage).
-3. A [cluster profile created](../../../profiles/cluster-profiles/create-cluster-profiles/create-infrastructure-profile.md) for Azure cloud.
+ If you need help creating a custom storage account or container, check out the [Create a Storage Account](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-create?tabs=azure-portal) guide or the [Manage Blob Containers](https://learn.microsoft.com/en-us/azure/storage/blobs/blob-containers-portal).
+
+- If you do not provide your own Virtual Network (VNet), Palette creates one for you with compute, network, and storage resources in Azure when it provisions Kubernetes clusters. To use a VNet that Palette creates, ensure there is sufficient capacity in the preferred Azure region to create the following resources:
+ - Virtual CPU (vCPU)
+ - VNet
+ - Static Public IP addresses
+ - Virtual Network Interfaces
+ - Load Balancers
+ - Virtual Hard Disk (VHD)
+ - Managed Disks
+ - Virtual Network Address Translation (NAT) Gateway
-
-## Deploy an Azure Cluster with Palette
+## Deploy an Azure Cluster
-The following steps need to be performed to provision a new Azure cluster:
+Use the following steps to deploy an Azure cluster.
-1. Log in to [Palette](https://console.spectrocloud.com).
+1. Log in to [Palette](https://console.spectrocloud.com).
+2. Ensure you are in the correct project scope.
-2. Click on **Clusters** from the left **Main Menu**.
+3. From the left **Main Menu** select **Clusters**, and click on the **Add New Cluster** button.
+4. Select **Deploy New Cluster** on the next page that Palette displays. This will allow you to deploy a cluster using your own cloud account.
-2. In the cluster page click **+ Add New Cluster** button and select **create new cluster**.
+5. Select **Azure** and click on the **Start Azure Configuration** button.
+6. Fill out the following basic information, and click **Next** to continue.
-3. Select **Azure** as the cloud type and click on **Start Azure Configuration** to input cluster information
+ | **Field** | **Description** |
+ |-----------|-----------------|
+ | **Cluster Name**| A custom name for the cluster. |
+ | **Description**| Use the description to provide context about the cluster.|
+ | **Tags**| Assign any desired cluster tags. Tags on a cluster are propagated to the Virtual Machines (VMs) deployed to the target environments. Example: `region:us-west`|
+ | **Cloud Account** | If you already added your Azure account in Palette, select it from the **drop-down Menu**. Otherwise, click on **Add New Account** and add your Azure account information. |
-4. Provide the basic cluster information such as **Name**, **Description** (optional), and **Tags** (optional) and select the [**Azure Cloud Account**](azure-cloud.md#enable-azure-cloud-account-registration-to-palette) from the drop-down menu. Azure cloud accounts with credentials must be pre-configured in project settings. Click on the **Next** button.
+7. Select the Azure cluster profile you created, and click on **Next**. Palette displays the cluster profile layers.
+8. Review the profile layers and customize parameters as desired in the YAML files that display when you select a layer. You can configure custom OpenID Connect (OIDC) for Azure clusters at the Kubernetes layer. Check out [Configure OIDC Identity Provider](../../../integrations/kubernetes.md#configure-oidc-identity-provider) for more information.
-5. Select the **Cluster Profile** created for the Azure environment. The profile definition will be used as the cluster construction template. Click on **Next**.
+ :::caution
+ All the OIDC options require you to map a set of users or groups to a Kubernetes RBAC role. To learn how to map a Kubernetes role to users and groups, refer to [Create Role Bindings](../../cluster-management/cluster-rbac.md/#create-role-bindings).
-6. Review and override pack parameters as desired. By default, parameters for all packs are set with values defined in the Cluster Profile. Click on **Next**.
+ :::
+9. Click **Next** to continue.
-7. Provide the Azure Cloud account placement information for cluster configuration. If you have custom storage accounts or storage container available, they will be eligible for attachment. To learn more about attaching custom storage to a cluster, check out the [Azure storage](architecture#azure-storage) page.
+10. Provide the cluster configuration information listed in the following table. If you are utilizing your own VNet, ensure you also provide information listed in the Static Placement Settings table.
+ If you have custom storage accounts or containers available, you can attach them to the cluster. To learn more about attaching custom storage to a cluster, check out [Azure storage](../azure/architecture.md/#azure-storage).
-:::caution
+ :::caution
-If the Azure account is [registered](azure-cloud.md#enable-azure-cloud-account-registration-to-palette) with the option **Disable Properties** enabled and the cluster configuration option **Static Placement** is enabled, then the network information from your Azure account will not be imported by Palette. You can manually input the information for the **Control Plane Subnet** and the **Worker Network**, but be aware that drop-down menu selections will be empty.
+ If the Azure account is registered with **Disable Properties** and **Static Placement** options enabled, then Palette will not import the network information from your Azure account. You can manually input the information for the **Control Plane Subnet** and the **Worker Network**, but be aware that **drop-down Menu** selections will be empty. To learn more about these settings and certain requirements to use them, refer to [Disable Properties](azure-cloud.md#disable-properties).
-:::
+ :::
-
+ |**Parameter**| **Description**|
+ |-------------|---------------|
+ | **Subscription** | Use the **drop-down Menu** to select the subscription that will be used to access Azure services.|
+ | **Region** | Use the **drop-down Menu** to choose the Azure region where you would like to provision the cluster.|
+ | **Resource Group** | Select the name of the resource group that contains the Azure resources you will be accessing.|
+ | **Storage Account** | Optionally, if you have a custom storage account available, you can use the **drop-down Menu** to select the storage account name. For information about use cases for custom storage, review [Azure Storage](../azure/architecture.md/#azure-storage).|
+ | **Storage Container**| Optionally, if you will be using a custom storage container, use the **drop-down Menu** to select it. For information about use cases for custom storage, review [Azure Storage](../azure/architecture.md/#azure-storage).|
+ | **SSH Key** | The public SSH key for connecting to the nodes. SSH key pairs must be pre-configured in your Azure environment. The key you select is inserted into the provisioned VMs. For more information, review Microsoft's [Supported SSH key formats](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys#supported-ssh-key-formats). |
+ | **Static Placement** | By default, Palette uses dynamic placement. This creates a new VNet for the cluster that contains two subnets in different Availability Zones (AZs). Palette places resources in these clusters, manages the resources, and deletes them when the corresponding cluster is deleted.
If you want to place resources into pre-existing VNets, enable the **Static Placement** option, and fill out the input values listed in the [Static Placement](#static-placement-table) table below.|
-|**Parameter**| **Description**|
-|-------------|---------------|
-| **Subscription** | From the drop-down menu, select the subscription that will be used to access Azure Services.|
-| **Region** | Select a region in Azure in which the cluster should be deployed.|
-| **Resource Group** | Select the Azure resource group in which the cluster should be deployed.|
-| **Storage Account** | Optionally provide the storage account. Review the [Azure Storage section](architecture#azure-storage) for a custom storage use cases. |
-| **Storage Container**| Optionally provide the Azure storage container. Review the [Azure Storage section](architecture#azure-storage) for a custom storage use cases.|
-| **SSH Key** | The public SSH key for connecting to the nodes. Review Microsoft's [supported SSH](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys#supported-ssh-key-formats) formats. |
-| **Static Placement** | By default, Palette uses dynamic placement, in which a new VPC with a public and private subnet is created to place cluster resources for every cluster. These resources are fully managed by Palette and deleted when the corresponding cluster is deleted.
If you want to place resources into pre-existing VPCs and subnets, you can enable the **Static Placement** option. Review the [Static Placement](#static-placement-table) table below for available parameters for static placement.|
-|**Update worker pools in parallel**| Check the box to concurrently update the worker pools.|
-|**Private API Server LB**|This option applies when the cluster is deployed via the [Azure Private Endpoint](gateways.md). You can enable this option if your API Server must have private access. Review the [Private API Server LB](#private-api-server-lb-table) table below for more details.|
-|**Update worker pools in parallel**|If you have multiple worker pools, select the check box to enable simultaneous upgrade of all the pools. The default is sequential upgrade.|
+ #### Static Placement Settings
-#### Static Placement Table
+ | **Parameter** | **Description** |
+ |------------------------|------------------------------------------------------------|
+ | **Network Resource Group** | The logical container for grouping related Azure resources. |
+ | **Virtual Network** | Select the VNet. |
+ | **CIDR Block** | Select the IP address CIDR range.|
+ | **Control Plane Subnet** | Select the control plane subnet. |
+ | **Worker Network** | Select the worker network. |
-| **Parameter** | **Description** |
-|------------------------|------------------------------------------------------------|
-| **Network Resource Group** | The logical container for grouping related Azure resources |
-| **Virtual Network** | Select the virtual network from the drop-down menu. |
-| **CIDR Block** | Select the CIDR address from the drop-down menu. |
-| **Control Plane Subnet** | Select the control plane network from the dropdown menu. |
-| **Worker Network** | Select the worker network from the drop-down menu. |
+11. Click **Next** to continue.
+12. Provide the following node pool and cloud configuration information. To learn more about node pools, review the [Node Pool](../../cluster-management/node-pool.md) guide.
-#### Private API Server LB Table
+ :::info
+ By default, a master pool and one worker node pool are configured. You can add new worker pools to customize certain worker nodes for specialized workloads. For example, the default worker pool can be configured with the Standard_D2_v2 instance types for general-purpose workloads, and another worker pool with instance type Standard_NC12s_v3 can be configured for Graphics Processing Unit (GPU) workloads.
-| **Parameter** | **Description**|
-|----------------------|----------------------------------------------------------------------------------------------------------------------------------------|
-| **Private DNS Zone** | Optionally select the DNS Zone from the drop-down menu. If you do not select a DNS Zone, one will be generated and assigned.|
-| **IP Allocation Method** | Allocate an available IP from the private endpoint VNet. Review the [IP Allocation Method Table](#ip-allocation-method-table) below for more details.|
+ :::
-##### IP Allocation Method Table
+ You can apply autoscale capability to dynamically increase resources during high loads and reduce them during low loads. To learn more, refer to [Enable Autoscale for Azure IaaS Cluster](#enable-autoscale-for-azure-iaas-cluster).
-| **Parameter** | **Description** |
-|----------------------|----------------------------------------------------------------------------------------------------------------------------------------|
-| **Dynamic** | Use Dynamic Host Configuration Protocol (DHCP) to dynamically allocates IP addresses from the available Virtual Network IP CIDR range.|
-| **Static** | You can specify a static IP address from the available Virtual Network IP range.|
+ #### Master Pool Configuration Settings
+
+ |**Parameter**| **Description**|
+ |-------------|----------------|
+ |**Node pool name** | A descriptive name for the node pool.|
+ |**Number of nodes in the pool** | Specify the number of nodes in the master pool.|
+ |**Allow worker capability** | Select this option to allow workloads to be provisioned on master nodes. |
+ |**Additional Labels** | You can add optional labels to nodes in key-value format. To learn more, review [Apply Labels to Nodes](../../cluster-management/taints.md/#labels). Example: `environment:production`. |
+ |**Taints** | You can apply optional taint labels to a node pool during cluster creation or edit taint labels on an existing cluster. Review the [Node Pool](../../cluster-management/node-pool.md) management page and [Apply Taints to Nodes](../../cluster-management/taints.md/#apply-taints-to-nodes) page to learn more. Toggle the **Taint** button to create a taint label. When tainting is enabled, you need to provide a custom key-value pair. Use the **drop-down Menu** to choose one of the following **Effect** options:
**NoSchedule** - Pods are not scheduled onto nodes with this taint.
**PreferNoSchedule** - Kubernetes attempts to avoid scheduling pods onto nodes with this taint, but scheduling is not prohibited.
**NoExecute** - Existing pods on nodes with this taint are evicted.|
-When you have provided all the cluster configuration details to the wizard, click on **Next** and proceed to node configuration.
+ #### Cloud Configuration Settings for Master Pool
+
+ |**Parameter**| **Description**|
+ |-------------|----------------|
+ |**Instance Type** | Select the instance type to use for all nodes in the node pool.|
+ |**Managed disk** | Choose a storage option. For more information, refer to Microsoft's [Storage Account Overview](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview) reference. For information about Solid State Drive (SSD) disks, refer to [Standard SSD Disks for Azure Virtual Machine Workloads](https://azure.microsoft.com/en-us/blog/preview-standard-ssd-disks-for-azure-virtual-machine-workloads/) reference |
+ |**Disk size** | You can choose disk size based on your requirements. The default size is 60. |
-
+ You can select **Remove** at right to remove the worker node if all you want is the control plane node.
-7. Configure the master and worker node pools. A master and a worker node pool are configured by default. The minimum number of CPUs and amount of memory depend on your cluster profile, but in general you need at least 4 CPUs and 4 GB of memory both in the master pool and across all worker pools. To learn more about the configuration options, review the [Node Pool](../../cluster-management/node-pool.md) documentation page.
+ #### Worker Pool Configuration Settings
+
+ |**Parameter**| **Description**|
+ |-------------|----------------|
+ |**Node pool name** | A descriptive name for the node pool.|
+ |**Number of nodes in the pool** | Specify the number of nodes in the worker pool.|
+ |**Node repave interval** | Optionally, you can specify the preferred time interval for Palette to perform a rolling upgrade on nodes when it detects a change in the Kubeadm configuration file. |
+ |**Rolling update** | These options allow you to control the sequence of operations during a node pool update. Choose the **Expand first** option to add new nodes with updated configurations to the node pool before the existing nodes are removed. Choose **Contract first** to remove existing nodes from the node pool before the new nodes with updated configurations are added. |
+ |**Additional Labels** | You can add optional labels to nodes in key-value format. For more information about applying labels, review [Apply Labels to Nodes](../../cluster-management/taints.md/#apply-labels-to-nodes). Example: `environment:production`. |
+ |**Taints** | You can apply optional taint labels to a node pool during cluster creation or edit taint labels on an existing cluster. To learn more, review the [Node Pool](../../cluster-management/node-pool.md) management page and [Apply Taints to Nodes](../../cluster-management/taints.md/#apply-taints-to-nodes) page. Toggle the **Taint** button to create a taint label. When tainting is enabled, you need to provide a custom key-value pair. Use the **drop-down Menu** to choose one of the following **Effect** options:
**NoSchedule** - Pods are not scheduled onto nodes with this taint.
**PreferNoSchedule** - Kubernetes attempts to avoid scheduling pods onto nodes with this taint, but scheduling is not prohibited.
**NoExecute** - Existing pods on nodes with this taint are evicted.|
+ #### Cloud Configuration Settings for Worker Pool
+ You can copy cloud configuration settings from the master pool, but be aware that the instance type might not get copied if it does not have accessible availability zones.
+
+ |**Parameter**| **Description**|
+ |-------------|----------------|
+ |**Instance Type** | Select the instance type to use for all nodes in the node pool.|
+ |**Managed disk** | Choose a storage option. For more information, refer to Microsoft's [Storage Account Overview](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview) reference. For information about Solid State Drive (SSD) disks, refer to [Standard SSD Disks for Azure Virtual Machine Workloads](https://azure.microsoft.com/en-us/blog/preview-standard-ssd-disks-for-azure-virtual-machine-workloads/) reference. |
+ |**Disk size** | You can choose disk size based on your requirements. The default size is 60. |
+ |**Availability zones** | The Availability Zones from which to select available servers for deployment. If you select multiple zones, Palette will deploy servers evenly across them as long as sufficient servers are available to do so. |
-:::info
+13. Click **Next** to continue.
-You can add new worker pools to customize certain worker nodes to run specialized workloads. For example, the default worker pool may be configured with the Standard_D2_v2 instance types for general-purpose workloads and another worker pool with instance type Standard_NC12s_v3 can be configured to run GPU workloads.
+14. Specify your preferred **OS Patching Schedule** for EKS-managed machines.
-:::
+15. Enable any scan options you want Palette to perform, and select a scan schedule. Palette provides support for Kubernetes configuration security, penetration testing, and conformance testing.
-
+16. Schedule any backups you want Palette to perform. Review [Backup and Restore](../../cluster-management/backup-restore/backup-restore.md) for more information.
+17. Role-Based Access Control (RBAC) configuration is required when you configure custom OIDC. You must map a set of users or groups to a Kubernetes RBAC role. To learn how to map a Kubernetes role to users and groups, refer to [Create Role Bindings](../../cluster-management/cluster-rbac.md/#create-role-bindings). Refer to [Use RBAC with OIDC](../../../integrations/kubernetes.md/#use-rbac-with-oidc) for an example.
-8. The settings page is where you can configure patching schedule, security scans, backup settings, setup role based access control (RBAC), and enable [Palette Virtual Clusters](../../../devx/palette-virtual-clusters/palette-virtual-clusters.md). Review the settings and make changes if needed. Click on **Validate**.
+18. Click on the **Validate** button and review the cluster configuration and settings summary.
+19. Click **Finish Configuration** to deploy the cluster. Provisioning Azure clusters can take several minutes.
-9. Review the settings summary and click on **Finish Configuration** to deploy the cluster. Be aware that provisioning IaaS clusters can take several minutes.
+ The cluster details page contains the status and details of the deployment. Use this page to track the deployment progress.
+To learn how to remove a cluster and what to do if a force delete is necessary so you do not incur unexpected costs, refer to [Cluster Removal](../../cluster-management/remove-clusters.md).
-The cluster details page of the cluster contains the status and details of the deployment. Use this page to track the deployment progress.
## Validate
-You can validate your cluster is up and running by reviewing the cluster details page. Navigate to the left **Main Menu** and click on **Clusters**. The **Clusters** page contains a list of all available clusters managed by Palette. Click on the row for the cluster you wish to review its details page. Ensure the **Cluster Status** field contains the value **Running**.
-## Deleting an Azure IaaS Cluster
-
-The deletion of an Azure IaaS cluster results in the removal of all instances and associated resources created for the cluster. To perform a cluster deletion, use the following steps.
+You can validate your cluster is up and in **Running** state.
+1. Log in to [Palette](https://console.spectrocloud.com).
-1. Ensure you are in the correct project scope.
+2. Ensure you are in the correct project scope.
+3. From the left **Main Menu** select **Clusters**. The **Clusters** page displays a list of all available clusters that Palette manages.
-2. Navigate to the left **Main Menu** and click on **Clusters**
+4. Select the cluster you deployed to review its details page. Ensure the **Cluster Status** field contains the value **Running**.
+
+
+
+## Resources
+
+- [Register and Manage Azure Cloud Account](azure-cloud.md)
+
+- [Create an Infrastructure Profile](../../../profiles/cluster-profiles/create-cluster-profiles/create-infrastructure-profile.md)
-To validate the Azure cluster creation and deletion status
+- [Azure Storage](../azure/architecture.md/#azure-storage)
-1. Log in to [Palette](https://console.spectrocloud.com).
+- [Configure OIDC Identity Provider](../../../integrations/kubernetes.md#configure-oidc-identity-provider)
+- [Create Role Bindings](../../cluster-management/cluster-rbac.md/#create-role-bindings)
-2. Click on **Cluster** on the left **Main Menu**
+- [Use RBAC with OIDC](../../../integrations/kubernetes.md/#use-rbac-with-oidc)
+
+
\ No newline at end of file
diff --git a/static/assets/docs/images/clusters_publiccloud_azure_add-rule.png b/static/assets/docs/images/clusters_publiccloud_azure_add-rule.png
new file mode 100644
index 0000000000..7df0e1a84a
Binary files /dev/null and b/static/assets/docs/images/clusters_publiccloud_azure_add-rule.png differ
diff --git a/static/assets/docs/images/clusters_publiccloud_azure_custom-autoscale.png b/static/assets/docs/images/clusters_publiccloud_azure_custom-autoscale.png
new file mode 100644
index 0000000000..fbebcf6a09
Binary files /dev/null and b/static/assets/docs/images/clusters_publiccloud_azure_custom-autoscale.png differ
diff --git a/vale/styles/Vocab/Internal/accept.txt b/vale/styles/Vocab/Internal/accept.txt
index 409629dfb7..bddc2df327 100644
--- a/vale/styles/Vocab/Internal/accept.txt
+++ b/vale/styles/Vocab/Internal/accept.txt
@@ -161,4 +161,5 @@ FSx
liveness
Autosupport
Okta
-Keycloak
\ No newline at end of file
+Keycloak
+autoscale
\ No newline at end of file