From 0c6f389b745d357bd7727ff6db1832ad8659cf0a Mon Sep 17 00:00:00 2001
From: staleycyn <45440075+staleycyn@users.noreply.github.com>
Date: Thu, 4 Jan 2024 07:10:26 -0800
Subject: [PATCH] Update LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md

---
 .../Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/New Instructions/Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md b/New Instructions/Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md
index fdad33f9..a9835ae2 100644
--- a/New Instructions/Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md	
+++ b/New Instructions/Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md	
@@ -43,8 +43,8 @@ There are some interactive lab simulations that you might find useful for this t
 
 + Task 1: Implement management groups.
 + Task 2: Review and assign a built-in Azure role.
-+ Task 3: Create and assign a custom RBAC roles.
-+ Task 4: Assign and test the custom RBAC roles.
++ Task 3: Create a custom RBAC role for the help desk.
++ Task 4: Test the custom role to ensure it has the correct permissions
 + Task 5: Monitor role assignments with the Activity Log.
 
 ## Task 1: Implement Management Groups
@@ -103,12 +103,10 @@ In this task, you will review the built-in roles and assign the VM Contributor r
     >**Note:** This assignment might not actually grant you any additional provileges. If you already have the Owner role, this role includes all privileges associated with the Contributor role.
 
 
-## Task 3: Create custom RBAC roles
+## Task 3: Create a custom RBAC role for the help desk
 
 In this task, you will create a custom RBAC role. Custom roles are a core part of implementing the principle of least privilege for an environment. Built-in roles might have too many permissions for your organization. In this task we will create a new role and remove permissions that are not be necessary.
 
-### Create the custom RBAC role for the Help Desk users
-
 1. In the portal, search for and select the **az104-mg1** management group.
 
 1. Select the **Access control (IAM)** blade, and then the **Roles** tab.
@@ -163,7 +161,7 @@ In this task, you add the custom role to a test user and confirm their permissio
 
     >**Note:** At this point, you have a Help Desk user account with custom privileges to create a support ticket. Your next step is to test the account.
     
-### Test the Help Desk user account to ensure it has the correct privileges
+## Task 4: Test the custom role to ensure it has the correct permissions
 
 1. Open an **InPrivate** browser window and navigate to the Azure portal at `https://portal.azure.com`.