Skip to content

Commit

Permalink
Merge pull request #965 from wavefrontHQ/mstaneva-CSP-feedback
Browse files Browse the repository at this point in the history
Remove info for contacting tech support
  • Loading branch information
Margarita-Staneva authored Sep 29, 2023
2 parents a3641f8 + e0f5304 commit cc08b49
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 4 deletions.
4 changes: 3 additions & 1 deletion pages/doc/csp_api_tokens.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,9 @@ For details on how to create, view, and modify the details of the OAuth 2.0 apps

If you want to set up one of the [integrations](integrations_onboarded_subscriptions.html#integrations-that-use-operations-for-applications-api-tokens) that still authenticate with an **Operations for Applications API token**, you must create a [service account](csp_service_accounts.html) and generate an API token associated with it.

{% include warning.html content="The usage of service accounts in Operations for Applications on VMware Cloud services is **restricted** to support only a [limited list of integrations](integrations_onboarded_subscriptions.html#integrations-that-use-operations-for-applications-api-tokens) that still authenticate with Operations for Applications API tokens. We are in the process of updating all of our integrations to authenticate with VMware Cloud services access tokens. It is strongly recommended that you gradually [switch to using server to server OAuth apps](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app) which authenticate with more secure VMware Cloud services access tokens. Service accounts and Operations for Applications API tokens will be deprecated in the future. Тo temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team. "%}
{% include warning.html content="The usage of service accounts in Operations for Applications on VMware Cloud services is **restricted** to support only a [limited list of integrations](integrations_onboarded_subscriptions.html#integrations-that-use-operations-for-applications-api-tokens) that still authenticate with Operations for Applications API tokens. We are in the process of updating all of our integrations to authenticate with VMware Cloud services access tokens. It is strongly recommended that you gradually [switch to using server to server OAuth apps](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app) which authenticate with more secure VMware Cloud services access tokens. Service accounts and Operations for Applications API tokens will be deprecated in the future. "%}

<!--Bring this back to the warning if we get the flag: Тo temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team.-->

As a user with the **Admin** service role, you can generate and manage the API tokens for [service accounts](csp_service_accounts.html) upon creation or at a later stage.

Expand Down
5 changes: 4 additions & 1 deletion pages/doc/csp_area_differences.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,10 @@ Some administrative tasks, done by **Super Admins** and users with the **Account

With the 2023-38 release, we introduce the **Admin** permission and service role, which partially correspond to the **Accounts** permission for original subscriptions. Users with the **Admin** service role can manage service accounts and Operations for Applications API tokens. They can also restrict access to new dashboards and alerts and set the organization settings. For example, they can restrict the access to the object creator only and set default settings, such as display settings, PromQL support, default way of building queries, and define Logs settings.

{% include warning.html content="Service accounts are enabled only for a **limited number** of VMware Cloud services subscriptions. Service accounts and the API tokens associated with them will be deprecated in the future. It's strongly recommended that you incrementally switch to using [server to server OAuth apps](csp_server_to_server_apps.html) which authenticate with more secure VMware Cloud services access tokens. For information on how to do this, see [How to Replace a Service Account with a Server to Server App?](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app). To temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team." %}
{% include warning.html content="Service accounts and the API tokens associated with them will be deprecated in the future. It's strongly recommended that you incrementally switch to using [server to server OAuth apps](csp_server_to_server_apps.html) which authenticate with more secure VMware Cloud services access tokens. For information on how to do this, see [How to Replace a Service Account with a Server to Server App?](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app)." %}

<!--Bring this back to the warning if we get the flag: First sentence: Service accounts are enabled only for a **limited number** of VMware Cloud services subscriptions.
Last sentence: Тo temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team.-->

![A graphic showing the differences in the admin tasks for original and onboarded subscriptions. The information displayed is described in the table below.](images/csp-admin-tasks.png)

Expand Down
6 changes: 5 additions & 1 deletion pages/doc/csp_supported_integrations.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,11 @@ The Wavefront proxy requires a VMware Cloud services access token with the **Pro

For a limited number of integrations, you must still use an Operations for Applications API token, associated with a [service account](csp_service_accounts.html) that has the **Proxies** permission. As a user with the **Admin** service role, you can create a service account with the **Proxies** permission and generate an API token for it. Then, you can install the Wavefront proxy and set up your integration to pass the API token of the service account.

{% include warning.html content=" Service accounts are enabled only for a **limited number** of VMware Cloud services subscriptions. It is strongly recommended that you gradually [switch to using server to server OAuth apps](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app) which authenticate with more secure VMware Cloud services access tokens. Тo temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team." %}
{% include warning.html content=" It is strongly recommended that you gradually [switch to using server to server OAuth apps](csp_migration.html#how-to-replace-a-service-account-with-a-server-to-server-app) which authenticate with more secure VMware Cloud services access tokens. Service accounts and Operations for Applications API tokens will be deprecated in the future." %}

<!--Bring this back to the warning if we get the flag: First sentence: Service accounts are enabled only for a **limited number** of VMware Cloud services subscriptions.
Last sentence: Тo temporarily enable service accounts for your service instance, [contact](wavefront_support_feedback.html) our Technical Support team.-->

To understand how you can manage the API tokens for service accounts, see [Managing the Operations for Applications API Tokens for a Service Account](csp_api_tokens.html#managing-the-operations-for-applications-api-tokens-for-a-service-account).

Expand Down
4 changes: 3 additions & 1 deletion pages/doc/csp_ui_differences.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,9 @@ The gear icon menu also differs, because many of the tasks for VMware Cloud serv

Most of the identity and access management tasks for VMware Cloud services subscribers are done by using the VMware Cloud Services Console. Therefore, if you are a user with the **Admin** service role assigned (this role partially covers the **Accounts** permission for original subscriptions), when you click the gear icon on the toolbar and select **Accounts**, you will see only the **Service Accounts** and the **API Tokens** tabs.

{% include warning.html content=" This page is available only for a **limited number** of VMware Cloud services subscriptions, because you should incrementally switch to using [server to server OAuth apps](csp_server_to_server_apps.html) and [VMware Cloud services API tokens](https://docs.vmware.com/en/VMware-Cloud-services/services/Using-VMware-Cloud-Services/GUID-3A9C29E0-460B-4586-B51A-084443A960D0.html). Service accounts and the API tokens associated with them will be deprecated in the future." %}
{% include warning.html content="You should incrementally switch to using [server to server OAuth apps](csp_server_to_server_apps.html) and [VMware Cloud services API tokens](https://docs.vmware.com/en/VMware-Cloud-services/services/Using-VMware-Cloud-Services/GUID-3A9C29E0-460B-4586-B51A-084443A960D0.html). Service accounts and the API tokens associated with them will be deprecated in the future." %}

<!--Include this as a first sentence if we create the flag: This page is available only for a **limited number** of VMware Cloud services subscriptions.-->

![An image showing the differences in the Accounts menu and the Service Accounts tab.](images/new-vs-original-accounts.png)

Expand Down

0 comments on commit cc08b49

Please sign in to comment.