Refactor edit cloud account

content/rc/how-to/view-edit-cloud-account/_index.md

@@ -0,0 +1,54 @@
+---
+Title: Cloud Account Management (Only AWS)
+description:
+weight: 20
+alwaysopen: false
+categories: ["RC"]
+---
+
+The Redis Cloud management system builds Subscriptions in accounts at any of the big three Cloud Providers: AWS, Azure, GCP. Access to these accounts is secured by the normal access mechanisms and resources (users, roles, policies etc.) for the specific Cloud Provider. 
+
+Such a collection of mechanisms is known with Redis Cloud as a `Cloud Account`. 
+
+Normally the Cloud Provider accounts are owned and operated by Redislabs, and Redislabs manages the access resources. However, only in the case of AWS, it is possible to have the Cloud Provider account owned and managed by the customer. These two methods are known as 'hosted' and 'non-hosted' deployments, respectively (and thus one can see that 'non-hosted' deployments can only occur when the customer's Cloud Provider is AWS).
+
+{{< warning >}}
+We use the provided credentials to configure your AWS environment and provision required resources.
+
+To make sure that we can manage your AWS resources, you must not:
+
+- Manually change the configurations of provisioned resources, such as security groups
+- Manually stop or terminate provisioned instances
+{{< /warning >}}
+
+
+
+## Create/Edit
+To create or edit a Cloud Account in Redis Cloud via the admin console:
+
+1. Use ONE of three methods to create the necessary IAM resources, as
+detailed in [Create IAM
+Resources](/rc/how-to/view-edit-cloud-account/creating-iam-resources),
+and then use the outputs from the chosen method to continue the
+process, as described below:
+1. In **Cloud Accounts**, either:
+    - Click ![Add](/images/rs/icon_add.png#no-click "Add") to create an new account.
+    - Click on the account that you want to edit and then click **Edit**.
+1. Enter the cloud account details:
+    - **Account Name** - A meaningful name for the account.
+    - **AWS_ACCESS_KEY_ID** - The AWS access key for the programmatic user
+    - **AWS_SECRET_ACCESS_KEY** - The AWS secret access key for the programmatic user
+    - **IAM Role Name** - The name of the console role with access to the console
+1. Click **Save**.
+
+
+It is possible to use the [REST API](/rc/api) to create Cloud Accounts, but that is covered elsewhere.
+
+{{< note >}}
+Only one Cloud Account is allowed per AWS Account. 
+{{< /note >}}
+
+
+## Delete
+You can click **Delete** to delete your Cloud Account from Redis Cloud,
+but only if it has no active subscription related to it.

content/rc/how-to/view-edit-cloud-account/creating-iam-resources/_index.md

@@ -0,0 +1,16 @@
+---
+Title: Create IAM Resources
+linkTitle: Create IAM Resources
+description:
+weight: 30
+categories: ["RC"]
+---
+We offer three ways to create Cloud Accounts. 
+
+{{< note >}}
+Only one Cloud Account is allowed per AWS Account and the following methods assume that this restriction is being followed. If you attempt to construct the IAM resources for two Cloud Accounts you'll run into various AWS errors.
+{{< /note >}}
+
+- Via [CloudFormation]({{<relref "cloudformation.md">}}) - the 'AWS native' automation tool. The simplest for those experienced with CloudFormation and perhaps the least error-prone of any of the methods. 
+- Via [Terraform]({{<relref "terraform.md">}}) - this has the most extensive support for further automation within the Redis world (and is the fastest mechanism for creating these IAM resources).
+- Via the [AWS Console]({{<relref "creating-aws-user-redis-enterprise-vpc.md">}}) - the mechanism requiring the least knowledge and experience. 

content/rc/how-to/view-edit-cloud-account/creating-iam-resources/cloudformation.md

@@ -0,0 +1,78 @@
+---
+Title: Create IAM Resources using CloudFormation
+linkTitle: CloudFormation
+Weight: 10
+categories: ["RC"]
+alwaysopen: false
+---
+CloudFormation is the AWS native automation tool for creating resources.
+
+
+Select ONE of the following two options for using CloudFormation to create the resources and to gather the information needed to create the Cloud Account. (Note that different information is required depending on whether one uses the Redis Cloud admin UI or the REST API. The output from the CloudFormation stack contains all the information needed by both methods).
+
+## UI
+Click on the following image to be taken to the CloudFormation stack creation section of your AWS console. We'd suggest you keep all the default options until/unless you're experienced with CloudFormation.
+
+<center><a href="https://console.aws.amazon.com/cloudformation/home?#/stacks/new?stackName=RedisCloud&templateURL=https://s3.amazonaws.com/iam-resource-automation-do-not-delete/RedisCloud.yaml">
+<img alt="Launch RedisCloud template" src="https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png"/>
+</a></center>
+
+Once the stack has been built you can use the values under the `Outputs` tab to find the data needed to complete the creation of a Cloud Account, as described in [Cloud Account Management (AWS Only)](/rc/how-to/view-edit-cloud-account)
+
+(Note - be very careful in cutting/pasting output values from the AWS console to the Redis Cloud Management UI. Additional whitespace characters can be added to the strings copied if you're not careful!)
+
+## CLI
+
+If you prefer to use the AWS CLI then the command you need is shown below, assuming you have setup your environment as per the [AWS CLI docs](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html).
+
+```
+aws cloudformation create-stack --stack-name RedisCloud --template-url \
+https://s3.amazonaws.com/iam-resource-automation-do-not-delete/RedisCloud.yaml \
+--capabilities CAPABILITY_AUTO_EXPAND CAPABILITY_NAMED_IAM CAPABILITY_IAM 
+```
+
+To obtain the outputs using the cli use the following commands:
+* `accessKeyId`
+
+```
+aws cloudformation describe-stacks --stack-name RedisCloud \
+--query "Stacks[0].Outputs[?OutputKey=='accessKeyId'].OutputValue" \
+--output text
+```
+
+* `IAMRoleName`
+
+```
+aws cloudformation describe-stacks --stack-name RedisCloud \
+--query "Stacks[0].Outputs[?OutputKey=='IAMRoleName'].OutputValue" \
+--output text
+```
+
+* `consolePassword`
+
+The consolePassword is encoded as a JSON object, therefore we use [jq(1)](https://www.systutorials.com/docs/linux/man/1-jq/) to decode it.
+```
+aws secretsmanager get-secret-value --secret-id /redislabsuser/password \
+--query SecretString --output text | jq -r .password
+```
+
+* `signInLoginUrl`
+
+```
+aws cloudformation describe-stacks --stack-name RedisCloud \
+--query "Stacks[0].Outputs[?OutputKey=='signInLoginUrl'].OutputValue" \
+--output text
+```
+* `accessSecretKey`
+
+```
+aws secretsmanager get-secret-value --secret-id /redislabsuser/secret_access_key \
+--query SecretString --output text
+```
+* `consoleUsername`
+
+```
+aws cloudformation describe-stacks --stack-name RedisCloud \
+--query "Stacks[0].Outputs[?OutputKey=='consoleUsername'].OutputValue" \
+--output text
+```

content/rc/how-to/creating-iam-resources/creating-aws-user-redis-enterprise-vpc.md → content/rc/how-to/view-edit-cloud-account/creating-iam-resources/creating-aws-user-redis-enterprise-vpc.md

@@ -1,5 +1,5 @@
 ---
-Title: Create IAM resources (AWS)
+Title: Create IAM Resources using AWS Console 
 weight: 30
 alwaysopen: false
 categories: ["RC"]

content/rc/how-to/creating-iam-resources/terraform.md → content/rc/how-to/view-edit-cloud-account/creating-iam-resources/terraform.md

@@ -1,11 +1,11 @@
 ---
-Title: Create IAM resources using Terraform
+Title: Create IAM Resources using Terraform
 linkTitle: Terraform
 Weight: 20
 categories: ["RC"]
 alwaysopen: false
 ---
-To automate the creation of the IAM resources needed simply create a template that references the `terraform-aws-Redislabs-Cloud-Account-IAM-Resources` module, located in S3, as instructed below:
+To automate the creation of the IAM resources needed simply create a template that references the `terraform-aws-Redislabs-Cloud-Account-IAM-Resources` module, located in S3, as instructed below and then use the relevant output information to create the Cloud Account. (Note that different information is required depending on whether one uses the Redis Cloud admin UI or the REST API. The output from the terraform template contains all the information needed by both methods)
 
 
 1. create a `main.tf` as shown below (replacing the `profile`, `region` and `pgp_key` values for your own:

content/rc/subscriptions/create-flexible-subscription.md

@@ -49,7 +49,7 @@ There are three sections on this tab:
 | **Cloud Vendor** | The public cloud provider |
 | **Region(s)** | The cloud region for your subscription |
 | **Multi-AZ** | Whether in-memory data is replicated to another zone within the deployment region. For best results, choose a region with at least three availability zones.|
-| **Cloud Account** | (_AWS_) Credentials allowing Redis Cloud to be deployed to an existing AWS account.  See [Create and Edit a Cloud Account]({{< relref "/rc/how-to/view-edit-cloud-account.md" >}})|
+| **Cloud Account** | (_AWS_) Credentials allowing Redis Cloud to be deployed to an existing AWS account.  See [Cloud Account Management (AWS Only)]({{< relref "/rc/how-to/view-edit-cloud-account" >}})|
 
 ### Advanced options {#advanced-options}
 
@@ -120,4 +120,4 @@ Use the:
 
 Note that subscriptions are created in the background.  While they are provisioning, you aren't allowed make changes.  (The process generally takes 10-15 minutes.)
 
-To check the status of a subscription, choose **Subscriptions** from the admin console menu.  The **Subscriptions** list displays the status for each subscription.  You will also receive an email when your subscription is ready to use.
+To check the status of a subscription, choose **Subscriptions** from the admin console menu.  The **Subscriptions** list displays the status for each subscription.  You will also receive an email when your subscription is ready to use.

content/rc/subscriptions/view-flexible-subscription.md

@@ -25,7 +25,7 @@ Two tabs are available:
     |:---------|:--------------|
     | **Subscription name** | A descriptive name for the plan; can be changed at any time.|
     | **Runs on** | Either _RAM_ or _RAM+Flash_ |
-    | **Cloud account** | (_AWS only_) Descriptive name of the associated cloud account (Useful for organizations that manage [multiple accounts]({{<relref "/rc/how-to/view-edit-cloud-account.md">}})) |
+    | **Cloud account** | (_AWS only_) Descriptive name of the associated cloud account (Useful for organizations that manage [multiple accounts]({{<relref "/rc/how-to/view-edit-cloud-account">}})) |
     | **Cloud** | Describes the subscription cloud provider |
     | **Region** | Deployment region details | 
     | **Multi-AZ** | Indicates whether replication is deployed across multiple availability zones within the region |