Cloud provider update for Top Secret and Secret

[wilshields]

Page URL

https://docs.netapp.com/us-en/bluexp-setup-admin/reference-permissions-aws.html

Page title

AWS permissions for the Connector

Summary

I would like the C2S references to be changed to "Top Secret". This is more appropriate. C2S was the old contract name and no longer is valid. The new contract name is C2E but, that may change in the future as to where Top Secret will remain the same.

We also need a new IAM role created for the "Secret" Cloud. It can mimic was is currently listed for "C2S" with 2 minor changes noted below.

ARNs that begin with arn:aws: must be replaced with arn:aws-iso-b. If a resource requires an ARN with a region, use us-isob-east-1 for the region.

We also need some documentation similar to what we have currently for "C2S" for AWS Secret.

Important: We need to update the steps for manually adding the "Amazon Root 4" certificate to the BXP Connector. I have those steps in a Word Doc that I received from engineering if you have trouble getting information from them.

Public issues must not contain sensitive information

• [X] This issue contains no sensitive information.

[netapp-bcammett]

Doc updates are in the works.

[netapp-bcammett]

@wilshields, can you please take a look at the policies page and confirm that it looks good from your perspective: https://docs.netapp.com/us-en/bluexp-setup-admin/reference-permissions-aws.html

The policy for Secret Cloud is the same as Top Secret, except that the arn was changed to arn:aws-iso-b

Thanks, Ben

[netapp-bcammett]

@wilshields, can you please take a look at my previous comment? Thanks!

[wilshields]

Apologies, this on got lost in my inbox. I think it looks great.

[netapp-bcammett]

Content updates for the setup and admin docs are complete. Passing this over to the Cloud Volumes ONTAP repo where the remaining doc updates need to be made.

[netapp-manini]

Tracked internally through BLUEXPDOC-93. Closing this issue.