Merge pull request #3098 from EnterpriseDB/docs/biganimal/reducing-pr…

…ivileges

BigAnimal: reducing privileges

product_docs/docs/biganimal/release/getting_started/02_connecting_to_your_cloud/index.mdx

@@ -30,53 +30,44 @@ Before connecting to your cloud,
       - bash shell version 4.0 or above.
 
       - [jq](https://stedolan.github.io/jq/) JSON parser.
+
       - BigAnimal CLI version 1.4 or later. For detailed steps, see [Installing the CLI](../../reference/cli/#installing-the-cli).
 
+ - Be aware that BigAnimal requires permissions to run Kubernetes cluster services for PostgreSQL workloads and the associated storage services. It requires a set of supporting permissions:
+
+    - Services for monitoring and logging to produce service telemetry information.
+
+    - To set up networking so PostgreSQL workloads are reachable by customer applications and telemetry data is collected.
+
+    - To provision vaults for safe storage of data at rest encryption keys.
+
+    - To create workload identities and manage their permissions.
+
+    - And, a small set of supporting permissions to ensure access to the services above and availability of cloud account information.
+
+  The scope of these permissions are limited to the associated cloud account. 
+
  - Ensure that the BigAnimal login user running the CLI is assigned either the owner or the contributor role.
 
 Perform the following steps:
 
 1. Open the [Azure Cloud Shell](https://shell.azure.com/) or the [AWS Cloud Shell](https://console.aws.amazon.com/cloudshell) in your browser.
 
-1. Log in to BigAnimal as a user with either the owner or the contributor role.
+1.  Create a BigAnimal CLI credential:
 
    ```shell
-   biganimal create-credential --name <UserLogin> --address portal.biganimal.com --port 443
+   ./biganimal create-credential --name <cred> --address portal.biganimal.com --port 443
    ```
 
-1. Run the `setup-csp` command to set up your cloud provider. The synatx is:
+1. Run the `setup-csp` command to set up your cloud provider:
 
     ```shell
-    setup-csp --provider
-          {--account-id | --subscription-id}
-          --region
-          [--instance-type --cluster-architecture --networking | --skip-preflight]
-          [--run]
+    ./biganimal setup-csp 
     ```
  !!! Important
      Do not delete the `ba-passport.json` file created in your working directory. It contains important identity and access management information used by `connect-csp` while connecting to your cloud.
- Here is an example of setting up an AWS account:
-
-    ```shell
-   biganimal setup-csp --provider aws --account-id 123456789102  --region us-east-1 --instance-type aws:r5.large --cluster-architecture ha --networking private --run
-   ```
-
- Here is an example if setting up an Azure account:
-    ```shell
-   biganimal setup-csp --provider azure --subscription-id abc12345-1234-1234-abcd-12345678901 --region eastus --instance-type azure:Standard_E4s_v3 --cluster-architecture ha --networking private --run
-   ```
-
-   For more information on the command arguments, run the following command:
-
-   ```shell
-   biganimal setup-csp --help
-   ```
-
- Alternatively, you can enable the CLI interactive mode to have the CLI guide you through the process:
-   ```shell
-   biganimal config set interactive_mode on
-   biganimal setup-csp
-   ```
+
+
  !!! Tip
      Your organization might require you to review the scripts that are invoked while setting up your cloud account. To generate the scripts invoked by `setup-csp`, execute the command without the `--run` option. You can now review and manually execute `ba-csp-preflight` and then `ba-csp-setup` from your working directory.
 
@@ -91,6 +82,6 @@ Perform the following steps:
 
 1. If the cloud readiness checks pass, your cloud account is successfully set up. Connect your cloud account to BigAnimal with following command.
    ```shell
-   biganimal connect-csp --provider  <cloud-service-provider>
+   ./biganimal connect-csp --provider  <cloud-service-provider>
    ```
  Once your cloud account is successfully connected to BigAnimal, you, and other users with the correct permissions, can create clusters.

product_docs/docs/biganimal/release/getting_started/index.mdx

@@ -5,8 +5,8 @@ navigation:
  - 00_free_trial
  - identity_provider
  - 02_azure_market_setup
- - 02_connecting_to_your_cloud
  - preparing_cloud_account
+ - 02_connecting_to_your_cloud
  - creating_a_cluster
 ---
 

product_docs/docs/biganimal/release/reference/cli.mdx

@@ -39,6 +39,14 @@ The CLI is available for Linux, MacOS, and Windows operating systems.
         echo "$(<biganimal_darwin_amd64.sha256)  biganimal" | shasum -a256 -c
         ```
 
+### Make the CLI command executable within Cloud Shell
+
+Change the permissions of the CLI to make it executable within Cloud Shell:
+
+```shell
+chmod +x biganimal
+```
+
 
 ## Authenticate as a valid user
 
@@ -317,7 +325,7 @@ After the cluster is created, you can update attributes of the cluster including
 For example, to set the public allowed IP range list, use the `--cidr-blocks` flag:
 
 ```shell
-biganimal update-cluster --name my-biganimal-cluster --provider azure \
+./biganimal update-cluster --name my-biganimal-cluster --provider azure \
   --region eastus \
   --cidr-blocks "9.9.9.9/28=Traffic from App A"
 ```