From 994f151b01cab708f256192ff21304e9b964b924 Mon Sep 17 00:00:00 2001
From: Michele Cyran <michele@redpanda.com>
Date: Tue, 29 Oct 2024 16:20:19 -0600
Subject: [PATCH] DOC-646 Document AWS BYOC prereqs (#96)

* DOC-646 AWS BYOC user requirements

* add bullet for IAM policies

* minor edits

* Update modules/get-started/pages/cluster-types/byoc/aws/create-byoc-cluster-aws.adoc

Co-authored-by: Kat Batuigas <36839689+kbatuigas@users.noreply.github.com>

* clarifying edit from doc review

"This page lists the IAM permissions Redpanda needs to create a BYOC cluster. No IAM permissions are required for Redpanda Cloud users."

---------

Co-authored-by: Kat Batuigas <36839689+kbatuigas@users.noreply.github.com>
---
 .../byoc/aws/create-byoc-cluster-aws.adoc         | 15 +++++++++++++++
 .../byoc/azure/create-byoc-cluster-azure.adoc     |  2 +-
 modules/manage/pages/rpk/rpk-install.adoc         |  2 +-
 modules/security/partials/iam-policies.adoc       |  2 +-
 4 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/modules/get-started/pages/cluster-types/byoc/aws/create-byoc-cluster-aws.adoc b/modules/get-started/pages/cluster-types/byoc/aws/create-byoc-cluster-aws.adoc
index c77c5dcc..946c38df 100644
--- a/modules/get-started/pages/cluster-types/byoc/aws/create-byoc-cluster-aws.adoc
+++ b/modules/get-started/pages/cluster-types/byoc/aws/create-byoc-cluster-aws.adoc
@@ -6,6 +6,21 @@ To create a Redpanda cluster in your virtual private cloud (VPC), follow the ins
 
 See also: xref:get-started:cloud-overview.adoc#redpanda-cloud-architecture[Redpanda Cloud architecture].
 
+== Prerequisites
+
+With BYOC, Redpanda manages security policies and resources for your VPC, including subnetworks, service accounts, IAM roles, firewall rules, and storage buckets. Before you deploy a BYOC cluster on AWS, check that the user creating the cluster has the following prerequisites: 
+
+* A minimum version of Redpanda `rpk` v24.1. See xref:manage:rpk/rpk-install.adoc[].
+* The permissions necessary to launch infrastructure for running Redpanda. See xref:security:authorization/cloud-iam-policies.adoc[IAM policies].
+* The AWS variables necessary to authenticate. Use either:
++
+--
+** `AWS_PROFILE` or
+** `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
+
+To verify access, you should be able to successfully run `aws sts get-caller-identity` for your region. See the https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html[AWS CLI reference^].
+--
+
 == Create a BYOC cluster
 
 . Log in to https://cloud.redpanda.com[Redpanda Cloud^].
diff --git a/modules/get-started/pages/cluster-types/byoc/azure/create-byoc-cluster-azure.adoc b/modules/get-started/pages/cluster-types/byoc/azure/create-byoc-cluster-azure.adoc
index c5d77603..9b6cbee1 100644
--- a/modules/get-started/pages/cluster-types/byoc/azure/create-byoc-cluster-azure.adoc
+++ b/modules/get-started/pages/cluster-types/byoc/azure/create-byoc-cluster-azure.adoc
@@ -10,7 +10,7 @@ Before you deploy a BYOC cluster on Azure, check all prerequisites to ensure tha
 
 === Verify rpk version
 
-Confirm you have a minimum version of Redpanda `rpk` v24.1. See xref:reference:rpk/rpk-version.adoc[`rpk version`] or xref:manage:rpk/intro-to-rpk.adoc[].
+Confirm you have a minimum version of Redpanda `rpk` v24.1. See xref:manage:rpk/rpk-install.adoc[].
 
 === Prepare your Azure subscription
 
diff --git a/modules/manage/pages/rpk/rpk-install.adoc b/modules/manage/pages/rpk/rpk-install.adoc
index 3e4463bb..95c6b6a1 100644
--- a/modules/manage/pages/rpk/rpk-install.adoc
+++ b/modules/manage/pages/rpk/rpk-install.adoc
@@ -1,4 +1,4 @@
-= Install rpk
+= Install or Update rpk
 :page-aliases: get-started:rpk-install.adoc, quickstart:rpk-install.adoc
 :page-categories: rpk
 include::ROOT:get-started:rpk-install.adoc[tag=single-source]
diff --git a/modules/security/partials/iam-policies.adoc b/modules/security/partials/iam-policies.adoc
index 6e012d2d..fdb30f30 100644
--- a/modules/security/partials/iam-policies.adoc
+++ b/modules/security/partials/iam-policies.adoc
@@ -4,7 +4,7 @@ agent access, so that brokers can communicate with the BYOC clusters.
 
 See also: xref:get-started:cloud-overview.adoc#byoc-architecture[BYOC architecture]
 
-NOTE: This page lists the IAM permissions Redpanda uses. Nothing is required by Redpanda Cloud users. 
+NOTE: This page lists the IAM permissions Redpanda needs to create a BYOC cluster. No IAM permissions are required for Redpanda Cloud users. 
 
 ifdef::env-aws[]
 == AWS IAM policies