OSDOCS-16120 updated modules

Author: wgabor0427

_topic_maps/_topic_map.yml

@@ -1233,11 +1233,11 @@ Topics:
     File: zero-trust-manager-configuration
   - Name: Configuring Zero Trust Workload Identity Manager OIDC Federation
     File: zero-trust-manager-oidc-federation
-  - Name: Monitoring Zero Trust Workload Identity Manager
-    File: zero-trust-manager-monitoring
   - Name: Enabling create-only mode for the Zero Trust Workload Identity Manager
     File: zero-trust-manager-reconciliation
-  - Name: Uninstalling Zero Trust Workload Identity Manager
+  - Name: Monitoring Zero Trust Workload Identity Manager
+    File: zero-trust-manager-monitoring
+  - Name: Uninstalling the Zero Trust Workload Identity Manager
     File: zero-trust-manager-uninstall
 - Name: External Secrets Operator for Red Hat OpenShift
   Dir: external_secrets_operator

modules/zero-trust-manager-config-azure-blob.adoc

@@ -0,0 +1,39 @@
+// Module included in the following assemblies:
+//
+// * security/zero_trust_workload_identity_manageer/zero-trust-manager-oidc-federation.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="zero-trust-manager-configure-azure-blob_{context}"]
+= Configuring Azure blob storage
+
+You need to create a new storage account to be used to store content.
+
+.Procedure
+
+. Create a new storage account that is used to store content by running the following command:
++
+[source,terminal]
+----
+$ az storage account create \
+  --name ${STORAGE_ACCOUNT} \
+  --resource-group ${RESOURCE_GROUP} \
+  --location ${LOCATION} \
+  --encryption-services blob
+----
+
+. Obtain the storage ID for the newly created storage account by running the following command:
++
+[source,terminal]
+----
+$ export STORAGE_ACCOUNT_ID=$(az storage account show -n ${STORAGE_ACCOUNT} -g ${RESOURCE_GROUP} --query id --out tsv)
+----
+
+. Create a storage container inside the newly created storage account to provide a location to support the storage of blobs by running the following command:
++
+[source,terminal]
+----
+$ az storage container create \
+  --account-name ${STORAGE_ACCOUNT} \
+  --name ${STORAGE_CONTAINER} \
+  --auth-mode login
+----

modules/zero-trust-manager-config-azure-identity.adoc

@@ -0,0 +1,39 @@
+// Module included in the following assemblies:
+//
+// * security/zero_trust_workload_identity_manageer/zero-trust-manager-oidc-federation.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="zero-trust-manager-configure-azure-identity_{context}"]
+= Configuring an Azure user managed identity
+
+You need to Create a new User Managed Identity and then obtain the Client ID of the related Service Principal associated with the User Managed Identity.
+
+.Procedure
+
+. Create a new User Managed Identity and then obtain the Client ID of the related Service Principal associated with the User Managed Identity by running the following command:
++
+[source,terminal]
+----
+$ az identity create \
+  --name ${USER_ASSIGNED_IDENTITY_NAME} \
+  --resource-group ${RESOURCE_GROUP}
+
+$ export IDENTITY_CLIENT_ID=$(az identity show --resource-group "${RESOURCE_GROUP}" --name "${USER_ASSIGNED_IDENTITY_NAME}" --query 'clientId' -otsv)
+----
+
+. Retrieve the `CLIENT_ID` of an Azure user-assigned managed identity and save it as an environment variable by running the following command:
++
+[source,terminal]
+----
+$ export IDENTITY_CLIENT_ID=$(az identity show --resource-group "${RESOURCE_GROUP}" --name "${USER_ASSIGNED_IDENTITY_NAME}" --query 'clientId' -otsv)
+----
+
+. Associate a role with the Service Principal associated with the User Managed Identity by running the following command:
++
+[source,terminal]
+----
+$ az role assignment create \
+  --role "Storage Blob Data Contributor" \
+  --assignee "${IDENTITY_CLIENT_ID}" \
+  --scope ${STORAGE_ACCOUNT_ID}
+----