From d9739db5fcb528c1823cd150faf102c8ee5c40da Mon Sep 17 00:00:00 2001 From: cswatt Date: Wed, 15 Apr 2026 12:15:30 -0700 Subject: [PATCH] tag files in account management folder --- content/en/account_management/_index.md | 28 +++---- content/en/account_management/api-app-keys.md | 14 ++-- .../account_management/audit_trail/_index.md | 34 ++++----- .../audit_trail/forwarding_audit_events.md | 34 ++++----- ...hboard_access_and_configuration_changes.md | 8 +- ...onitor_access_and_configuration_changes.md | 8 +- .../authn_mapping/_index.md | 2 +- .../en/account_management/billing/_index.md | 6 +- .../en/account_management/billing/alibaba.md | 2 +- content/en/account_management/billing/aws.md | 2 +- .../account_management/billing/credit_card.md | 4 +- .../billing/google_cloud.md | 2 +- .../billing/incident_response.md | 10 +-- content/en/account_management/billing/oci.md | 12 +-- .../billing/product_allotments.md | 2 +- .../account_management/billing/serverless.md | 2 +- .../billing/usage_attribution.md | 2 +- .../billing/usage_monitor_apm.md | 2 +- .../billing/workflow_automation.md | 2 +- .../cloud_provider_authentication.md | 2 +- content/en/account_management/delete_data.md | 8 +- .../faq/usage_control_apm.md | 2 +- .../governance_console/_index.md | 2 +- .../governance_console/controls.md | 26 +++---- .../en/account_management/login_methods.md | 10 +-- .../multi-factor_authentication.md | 20 ++--- .../account_management/multi_organization.md | 16 ++-- content/en/account_management/org_settings.md | 16 ++-- .../org_settings/cross_org_visibility.md | 38 +++++----- .../org_settings/custom_landing.md | 8 +- .../org_settings/domain_allowlist.md | 6 +- .../org_settings/ip_allowlist.md | 20 ++--- .../org_settings/mobile_third_party_access.md | 12 +-- .../org_settings/service_accounts.md | 24 +++--- .../en/account_management/org_switching.md | 2 +- .../personal-access-tokens.md | 10 +-- .../plan_and_usage/_index.md | 12 +-- .../plan_and_usage/bill_overview.md | 72 +++++++++--------- .../plan_and_usage/cost_details.md | 38 +++++----- .../plan_and_usage/usage_details.md | 8 +- content/en/account_management/rbac/_index.md | 14 ++-- .../en/account_management/rbac/data_access.md | 18 ++--- .../rbac/granular_access.md | 2 +- .../en/account_management/rbac/permissions.md | 8 +- .../en/account_management/safety_center.md | 12 +-- content/en/account_management/saml/_index.md | 6 +- .../account_management/saml/configuration.md | 14 ++-- content/en/account_management/saml/entra.md | 6 +- content/en/account_management/saml/google.md | 10 +-- content/en/account_management/saml/mapping.md | 28 +++---- .../saml/mobile-idp-login.md | 6 +- content/en/account_management/saml/okta.md | 54 ++++++------- content/en/account_management/saml/safenet.md | 6 +- .../saml/troubleshooting.md | 12 +-- content/en/account_management/scim/entra.md | 38 +++++----- content/en/account_management/scim/okta.md | 76 +++++++++---------- content/en/account_management/teams/_index.md | 34 ++++----- content/en/account_management/teams/github.md | 10 +-- content/en/account_management/teams/manage.md | 22 +++--- content/en/account_management/users/_index.md | 34 ++++----- 60 files changed, 469 insertions(+), 469 deletions(-) diff --git a/content/en/account_management/_index.md b/content/en/account_management/_index.md index 595d1f35970..711159a2b22 100644 --- a/content/en/account_management/_index.md +++ b/content/en/account_management/_index.md @@ -25,7 +25,7 @@ The personal settings pages in Datadog allow you to control how you appear to ot ### Profile -Your profile is how others in your organization recognize you in Datadog. Set or update your name, email address, and title from the [Profile tab][11] within the **Personal Settings** page. +Your profile is how others in your organization recognize you in Datadog. Set or update your name, email address, and title from the [Profile tab][11] within the {{< ui >}}Personal Settings{{< /ui >}} page. To update your picture, create an account on [Gravatar][1] and associate it with your email address. @@ -34,7 +34,7 @@ If you log in to Datadog using Google authentication, your email address is prov ### Preferences {{% site-region region="us,us3,us5,eu,ap1,ap2" %}} -You can manage your time zone, time format, visual accessibility preference, and email subscriptions from the [Preferences tab][3] within the **Personal Settings** page. +You can manage your time zone, time format, visual accessibility preference, and email subscriptions from the [Preferences tab][3] within the {{< ui >}}Personal Settings{{< /ui >}} page. #### Email subscriptions @@ -46,12 +46,12 @@ Under email subscriptions, you have access to the following reports: * Daily Digest * Weekly Digest -If you are unsure if an email digest is relevant to you, you can view an example by clicking the **Example** link next to each email subscription. You can also use the **Unsubscribe From All** button to unsubscribe from all email subscriptions. +If you are unsure if an email digest is relevant to you, you can view an example by clicking the {{< ui >}}Example{{< /ui >}} link next to each email subscription. You can also use the {{< ui >}}Unsubscribe From All{{< /ui >}} button to unsubscribe from all email subscriptions. {{% /site-region %}} {{% site-region region="gov" %}} -You can manage your time zone, time format, and visual accessibility preference from the [**Preferences** tab][3] within the **Personal Settings** page. +You can manage your time zone, time format, and visual accessibility preference from the [**Preferences** tab][3] within the {{< ui >}}Personal Settings{{< /ui >}} page. {{% /site-region %}} #### Time format @@ -66,11 +66,11 @@ The visual accessibility preference has five different settings to address color ### Organizations -The [Organizations tab][12] in **Personal Settings** lists all of the organizations you are associated with. Switch between these organizations from this page or by hovering over the account menu in the left-side navigation. +The [Organizations tab][12] in {{< ui >}}Personal Settings{{< /ui >}} lists all of the organizations you are associated with. Switch between these organizations from this page or by hovering over the account menu in the left-side navigation. **Note**: If you leave an organization, you cannot rejoin unless invited by an administrator in that organization. -To join an existing organization, you must be invited by an administrator. After you are invited, you are sent an email with the subject "You've been invited to join \". Click the **Join Account** button in the email. +To join an existing organization, you must be invited by an administrator. After you are invited, you are sent an email with the subject "You've been invited to join \". Click the {{< ui >}}Join Account{{< /ui >}} button in the email. If you are an organization administrator, reference the additional documentation to: @@ -84,11 +84,11 @@ If you are an organization administrator, reference the additional documentation #### Application keys -The [Application Keys tab][13] in **Personal Settings** allows you to manage your application keys. To copy a key, hover over it until the **Copy Key** icon appears to the right, and click on it. You can also click into a specific key to edit its name, view when it was created, view the profile of the key's owner, copy it, or revoke it. +The [Application Keys tab][13] in {{< ui >}}Personal Settings{{< /ui >}} allows you to manage your application keys. To copy a key, hover over it until the {{< ui >}}Copy Key{{< /ui >}} icon appears to the right, and click on it. You can also click into a specific key to edit its name, view when it was created, view the profile of the key's owner, copy it, or revoke it. #### Apps -The [Apps tab][14] in **Personal Settings** allows you to manage apps that have been installed or created by members of your organization. You can filter apps with a search string, or choose to view only enabled or disabled apps using checkboxes. +The [Apps tab][14] in {{< ui >}}Personal Settings{{< /ui >}} allows you to manage apps that have been installed or created by members of your organization. You can filter apps with a search string, or choose to view only enabled or disabled apps using checkboxes. When you hover over an app, the option to enable or disable it appears on the right of the app listing. @@ -108,10 +108,10 @@ Unverified users can still access Datadog, but are limited to viewing organizati #### Verify your email To verify your email: -1. Navigate to your **Profile Settings**. -2. Click on **Verify Account**. +1. Navigate to your {{< ui >}}Profile Settings{{< /ui >}}. +2. Click on {{< ui >}}Verify Account{{< /ui >}}. 3. Enter the **verification code** sent to your registered email. -4. Click **Submit** to complete the verification process. +4. Click {{< ui >}}Submit{{< /ui >}} to complete the verification process. #### Log out of all active web sessions @@ -120,8 +120,8 @@ Logging out of all active web sessions logs you out of all current sessions acro To log out of all active sessions: -1. Go to **Personal Settings**. -2. Click **Log Out of All Web Sessions**. +1. Go to {{< ui >}}Personal Settings{{< /ui >}}. +2. Click {{< ui >}}Log Out of All Web Sessions{{< /ui >}}. 3. Confirm the action. After confirming, you are logged out from all devices and need to log back in. @@ -130,7 +130,7 @@ After confirming, you are logged out from all devices and need to log back in. View Datadog in dark mode by hovering over your avatar in the sidebar, or by pressing `Ctrl+Opt+D` / `Ctrl+Alt+D`. -To adapt to your computer's appearance setting, select the *System* option. This automatically matches Datadog's appearance to the theme you've set at the OS level. +To adapt to your computer's appearance setting, select the {{< ui >}}System{{< /ui >}} option. This automatically matches Datadog's appearance to the theme you've set at the OS level. ## Connecting to GitHub diff --git a/content/en/account_management/api-app-keys.md b/content/en/account_management/api-app-keys.md index fd6f6d6aaa8..1c9000d9f90 100644 --- a/content/en/account_management/api-app-keys.md +++ b/content/en/account_management/api-app-keys.md @@ -60,7 +60,7 @@ In order to use application keys with these APIs, you must enable Actions API ac {{< img src="account_management/click-enable-actions-api-access.png" alt="Click Enable for Actions API Access" style="width:80%;" >}} -**Note**: The **Last used** section only shows if [Audit Trail is enabled][22] in the account and you have [`Audit Trail Read`][23] permission. +**Note**: The {{< ui >}}Last used{{< /ui >}} section only shows if [Audit Trail is enabled][22] in the account and you have [`Audit Trail Read`][23] permission. ## Client tokens @@ -70,7 +70,7 @@ For security reasons, API keys cannot be used to send data from a browser, mobil - The log collectors for [web browser][8], [Android][9], [iOS][10], [React Native][11], [Flutter][12], and [Roku][13] submit logs. - [Real User Monitoring][14] applications submit events and logs. -Client tokens are unique to your organization. To manage your client tokens, go to **Organization Settings**, then click the **Client Tokens** tab. +Client tokens are unique to your organization. To manage your client tokens, go to {{< ui >}}Organization Settings{{< /ui >}}, then click the {{< ui >}}Client Tokens{{< /ui >}} tab. **Note**: When a user who created a client token is deactivated, the client token remains active. @@ -79,9 +79,9 @@ Client tokens are unique to your organization. To manage your client tokens, go To add a Datadog API key or client token: 1. Navigate to Organization settings, then click the [**API keys**][1] or [**Client Tokens**][15] tab. -2. Click the **New Key** or **New Client Token** button, depending on which you're creating. +2. Click the {{< ui >}}New Key{{< /ui >}} or {{< ui >}}New Client Token{{< /ui >}} button, depending on which you're creating. 3. Enter a name for your key or token. -4. Click **Create API key** or **Create Client Token**. +4. Click {{< ui >}}Create API key{{< /ui >}} or {{< ui >}}Create Client Token{{< /ui >}}. {{< img src="account_management/api-key.png" alt="Navigate to the API Keys page for your organization in Datadog" style="width:80%;" >}} @@ -92,11 +92,11 @@ To add a Datadog API key or client token: ## Remove API keys or client tokens -To remove a Datadog API key or client token, navigate to the list of keys or tokens, and click the **Delete** {{< img src="icons/delete.png" inline="true" style="width:14px;">}} icon next to the key or token you want to remove. +To remove a Datadog API key or client token, navigate to the list of keys or tokens, and click the {{< ui >}}Delete{{< /ui >}} {{< img src="icons/delete.png" inline="true" style="width:14px;">}} icon next to the key or token you want to remove. ## Add application keys -To add a Datadog application key, navigate to [**Organization Settings** > **Application Keys**][2]. If you have the [permission][3] to create application keys, click **New Key**. +To add a Datadog application key, navigate to [**Organization Settings** > **Application Keys**][2]. If you have the [permission][3] to create application keys, click {{< ui >}}New Key{{< /ui >}}. {{< img src="account_management/app-key.png" alt="Navigate to the Application Keys page for your organization in Datadog" style="width:80%;" >}} @@ -112,7 +112,7 @@ To add a Datadog application key, navigate to [**Organization Settings** > **App ## Remove application keys -To remove a Datadog application key, navigate to [**Organization Settings** > **Application Keys**][2]. If you have the [permission][3] to create and manage application keys, you can see your own keys and click **Revoke** next to the key you want to revoke. If you have the permission to manage all org application keys, you can search for the key you want to revoke and click **Revoke** next to it. +To remove a Datadog application key, navigate to [**Organization Settings** > **Application Keys**][2]. If you have the [permission][3] to create and manage application keys, you can see your own keys and click {{< ui >}}Revoke{{< /ui >}} next to the key you want to revoke. If you have the permission to manage all org application keys, you can search for the key you want to revoke and click {{< ui >}}Revoke{{< /ui >}} next to it. ## Key propagation delay and eventual consistency diff --git a/content/en/account_management/audit_trail/_index.md b/content/en/account_management/audit_trail/_index.md index ee3d7a8c91b..fa83e9f957a 100644 --- a/content/en/account_management/audit_trail/_index.md +++ b/content/en/account_management/audit_trail/_index.md @@ -49,7 +49,7 @@ You can also analyze Audit Trail events with [Cloud SIEM][15] to detect threats ## Setup -To enable Datadog Audit Trail, navigate to your [Organization Settings][3] and select *Audit Trail Settings* under *COMPLIANCE*. Click the **Enable** button. +To enable Datadog Audit Trail, navigate to your [Organization Settings][3] and select {{< ui >}}Audit Trail Settings{{< /ui >}} under {{< ui >}}COMPLIANCE{{< /ui >}}. Click the {{< ui >}}Enable{{< /ui >}} button. {{< img src="account_management/audit_logs/audit_trail_settings.png" alt="The Audit Trail Settings page showing it disabled" style="width:85%;">}} @@ -68,11 +68,11 @@ Only users with `Audit Trail Write` permission can enable or disable Audit Trail Archiving is an optional feature for Audit Trail. You can use archiving to write to Amazon S3, Google Cloud Storage, or Azure Storage and have your SIEM system read events from it. After creating or updating your archive configurations, it can take several minutes before the next archive upload is attempted. Events are uploaded to the archive every 15 minutes, so check back on your storage bucket in 15 minutes to make sure the archives are successfully being uploaded from your Datadog account. -To enable archiving for Audit Trail, navigate to your [Organization Settings][3] and select *Audit Trail Settings* under *Compliance*. Scroll down to Archiving and click the Store Events toggle to enable. +To enable archiving for Audit Trail, navigate to your [Organization Settings][3] and select {{< ui >}}Audit Trail Settings{{< /ui >}} under {{< ui >}}Compliance{{< /ui >}}. Scroll down to Archiving and click the {{< ui >}}Store Events{{< /ui >}} toggle to enable. ### Retention -Retaining events is an optional feature for Audit Trail. In the **Retention Period** section, click the **Change retention period** to select a retention length appropriate for your use case. +Retaining events is an optional feature for Audit Trail. In the {{< ui >}}Retention Period{{< /ui >}} section, click the {{< ui >}}Change retention period{{< /ui >}} to select a retention length appropriate for your use case. When Audit Trail is enabled, the default retention period for an audit trail event is 90 days. You can set the retention period to: 3, 7, 15, 30, or 90 days. @@ -115,16 +115,16 @@ Efficient troubleshooting requires your data to be in the proper scope to permit All saved views, that are not your default view, are shared across your organization: -* **Integration saved views** come out-of-the-box with Audit Trail. These views are read-only, and identified by the Datadog logo. -* **Custom saved views** are created by users. They are editable by any user in your organization (except [read only users][6]), and identified with the avatar of the user who created them Click the **Save** button to create a new custom saved view from the current content of your explorer. +* {{< ui >}}Integration saved views{{< /ui >}} come out-of-the-box with Audit Trail. These views are read-only, and identified by the Datadog logo. +* {{< ui >}}Custom saved views{{< /ui >}} are created by users. They are editable by any user in your organization (except [read only users][6]), and identified with the avatar of the user who created them Click the {{< ui >}}Save{{< /ui >}} button to create a new custom saved view from the current content of your explorer. At any moment, from the saved view entry in the Views panel: -* **Load** or **reload** a saved view. -* **Update** a saved view with the configuration of the current view. -* **Rename** or **delete** a saved view. -* **Share** a saved view through a short-link. -* **Star** (turn into a favorite) a saved view so that it appears on top of your saved view list, and is accessible directly from the navigation menu. +* {{< ui >}}Load{{< /ui >}} or {{< ui >}}reload{{< /ui >}} a saved view. +* {{< ui >}}Update{{< /ui >}} a saved view with the configuration of the current view. +* {{< ui >}}Rename{{< /ui >}} or {{< ui >}}delete{{< /ui >}} a saved view. +* {{< ui >}}Share{{< /ui >}} a saved view through a short-link. +* {{< ui >}}Star{{< /ui >}} (turn into a favorite) a saved view so that it appears on top of your saved view list, and is accessible directly from the navigation menu. **Note:** Update, rename, and delete actions are disabled for integration saved views and [read only users][6]. @@ -139,9 +139,9 @@ Your existing Audit Trail explorer view is your default saved view. This configu At any moment, from the default view entry in the Views panel: -* **Reload** your default view by clicking on the entry. -* **Update** your default view with the current parameters. -* **Reset** your default view to Datadog's defaults for a fresh restart. +* {{< ui >}}Reload{{< /ui >}} your default view by clicking on the entry. +* {{< ui >}}Update{{< /ui >}} your default view with the current parameters. +* {{< ui >}}Reset{{< /ui >}} your default view to Datadog's defaults for a fresh restart. ### Notable Events @@ -176,7 +176,7 @@ The Inspect Changes (Diff) tab in the audit event details panel compares the con Reference Tables allow you to combine metadata with audit events, providing more information to investigate Datadog user behavior. Add a query filter based on a Reference Table to perform lookup queries. For more information on activating and managing this feature, see the [Reference Tables][2] guide. -To apply a query filter with Reference Tables, click on the `+ Add` button next to the query editor and select **Join with Reference Table**. In the following example, the Reference Table query filter is used to search for dashboards modified by users who are accessing Datadog from non-authorized IP addresses: +To apply a query filter with Reference Tables, click on the {{< ui >}}+ Add{{< /ui >}} button next to the query editor and select {{< ui >}}Join with Reference Table{{< /ui >}}. In the following example, the Reference Table query filter is used to search for dashboards modified by users who are accessing Datadog from non-authorized IP addresses: {{< img src="account_management/audit_logs/reference_tables.png" alt="The Datadog Audit Trail explorer with reference table search options highlighted" border="true" popup="true" style="width:100%;" >}} @@ -207,9 +207,9 @@ You can save your Audit Trail query as a dashboard and send out a scheduled repo To create a scheduled report: 1. Navigate to [Audit Trail][1], enter your query to filter your audit events. -1. Click **More** and select **Save to dashboard**. +1. Click {{< ui >}}More{{< /ui >}} and select {{< ui >}}Save to dashboard{{< /ui >}}. - You can either save to an existing dashboard or create a new dashboard. -1. On your dashboard, click **Share** and select **Schedule report**. +1. On your dashboard, click {{< ui >}}Share{{< /ui >}} and select {{< ui >}}Schedule report{{< /ui >}}. 1. Follow the instructions in [Schedule a Report][17] to set up your report. ## Download Audit Events as CSV @@ -219,7 +219,7 @@ Datadog Audit Trail allows you to download up to 100K audit events as a CSV file To export audit events as CSV: 1. Run the appropriate search query that captures the events you are interested in 2. Add event fields as columns in the view that you want as part of CSV -3. Click on Download as CSV +3. Click on {{< ui >}}Download as CSV{{< /ui >}} 4. Select the number of events to export and export as CSV ## Out-of-the-box dashboard diff --git a/content/en/account_management/audit_trail/forwarding_audit_events.md b/content/en/account_management/audit_trail/forwarding_audit_events.md index fc2e15ee236..b16c7f1917f 100644 --- a/content/en/account_management/audit_trail/forwarding_audit_events.md +++ b/content/en/account_management/audit_trail/forwarding_audit_events.md @@ -24,22 +24,22 @@ Audit Event Forwarding allows you to send audit events from Datadog to custom de 1. Add webhook IPs from the [IP ranges list][1] to the allowlist if necessary. 2. Navigate to [Audit Trail Settings][2]. -3. Click **Add Destination** in the **Audit Event Forwarding** section. +3. Click {{< ui >}}Add Destination{{< /ui >}} in the {{< ui >}}Audit Event Forwarding{{< /ui >}} section. 4. Enter the query to filter your audit events for forwarding. For example, add `@action:login` as the query to filter if you only want to forward login events to your SIEM or custom destination. See [Search Syntax][3] for more information. -5. Select the **Destination Type**. +5. Select the {{< ui >}}Destination Type{{< /ui >}}. {{< tabs >}} {{% tab "HTTP" %}} 6. Enter a name for the destination. -7. In the **Define endpoint** field, enter the endpoint to which you want to send the logs. The endpoint must start with `https://`. - - For example, if you want to send logs to Sumo Logic, follow their [Configure HTTP Source for Logs and Metrics documentation][1] to get the HTTP Source Address URL to send data to their collector. Enter the HTTP Source Address URL in the **Define endpoint** field. -8. In the **Configure Authentication** section, select one of the following authentication types and provide the relevant details: +7. In the {{< ui >}}Define endpoint{{< /ui >}} field, enter the endpoint to which you want to send the logs. The endpoint must start with `https://`. + - For example, if you want to send logs to Sumo Logic, follow their [Configure HTTP Source for Logs and Metrics documentation][1] to get the HTTP Source Address URL to send data to their collector. Enter the HTTP Source Address URL in the {{< ui >}}Define endpoint{{< /ui >}} field. +8. In the {{< ui >}}Configure Authentication{{< /ui >}} section, select one of the following authentication types and provide the relevant details: - Basic Authentication: Provide the username and password for the account to which you want to send logs. - Request Header: Provide the header name and value. For example, if you use the Authorization header and the username for the account to which you want to send logs is `myaccount` and the password is `mypassword`: - - Enter `Authorization` for the **Header Name**. + - Enter `Authorization` for the {{< ui >}}Header Name{{< /ui >}}. - The header value is in the format of `Basic username:password`, where `username:password` is encoded in base64. For this example, the header value is `Basic bXlhY2NvdW50Om15cGFzc3dvcmQ=`. - 9. Click **Save**. + 9. Click {{< ui >}}Save{{< /ui >}}. [1]: https://help.sumologic.com/docs/send-data/hosted-collectors/http-source/logs-metrics/ {{% /tab %}} @@ -47,9 +47,9 @@ Audit Event Forwarding allows you to send audit events from Datadog to custom de {{% tab "Splunk" %}} 6. Enter a name for the destination. -7. In the **Configure Destination** section, enter the endpoint to which you want to send the logs. The endpoint must start with `https://`. For example, enter `https://.splunkcloud.com:8088`. **Note**: `/services/collector/event` is automatically appended to the endpoint. -8. In the **Configure Authentication** section, enter the Splunk HEC token. See [Set up and use HTTP Event Collector][1] for more information about the Splunk HEC token. -9. Click **Save**. +7. In the {{< ui >}}Configure Destination{{< /ui >}} section, enter the endpoint to which you want to send the logs. The endpoint must start with `https://`. For example, enter `https://.splunkcloud.com:8088`. **Note**: `/services/collector/event` is automatically appended to the endpoint. +8. In the {{< ui >}}Configure Authentication{{< /ui >}} section, enter the Splunk HEC token. See [Set up and use HTTP Event Collector][1] for more information about the Splunk HEC token. +9. Click {{< ui >}}Save{{< /ui >}}. **Note**: The [indexer acknowledgment][2] needs to be disabled. @@ -60,12 +60,12 @@ Audit Event Forwarding allows you to send audit events from Datadog to custom de {{% tab "Elasticsearch" %}} 6. Enter a name for the destination. -7. In the **Configure Destination** section, enter the following details: +7. In the {{< ui >}}Configure Destination{{< /ui >}} section, enter the following details: 1. The endpoint to which you want to send the logs. The endpoint must start with `https://`. An example endpoint for Elasticsearch: `https://.us-central1.gcp.cloud.es.io`. 1. The name of the destination index where you want to send the logs. 1. Optionally, select the index rotation for how often you want to create a new index: `No Rotation`, `Every Hour`, `Every Day`, `Every Week`, or `Every Month`. The default is `No Rotation`. -8. In the **Configure Authentication** section, enter the username and password for your Elasticsearch account. -9. Click **Save**. +8. In the {{< ui >}}Configure Authentication{{< /ui >}} section, enter the username and password for your Elasticsearch account. +9. Click {{< ui >}}Save{{< /ui >}}. {{% /tab %}} {{% tab "Microsoft Sentinel" %}} @@ -74,12 +74,12 @@ Audit Event Forwarding allows you to send audit events from Datadog to custom de 6. Enter a name for the destination. 7. Authentication for the Microsoft Sentinel Forwarder requires configuring an App Registration through the Datadog Azure Integration. -8. In the **Configure Destination** section, enter the following details: +8. In the {{< ui >}}Configure Destination{{< /ui >}} section, enter the following details: | Setting | Description | Example | |---------------------------|----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------| -| **Logs Ingestion Endpoint** | Enter the endpoint on the Data Collection Endpoint (DCE) where logs are sent. This is labeled "Logs Ingestion" on the DCE Overview page. | `https://my-dce-5kyl.eastus-1.ingest.monitor.azure.com` | -| **Immutable ID** | Specify the immutable ID of the Data Collection Rule (DCR) where logging routes are defined, as found on the DCR Overview page as "Immutable Id". **Note**: Ensure the Monitoring Metrics Publisher role is assigned in the DCR IAM settings. | `dcr-000a00a000a00000a000000aa000a0aa` | -| **Stream Declaration Name**| Provide the name of the target Stream Declaration found in the Resource JSON of the DCR under `streamDeclarations`. | `Custom-MyTable` | +| {{< ui >}}Logs Ingestion Endpoint{{< /ui >}} | Enter the endpoint on the Data Collection Endpoint (DCE) where logs are sent. This is labeled "Logs Ingestion" on the DCE Overview page. | `https://my-dce-5kyl.eastus-1.ingest.monitor.azure.com` | +| {{< ui >}}Immutable ID{{< /ui >}} | Specify the immutable ID of the Data Collection Rule (DCR) where logging routes are defined, as found on the DCR Overview page as "Immutable Id". **Note**: Ensure the Monitoring Metrics Publisher role is assigned in the DCR IAM settings. | `dcr-000a00a000a00000a000000aa000a0aa` | +| {{< ui >}}Stream Declaration Name{{< /ui >}}| Provide the name of the target Stream Declaration found in the Resource JSON of the DCR under `streamDeclarations`. | `Custom-MyTable` | {{% /tab %}} {{< /tabs >}} diff --git a/content/en/account_management/audit_trail/guides/track_dashboard_access_and_configuration_changes.md b/content/en/account_management/audit_trail/guides/track_dashboard_access_and_configuration_changes.md index 400d5af8ea0..1d68ceecd47 100644 --- a/content/en/account_management/audit_trail/guides/track_dashboard_access_and_configuration_changes.md +++ b/content/en/account_management/audit_trail/guides/track_dashboard_access_and_configuration_changes.md @@ -35,7 +35,7 @@ To see usage information for the dashboard, use Audit Trail to search for all AP `@http.status_code:200` narrows down the results to successful requests only.
**Note**: You can also use the facet panel on the left side of the page to formulate the search query. 3. Select the timeframe in the upper right side of the page to see the events for a specific time period. -4. You can configure the **Group into fields** section and select different visualization tools to break down and analyze the data based on your use case. For example, if you set the `group by` field to `User Email` and click **Top List** in the **Visualize as** section, you get a top list of users who accessed the dashboard. +4. You can configure the {{< ui >}}Group into fields{{< /ui >}} section and select different visualization tools to break down and analyze the data based on your use case. For example, if you set the `group by` field to `User Email` and click {{< ui >}}Top List{{< /ui >}} in the {{< ui >}}Visualize as{{< /ui >}} section, you get a top list of users who accessed the dashboard. 5. See [Create a dashboard or a graph][3] if you want to put this information into a dashboard or graph. ## View recent dashboard configuration changes @@ -43,7 +43,7 @@ To see usage information for the dashboard, use Audit Trail to search for all AP You can use [event queries][7] in Audit Trail to see a list of dashboards that have had recent changes to their configurations. 1. Navigate to [Audit Trail][2]. -1. In the **Search for** field, paste a query to filter for the kind of changes you want to see. Here are some common examples: +1. In the {{< ui >}}Search for{{< /ui >}} field, paste a query to filter for the kind of changes you want to see. Here are some common examples: | Audit event | Query in audit explorer | |-----------------------------------|--------------------------------------------------------------| @@ -51,10 +51,10 @@ You can use [event queries][7] in Audit Trail to see a list of dashboards that h | [Recently modified dashboards][5] | `@evt.name:Dashboard @asset.type:dashboard @action:modified` | | [Recently deleted dashboards][6] | `@evt.name:Dashboard @asset.type:dashboard @action:deleted` | -1. Optionally, on the facet panel, use filters like **Asset ID** or **Asset Name** to narrow your results down to a specific dashboard. +1. Optionally, on the facet panel, use filters like {{< ui >}}Asset ID{{< /ui >}} or {{< ui >}}Asset Name{{< /ui >}} to narrow your results down to a specific dashboard. 1. For each event in the table, you can see the email address of the user who performed the last change, and a summary of what happened. - To see additional information about a specific change, click the row in the table. Then, click the **Inspect Changes (Diff)** tab to see the changes that were made to the dashboard's configuration: + To see additional information about a specific change, click the row in the table. Then, click the {{< ui >}}Inspect Changes (Diff){{< /ui >}} tab to see the changes that were made to the dashboard's configuration: {{< img src="account_management/audit_logs/dashboard_change_diff.png" alt="A text diff showing a new widget being added to the dashboard" style="width:100%;" >}} diff --git a/content/en/account_management/audit_trail/guides/track_monitor_access_and_configuration_changes.md b/content/en/account_management/audit_trail/guides/track_monitor_access_and_configuration_changes.md index 5821b9d4910..93eb2dd113c 100644 --- a/content/en/account_management/audit_trail/guides/track_monitor_access_and_configuration_changes.md +++ b/content/en/account_management/audit_trail/guides/track_monitor_access_and_configuration_changes.md @@ -34,7 +34,7 @@ To see usage information for the monitor, use Audit Trail to search for all API **Note**: You can also use the facet panel on the left side of the page to formulate the search query. 3. Select the timeframe in the upper right side of the page to see the events for a specific time period. -4. You can configure the **Group into fields** section and select different visualization tools to break down and analyze the data based on your use case. For example, if you set the `group by` field to `User Email` and click **Top List** in the **Visualize as** section, you get a top list of users who accessed the monitor. +4. You can configure the {{< ui >}}Group into fields{{< /ui >}} section and select different visualization tools to break down and analyze the data based on your use case. For example, if you set the `group by` field to `User Email` and click {{< ui >}}Top List{{< /ui >}} in the {{< ui >}}Visualize as{{< /ui >}} section, you get a top list of users who accessed the monitor. 5. See [Create a dashboard or a graph][3] if you want to put this information into a dashboard or graph. ## View recent monitor configuration changes @@ -42,7 +42,7 @@ To see usage information for the monitor, use Audit Trail to search for all API You can use [event queries][8] in Audit Trail to see a list of monitors that have had recent changes to their configurations. 1. Navigate to [Audit Trail][2]. -1. In the **Search for** field, paste a query to filter for the kind of changes you want to see. Here are some common examples: +1. In the {{< ui >}}Search for{{< /ui >}} field, paste a query to filter for the kind of changes you want to see. Here are some common examples: | Audit event | Query in audit explorer | |-----------------------|----------------------------------------------------------| @@ -51,10 +51,10 @@ You can use [event queries][8] in Audit Trail to see a list of monitors that hav | [Monitor deleted][6] | `@evt.name:Monitor @asset.type:monitor @action:deleted` | | [Monitor resolved][7] | `@evt.name:Monitor @asset.type:monitor @action:resolved` | -1. Optionally, on the facet panel, use filters like **Asset ID** or **Asset Name** to narrow your results down to a specific monitor. +1. Optionally, on the facet panel, use filters like {{< ui >}}Asset ID{{< /ui >}} or {{< ui >}}Asset Name{{< /ui >}} to narrow your results down to a specific monitor. 1. For each event in the table, you can see the email address of the user who performed the last change, and a summary of what happened. - To see additional information about a specific change, click the row in the table. Then, click the **Inspect Changes (Diff)** tab to see the changes that were made to the monitor's configuration: + To see additional information about a specific change, click the row in the table. Then, click the {{< ui >}}Inspect Changes (Diff){{< /ui >}} tab to see the changes that were made to the monitor's configuration: {{< img src="account_management/audit_logs/monitor_change_diff.png" alt="A text diff showing a `check_type: api` tag being added to the monitor" style="width:100%;" >}} diff --git a/content/en/account_management/authn_mapping/_index.md b/content/en/account_management/authn_mapping/_index.md index baa52e42bb8..af7ee7c20b4 100644 --- a/content/en/account_management/authn_mapping/_index.md +++ b/content/en/account_management/authn_mapping/_index.md @@ -14,7 +14,7 @@ If you are using Federated Authentication mechanisms, this API allows you to aut **Note**: If you are a SAML user, Datadog strongly recommends that you transition to using this API. -You can also create and manage mappings in the Datadog UI, on the **Mappings** tab in User Management. See [SAML group mapping][1] for more information. +You can also create and manage mappings in the Datadog UI, on the {{< ui >}}Mappings{{< /ui >}} tab in User Management. See [SAML group mapping][1] for more information. ## Requests diff --git a/content/en/account_management/billing/_index.md b/content/en/account_management/billing/_index.md index d2f94c51d23..c76ef9bd175 100644 --- a/content/en/account_management/billing/_index.md +++ b/content/en/account_management/billing/_index.md @@ -35,7 +35,7 @@ For more information about IoT billing, see the [Datadog Pricing page][7]. ## Plan details -To manage your **Payment Method** and view **Subscription Details**, you must be a Datadog Admin user. +To manage your {{< ui >}}Payment Method{{< /ui >}} and view {{< ui >}}Subscription Details{{< /ui >}}, you must be a Datadog Admin user. Alternately, roles with Billing Read (`billing_read`) and Billing Edit (`billing_edit`) [permissions][8] can access this data. @@ -45,7 +45,7 @@ The [**Payment Method**][9] section contains details on your payment options. {{< img src="account_management/billing/PaymentMethodOverview.png" alt="Payment method on the Plan page" style="width:90%;" >}} -**Edit Payment** provides options to manage payment methods. You can edit or remove cards, and request to change your payment method from card to invoice and vice versa. +{{< ui >}}Edit Payment{{< /ui >}} provides options to manage payment methods. You can edit or remove cards, and request to change your payment method from card to invoice and vice versa. {{< img src="account_management/billing/PaymentSettingsDetails.png" alt="Payment settings on the Plan page" style="width:90%;" >}} @@ -55,7 +55,7 @@ You can view your billing contact details on the [**Billing Contact Details**][9 {{< img src="account_management/billing/BillingContactDetailsOverview.png" alt="Billing contact details on the Plan page" style="width:90%;" >}} -**Edit Details** to add, edit, or remove your billing address. You can also specify the email addresses where invoices should be sent. +{{< ui >}}Edit Details{{< /ui >}} to add, edit, or remove your billing address. You can also specify the email addresses where invoices should be sent. {{< img src="account_management/billing/BillingContactDetailsEdit.png" alt="Editing billing contact details on the Plan page" style="width:90%;" >}} diff --git a/content/en/account_management/billing/alibaba.md b/content/en/account_management/billing/alibaba.md index bf1e5b753c8..737b3dc0b67 100644 --- a/content/en/account_management/billing/alibaba.md +++ b/content/en/account_management/billing/alibaba.md @@ -10,7 +10,7 @@ Other Alibaba resources (CDNs, Express Connect Instances, Aspara DBs, etc.) are ## Alibaba VM exclusion -Use the [Datadog-Alibaba integration][1] tile to filter your VMs monitored by Datadog using [host tags][2]. Go to the **Configuration** tab and edit an existing account or add a new one. Filtering for each account is controlled by clicking it and filling in the field for **Optionally limit metrics collection to hosts with tag**: +Use the [Datadog-Alibaba integration][1] tile to filter your VMs monitored by Datadog using [host tags][2]. Go to the {{< ui >}}Configuration{{< /ui >}} tab and edit an existing account or add a new one. Filtering for each account is controlled by clicking it and filling in the field for {{< ui >}}Optionally limit metrics collection to hosts with tag{{< /ui >}}: {{< img src="account_management/billing/alibaba_filter.png" alt="Alibaba VM Filter" >}} diff --git a/content/en/account_management/billing/aws.md b/content/en/account_management/billing/aws.md index d20db48df88..596a7679e9e 100644 --- a/content/en/account_management/billing/aws.md +++ b/content/en/account_management/billing/aws.md @@ -18,7 +18,7 @@ Other AWS resources such as ELB, RDS, and DynamoDB are not part of monthly infra ## AWS resource exclusion -You can limit the AWS metrics collected for some services to specific resources. On the [Datadog-AWS integration page][3], select the AWS account and click on the **Metric Collection** tab. Under **Limit Metric Collection to Specific Resources** you can then limit metrics for one or more of EC2, Lambda, ELB, Application ELB, Network ELB, RDS, SQS, Step Functions, and CloudWatch custom metrics. +You can limit the AWS metrics collected for some services to specific resources. On the [Datadog-AWS integration page][3], select the AWS account and click on the {{< ui >}}Metric Collection{{< /ui >}} tab. Under {{< ui >}}Limit Metric Collection to Specific Resources{{< /ui >}} you can then limit metrics for one or more of EC2, Lambda, ELB, Application ELB, Network ELB, RDS, SQS, Step Functions, and CloudWatch custom metrics. Ensure that the tags added to this section are assigned to the corresponding resources on AWS. **Note**: If using exclusion notation (`!`), ensure the resource lacks the specified tag. diff --git a/content/en/account_management/billing/credit_card.md b/content/en/account_management/billing/credit_card.md index 51032209cd0..26244636102 100644 --- a/content/en/account_management/billing/credit_card.md +++ b/content/en/account_management/billing/credit_card.md @@ -16,11 +16,11 @@ Payment is collected by Datadog near the 10th business day of each month. Datado ### Update -Update your credit card through the [Plan][1] page by clicking the **Edit** button. +Update your credit card through the [Plan][1] page by clicking the {{< ui >}}Edit{{< /ui >}} button. ### Remove -To remove your credit card from Datadog, first downgrade to the **Free** plan. Then use the **Remove Card** button on the [Plan][1] page. +To remove your credit card from Datadog, first downgrade to the {{< ui >}}Free{{< /ui >}} plan. Then use the {{< ui >}}Remove Card{{< /ui >}} button on the [Plan][1] page. ## Troubleshooting diff --git a/content/en/account_management/billing/google_cloud.md b/content/en/account_management/billing/google_cloud.md index ece0329d7b2..1cdb0eab02e 100644 --- a/content/en/account_management/billing/google_cloud.md +++ b/content/en/account_management/billing/google_cloud.md @@ -10,7 +10,7 @@ Other Google Cloud resources (CloudSQL, Google App Engine, Pub/Sub, and others) ## Google Cloud metric exclusion -Use the [Google Cloud integration tile][1] to control your metric collection. Go to the **Configuration** tab and select a project or add a new one. Each project is controlled under **Optionally Limit Metrics Collection to hosts with tag**. Limit metrics by [host tag][2]: +Use the [Google Cloud integration tile][1] to control your metric collection. Go to the {{< ui >}}Configuration{{< /ui >}} tab and select a project or add a new one. Each project is controlled under {{< ui >}}Optionally Limit Metrics Collection to hosts with tag{{< /ui >}}. Limit metrics by [host tag][2]: {{< img src="account_management/billing/google_cloud_metric_filter.png" alt="The Google Cloud page in Datadog, on the General tab, with the option to limit metric collection highlighted" >}} diff --git a/content/en/account_management/billing/incident_response.md b/content/en/account_management/billing/incident_response.md index 4ba75dd6b02..6a6ce6828de 100644 --- a/content/en/account_management/billing/incident_response.md +++ b/content/en/account_management/billing/incident_response.md @@ -84,11 +84,11 @@ Removing a user's notification preferences does not unassign their seat. If a us Billing admins, or users with the `billing_edit` permission, can manually assign seats so team members have access before they need it. To assign a seat: -1. Go to **Plan & Usage** → **Seat Management**. -2. Select the relevant product tab: **Incident Management**, **On-Call**, or **Incident Response**. -3. Click **Assign Seats**. +1. Go to {{< ui >}}Plan & Usage{{< /ui >}} → {{< ui >}}Seat Management{{< /ui >}}. +2. Select the relevant product tab: {{< ui >}}Incident Management{{< /ui >}}, {{< ui >}}On-Call{{< /ui >}}, or {{< ui >}}Incident Response{{< /ui >}}. +3. Click {{< ui >}}Assign Seats{{< /ui >}}. 4. Search for users by name or email, and select them. -5. Click **Assign Seats**. +5. Click {{< ui >}}Assign Seats{{< /ui >}}. Assigned users immediately appear in the Seats table and can access the product's features. @@ -96,7 +96,7 @@ Assigned users immediately appear in the Seats table and can access the product' To remove users and free up seats: 1. In the Seats table, check the box next to one or more users. -2. Click **Unassign Seats**. +2. Click {{< ui >}}Unassign Seats{{< /ui >}}. 3. Confirm your selection. After they are unassigned, the user loses access to features that require a seat. They can still perform the following actions: diff --git a/content/en/account_management/billing/oci.md b/content/en/account_management/billing/oci.md index 494264053d9..ec939eba7cb 100644 --- a/content/en/account_management/billing/oci.md +++ b/content/en/account_management/billing/oci.md @@ -15,24 +15,24 @@ If you run containers on OCI (for example, on Oracle Kubernetes Engine), contain Use the OCI integration tile to control which resources Datadog collects metrics from: 1. Open the [OCI integration tile][1]. -2. Go to the **Metric Collection** tab. +2. Go to the {{< ui >}}Metric Collection{{< /ui >}} tab. 3. For each connected tenancy, optionally: - Limit metric collection to specific compartments using compartment tag filters. - - Limit metric collection to specific resources within an OCI service using resource tag filters in the **Limit Collection to Specific Resources** section. + - Limit metric collection to specific resources within an OCI service using resource tag filters in the {{< ui >}}Limit Collection to Specific Resources{{< /ui >}} section. -**Note**: Filters are evaluated in order: enabled services first, then compartment tag filters, then resource tag filters. Resource tag filters apply only to compartments that pass the compartment tag filter. You can exclude OCI regions from all data collection (metrics and logs) on the **General** tab of the OCI integration tile. +**Note**: Filters are evaluated in order: enabled services first, then compartment tag filters, then resource tag filters. Resource tag filters apply only to compartments that pass the compartment tag filter. You can exclude OCI regions from all data collection (metrics and logs) on the {{< ui >}}General{{< /ui >}} tab of the OCI integration tile. ## OCI log exclusion Use the OCI integration tile to control which resources Datadog collects logs from: 1. Open the [OCI integration tile][1]. -2. Go to the **Log Collection** tab. +2. Go to the {{< ui >}}Log Collection{{< /ui >}} tab. 3. For each connected tenancy, optionally: - Limit log collection to specific compartments using compartment tag filters. - - Limit log collection to specific resources within an OCI service using resource tag filters in the **Limit Collection to Specific Resources** section. + - Limit log collection to specific resources within an OCI service using resource tag filters in the {{< ui >}}Limit Collection to Specific Resources{{< /ui >}} section. -**Note**: Filters are evaluated in order: enabled services first, then compartment tag filters, then resource tag filters. Resource tag filters apply only to compartments that pass the compartment tag filter. You can exclude OCI regions from all data collection (metrics and logs) on the **General** tab of the OCI integration tile. +**Note**: Filters are evaluated in order: enabled services first, then compartment tag filters, then resource tag filters. Resource tag filters apply only to compartments that pass the compartment tag filter. You can exclude OCI regions from all data collection (metrics and logs) on the {{< ui >}}General{{< /ui >}} tab of the OCI integration tile. When you add or change limits for an existing OCI tenancy, previously discovered Compute instances can remain in the [Infrastructure List][3] for up to two hours while filters propagate. During this transition period, affected instances can display a status of `???`. This does not count toward your billing. diff --git a/content/en/account_management/billing/product_allotments.md b/content/en/account_management/billing/product_allotments.md index 20324bb80c3..26eaf96dae4 100644 --- a/content/en/account_management/billing/product_allotments.md +++ b/content/en/account_management/billing/product_allotments.md @@ -17,7 +17,7 @@ In order to invoice billable usage, included usage is first subtracted. Allotmen For example, an account can have a total Ingested Spans usage of 150 GB. From this, 140 GB is billable usage. If there is a prior commitment of 50 GB and an allotment of 30 GB, this 80 GB of usage is classified as included usage and subtracted from the 140 GB of billable usage. The remaining 60 GB of usage is classified as on-demand usage. -- To view total usage and billable usage, see the **All** and **Billable** tabs within the [**Plan and Usage** page][2] in Datadog. +- To view total usage and billable usage, see the {{< ui >}}All{{< /ui >}} and {{< ui >}}Billable{{< /ui >}} tabs within the [**Plan and Usage** page][2] in Datadog. - To view commitments, refer to your contract. ## Calculating included usage diff --git a/content/en/account_management/billing/serverless.md b/content/en/account_management/billing/serverless.md index 8c75c578bfe..6b983bb2a99 100644 --- a/content/en/account_management/billing/serverless.md +++ b/content/en/account_management/billing/serverless.md @@ -16,7 +16,7 @@ To control which functions are being monitored through the integration, you can ### UI -To use the UI to control which AWS Lambda functions Datadog is monitoring, navigate to the [AWS Integration page][5]. From the left sidebar, select the relevant AWS account, and navigate to the **Metric Collection tab**. Scroll down to the **Limit Metric Collection to Specific Resources** heading, and select Lambda from the **Select AWS Service** dropdown. You can then add tags as `key:value` sets to the field to the right. +To use the UI to control which AWS Lambda functions Datadog is monitoring, navigate to the [AWS Integration page][5]. From the left sidebar, select the relevant AWS account, and navigate to the {{< ui >}}Metric Collection{{< /ui >}} tab. Scroll down to the {{< ui >}}Limit Metric Collection to Specific Resources{{< /ui >}} heading, and select Lambda from the {{< ui >}}Select AWS Service{{< /ui >}} dropdown. You can then add tags as `key:value` sets to the field to the right. See the [tags](#Tags) section below for more information about how to use tags in this field. diff --git a/content/en/account_management/billing/usage_attribution.md b/content/en/account_management/billing/usage_attribution.md index c655b38295e..c1375c6e128 100644 --- a/content/en/account_management/billing/usage_attribution.md +++ b/content/en/account_management/billing/usage_attribution.md @@ -30,7 +30,7 @@ To start receiving daily data, an administrator needs to choose tags for the rep {{< img src="account_management/billing/usage_attribution/advanced-usage-reporting.png" alt="Getting Started with Usage Attribution in Datadog" style="width:100%;" >}} -The **Edit Tags** popover allows: +The {{< ui >}}Edit Tags{{< /ui >}} popover allows: - Entering up to three tag keys from a dropdown. The dropdown is pre-populated with existing tags on both the root account and any child organizations under the account. - Deleting and editing existing tags. diff --git a/content/en/account_management/billing/usage_monitor_apm.md b/content/en/account_management/billing/usage_monitor_apm.md index e263778809d..df1e2e20540 100644 --- a/content/en/account_management/billing/usage_monitor_apm.md +++ b/content/en/account_management/billing/usage_monitor_apm.md @@ -29,7 +29,7 @@ To ensure that your ingested spans usage remains within the allocation that APM 1. Create a [metric monitor][8]. 2. Enter `datadog.estimated_usage.apm.ingested_bytes`for the metric query. 3. Define the monitor's evaluation window to `current month (MTD)`. This ensures that the monitor is looking at the month-to-date usage. Read more about cumulative time windows in the [monitors][9] documentation. -4. Define the **Alert threshold** and an optional **Warning threshold** to alert when the ingested volume reaches 80% or 90% of your allotment. +4. Define the {{< ui >}}Alert threshold{{< /ui >}} and an optional {{< ui >}}Warning threshold{{< /ui >}} to alert when the ingested volume reaches 80% or 90% of your allotment. 5. Enter a name for the monitor. Define the notification to send an alert to your team when the ingested volumes are too high. {{< img src="account_management/billing/monitor_usage_apm.png" alt="A metric monitor configuration page showing the datadog.estimated_usage.apm.ingested_bytes as the metric query" width="80%" >}} diff --git a/content/en/account_management/billing/workflow_automation.md b/content/en/account_management/billing/workflow_automation.md index 745264ac9fb..6f7a72a4863 100644 --- a/content/en/account_management/billing/workflow_automation.md +++ b/content/en/account_management/billing/workflow_automation.md @@ -41,7 +41,7 @@ Workflow Automation is billed **per execution**. This means that each complete w The two billing options are committed executions and on-demand executions. Committed executions are purchased in advance, while on-demand executions are billed as they occur. Prepaid executions cost less than on-demand executions. ### Usage tracking -The best source of truth for billing is on your [Datadog Plan & Usage page][1], where execution usage is continuously tracked. Under **Products**, select only **Workflow Executions** for the filter. If you have multiple Datadog orgs, you can filter for them under **Sub-Orgs**. You can also filter further by team or any other tag in the **Usage Attribution** tab. +The best source of truth for billing is on your [Datadog Plan & Usage page][1], where execution usage is continuously tracked. Under {{< ui >}}Products{{< /ui >}}, select only {{< ui >}}Workflow Executions{{< /ui >}} for the filter. If you have multiple Datadog orgs, you can filter for them under {{< ui >}}Sub-Orgs{{< /ui >}}. You can also filter further by team or any other tag in the {{< ui >}}Usage Attribution{{< /ui >}} tab. Other sources of usage tracking that do not include billing metrics are the [Workflow Automation API][7] and the [Workflows Overview dashboard][2]. Through the API, you can view granular information such as [all instances of a given workflow][12]. The Workflows Overview dashboard is based on execution metrics, before any billing considerations take place. Additionally, the dashboard does not reflect billing complexities such as free allotments of workflows. diff --git a/content/en/account_management/cloud_provider_authentication.md b/content/en/account_management/cloud_provider_authentication.md index b855ca0cf2f..1f5e9d309a1 100644 --- a/content/en/account_management/cloud_provider_authentication.md +++ b/content/en/account_management/cloud_provider_authentication.md @@ -101,7 +101,7 @@ curl -X POST "{{< region-param key=dd_api code="true" >}}/api/v2/cloud_auth/aws/ #### Map an AWS ARN to a Datadog service account For `account_identifier`, you can use either: -- The service account's **UUID**: Go to **Organization settings > Service accounts**, click the service account you want to map, and copy the `service_account_id` from the URL. For example, if the URL ends in `/organization-settings/service-accounts?service_account_id=3fa85f64-5717-4562-b3fc-2c963f66afa6`, then use `3fa85f64-5717-4562-b3fc-2c963f66afa6`. +- The service account's **UUID**: Go to {{< ui >}}Organization settings{{< /ui >}} > {{< ui >}}Service accounts{{< /ui >}}, click the service account you want to map, and copy the `service_account_id` from the URL. For example, if the URL ends in `/organization-settings/service-accounts?service_account_id=3fa85f64-5717-4562-b3fc-2c963f66afa6`, then use `3fa85f64-5717-4562-b3fc-2c963f66afa6`. - The service account's **email address**: Use the email address shown in the service account's details. **Example**: An API call that maps an AWS ARN to a Datadog service account using the UUID, `3fa85f64-5717-4562-b3fc-2c963f66afa6`. diff --git a/content/en/account_management/delete_data.md b/content/en/account_management/delete_data.md index 1a916e6a426..3e335e1813d 100644 --- a/content/en/account_management/delete_data.md +++ b/content/en/account_management/delete_data.md @@ -23,7 +23,7 @@ You can delete data from the Logs product using the UI. To grant an account access to delete data, perform the following steps: 1. Under Organizational Settings, go to [Roles][3]. -2. Request or create a role that has the **Delete Data** permission for the product you wish to delete data from. For example, to delete data from Logs, request or create a role with the **Logs Delete Data** permission. +2. Request or create a role that has the {{< ui >}}Delete Data{{< /ui >}} permission for the product you wish to delete data from. For example, to delete data from Logs, request or create a role with the {{< ui >}}Logs Delete Data{{< /ui >}} permission. ### Start deletions @@ -37,9 +37,9 @@ To delete data, perform the following steps: 2. Select a product to delete from. 3. Select a time frame to search across. 4. Query for events within the time frame to delete. -5. After the search shows the results you wish to delete, click the **Delete** button in the bottom right. +5. After the search shows the results you wish to delete, click the {{< ui >}}Delete{{< /ui >}} button in the bottom right. 6. Confirm the deletion by selecting the checkbox and entering the requested confirmation text. -7. Click **Confirm**. +7. Click {{< ui >}}Confirm{{< /ui >}}. The deletion begins instantly after you confirm the request; target data is inaccessible. @@ -54,7 +54,7 @@ From the [Deletion History][5] tab, you can see the status of deletions. You can **Note**: When a deletion request is created, it is in a recoverable status for 10 days. During this period, deleted data is inaccessible in Datadog but recovered if the deletion request is canceled. -To cancel a deletion, click **Cancel** on an **Upcoming** or **Done (Recoverable)** job. +To cancel a deletion, click {{< ui >}}Cancel{{< /ui >}} on an {{< ui >}}Upcoming{{< /ui >}} or {{< ui >}}Done (Recoverable){{< /ui >}} job. ### Audit deletions diff --git a/content/en/account_management/faq/usage_control_apm.md b/content/en/account_management/faq/usage_control_apm.md index 62c9ce74c43..1ef2e97d9fe 100644 --- a/content/en/account_management/faq/usage_control_apm.md +++ b/content/en/account_management/faq/usage_control_apm.md @@ -33,7 +33,7 @@ To estimate the total number of Indexed Spans expected to be sent per service pe 1. Enable APM on all the hosts for which you want to estimate the volume of Indexed Spans. 2. In the [**Indexed Span Estimator** view][7], sort the column "App Analytics Status" column by "Not Enabled" -3. **Total Estimated APM Volume** denotes the estimated total volume of Indexed Spans for all services, per day and per month. Each row corresponding to the service represents the estimated volume of Indexed Spans for that service, per day. +3. {{< ui >}}Total Estimated APM Volume{{< /ui >}} denotes the estimated total volume of Indexed Spans for all services, per day and per month. Each row corresponding to the service represents the estimated volume of Indexed Spans for that service, per day. {{< img src="account_management/billing/usage_control_apm/apm_span_estimator.png" alt="Indexed Span Estimator" >}} diff --git a/content/en/account_management/governance_console/_index.md b/content/en/account_management/governance_console/_index.md index 84f5dcae61c..8edcca1cb8e 100644 --- a/content/en/account_management/governance_console/_index.md +++ b/content/en/account_management/governance_console/_index.md @@ -39,7 +39,7 @@ The [Summary page][1] displays an overview of your organization's usage of Datad ### Products -The [Products page][2] displays the Datadog products used by your organization, with relevant metrics for each product. Select **View Details** to see more information about your organization's usage of a particular product, including limits and quotas. +The [Products page][2] displays the Datadog products used by your organization, with relevant metrics for each product. Select {{< ui >}}View Details{{< /ui >}} to see more information about your organization's usage of a particular product, including limits and quotas. ### Controls diff --git a/content/en/account_management/governance_console/controls.md b/content/en/account_management/governance_console/controls.md index b0970d02b44..5d2751d50f2 100644 --- a/content/en/account_management/governance_console/controls.md +++ b/content/en/account_management/governance_console/controls.md @@ -12,38 +12,38 @@ Governance Console Controls audit and enforce organizational standards. You can ## Using controls 1. On the Governance Console [Controls][1] page, select a control. -2. **Configure detection**. +2. {{< ui >}}Configure detection{{< /ui >}}. - Under **Scope detections**, enter parameters to define the control's behavior. Datadog's defaults are based on best practices, but you can adjust the value of each parameter to relax or tighten the standard for your organization. + Under {{< ui >}}Scope detections{{< /ui >}}, enter parameters to define the control's behavior. Datadog's defaults are based on best practices, but you can adjust the value of each parameter to relax or tighten the standard for your organization.
If you are using multiple Datadog sub-organizations, control behavior and scoping is defined per organization and does not span across organizations.
- To verify your configuration, use the **Manual Mitigation** tab to see what is being detected by this control. + To verify your configuration, use the {{< ui >}}Manual Mitigation{{< /ui >}} tab to see what is being detected by this control. -3. **Configure notifications**. +3. {{< ui >}}Configure notifications{{< /ui >}}. - Under **Notify users**, select your notification recipients and frequency. The notification email summarizes identified and unresolved control detections and includes a link back to the Governance Console control to review and mitigate. + Under {{< ui >}}Notify users{{< /ui >}}, select your notification recipients and frequency. The notification email summarizes identified and unresolved control detections and includes a link back to the Governance Console control to review and mitigate. -4. **Configure automatic enforcement**. +4. {{< ui >}}Configure automatic enforcement{{< /ui >}}. - When **Enforce control** is disabled, a control requires manual mitigation. Toggling on **Enforce control** enables automated enforcement actions. Automation allows administrators to automate cleanup activity without having to manually review and apply each change. + When {{< ui >}}Enforce control{{< /ui >}} is disabled, a control requires manual mitigation. Toggling on {{< ui >}}Enforce control{{< /ui >}} enables automated enforcement actions. Automation allows administrators to automate cleanup activity without having to manually review and apply each change. - For **Select automated mitigation**, select a mitigation. If you select **Manual** (default), the control detects noncompliant assets, and you can manually take actions based on these detections. See [manual mitigation](#manual-mitigation). + For {{< ui >}}Select automated mitigation{{< /ui >}}, select a mitigation. If you select {{< ui >}}Manual{{< /ui >}} (default), the control detects noncompliant assets, and you can manually take actions based on these detections. See [manual mitigation](#manual-mitigation). - To delay mitigation, enter a number of days under **Remediation Delay**. You can delay remediation for up to 1 week. This grants additional time for administrators to take additional actions before automatic enforcement occurs. + To delay mitigation, enter a number of days under {{< ui >}}Remediation Delay{{< /ui >}}. You can delay remediation for up to 1 week. This grants additional time for administrators to take additional actions before automatic enforcement occurs. ## Manual mitigation -Use the **Manual Mitigation** tab to view all detections. +Use the {{< ui >}}Manual Mitigation{{< /ui >}} tab to view all detections. {{< img src="account_management/governance_console/manual-mitigation-2.png" alt="The Manual Mitigation tab, showing a searchable list of detections. Each detection has three options: Delay mitigation, Ignore detection, Mitigate now." style="width:100%;" >}} Hover over each detection for options: -- **Delay mitigation**: Delay mitigation of this asset for up to 1 week. This grants additional time for the administrator or owner to take additional actions before automated enforcement takes place. -- **Ignore detection**: Ignore this detection and remove it from consideration for mitigation. -- **Mitigate now**: Noncompliant assets are mitigated according to the configuration of the control. This action applies only once, and does not carry over to incoming detections. Mitigation requires the associated permission for modifying that asset. +- {{< ui >}}Delay mitigation{{< /ui >}}: Delay mitigation of this asset for up to 1 week. This grants additional time for the administrator or owner to take additional actions before automated enforcement takes place. +- {{< ui >}}Ignore detection{{< /ui >}}: Ignore this detection and remove it from consideration for mitigation. +- {{< ui >}}Mitigate now{{< /ui >}}: Noncompliant assets are mitigated according to the configuration of the control. This action applies only once, and does not carry over to incoming detections. Mitigation requires the associated permission for modifying that asset. ## All available controls diff --git a/content/en/account_management/login_methods.md b/content/en/account_management/login_methods.md index 21a651213df..df7780a8038 100644 --- a/content/en/account_management/login_methods.md +++ b/content/en/account_management/login_methods.md @@ -19,10 +19,10 @@ The following login methods are available: ## Enabling or disabling a default login method -As an organization manager, you can enable or disable the default login methods for your organization. New organizations start with **Datadog Username and Password** and **Sign in with Google** enabled and configured for all organizations and users. After you configure SAML, **Sign in with SAML** is also enabled. +As an organization manager, you can enable or disable the default login methods for your organization. New organizations start with {{< ui >}}Datadog Username and Password{{< /ui >}} and {{< ui >}}Sign in with Google{{< /ui >}} enabled and configured for all organizations and users. After you configure SAML, {{< ui >}}Sign in with SAML{{< /ui >}} is also enabled. 1. Navigate to [Login Methods][3]. -2. Set the **Enabled by Default** setting for each method to `On` or `Off`, according to your organization's preference or policy requirements. +2. Set the {{< ui >}}Enabled by Default{{< /ui >}} setting for each method to {{< ui >}}On{{< /ui >}} or {{< ui >}}Off{{< /ui >}}, according to your organization's preference or policy requirements. 3. Confirm your selection. **Note**: You cannot disable all login methods for an organization. At least one login method must be enabled by default for your organization. @@ -32,10 +32,10 @@ As an organization manager, you can enable or disable the default login methods For enhanced security, organization managers can enforce [Multi-factor Authentication][4] (MFA) for all users in the organization that log in with an email and password. 1. Navigate to [Login Methods][3]. -2. Set the **Require Multi-Factor Authentication** setting to `On` or `Off`, according to your organization's preference or policy requirements. +2. Set the {{< ui >}}Require Multi-Factor Authentication{{< /ui >}} setting to {{< ui >}}On{{< /ui >}} or {{< ui >}}Off{{< /ui >}}, according to your organization's preference or policy requirements. 3. Confirm your selection. -Setting **Require Multi-Factor Authentication** to `On` has two effects: +Setting {{< ui >}}Require Multi-Factor Authentication{{< /ui >}} to {{< ui >}}On{{< /ui >}} has two effects: - Users that log in with an email and password must register a second authentication factor before accessing the organization. - In Login Methods, a link to [**View users without MFA**][5] appears. Click on the link to see the users list, filtered on users without MFA. @@ -43,7 +43,7 @@ The setting to require multi-factor authentication is independent of the default ## Reviewing user overrides -Using overrides, you can change the available login methods for individual users. In the following example, **Sign in with Google** is Off by default in the organization, but one user has it enabled by having an override set. +Using overrides, you can change the available login methods for individual users. In the following example, {{< ui >}}Sign in with Google{{< /ui >}} is Off by default in the organization, but one user has it enabled by having an override set. {{< img src="account_management/login_methods_enabled_off.png" alt="Login method disabled, with user override enabled" style="width:80%;">}} diff --git a/content/en/account_management/multi-factor_authentication.md b/content/en/account_management/multi-factor_authentication.md index 672ad234532..ff804924b94 100644 --- a/content/en/account_management/multi-factor_authentication.md +++ b/content/en/account_management/multi-factor_authentication.md @@ -29,12 +29,12 @@ To configure MFA for your account, log in using your **email and password**. Use To find the [Password & Authentication page][2]: 1. Ensure you are logged in with a username and password combination, not through SSO. -1. Navigate to **Personal Settings** from your account menu. -1. Under **Security**, select **Password & Authentication**. +1. Navigate to {{< ui >}}Personal Settings{{< /ui >}} from your account menu. +1. Under {{< ui >}}Security{{< /ui >}}, select {{< ui >}}Password & Authentication{{< /ui >}}. The multi-factor authentication section lists any configured authenticator apps. -1. Next to **Authenticator App**, select **Add**. +1. Next to {{< ui >}}Authenticator App{{< /ui >}}, select {{< ui >}}Add{{< /ui >}}. 1. Follow your authenticator app's documentation for instructions on adding a new QR code. 1. Enter the latest code generated by your authenticator app into the prompt to confirm the device was set up correctly. 1. Save a copy of the recovery codes in a secure location. The codes cannot be retrieved after setup is complete. @@ -50,20 +50,20 @@ To view if a user has MFA configured or not, you can filter on the Users table. If you don't have access to your authenticator app, during the login process you can use a recovery code instead of a one-time password. Each of the recovery codes can only be used once. 1. Navigate to the [login page][3]. -1. Enter your email address and password, then select **Log in**. -1. Select **Don't have access to your authenticator?** -1. Enter one of your unused recovery codes and click **Verify**. +1. Enter your email address and password, then select {{< ui >}}Log in{{< /ui >}}. +1. Select {{< ui >}}Don't have access to your authenticator?{{< /ui >}} +1. Enter one of your unused recovery codes and click {{< ui >}}Verify{{< /ui >}}. ## MFA rescue If you don't have access to your authenticator app or recovery codes, during the login process you can request a one-time recovery link via email. 1. Navigate to the [login page][3]. -1. Enter your email address and password, then select **Log in**. -1. Select **Don't have access to your authenticator?** -1. Select **Don't have access to your recovery codes? Get a one time recovery link via email.** +1. Enter your email address and password, then select {{< ui >}}Log in{{< /ui >}}. +1. Select {{< ui >}}Don't have access to your authenticator?{{< /ui >}} +1. Select {{< ui >}}Don't have access to your recovery codes? Get a one time recovery link via email.{{< /ui >}} 1. Check your email inbox for a message with the subject line "Recovery link for logging into your Datadog account." -1. Select the **Log in to Datadog** link to finish logging into your account. +1. Select the {{< ui >}}Log in to Datadog{{< /ui >}} link to finish logging into your account. If you have lost access to your registered authenticator app, Datadog recommends that you remove the lost device and add a new one. Maintaining a valid authenticator app helps prevent issues logging into your account in the future. diff --git a/content/en/account_management/multi_organization.md b/content/en/account_management/multi_organization.md index 8e78eec6223..9522e126cef 100644 --- a/content/en/account_management/multi_organization.md +++ b/content/en/account_management/multi_organization.md @@ -51,7 +51,7 @@ Account settings, such as allow-listed IP addresses, are not inherited by child- - Invited users are assigned the [Datadog Admin role][5]. You can invite more users in Organization Settings after creating your organization. - If the user does not have a password, Datadog sends an email invitation with a link to set a password and join the new child-organization. -4. Click **Create**. +4. Click {{< ui >}}Create{{< /ui >}}. The new child-organization inherits the parent-organization's plan and is added to the parent-organization's billing account. If you want to update the child-organization's billing, [contact your sales representative][6]. @@ -84,11 +84,11 @@ To configure SAML for multi-organizations: Under some circumstances, you may be unable to access a newly created child organization. When an organization requires users to log in using SAML, its user accounts may lack passwords. Since child organizations do not inherit SAML settings from their parents, logging into the child organization requires a password that does not exist. To ensure that you can log into a child organization created from a SAML strict parent organization, take the following steps in the parent organization: -1. Click **Organization Settings** from the account menu in the bottom of the left side navigation, or select **Organization Settings** from the header dropdown at the top of the Personal Settings page. -2. In the left page menu, select **Users**. +1. Click {{< ui >}}Organization Settings{{< /ui >}} from the account menu in the bottom of the left side navigation, or select {{< ui >}}Organization Settings{{< /ui >}} from the header dropdown at the top of the Personal Settings page. +2. In the left page menu, select {{< ui >}}Users{{< /ui >}}. 3. Select your user profile. -4. Set the **Override Default Login Methods** toggle to the on position. -5. Under **Select user's login methods**, place a checkmark in the **Password** checkbox. +4. Set the {{< ui >}}Override Default Login Methods{{< /ui >}} toggle to the on position. +5. Under {{< ui >}}Select user's login methods{{< /ui >}}, place a checkmark in the {{< ui >}}Password{{< /ui >}} checkbox. 6. Ensure your account has a password. If you need help setting a password, contact [Datadog support][1]. Following the steps above ensures that you can log into the parent account using an email and password combination. After creating your child organization, you can also log into it using your email and password. @@ -101,8 +101,8 @@ The parent-organization can view the total and billable usage of all their organ The Usage page shows the aggregate usage of the parent-organization and all its child-organizations. There are two tabs on the Usage page: -* Overall -* Individual Organizations +* {{< ui >}}Overall{{< /ui >}} +* {{< ui >}}Individual Organizations{{< /ui >}} ### Overall usage @@ -132,7 +132,7 @@ This data can be downloaded as a CSV file. ### Individual organization usage -On the **Individual Organizations** usage tab, you can view the usage of your child organizations in absolute units or as a percentage of total usage. +On the {{< ui >}}Individual Organizations{{< /ui >}} usage tab, you can view the usage of your child organizations in absolute units or as a percentage of total usage. The default view is the "Billable" view, which shows usage that contributes to your final bill. This view removes child organizations that are not billable such as trial organizations, and other adjustments that provide a more accurate summary of what drives your bill. Switch to the "All" view to see the unadjusted, raw usage of your parent-organization and all child-organizations. Both views can be downloaded as a CSV file. diff --git a/content/en/account_management/org_settings.md b/content/en/account_management/org_settings.md index f508c9ccfa2..42d7f0c4fb6 100644 --- a/content/en/account_management/org_settings.md +++ b/content/en/account_management/org_settings.md @@ -10,11 +10,11 @@ further_reading: text: "User management" --- ## Overview -The Organization Settings section is available to [Administrators][1] by clicking **Organization Settings** from the account menu in the bottom of the left side navigation or by selecting **Organization Settings** from the header dropdown at the top of the Personal Settings page. +The Organization Settings section is available to [Administrators][1] by clicking {{< ui >}}Organization Settings{{< /ui >}} from the account menu in the bottom of the left side navigation or by selecting {{< ui >}}Organization Settings{{< /ui >}} from the header dropdown at the top of the Personal Settings page. {{< img src="account_management/org_settings/nav.png" alt="Navigate to your Organization Settings in Datadog" style="width:80%;" >}} -Organization Settings allow you to manage users, groups, RBAC, keys, and tokens. This page outlines every section and where in the documentation you can learn about specific tasks in **Organization Settings**. +Organization Settings allow you to manage users, groups, RBAC, keys, and tokens. This page outlines every section and where in the documentation you can learn about specific tasks in {{< ui >}}Organization Settings{{< /ui >}}. ## Identity & Accounts @@ -36,7 +36,7 @@ Read the [Teams][3] documentation to manage teams for organizing your assets wit ### Login methods -The **Login Methods** tab shows password, Google, and SAML authentication settings. You can toggle each with the **Enabled by Default** dropdowns. In order to be "SAML Strict" or strict for any other type of login, disable the other login method types. You can allow per-user overrides in the User Management tab to allow users to login with another login method if needed. +The {{< ui >}}Login Methods{{< /ui >}} tab shows password, Google, and SAML authentication settings. You can toggle each with the {{< ui >}}Enabled by Default{{< /ui >}} dropdowns. In order to be "SAML Strict" or strict for any other type of login, disable the other login method types. You can allow per-user overrides in the User Management tab to allow users to login with another login method if needed. Read the [Configuring Login Methods][5] documentation to authenticate users to log into your Datadog organization. @@ -59,7 +59,7 @@ This section allows you to view, copy, and revoke any API key in the list. Your ### Application keys -You can filter application keys by name, ID, or owner, or click the **Only My Keys** toggle to only view application keys you own. Read the [Application keys documentation][8] for more information on adding and removing keys. +You can filter application keys by name, ID, or owner, or click the {{< ui >}}Only My Keys{{< /ui >}} toggle to only view application keys you own. Read the [Application keys documentation][8] for more information on adding and removing keys. ### Roles @@ -89,7 +89,7 @@ The [**Safety Center**][14] page contains security alerts, warnings, and recomme ### Public sharing -The **Public Sharing** tab includes org-wide settings for sharing, along with lists of shared dashboards and graphs. You can enable sharing features granularly and configure additional security options, such as setting a maximum invite duration. +The {{< ui >}}Public Sharing{{< /ui >}} tab includes org-wide settings for sharing, along with lists of shared dashboards and graphs. You can enable sharing features granularly and configure additional security options, such as setting a maximum invite duration. To apply sharing settings across all your orgs, reach out to [Datadog Support][16]. @@ -103,11 +103,11 @@ The [**Mobile and Third-Party Access**][15] page allows you to view and manage m ### Audit trail -The **Audit Trail** tab in the Organization Settings page opens a new tab to the Audit Events Explorer. +The {{< ui >}}Audit Trail{{< /ui >}} tab in the Organization Settings page opens a new tab to the Audit Events Explorer. ### Audit trail settings -The **Audit Trail Settings** tab allows you to set the retention period of audit trails and enable archiving to other cloud storage services. +The {{< ui >}}Audit Trail Settings{{< /ui >}} tab allows you to set the retention period of audit trails and enable archiving to other cloud storage services. ## General @@ -115,7 +115,7 @@ The **Audit Trail Settings** tab allows you to set the retention period of audit #### Organization name -To rename your organization, click the **Edit** button in the **Preferences** tab of **Organization Settings**, enter the new name, then click the **Save** button. +To rename your organization, click the {{< ui >}}Edit{{< /ui >}} button in the {{< ui >}}Preferences{{< /ui >}} tab of {{< ui >}}Organization Settings{{< /ui >}}, enter the new name, then click the {{< ui >}}Save{{< /ui >}} button. **Note**: Your organization name must not exceed 32 characters. diff --git a/content/en/account_management/org_settings/cross_org_visibility.md b/content/en/account_management/org_settings/cross_org_visibility.md index 95a31b2b275..c1a6a0d4879 100644 --- a/content/en/account_management/org_settings/cross_org_visibility.md +++ b/content/en/account_management/org_settings/cross_org_visibility.md @@ -51,28 +51,28 @@ To browse connections, navigate to the [cross-organization visibility page][6] i Creating a cross-organization connection allows you to query metrics from the source organization in the destination organization. 1. Make sure you are signed in to the _source_ organization that contains the data you want to expose. -1. On the [cross-organization visibility page][6], click **New Connection**. The **New Connection** dialog box appears. +1. On the [cross-organization visibility page][6], click {{< ui >}}New Connection{{< /ui >}}. The {{< ui >}}New Connection{{< /ui >}} dialog box appears. 1. In the drop-down menu, select the _destination_ organization where you want to see the data. -1. Click **Connect**. +1. Click {{< ui >}}Connect{{< /ui >}}. ### Update a connection Updating an existing cross-organization connection allows you to change the data types that are shared from the source organization in the destination organization. 1. Make sure you are signed in to the _source_ organization of the existing connection. -1. Hover over the connection you wish to update. A pencil (**Edit**) icon appears on the right. -1. Click the pencil (**Edit**) icon on the connection you wish to update. The **Edit Connection** dialog box appears. +1. Hover over the connection you wish to update. A pencil ({{< ui >}}Edit{{< /ui >}}) icon appears on the right. +1. Click the pencil ({{< ui >}}Edit{{< /ui >}}) icon on the connection you wish to update. The {{< ui >}}Edit Connection{{< /ui >}} dialog box appears. 1. Select the checkboxes for the data types you wish to include. -1. Click **Save**. +1. Click {{< ui >}}Save{{< /ui >}}. ### Delete a connection Deleting a connection disables cross-organization querying from the destination organization of the source organization's metrics. 1. Navigate to the [cross-organization visibility page][6] in Organization Settings. -1. Hover over the connection you wish to delete. A trash can (**Delete**) icon appears on the right. -1. Click the trash can (**Delete**) icon on the connection you wish to delete. The **Are you sure?** prompt appears. -1. Click **Delete**. +1. Hover over the connection you wish to delete. A trash can ({{< ui >}}Delete{{< /ui >}}) icon appears on the right. +1. Click the trash can ({{< ui >}}Delete{{< /ui >}}) icon on the connection you wish to delete. The {{< ui >}}Are you sure?{{< /ui >}} prompt appears. +1. Click {{< ui >}}Delete{{< /ui >}}. ### In the API @@ -166,23 +166,23 @@ Connections from the source org inherit the data access permissions of the conne **Note:** Connections created from HIPAA-enabled organizations may allow the sharing of protected health information (PHI) to destination organizations. Customers are responsible for any sensitive data transferred, including PHI. 1. Navigate to the [cross-organization visibility page][6] in Organization Settings. -1. Hover over the cross-organization connection on which you would like to set granular permissions. **Permissions** and **Delete** icons appear on the right. -1. Click on the padlock (**Permissions**) icon. -1. Select **Restrict Access**. -1. The dialog box updates to show that members of your organization have **Viewer** access by default. +1. Hover over the cross-organization connection on which you would like to set granular permissions. {{< ui >}}Permissions{{< /ui >}} and {{< ui >}}Delete{{< /ui >}} icons appear on the right. +1. Click on the padlock ({{< ui >}}Permissions{{< /ui >}}) icon. +1. Select {{< ui >}}Restrict Access{{< /ui >}}. +1. The dialog box updates to show that members of your organization have {{< ui >}}Viewer{{< /ui >}} access by default. 1. Use the dropdown to select one or more teams, roles, or users that may edit the cross-organization connection. -1. Click **Add**. -1. The dialog box updates to show that the role you selected has the **Editor** permission. -1. Click **Save**. +1. Click {{< ui >}}Add{{< /ui >}}. +1. The dialog box updates to show that the role you selected has the {{< ui >}}Editor{{< /ui >}} permission. +1. Click {{< ui >}}Save{{< /ui >}}. **Note**: To maintain your edit access to the cross-organization connection, the system requires you to include at least one role or team that you are a member of before saving. To restore general access to a cross-organization connection with restricted access, follow the steps below: -1. In the cross-organization visibility page, hover over the cross-organization connection you would like to restore general access to. **Permissions** and **Delete** icons appear on the right. -1. Click on the padlock (**Permissions**) icon. -1. Click **Restore Full Access**. -1. Click **Save**. +1. In the cross-organization visibility page, hover over the cross-organization connection you would like to restore general access to. {{< ui >}}Permissions{{< /ui >}} and {{< ui >}}Delete{{< /ui >}} icons appear on the right. +1. Click on the padlock ({{< ui >}}Permissions{{< /ui >}}) icon. +1. Click {{< ui >}}Restore Full Access{{< /ui >}}. +1. Click {{< ui >}}Save{{< /ui >}}. [1]: /account_management/multi_organization/ [2]: /dashboards/widgets diff --git a/content/en/account_management/org_settings/custom_landing.md b/content/en/account_management/org_settings/custom_landing.md index eaeeb6eb576..09974382a40 100644 --- a/content/en/account_management/org_settings/custom_landing.md +++ b/content/en/account_management/org_settings/custom_landing.md @@ -19,9 +19,9 @@ To set a custom landing page, follow the steps below: 1. Navigate to [Organization settings][1]. 2. From the tabs on the left, select [**Preferences**][2]. -3. In the Datadog Homepage section, click **Individual Dashboard**. +3. In the Datadog Homepage section, click {{< ui >}}Individual Dashboard{{< /ui >}}. 4. Use the dropdown list to select a dashboard. -5. Click the **Save** button. +5. Click the {{< ui >}}Save{{< /ui >}} button. ## Use the default landing page @@ -31,8 +31,8 @@ To restore the default landing page of APM Home, follow the steps below: 1. Navigate to [Organization settings][1]. 2. From the tabs on the left, select [**Preferences**][2]. -3. In the Datadog Homepage section, click **Default: Dashboard List**. -4. Click the **Save** button. +3. In the Datadog Homepage section, click {{< ui >}}Default: Dashboard List{{< /ui >}}. +4. Click the {{< ui >}}Save{{< /ui >}} button. [1]: https://app.datadoghq.com/organization-settings/ [2]: https://app.datadoghq.com/organization-settings/preferences diff --git a/content/en/account_management/org_settings/domain_allowlist.md b/content/en/account_management/org_settings/domain_allowlist.md index 8d02b3f68fa..aea8134bb34 100644 --- a/content/en/account_management/org_settings/domain_allowlist.md +++ b/content/en/account_management/org_settings/domain_allowlist.md @@ -27,16 +27,16 @@ This document describes how to access and modify your allowlist by using the UI. ## Usage -Access your [**Domain Allowlist**][1] under **Organization Settings**. To read or edit your Domain Allowlist, you need the **Org Management** permission. +Access your [**Domain Allowlist**][1] under {{< ui >}}Organization Settings{{< /ui >}}. To read or edit your Domain Allowlist, you need the {{< ui >}}Org Management{{< /ui >}} permission. {{< img src="account_management/org_settings/domain_allowlist/enabled.png" alt="Screenshot showing the Domain Allowlist UI, with the allowlist containing one email domain." >}} -The **Domains Currently In Use** section displays the email domains of all emails mentioned in your **monitor** notifications, not including domains in use for other types of notifications. You can still configure sending notifications in scope to email domains that are not in your allowlist, but if Domain Allowlist is enabled, email domains that are not in your allowlist do not receive notifications for the products in scope. +The {{< ui >}}Domains Currently In Use{{< /ui >}} section displays the email domains of all emails mentioned in your **monitor** notifications, not including domains in use for other types of notifications. You can still configure sending notifications in scope to email domains that are not in your allowlist, but if Domain Allowlist is enabled, email domains that are not in your allowlist do not receive notifications for the products in scope. ### Enable or disable Domain Allowlist -Use the **Enable** or **Disable** button. +Use the {{< ui >}}Enable{{< /ui >}} or {{< ui >}}Disable{{< /ui >}} button. To enable Domain Allowlist, you must add one or more domains to the allowlist. If you remove all domains from the allowlist, Domain Allowlist is automatically disabled. diff --git a/content/en/account_management/org_settings/ip_allowlist.md b/content/en/account_management/org_settings/ip_allowlist.md index c56ad782c7f..5dbc0a8186e 100644 --- a/content/en/account_management/org_settings/ip_allowlist.md +++ b/content/en/account_management/org_settings/ip_allowlist.md @@ -36,7 +36,7 @@ To allow mobile app clients to connect to Datadog when the IP allowlist feature ### Functionality -Only users with the **Org Management** permission can configure the IP allowlist. +Only users with the {{< ui >}}Org Management{{< /ui >}} permission can configure the IP allowlist. With the IP allowlist API or UI, you can: - Check the status of the IP allowlist. Whether the IP allowlist is on or off determines whether your organization is restricting requests by IP address allowlist membership. @@ -59,8 +59,8 @@ When you enable or modify the IP allowlist, the system enforces constraints to m To find the [IP allowlist UI][6]: -1. Navigate to **Organization Settings** from your account menu. -1. Under **Security**, select **IP Allowlist**. +1. Navigate to {{< ui >}}Organization Settings{{< /ui >}} from your account menu. +1. Under {{< ui >}}Security{{< /ui >}}, select {{< ui >}}IP Allowlist{{< /ui >}}. The IP allowlist table lists the CIDR ranges contained in the IP allowlist. @@ -68,28 +68,28 @@ The IP allowlist table lists the CIDR ranges contained in the IP allowlist. A banner at the top of the page shows the enabled or disabled status of the IP allowlist. It also shows your IP and whether that IP is in the allowlist. -To toggle the IP allowlist status, click the **Enable** or **Disable** button. +To toggle the IP allowlist status, click the {{< ui >}}Enable{{< /ui >}} or {{< ui >}}Disable{{< /ui >}} button. ### Add IP addresses or CIDR ranges {{< img src="account_management/org_settings/add_ip_2.png" alt="Screenshot showing a dialog box titled Add IP to allowlist" >}} -1. Click the **Add IP** button at the top right of the page. +1. Click the {{< ui >}}Add IP{{< /ui >}} button at the top right of the page. 1. Enter a valid IP address or CIDR range. 1. Optionally, add a note, for example, to remind yourself why you are allowing access to certain addresses. -1. Click **Confirm**. +1. Click {{< ui >}}Confirm{{< /ui >}}. ### Edit IP addresses or CIDR ranges 1. In the IP allowlist table, hover over the row you wish to edit. -1. Click the pencil (**Edit**) icon. -1. Change the descriptive **Note** text. -1. Click **Confirm**. +1. Click the pencil ({{< ui >}}Edit{{< /ui >}}) icon. +1. Change the descriptive {{< ui >}}Note{{< /ui >}} text. +1. Click {{< ui >}}Confirm{{< /ui >}}. ### Delete IP addresses or CIDR ranges 1. In the IP allowlist table, hover over the row you wish to delete. -1. Click the trash can (**Delete**) icon and confirm you want to delete it. +1. Click the trash can ({{< ui >}}Delete{{< /ui >}}) icon and confirm you want to delete it. ## Managing the IP allowlist programmatically diff --git a/content/en/account_management/org_settings/mobile_third_party_access.md b/content/en/account_management/org_settings/mobile_third_party_access.md index ff48a47ae58..91668376f72 100644 --- a/content/en/account_management/org_settings/mobile_third_party_access.md +++ b/content/en/account_management/org_settings/mobile_third_party_access.md @@ -13,7 +13,7 @@ further_reading: --- ## Overview -Use the **Mobile and Third-Party Access** page under [Organization Settings][1] to manage and gain visibility into your organization's OAuth applications, such as the scopes and permissions granted to an application and the users that have authorized access for it. +Use the {{< ui >}}Mobile and Third-Party Access{{< /ui >}} page under [Organization Settings][1] to manage and gain visibility into your organization's OAuth applications, such as the scopes and permissions granted to an application and the users that have authorized access for it. {{< img src="account_management/mobile_third_party_access/org-management-page.png" alt="Mobile and Third-Party Access management page in Datadog" style="width:100%;">}} @@ -33,10 +33,10 @@ Enabled OAuth applications allow users with necessary permissions to authorize a Disabling OAuth access for an application revokes access to this application for all users in your organization. While the application remains installed, users are no longer able to use the application and are prompted with an error if they attempt to authorize it. To disable an application from the Mobile and Third-Party Access page: -1. Hover over your application in the apps table to reveal the **Disable** button on the right side of the row. +1. Hover over your application in the apps table to reveal the {{< ui >}}Disable{{< /ui >}} button on the right side of the row. {{< img src="account_management/mobile_third_party_access/disable-app-table.png" alt="Apps table showing the Disable button on hover" style="width:100%;">}} -2. Click on your application to open the detailed view of the application and click the **Disable Application** button. +2. Click on your application to open the detailed view of the application and click the {{< ui >}}Disable Application{{< /ui >}} button. {{< img src="account_management/mobile_third_party_access/app-detail-scopes.png" alt="Application detail view showing scopes and Disable Application button" style="width:100%;">}} **Note**: When re-enabled, users that previously authorized the application are required to re-authorize the application to regain access. @@ -53,11 +53,11 @@ Enable Application Scope Management to modify the allowed scopes for an applicat Only MCP applications support Application Scope Management. -1. On the **Mobile and Third-Party Access page**, click an application to open its detail view. +1. On the {{< ui >}}Mobile and Third-Party Access{{< /ui >}} page, click an application to open its detail view. -2. Select the **Scopes** tab and use the **Allowed** checkbox for each scope to control whether to grant the application that scope. +2. Select the {{< ui >}}Scopes{{< /ui >}} tab and use the {{< ui >}}Allowed{{< /ui >}} checkbox for each scope to control whether to grant the application that scope. -3. Click **Enable** to save the scope configuration. +3. Click {{< ui >}}Enable{{< /ui >}} to save the scope configuration. {{< img src="account_management/mobile_third_party_access/scope-restrictions-enable.png" alt="Application Scope Management view with Enable and Restore to Full Access buttons" style="width:100%;">}} diff --git a/content/en/account_management/org_settings/service_accounts.md b/content/en/account_management/org_settings/service_accounts.md index 6574553a43f..3c281a19c71 100644 --- a/content/en/account_management/org_settings/service_accounts.md +++ b/content/en/account_management/org_settings/service_accounts.md @@ -19,14 +19,14 @@ Service accounts exist in [Organization Settings][1]. To access service accounts in the UI: -1. Navigate to **Organization Settings** from your account menu. -2. Under **Accounts**, select **Service Accounts**. +1. Navigate to {{< ui >}}Organization Settings{{< /ui >}} from your account menu. +2. Under {{< ui >}}Accounts{{< /ui >}}, select {{< ui >}}Service Accounts{{< /ui >}}. The [Service Accounts page][2] contains a list of all service accounts in your organization. Users with the Service Account Write permission, including users with the Datadog Admin Role, may create service accounts. Users without the Service Account Write permission see a read-only view. ### View service accounts -By default, the Service Accounts page shows only active service accounts. To include disabled service accounts in the list below, select **Disabled**. +By default, the Service Accounts page shows only active service accounts. To include disabled service accounts in the list below, select {{< ui >}}Disabled{{< /ui >}}. Use the search box at the top of the page to filter service accounts. The filter searches name, email, and role fields. @@ -42,10 +42,10 @@ Click on an account to access a detailed side panel view with the following info To create a service account, perform the following steps: -1. Click **New Service Account**. A dialog box appears. +1. Click {{< ui >}}New Service Account{{< /ui >}}. A dialog box appears. 2. Enter a name and email address for your service account. -3. Use the **Assign Roles** dropdown menu to choose one or more roles for your service account. -4. To save, click **Create Service Account**. +3. Use the {{< ui >}}Assign Roles{{< /ui >}} dropdown menu to choose one or more roles for your service account. +4. To save, click {{< ui >}}Create Service Account{{< /ui >}}. Unlike the email addresses for Datadog users, service account email addresses do not need to be unique across an organization. @@ -53,13 +53,13 @@ Unlike the email addresses for Datadog users, service account email addresses do To modify a service account, click on one in the service accounts list. -1. In the side panel, click **Edit** next to the service account name. A dialog box appears. +1. In the side panel, click {{< ui >}}Edit{{< /ui >}} next to the service account name. A dialog box appears. 2. Update any fields you would like to change. You can edit the name, email address, status, and roles. -3. Click **Save**. +3. Click {{< ui >}}Save{{< /ui >}}. To disable a service account, the user must have the User Manage Access permission in addition to Service Account Write. -To disable a service account, follow the previous procedure to edit the service account and set the status to **Disabled**. +To disable a service account, follow the previous procedure to edit the service account and set the status to {{< ui >}}Disabled{{< /ui >}}. ### Create or revoke application keys @@ -67,9 +67,9 @@ To create or revoke service account application keys, select an account from the To create a new application key, follow the steps below: -- Click **New Key**. A dialog box appears. +- Click {{< ui >}}New Key{{< /ui >}}. A dialog box appears. - Give the key a descriptive name. -- Click **Create Key**. +- Click {{< ui >}}Create Key{{< /ui >}}. The dialog box refreshes, showing you the key. Copy and paste the key into your desired location. After you close the dialog box, you cannot retrieve the value of the key. @@ -77,7 +77,7 @@ The dialog box refreshes, showing you the key. Copy and paste the key into your
Service account application keys are one-time read only. Make sure to securely store your application key immediately after creation, as the key secret cannot be retrieved later.
{{< /site-region >}} -To revoke an application key, find the key in the service account detailed view side panel and hover over it. Pencil and trash can icons appear on the right. Click the trash can to revoke the key. After the key is revoked, click **Confirm**. +To revoke an application key, find the key in the service account detailed view side panel and hover over it. Pencil and trash can icons appear on the right. Click the trash can to revoke the key. After the key is revoked, click {{< ui >}}Confirm{{< /ui >}}. ### API diff --git a/content/en/account_management/org_switching.md b/content/en/account_management/org_switching.md index 1ded83b076e..39247fcc22a 100644 --- a/content/en/account_management/org_switching.md +++ b/content/en/account_management/org_switching.md @@ -7,7 +7,7 @@ further_reading: text: "Managing Multiple-Organization Accounts" --- -If you belong to multiple Datadog organizations, the org switcher at the bottom left of the nav bar allows you to toggle between organizations. You can also view all organizations and switch between them from the [**Organizations** page][1] in **Personal Settings**. +If you belong to multiple Datadog organizations, the org switcher at the bottom left of the nav bar allows you to toggle between organizations. You can also view all organizations and switch between them from the [**Organizations** page][1] in {{< ui >}}Personal Settings{{< /ui >}}. {{< img src="account_management/org_switching_062024.png" alt="Two ways of switching organizations" style="width:90%;" >}} diff --git a/content/en/account_management/personal-access-tokens.md b/content/en/account_management/personal-access-tokens.md index 7954bccf37d..38e3d0bea5e 100644 --- a/content/en/account_management/personal-access-tokens.md +++ b/content/en/account_management/personal-access-tokens.md @@ -37,10 +37,10 @@ With PATs, you can: ## Create a Personal Access Token 1. Navigate to [**Personal Settings** > **Access Tokens**][1]. -2. Click **+ New Access Token**. -3. Enter a **Name** for the token. -4. Select an **Expiration Date**. The minimum expiration is 24 hours and the maximum is one year from creation. -5. Click **Select Scopes** to choose the scopes that define what this token can access. At least one scope is required. Grant only the permissions your workflow requires, then click **Save**. +2. Click {{< ui >}}+ New Access Token{{< /ui >}}. +3. Enter a {{< ui >}}Name{{< /ui >}} for the token. +4. Select an {{< ui >}}Expiration Date{{< /ui >}}. The minimum expiration is 24 hours and the maximum is one year from creation. +5. Click {{< ui >}}Select Scopes{{< /ui >}} to choose the scopes that define what this token can access. At least one scope is required. Grant only the permissions your workflow requires, then click {{< ui >}}Save{{< /ui >}}.
Datadog displays the token secret only once at creation time. Copy and store it securely. You cannot retrieve it later.
@@ -88,7 +88,7 @@ Organization administrators with the `org_app_keys_read` and `org_app_keys_write ### Revoke a token 1. Navigate to [**Personal Settings** > **Access Tokens**][1], or [**Organization Settings** > **Access Tokens**][2] for administrators. -2. Mouse over the token you want to revoke and click the **Revoke Token** icon. +2. Mouse over the token you want to revoke and click the {{< ui >}}Revoke Token{{< /ui >}} icon. Revoked tokens can no longer authenticate API calls. Revocation takes effect within seconds. diff --git a/content/en/account_management/plan_and_usage/_index.md b/content/en/account_management/plan_and_usage/_index.md index a9e36744115..932f284968b 100644 --- a/content/en/account_management/plan_and_usage/_index.md +++ b/content/en/account_management/plan_and_usage/_index.md @@ -19,28 +19,28 @@ Further detailed usage reports can also be created [on request][4] by your accou ## Plan settings -Upgrade or downgrade your account from the **Plan** tab on the Plan & Usage section. +Upgrade or downgrade your account from the {{< ui >}}Plan{{< /ui >}} tab on the Plan & Usage section. **Note**: Contact your account representative or [success@datadoghq.com][4] to add or remove paid features that are not part of standard plans. ## Billing history -Your account billing history is available from the **Billing History** tab in the [Plan & Usage section][2]. For specific billing questions, contact your account representative or [success@datadoghq.com][4]. +Your account billing history is available from the {{< ui >}}Billing History{{< /ui >}} tab in the [Plan & Usage section][2]. For specific billing questions, contact your account representative or [success@datadoghq.com][4]. ## Trial management -If your organization has access to product trials, users can manage their trials from the **Trial Management** tab in the [Plan & Usage section][2]. Product trials let you try out new products for a limited time without incurring costs. There is no charge during the free trial period, but you are charged for any post-trial usage. +If your organization has access to product trials, users can manage their trials from the {{< ui >}}Trial Management{{< /ui >}} tab in the [Plan & Usage section][2]. Product trials let you try out new products for a limited time without incurring costs. There is no charge during the free trial period, but you are charged for any post-trial usage. -If no product trials are available, the **Trial Management** tab is not displayed for administrator users. +If no product trials are available, the {{< ui >}}Trial Management{{< /ui >}} tab is not displayed for administrator users.
This tab only displays self-service trials that users can start themselves. Sales-led trials initiated by Datadog account representatives are not included.
{{< img src="account_management/plan_and_usage/trial-management-tab.png" alt="Trial Management tab showing available trials, and active and past trials with end dates" >}} -From the **Trial Management** tab, you can start new available trials and view your active and past trials. The tab displays each trial's end date and includes links to each trial product and its documentation. +From the {{< ui >}}Trial Management{{< /ui >}} tab, you can start new available trials and view your active and past trials. The tab displays each trial's end date and includes links to each trial product and its documentation. -Usage data for trial products appears in the **Usage & Cost** tab. You are not billed for this usage, but it represents the estimated cost if no trial were active. Usage metrics from trial products are marked with an indicator icon. +Usage data for trial products appears in the {{< ui >}}Usage & Cost{{< /ui >}} tab. You are not billed for this usage, but it represents the estimated cost if no trial were active. Usage metrics from trial products are marked with an indicator icon. {{< img src="account_management/plan_and_usage/trial-management-usage.png" width="70%" alt="Usage & Cost section showing a trial product metric with an indicator icon and tooltip explaining the estimated cost" >}} diff --git a/content/en/account_management/plan_and_usage/bill_overview.md b/content/en/account_management/plan_and_usage/bill_overview.md index 3eed27179e8..ab6bb1a4e2b 100644 --- a/content/en/account_management/plan_and_usage/bill_overview.md +++ b/content/en/account_management/plan_and_usage/bill_overview.md @@ -22,51 +22,51 @@ The [**Bill Overview** page][1] gives administrators a single view of Datadog co ## Global filters -The following filters apply to the **Bill Overview** page: +The following filters apply to the {{< ui >}}Bill Overview{{< /ui >}} page: -- **Product Category**: Filter all views by broader product family, such as Infrastructure, APM, Logs, Security, or AI/ML. -- **Billing Dimension**: Filter to a specific billing or metering dimension (for example, Infra Hosts, Indexed Logs, or Synthetic Browser Tests). -- **Sub-Org**: Filter to a specific child organization. -- **Group by Sub-Org**: Toggle to group costs by sub-organization. -- **Time range**: Select a billing period. Use the backward and forward arrows to navigate from month to month. +- {{< ui >}}Product Category{{< /ui >}}: Filter all views by broader product family, such as Infrastructure, APM, Logs, Security, or AI/ML. +- {{< ui >}}Billing Dimension{{< /ui >}}: Filter to a specific billing or metering dimension (for example, Infra Hosts, Indexed Logs, or Synthetic Browser Tests). +- {{< ui >}}Sub-Org{{< /ui >}}: Filter to a specific child organization. +- {{< ui >}}Group by Sub-Org{{< /ui >}}: Toggle to group costs by sub-organization. +- {{< ui >}}Time range{{< /ui >}}: Select a billing period. Use the backward and forward arrows to navigate from month to month. ## Cost summary At the top of the page, the cost summary shows: -- **Estimated cost to date**: Total estimated cost for the days elapsed in the current billing period -- **Projected total**: Estimated total cost if current usage patterns continue through end of month, with month-over-month percentage change +- {{< ui >}}Estimated cost to date{{< /ui >}}: Total estimated cost for the days elapsed in the current billing period +- {{< ui >}}Projected total{{< /ui >}}: Estimated total cost if current usage patterns continue through end of month, with month-over-month percentage change ## Daily Cost Breakdown -Below the cost summary, the **Daily Cost Breakdown** stacked bar chart shows costs broken down by billing dimension for each day of the selected period. Each color in the chart represents a different billing dimension. Click the expand icon to view the chart full screen. +Below the cost summary, the {{< ui >}}Daily Cost Breakdown{{< /ui >}} stacked bar chart shows costs broken down by billing dimension for each day of the selected period. Each color in the chart represents a different billing dimension. Click the expand icon to view the chart full screen. {{< img src="account_management/plan_and_usage/bill-overview-main-light.png" alt="Bill Overview page showing the cost summary header, Daily Cost Breakdown stacked bar chart, and Trends tab" >}} ## Trends tab -The **Trends** tab displays products worth investigating based on four sort options: +The {{< ui >}}Trends{{< /ui >}} tab displays products worth investigating based on four sort options: -- **Highest % Cost Change** -- **Highest Cost Change ($)** -- **Highest Total Cost** -- **Highest % Usage Change** +- {{< ui >}}Highest % Cost Change{{< /ui >}} +- {{< ui >}}Highest Cost Change ($){{< /ui >}} +- {{< ui >}}Highest Total Cost{{< /ui >}} +- {{< ui >}}Highest % Usage Change{{< /ui >}} Select a sort option to update the cards displayed. Each product card shows: -- **Total Cost** for the period -- **Projected EOM** cost -- **Month-over-month change**, displayed as a percentage badge -- **Daily Cost** bar chart spanning the previous and current month -- **Usage**, displayed as total units consumed, in natural units; for example, PB (petabytes) of scanned data, Custom Metrics; displayed only on Total Cost and Usage-related cards +- {{< ui >}}Total Cost{{< /ui >}} for the period +- {{< ui >}}Projected EOM{{< /ui >}} cost +- {{< ui >}}Month-over-month change{{< /ui >}}, displayed as a percentage badge +- {{< ui >}}Daily Cost{{< /ui >}} bar chart spanning the previous and current month +- {{< ui >}}Usage{{< /ui >}}, displayed as total units consumed, in natural units; for example, PB (petabytes) of scanned data, Custom Metrics; displayed only on Total Cost and Usage-related cards -Click **View Details** on any card to open the [product detail page][2]. +Click {{< ui >}}View Details{{< /ui >}} on any card to open the [product detail page][2]. {{< img src="account_management/plan_and_usage/bill-overview-trends-light.png" alt="Trends tab showing product cards sorted by Highest Total Cost" >}} ## Product List tab -The **Product List** tab shows all billing dimensions in a table with cost and usage side by side. +The {{< ui >}}Product List{{< /ui >}} tab shows all billing dimensions in a table with cost and usage side by side. Click anywhere on a product row to open the [product detail page][2]. Hover over the end of a row to quickly create a cost monitor for that billing dimension. @@ -81,40 +81,40 @@ Click anywhere on a product row to open the [product detail page][2]. Hover over | Usage — Total | Total usage in natural units | | Usage — Change | Usage change vs. the comparison period | -Toggle between **Monthly** and **Daily** views using the controls above the table. Download the full table as a `.csv` file using the **Download as CSV** button. The table is paginated, displaying 10 rows per page by default. +Toggle between {{< ui >}}Monthly{{< /ui >}} and {{< ui >}}Daily{{< /ui >}} views using the controls above the table. Download the full table as a `.csv` file using the {{< ui >}}Download as CSV{{< /ui >}} button. The table is paginated, displaying 10 rows per page by default. {{< img src="account_management/plan_and_usage/bill-overview-product-list-light.png" alt="Product List tab showing the billing dimensions table with Cost and Usage columns" >}} ## Product detail page -Click **View Details** on a Trends card or click any row in the **Product List** table to open the product detail page for a single billing dimension. +Click {{< ui >}}View Details{{< /ui >}} on a Trends card or click any row in the {{< ui >}}Product List{{< /ui >}} table to open the product detail page for a single billing dimension. {{< img src="account_management/plan_and_usage/bill-overview-detail-light.png" alt="Product detail page showing Cost Overview and Usage Overview sections with daily bar charts" >}} ### Cost Overview -- **Total Cost**: Total cost billed to date for the selected period -- **Projected Cost Change**: The projected dollar and percentage change vs. the prior period -- **Projected EOM**: Estimated total cost at end of month -- **Daily Cost** bar chart: Day-by-day cost for the previous and current month, with the current month highlighted. Hover over any bar to see the cost for that day. Toggle **Show Usage Charges Only** to isolate on-demand charges. -- **Drilldown in Cloud Cost**: Click to open Cloud Cost Management, pre-filtered to the selected billing dimension. +- {{< ui >}}Total Cost{{< /ui >}}: Total cost billed to date for the selected period +- {{< ui >}}Projected Cost Change{{< /ui >}}: The projected dollar and percentage change vs. the prior period +- {{< ui >}}Projected EOM{{< /ui >}}: Estimated total cost at end of month +- {{< ui >}}Daily Cost{{< /ui >}} bar chart: Day-by-day cost for the previous and current month, with the current month highlighted. Hover over any bar to see the cost for that day. Toggle {{< ui >}}Show Usage Charges Only{{< /ui >}} to isolate on-demand charges. +- {{< ui >}}Drilldown in Cloud Cost{{< /ui >}}: Click to open Cloud Cost Management, pre-filtered to the selected billing dimension. ### Usage Overview -- **Total Usage**: Total units consumed for the selected period -- **Usage Change**: Change in usage vs. the prior period (amount and percentage) -- **Usage breakdown by sub-dimension**: Individual usage totals for each sub-dimension. For example, Sensitive Data Scanner lists Scanned Events, Scanned Logs, Scanned RUM Sessions, and Scanned Spans separately. -- **Usage Types** bar chart: Day-by-day usage stacked by sub-dimension -- **Allotment Usage**: Progress bar showing consumed vs. contracted allotment; displays ">100%" when usage exceeds the allotment -- **Drilldown in Usage Attribution**: Click to open **Usage Attribution**, pre-filtered to the selected billing dimension. +- {{< ui >}}Total Usage{{< /ui >}}: Total units consumed for the selected period +- {{< ui >}}Usage Change{{< /ui >}}: Change in usage vs. the prior period (amount and percentage) +- {{< ui >}}Usage breakdown by sub-dimension{{< /ui >}}: Individual usage totals for each sub-dimension. For example, Sensitive Data Scanner lists Scanned Events, Scanned Logs, Scanned RUM Sessions, and Scanned Spans separately. +- {{< ui >}}Usage Types{{< /ui >}} bar chart: Day-by-day usage stacked by sub-dimension +- {{< ui >}}Allotment Usage{{< /ui >}}: Progress bar showing consumed vs. contracted allotment; displays ">100%" when usage exceeds the allotment +- {{< ui >}}Drilldown in Usage Attribution{{< /ui >}}: Click to open {{< ui >}}Usage Attribution{{< /ui >}}, pre-filtered to the selected billing dimension. ## Revert to the previous layout -If your organization is on the new **Bill Overview** and you prefer the previous layout, click **Disable Preview** in the page header. This toggle is available to all organizations and persists for your session. +If your organization is on the new {{< ui >}}Bill Overview{{< /ui >}} and you prefer the previous layout, click {{< ui >}}Disable Preview{{< /ui >}} in the page header. This toggle is available to all organizations and persists for your session. {{< img src="account_management/plan_and_usage/toggle-back-header.png" alt="Bill Overview page header showing the Disable Preview button" >}} -To return to **Bill Overview**, click **Enable Preview** in the header. +To return to {{< ui >}}Bill Overview{{< /ui >}}, click {{< ui >}}Enable Preview{{< /ui >}} in the header. ## Permissions diff --git a/content/en/account_management/plan_and_usage/cost_details.md b/content/en/account_management/plan_and_usage/cost_details.md index 1a4977adb1a..93177b306a6 100644 --- a/content/en/account_management/plan_and_usage/cost_details.md +++ b/content/en/account_management/plan_and_usage/cost_details.md @@ -57,20 +57,20 @@ View historical costs by toggling back to previous months, or use the date dropd {{< img src="account_management/plan_and_usage/parent-org-multi-month-cost-changes.png" alt="Screenshot of a parent organization's historical costs over a three month period, showing the overall cost for the month, a graph with cumulative cost breakdowns, and a summary table including month-over-month cost changes." >}} 1. While logged in to the parent organization, navigate to [Plan & Usage][2]. -1. Click the **Usage** tab. -1. For a multi-organization, ensure the **Overall** tab is selected. +1. Click the {{< ui >}}Usage{{< /ui >}} tab. +1. For a multi-organization, ensure the {{< ui >}}Overall{{< /ui >}} tab is selected. #### View and filter -Use the search facets at the left to filter the cost by **Products**, **Sub-Orgs** or **Cost Breakdown**. Use the Daily Cost tab to see how the cumulative day-over-day costs have changed within the current month. +Use the search facets at the left to filter the cost by {{< ui >}}Products{{< /ui >}}, {{< ui >}}Sub-Orgs{{< /ui >}} or {{< ui >}}Cost Breakdown{{< /ui >}}. Use the Daily Cost tab to see how the cumulative day-over-day costs have changed within the current month. #### Download -To download the data as a comma separated value file, click **Download as CSV**. Data is available for the current month and pre-defined prior months. Use the `Cost Type` field to distinguish between the records: -- **Projected**: Data is available for the current month. -- **Estimated MTD**: Data is available from the first of the month to the current date. If historical cost data is not yet available for the prior month, estimated cost data also displays for the prior month. -- **Historical**: Data is available after month close, which is approximately 16 days after the end of the month. +To download the data as a comma separated value file, click {{< ui >}}Download as CSV{{< /ui >}}. Data is available for the current month and pre-defined prior months. Use the `Cost Type` field to distinguish between the records: +- {{< ui >}}Projected{{< /ui >}}: Data is available for the current month. +- {{< ui >}}Estimated MTD{{< /ui >}}: Data is available from the first of the month to the current date. If historical cost data is not yet available for the prior month, estimated cost data also displays for the prior month. +- {{< ui >}}Historical{{< /ui >}}: Data is available after month close, which is approximately 16 days after the end of the month. To query estimated cost data through the API, see [Get estimated cost across your account][3]. To query projected cost data through the API, see [Get projected cost across your account][6]. @@ -87,16 +87,16 @@ View historical costs by toggling back to previous months, or use the date dropd {{< img src="account_management/plan_and_usage/suborg-multi-month-cost-changes.png" alt="Screenshot of a sub organization's historical costs over a six month period, showing the overall cost for the month, a graph with cumulative cost breakdowns, and a summary table including month-over-month cost changes." >}} 1. While logged in to the sub-organization, navigate to [Plan & Usage][2]. -1. Click the **Usage** tab. -1. Ensure the **Overall** tab is selected. +1. Click the {{< ui >}}Usage{{< /ui >}} tab. +1. Ensure the {{< ui >}}Overall{{< /ui >}} tab is selected. #### View and filter -Use the search facets at the left to filter the cost by **Products** or **Cost Breakdown**. Use the **Daily Cost** tab to see how the cumulative day-over-day costs have changed within the current month. +Use the search facets at the left to filter the cost by {{< ui >}}Products{{< /ui >}} or {{< ui >}}Cost Breakdown{{< /ui >}}. Use the {{< ui >}}Daily Cost{{< /ui >}} tab to see how the cumulative day-over-day costs have changed within the current month. #### Download -To download the data as a comma separated value file, click **Download as CSV**. +To download the data as a comma separated value file, click {{< ui >}}Download as CSV{{< /ui >}}. ## Cost chargebacks @@ -115,9 +115,9 @@ From a parent organization, view finalized historical costs aggregated by produc {{< img src="account_management/plan_and_usage/historical-cost-chargebacks.png" alt="Screenshot of a table titled 'Usage and Cost Summary', showing total usage in dollars for four sub-organizations and the total cost." >}} 1. While logged in to the parent organization, navigate to [Plan & Usage][2]. -1. Select the **Usage** tab. -1. Click **Individual Organizations**. -1. Ensure the **Billable** and **Cost** toggles are selected. +1. Select the {{< ui >}}Usage{{< /ui >}} tab. +1. Click {{< ui >}}Individual Organizations{{< /ui >}}. +1. Ensure the {{< ui >}}Billable{{< /ui >}} and {{< ui >}}Cost{{< /ui >}} toggles are selected. 1. Use the date selector to view a prior month for which billing has completed. **Note**: Data is available after month close, which is approximately 16 days after the end of the month. @@ -131,20 +131,20 @@ Estimated cost data is available for the current month. If historical cost data {{< img src="account_management/plan_and_usage/estimated-cost-chargebacks.png" alt="Screenshot of a table titled 'Usage and Cost Summary', showing total usage in dollars for four sub-organizations and the total cost." >}} 1. While logged in to the parent organization, navigate to [Plan & Usage][2]. -1. Select the **Usage** tab. -1. Click **Individual Organizations**. -1. Ensure the **Billable** and **Cost** toggles are selected. +1. Select the {{< ui >}}Usage{{< /ui >}} tab. +1. Click {{< ui >}}Individual Organizations{{< /ui >}}. +1. Ensure the {{< ui >}}Billable{{< /ui >}} and {{< ui >}}Cost{{< /ui >}} toggles are selected. 1. Ensure the date selector shows the current or prior month. ### Download -- To download historical or estimated cost chargeback data as a comma separated value file, click **Download as CSV**. +- To download historical or estimated cost chargeback data as a comma separated value file, click {{< ui >}}Download as CSV{{< /ui >}}. - See [Get historical cost across your account][4] to query historical cost chargeback data through the API. - See [Get estimated cost across your account][3] to query estimated cost chargeback data through the API. ## How billing aggregations affect cost changes -Your estimated month-to-date Datadog bill varies throughout the month. The type of aggregation used to bill each product determines how the costs are impacted. For the best visualization, see the [cost summary][5] feature chart. Each **Products** filter includes the relevant billing aggregation method next to the product name. +Your estimated month-to-date Datadog bill varies throughout the month. The type of aggregation used to bill each product determines how the costs are impacted. For the best visualization, see the [cost summary][5] feature chart. Each {{< ui >}}Products{{< /ui >}} filter includes the relevant billing aggregation method next to the product name. ### Percentile and average usage billing diff --git a/content/en/account_management/plan_and_usage/usage_details.md b/content/en/account_management/plan_and_usage/usage_details.md index ea541ecc528..af4cc4e2d52 100644 --- a/content/en/account_management/plan_and_usage/usage_details.md +++ b/content/en/account_management/plan_and_usage/usage_details.md @@ -71,7 +71,7 @@ Month-to-date usage of each product is calculated as follows: ## Usage trends -The [Usage Trends][5] section contains product usage graphs displaying summed usage for all organizations across an account. Usage reports are downloadable through the **Download as CSV** button. For each organization, these reports include an hourly breakdown of usage by product. +The [Usage Trends][5] section contains product usage graphs displaying summed usage for all organizations across an account. Usage reports are downloadable through the {{< ui >}}Download as CSV{{< /ui >}} button. For each organization, these reports include an hourly breakdown of usage by product. {{< img src="account_management/billing/UsageTrendsOverviewAndCSV.png" alt="Usage Trends graphs page in the Datadog application with Download as CSV option highlighted" style="width:100%; align:left" >}} @@ -97,8 +97,8 @@ Time selection contains options to view usage graphs at daily, weekly, monthly o Purple on-demand pills highlight the portion of billable usage that is on-demand usage. Blue committed and allotted pills highlight the portion of your usage that is covered by commitments and allotments from parent products. The dashed `Committed` line shows commitments per product, without any allotments (such as Custom Metrics or Containers). -To display the committed and allotted pills on a card, ensure the **See included usage** toggle is on: -1. On the total usage card where you want to see committed and allotted usage data, click the eye (**See included usage**) icon. +To display the committed and allotted pills on a card, ensure the {{< ui >}}See included usage{{< /ui >}} toggle is on: +1. On the total usage card where you want to see committed and allotted usage data, click the eye ({{< ui >}}See included usage{{< /ui >}}) icon. 1. The icon changes to an eye with a slash through it. Committed and allotted pills populate on the card. {{< img src="account_management/billing/UsageTilesWithPillsUsageTrendsWithCommittedLine.png" alt="Billable on-demand pills and committed usage lines on trends graphs." style="width:100%; align:left" >}} @@ -147,7 +147,7 @@ This data can be downloaded as a CSV file. The first-time usage notifications feature sends email notifications when there is first-time billable usage for a new product not included in your current contract. Emails are sent approximately 48 hours after the usage first occurs during a given month. -After enabling the feature, a new **Usage Notifications** tab is added to the parent organization's **Plan and Usage** page. On this tab, there is a list of all products covered by the functionality. Unchecking a box stops notifications for that product for all users within the account. If any first-time usage outside of your most recent active contract is detected, users do not receive a notification for any unchecked products. +After enabling the feature, a new {{< ui >}}Usage Notifications{{< /ui >}} tab is added to the parent organization's {{< ui >}}Plan and Usage{{< /ui >}} page. On this tab, there is a list of all products covered by the functionality. Unchecking a box stops notifications for that product for all users within the account. If any first-time usage outside of your most recent active contract is detected, users do not receive a notification for any unchecked products. {{< img src="account_management/plan_and_usage/usage-notifications.png" alt="First-time usage notifications page with a product list including checked and unchecked items" style="width:100%; align:left" >}} diff --git a/content/en/account_management/rbac/_index.md b/content/en/account_management/rbac/_index.md index 23cb59ef26d..b7f3aa3c132 100644 --- a/content/en/account_management/rbac/_index.md +++ b/content/en/account_management/rbac/_index.md @@ -63,9 +63,9 @@ The custom roles feature gives your organization the ability to create new roles ### Enable custom roles 1. Navigate to [Organization Settings][9]. -2. On the left side of the page, select **Roles**. +2. On the left side of the page, select {{< ui >}}Roles{{< /ui >}}. 3. Click the gear in the upper right corner. The Custom Roles pop-up appears. -4. In the Custom Roles pop-up, click **Enable**. +4. In the Custom Roles pop-up, click {{< ui >}}Enable{{< /ui >}}. {{< img src="account_management/rbac/enable_custom_roles.png" alt="Custom Roles pop-up with Enable button" style="width:90%;">}} @@ -79,7 +79,7 @@ Alternatively, making a POST call to the [Create Role API endpoint][10] automati To create a custom role: 1. Go to your [Datadog Roles page][1]. -2. Select **New Role** in the upper right corner of the page. +2. Select {{< ui >}}New Role{{< /ui >}} in the upper right corner of the page. 3. Give a name to your role. 4. Assign a set of permissions to your role. See [Datadog Role Permissions][2] for more information about available permissions. @@ -138,7 +138,7 @@ To clone an existing role: 2. Hover over the role you would like to clone. A series of buttons appears to the right. 3. Select the clone button on the role you would like to clone. 4. Optionally modify the name or permissions of the role. -5. Click the **Save** button at the bottom. +5. Click the {{< ui >}}Save{{< /ui >}} button at the bottom. {{< img src="account_management/rbac/clone_role.png" alt="List of two roles with Clone button highlighted" style="width:90%;">}} @@ -184,12 +184,12 @@ Find an example of how to delete a role in the [Delete Role API reference][1]. When creating or updating a role on the Datadog site, use a Datadog role template to apply a prescribed set of permissions to the role. -1. On the New Role or Edit Role page, click the **Show Role Templates** button on the right. +1. On the New Role or Edit Role page, click the {{< ui >}}Show Role Templates{{< /ui >}} button on the right. 2. A dropdown menu populated with role templates appears. 3. From the menu, select the role template whose permissions you would like to apply to your role. -4. Click the **Apply** button. +4. Click the {{< ui >}}Apply{{< /ui >}} button. 4. Optionally make additional changes to your role. -5. Click the **Save** button. +5. Click the {{< ui >}}Save{{< /ui >}} button. {{< img src="account_management/rbac/role_templates.png" alt="Role Templates dropdown menu with Datadog Billing Admin Role selected" style="width:90%;">}} diff --git a/content/en/account_management/rbac/data_access.md b/content/en/account_management/rbac/data_access.md index 34dcb921655..9fa15972d25 100644 --- a/content/en/account_management/rbac/data_access.md +++ b/content/en/account_management/rbac/data_access.md @@ -28,7 +28,7 @@ Data Access Control relies on tags and attributes in your data that can be used Data Access Control allows you to create a Restricted Dataset, specifying data that only users in designated teams or roles can access. -To view all of your Restricted Datasets, navigate to [Organization Settings][6], and select [Data Access Controls][7] on the left, under the **Access** heading. +To view all of your Restricted Datasets, navigate to [Organization Settings][6], and select [Data Access Controls][7] on the left, under the {{< ui >}}Access{{< /ui >}} heading. ### Datadog site @@ -36,7 +36,7 @@ Log in as a user assigned the Datadog Admin role, or any user with a role in you 1. Navigate to [Organization Settings][6]. 1. On the left side of the page, select [Data Access Controls][7]. -1. Click **New Restricted Dataset**. +1. Click {{< ui >}}New Restricted Dataset{{< /ui >}}. In order to create a Restricted Dataset, identify the data to be restricted with a query. @@ -53,7 +53,7 @@ Grant access You may create a maximum of 10 key:value pairs per Restricted Dataset. Consider defining an additional Restricted Dataset if you need additional pairs. -After completing all the fields to define the dataset, click **Create Restricted Dataset** to apply it to your organization. +After completing all the fields to define the dataset, click {{< ui >}}Create Restricted Dataset{{< /ui >}} to apply it to your organization. You may create a maximum of 100 Restricted Datasets under the Enterprise plan, and a maximum of 10 datasets otherwise. If you need a higher limit, reach out to Support. @@ -159,11 +159,11 @@ Before configuring Data Access Control, it's important to evaluate your access s If you have already identified which data needs to be protected, you can build your Data Access Control configuration around only this specific data. This ensures that non-sensitive data is generally available to your users, allowing them to collaborate and understand ongoing issues or incidents. For example, if you have a single application that is instrumented with Real User Monitoring (RUM) and captures sensitive inputs from users, consider creating a Restricted Dataset only for that application: -* **Name dataset:** Restricted RUM data -* **Select data to be included in this Dataset:** +* {{< ui >}}Name dataset:{{< /ui >}} Restricted RUM data +* {{< ui >}}Select data to be included in this Dataset:{{< /ui >}} * Telemetry type: RUM * Filters: `@application.id:` -* **Grant access:** +* {{< ui >}}Grant access:{{< /ui >}} * Teams or roles of users who can see this RUM data This configuration example would protect the RUM data from this application, and keep other data from this application available to existing users in your organization. @@ -174,8 +174,8 @@ If you are instead looking to protect data from a specific service, you can buil For example, if you have a service `NewService` that is instrumented with Real User Monitoring (RUM) and capturing sensitive inputs from users, consider creating a Restricted Dataset only for that application: -* **Name Dataset:** Restricted NewService data -* **Select data to be included in this Dataset:** +* {{< ui >}}Name Dataset:{{< /ui >}} Restricted NewService data +* {{< ui >}}Select data to be included in this Dataset:{{< /ui >}} * Telemetry type: RUM * Filters: `@service:NewService` * Telemetry type: Custom Metrics @@ -184,7 +184,7 @@ For example, if you have a service `NewService` that is instrumented with Real U * Filters: `@service:NewService` * Telemetry type: Logs * Filters: `@service:NewService` -* **Grant access:** +* {{< ui >}}Grant access:{{< /ui >}} * Team who owns the service This configuration example protects all supported data from `NewService`. diff --git a/content/en/account_management/rbac/granular_access.md b/content/en/account_management/rbac/granular_access.md index 41dd324cba3..9faaff456bd 100644 --- a/content/en/account_management/rbac/granular_access.md +++ b/content/en/account_management/rbac/granular_access.md @@ -44,7 +44,7 @@ Use the different principals to control access patterns in your organization and ### Elevate access to individual resources -A user with the `user_access_manage` permission can elevate their access to any individual resource that supports restrictions based on team, role, and user or service account. Resources with only role-based access restrictions are not supported. To get access, click the **Elevate Access** button in the granular access control modal. +A user with the `user_access_manage` permission can elevate their access to any individual resource that supports restrictions based on team, role, and user or service account. Resources with only role-based access restrictions are not supported. To get access, click the {{< ui >}}Elevate Access{{< /ui >}} button in the granular access control modal. [1]: /account_management/teams/ [2]: /dashboards/configure/#permissions diff --git a/content/en/account_management/rbac/permissions.md b/content/en/account_management/rbac/permissions.md index 59861c53588..022bfcf5b96 100644 --- a/content/en/account_management/rbac/permissions.md +++ b/content/en/account_management/rbac/permissions.md @@ -58,15 +58,15 @@ Managed roles are created and maintained by Datadog. Their permissions may be au ### Custom roles -Create a custom role to combine permissions into new roles. A custom role gives you the ability to define a persona, for example, a billing administrator, and then assign the appropriate permissions for that role. After creating a role, assign or remove permissions to this role directly by [updating the role in Datadog][2], or through the [Datadog Permission API][3]. You can also add a permission to multiple custom roles at once by selecting those roles from the Roles page and hitting **Add Permission**. +Create a custom role to combine permissions into new roles. A custom role gives you the ability to define a persona, for example, a billing administrator, and then assign the appropriate permissions for that role. After creating a role, assign or remove permissions to this role directly by [updating the role in Datadog][2], or through the [Datadog Permission API][3]. You can also add a permission to multiple custom roles at once by selecting those roles from the Roles page and hitting {{< ui >}}Add Permission{{< /ui >}}. Unlike Managed Roles, custom roles do not receive new permissions when Datadog releases new products and features, unless configured to receive Automatic Updates. If Automatic Updates are off, custom roles only receive new permissions to maintain compatibility when Datadog releases a new permission gating existing functionality. To configure Automatic Updates for custom roles: -1. Go to the Organization Settings page and click the **Roles** tab. -2. Click the role you want to update and click **Edit Role**. -3. Under **Automatically Receives Permissions**, choose an option from the dropdown: None, Datadog Read Only Role, Datadog Standard Role, or Datadog Admin Role. +1. Go to the Organization Settings page and click the {{< ui >}}Roles{{< /ui >}} tab. +2. Click the role you want to update and click {{< ui >}}Edit Role{{< /ui >}}. +3. Under {{< ui >}}Automatically Receives Permissions{{< /ui >}}, choose an option from the dropdown: None, Datadog Read Only Role, Datadog Standard Role, or Datadog Admin Role. If the custom role is configured to receive automatic updates, your custom role receives any new permissions whenever they are released to the selected role template. No already-released permissions are added. You can add or remove any permissions from this role and continue to receive automatic updates. diff --git a/content/en/account_management/safety_center.md b/content/en/account_management/safety_center.md index 1f5aadbdc52..65b57d96e12 100644 --- a/content/en/account_management/safety_center.md +++ b/content/en/account_management/safety_center.md @@ -15,26 +15,26 @@ further_reading: --- ## Overview -Datadog's Safety Center in **Organization Settings** is a centralized location for security alerts and best practices. [Administrators][1] of an organization can open this page to review recommendations and take action on high priority security warnings and alerts. +Datadog's Safety Center in {{< ui >}}Organization Settings{{< /ui >}} is a centralized location for security alerts and best practices. [Administrators][1] of an organization can open this page to review recommendations and take action on high priority security warnings and alerts. {{< img src="account_management/safety_center/overview.png" alt="Safety Center Overview page" style="width:80%;" >}} ## Security Alerts -If your organization has a high priority security alert, it appears in the **Security Alerts** section of **Safety Center**. Safety Center supports two types of alerts: leaked [application keys][2] and leaked [API keys][3]. +If your organization has a high priority security alert, it appears in the {{< ui >}}Security Alerts{{< /ui >}} section of {{< ui >}}Safety Center{{< /ui >}}. Safety Center supports two types of alerts: leaked [application keys][2] and leaked [API keys][3]. A leaked key alert means that one or more private keys (application or API) have been compromised or publicly exposed on the internet. Exposed keys have to be [revoked][4] as soon as possible to minimize security risks to your organization. Removing the file containing the key from a public site such as GitHub **does not** guarantee it was not already accessed by another party. {{< img src="account_management/safety_center/revoke-leaked-api-key.png" alt="Revoking leaked API key" style="width:70%;" >}} ## Configuration -The **Configuration** tab in **Safety Center** allows setting **Security Contacts** - primary and secondary email addresses to receive security notifications for your Datadog organization. Upon detecting security issues, like publicly exposed Datadog keys needing [rotation][4], your assigned **Security Contacts** gets notified. +The {{< ui >}}Configuration{{< /ui >}} tab in {{< ui >}}Safety Center{{< /ui >}} allows setting {{< ui >}}Security Contacts{{< /ui >}} - primary and secondary email addresses to receive security notifications for your Datadog organization. Upon detecting security issues, like publicly exposed Datadog keys needing [rotation][4], your assigned {{< ui >}}Security Contacts{{< /ui >}} gets notified. {{< img src="account_management/safety_center/set-security-contacts.png" alt="Setting Security Contacts" style="width:70%;" >}} -It is important to keep **Security Contacts** up to date to ensure that potential security risks are promptly addressed and mitigated. The **Safety Center** page reminds you to review assigned **Security Contacts** every 6 months. +It is important to keep {{< ui >}}Security Contacts{{< /ui >}} up to date to ensure that potential security risks are promptly addressed and mitigated. The {{< ui >}}Safety Center{{< /ui >}} page reminds you to review assigned {{< ui >}}Security Contacts{{< /ui >}} every 6 months. ## Access & Sharing -The **Access & Sharing** section in **Safety Center** lists entities that allow external access to your Datadog organization. It highlights: +The {{< ui >}}Access & Sharing{{< /ui >}} section in {{< ui >}}Safety Center{{< /ui >}} lists entities that allow external access to your Datadog organization. It highlights: - [**OAuth applications**][5] that have been inactive for 60+ days or have write access and have been inactive for 30+ days. - [**API keys**][3] that have been unused for 30+ days. @@ -50,7 +50,7 @@ Unused **API keys** can facilitate unauthorized access to your organization if t {{< img src="account_management/safety_center/revoke-unused-api-key.png" alt="Revoking unused API key" style="width:70%;" >}} ## Users -In order to keep your organization safe it is important to follow best practices for user management. The **Users** page in **Safety Center** surfaces user-related security recommendations: +In order to keep your organization safe it is important to follow best practices for user management. The {{< ui >}}Users{{< /ui >}} page in {{< ui >}}Safety Center{{< /ui >}} surfaces user-related security recommendations: - [User invites][7] that have not been accepted for 30+ days. - [Admin users][1] in the event their number exceeds 10% of all users within an organization. diff --git a/content/en/account_management/saml/_index.md b/content/en/account_management/saml/_index.md index 2397a927dec..77dd7121972 100644 --- a/content/en/account_management/saml/_index.md +++ b/content/en/account_management/saml/_index.md @@ -36,7 +36,7 @@ After SAML is configured in Datadog and your IdP is set up to accept requests fr ### SP-initiated login -SP-initiated, or Service Provider-initiated, means login initiated from Datadog. Users log in through the **Single Sign-on URL** shown in the status box at the top of the [SAML Configuration page][4]. Loading this URL initiates a SAML authentication against your IdP. **Note**: This URL only displays if SAML is enabled for your account and you are using SP-initiated login. +SP-initiated, or Service Provider-initiated, means login initiated from Datadog. Users log in through the {{< ui >}}Single Sign-on URL{{< /ui >}} shown in the status box at the top of the [SAML Configuration page][4]. Loading this URL initiates a SAML authentication against your IdP. **Note**: This URL only displays if SAML is enabled for your account and you are using SP-initiated login. {{< img src="account_management/saml/saml_enabled_cropped.png" alt="Confirmation that SAML Enabled" >}} @@ -104,7 +104,7 @@ With JIT provisioning, a user is created within Datadog the first time they try Some organizations might not want to invite all of their users to Datadog. If you would like to make changes to how SAML works for your account, contact [Datadog support][2]. It is up to the organization to configure their IdP to not send assertions to Datadog if they don't want a particular user to access Datadog. -Administrators can set the default role for new JIT users. The default role is **Standard**, but you can choose to add new JIT users as **Read-Only**, **Administrators**, or any custom role. +Administrators can set the default role for new JIT users. The default role is {{< ui >}}Standard{{< /ui >}}, but you can choose to add new JIT users as {{< ui >}}Read-Only{{< /ui >}}, {{< ui >}}Administrators{{< /ui >}}, or any custom role.
Important: If Role Mapping is enabled, it takes priority over the roles set during JIT provisioning. Without the proper Group Attribute statements, users might end up without roles and lose access to Datadog. To prevent users from being locked out after JIT provisioning, make sure to review your mapping definitions and check your assertions before enabling both Mappings and JIT. @@ -122,7 +122,7 @@ If you do not use the updated SP metadata, Datadog is not able to associate the ### SAML strict -You can make your organization SAML Strict by disabling other login method types in the **Login Methods** UI. When this option is configured, all users must, by default, log in with SAML. An existing username and password, or Google OAuth login, does not work. This ensures that all users with access to Datadog must have valid credentials in your company's identity provider or directory service to access your Datadog account. Org administrators can set per-user [overrides][6] to allow certain users to be SAML Strict exempt. +You can make your organization SAML Strict by disabling other login method types in the {{< ui >}}Login Methods{{< /ui >}} UI. When this option is configured, all users must, by default, log in with SAML. An existing username and password, or Google OAuth login, does not work. This ensures that all users with access to Datadog must have valid credentials in your company's identity provider or directory service to access your Datadog account. Org administrators can set per-user [overrides][6] to allow certain users to be SAML Strict exempt. ### Self-updating Datadog SP metadata diff --git a/content/en/account_management/saml/configuration.md b/content/en/account_management/saml/configuration.md index 5563217c71f..ec8f4f96e1f 100644 --- a/content/en/account_management/saml/configuration.md +++ b/content/en/account_management/saml/configuration.md @@ -44,19 +44,19 @@ This page covers how to enable single sign-on (SSO) with SAML in Datadog, as wel 2. Download Datadog's [Service Provider metadata][17] to configure your IdP to recognize Datadog as a Service Provider. -3. In Datadog, hover over your username in the bottom left corner and select **Organization Settings**. Select [**Login Methods**][16] and click **Configure** under SAML. +3. In Datadog, hover over your username in the bottom left corner and select {{< ui >}}Organization Settings{{< /ui >}}. Select [**Login Methods**][16] and click {{< ui >}}Configure{{< /ui >}} under SAML. -4. Click **Add SAML**. +4. Click {{< ui >}}Add SAML{{< /ui >}}. 5. In the configuration modal: * Create a user-friendly name for this SAML provider. The name appears to end users when they choose a login method. - * Upload the IdP metadata from your SAML identity provider by clicking **browse files** or dragging and dropping the XML metadata file onto the modal. + * Upload the IdP metadata from your SAML identity provider by clicking {{< ui >}}browse files{{< /ui >}} or dragging and dropping the XML metadata file onto the modal.
The IdP metadata must contain ASCII characters only.
{{< img src="account_management/saml/saml_configure.png" alt="Configure SAML by uploading your IdP metadata" style="width:100%;" >}} -6. Click **Save**. +6. Click {{< ui >}}Save{{< /ui >}}. **Note**: To configure SAML for a multi-org, see [Managing Multiple-Organization Accounts][18]. @@ -66,14 +66,14 @@ Enterprise customers can have multiple SAML configurations per organization (up To configure additional SAML providers: -1. Navigate to **Organization Settings > Login Methods**. Under **SAML**, click **Update**, then **Add SAML**. +1. Navigate to {{< ui >}}Organization Settings{{< /ui >}} > {{< ui >}}Login Methods{{< /ui >}}. Under {{< ui >}}SAML{{< /ui >}}, click {{< ui >}}Update{{< /ui >}}, then {{< ui >}}Add SAML{{< /ui >}}. 2. In the configuration modal: - Create a user-friendly name for this SAML provider. The name appears to end users when they choose a login method.
All users can see and access all configured IdPs; there is no way to assign specific user groups to specific configurations. Setting clear and descriptive names for each provider helps users select the appropriate IdP during login. Also note that there is no way to set a default configuration.
- - Upload the IdP metadata from your SAML identity provider by clicking **browse files** or dragging and dropping the XML metadata file onto the modal. -4. Click **Save**. + - Upload the IdP metadata from your SAML identity provider by clicking {{< ui >}}browse files{{< /ui >}} or dragging and dropping the XML metadata file onto the modal. +4. Click {{< ui >}}Save{{< /ui >}}. ### Role mapping with multiple SAML providers diff --git a/content/en/account_management/saml/entra.md b/content/en/account_management/saml/entra.md index 8492ad3b515..8df120c5fd7 100644 --- a/content/en/account_management/saml/entra.md +++ b/content/en/account_management/saml/entra.md @@ -23,11 +23,11 @@ Follow the [Microsoft Entra single sign-on (SSO) integration with Datadog][1] tu 2. Choose and upload the **SAML XML Metadata** file downloaded from Microsoft. -3. You should see the messages **SAML is ready** and **Valid IdP metadata installed**: +3. You should see the messages {{< ui >}}SAML is ready{{< /ui >}} and {{< ui >}}Valid IdP metadata installed{{< /ui >}}: {{< img src="account_management/saml/SAML_Configuration___Datadog11.png" alt="SAML_Configuration___Datadog11" style="width:70%;">}} -4. Click **Enable** to start using Entra ID single sign-on with SAML: +4. Click {{< ui >}}Enable{{< /ui >}} to start using Entra ID single sign-on with SAML: {{< img src="account_management/saml/SAML_Configuration___Datadog12.png" alt="SAML_Configuration___Datadog12" style="width:70%;">}} @@ -39,7 +39,7 @@ If you are using SSO with a Datadog button or link, a sign-on URL is required: {{< img src="account_management/saml/SAML_Configuration___Datadog13.png" alt="SAML_Configuration___Datadog13" style="width:70%;">}} -2. In Microsoft Entra ID, navigate to the SSO Configuration section of your application, check **Show advanced URL settings**, and add your single sign-on URL. +2. In Microsoft Entra ID, navigate to the SSO Configuration section of your application, check {{< ui >}}Show advanced URL settings{{< /ui >}}, and add your single sign-on URL. ## Further Reading diff --git a/content/en/account_management/saml/google.md b/content/en/account_management/saml/google.md index 895ab8163d4..458fcb814d3 100644 --- a/content/en/account_management/saml/google.md +++ b/content/en/account_management/saml/google.md @@ -18,7 +18,7 @@ further_reading: ## Service provider details -As a prerequisite, **IDP initiated SSO** must be checked on the Datadog [SAML configuration page][2]. +As a prerequisite, {{< ui >}}IDP initiated SSO{{< /ui >}} must be checked on the Datadog [SAML configuration page][2]. Application Name : Can be anything @@ -27,19 +27,19 @@ Description : Can be anything ACS URL -: Use the URL shown under **Assertion Consumer Service URL** on the [SAML setup page][2] (the one containing `/id/`). If there is more than one value shown for Assertion Consumer Service URL, only enter one of them here. +: Use the URL shown under {{< ui >}}Assertion Consumer Service URL{{< /ui >}} on the [SAML setup page][2] (the one containing `/id/`). If there is more than one value shown for Assertion Consumer Service URL, only enter one of them here. Entity ID -: Use the URL shown under **Entity ID** on the [SAML setup page][2]. +: Use the URL shown under {{< ui >}}Entity ID{{< /ui >}} on the [SAML setup page][2]. Start URL -: Can be blank, or use the **Single Sign On Login URL** listed on the [SAML setup page][2]. +: Can be blank, or use the {{< ui >}}Single Sign On Login URL{{< /ui >}} listed on the [SAML setup page][2]. Signed Response : Leave Unchecked Name ID -: Select **Basic Information** and **Primary Email** +: Select {{< ui >}}Basic Information{{< /ui >}} and {{< ui >}}Primary Email{{< /ui >}} ## Attribute mapping diff --git a/content/en/account_management/saml/mapping.md b/content/en/account_management/saml/mapping.md index 0d8685a420c..53b21329ac0 100644 --- a/content/en/account_management/saml/mapping.md +++ b/content/en/account_management/saml/mapping.md @@ -28,16 +28,16 @@ It's important to understand what is sent in an assertion before turning on mapp ## Map SAML attributes to Datadog roles 1. [Cross-reference][4] and [validate][5] your SAML assertion to understand your IdP's attributes. -2. Go to **Organization Settings** and click the **SAML Group Mappings** tab. -3. If it is visible, ensure the **Role Mappings** tab is selected. -4. Click **New Mapping**. A dialog box appears. +2. Go to {{< ui >}}Organization Settings{{< /ui >}} and click the {{< ui >}}SAML Group Mappings{{< /ui >}} tab. +3. If it is visible, ensure the {{< ui >}}Role Mappings{{< /ui >}} tab is selected. +4. Click {{< ui >}}New Mapping{{< /ui >}}. A dialog box appears. 5. Specify the SAML identity provider `key-value` pair that you want to associate with an existing Datadog role (either default or custom). **Note**: These entries are case-sensitive. For example, if you want all users whose `member_of` attribute has a value of `Development` to be assigned to a custom Datadog role called `Devs`: {{< img src="account_management/saml/create_mapping.png" alt="Creating a SAML mapping to Datadog Role" >}} **Note**: Every identity provider is different. Some allow you to set your attribute key or label. Others provide one by default. Datadog recommends you use an assertion inspector on your login to view the details of your particular assertion to understand how your Identity Provider is sending your group membership. -6. If you have not already done so, enable mappings by clicking **Enable Mappings**. +6. If you have not already done so, enable mappings by clicking {{< ui >}}Enable Mappings{{< /ui >}}. When a user logs in who has the specified identity provider attribute, they are automatically assigned the Datadog role. Likewise, if someone has that identity provider attribute removed, they lose access to the role (unless another mapping adds it). @@ -45,25 +45,25 @@ When a user logs in who has the specified identity provider attribute, they are Important: If a user does not match any mapping, they lose any roles they had previously and are prevented from logging into the org with SAML. This includes roles that may be set with Just-In-Time provisioning. Double-check your mapping definitions and inspect your own assertions before enabling Mappings to prevent any scenarios where your users are unable to login.
-Make changes to a mapping by clicking the pencil (**Edit**) icon, or remove a mapping by clicking the garbage (**Delete**) icon. These actions affect only the mapping, not the identity provider attributes or the Datadog roles. +Make changes to a mapping by clicking the pencil ({{< ui >}}Edit{{< /ui >}}) icon, or remove a mapping by clicking the garbage ({{< ui >}}Delete{{< /ui >}}) icon. These actions affect only the mapping, not the identity provider attributes or the Datadog roles. Alternatively, you can create and change mappings of SAML attributes to Datadog roles with the `authn_mappings` endpoint. For more information, see [Federated Authentication to Role Mapping API][6]. ## Map SAML attributes to Teams -1. Ensure you selected either **SAML** or **All sources** when choosing your [provisioning source][7] for team memberships. +1. Ensure you selected either {{< ui >}}SAML{{< /ui >}} or {{< ui >}}All sources{{< /ui >}} when choosing your [provisioning source][7] for team memberships. 2. [Cross-reference][4] and [validate][5] your SAML assertion to understand your IdP's attributes. -3. Go to **Organization Settings** and click the **SAML Group Mappings** tab. -4. Ensure the **Team Mappings** tab is selected. -5. Click **New Mapping**. A dialog box appears. +3. Go to {{< ui >}}Organization Settings{{< /ui >}} and click the {{< ui >}}SAML Group Mappings{{< /ui >}} tab. +4. Ensure the {{< ui >}}Team Mappings{{< /ui >}} tab is selected. +5. Click {{< ui >}}New Mapping{{< /ui >}}. A dialog box appears. 6. Specify the SAML identity provider `key-value` pair that you want to associate with a Datadog Team. **Note**: These entries are case-sensitive. **Note**: Every identity provider is different. Some allow you to set your attribute key or label. Others provide one by default. Datadog recommends you use an assertion inspector on your login to view the details of your particular assertion to understand how your Identity Provider is sending your group membership. -8. Select a **Team** from the dropdown menu. -9. To add an additional mapping, click **Add Row**. -10. When you are done adding mappings, click **Create**. -11. If you have not already done so, enable mappings by clicking **Enable Mappings**. +8. Select a {{< ui >}}Team{{< /ui >}} from the dropdown menu. +9. To add an additional mapping, click {{< ui >}}Add Row{{< /ui >}}. +10. When you are done adding mappings, click {{< ui >}}Create{{< /ui >}}. +11. If you have not already done so, enable mappings by clicking {{< ui >}}Enable Mappings{{< /ui >}}. -Make changes to a mapping by clicking the pencil (**Edit**) icon, or remove a mapping by clicking the garbage (**Delete**) icon. These actions affect only the mapping, not the identity provider attributes or the Datadog Team. +Make changes to a mapping by clicking the pencil ({{< ui >}}Edit{{< /ui >}}) icon, or remove a mapping by clicking the garbage ({{< ui >}}Delete{{< /ui >}}) icon. These actions affect only the mapping, not the identity provider attributes or the Datadog Team. **Note:** Unlike Roles, Teams do not affect the login experience in any way. Datadog uses Team mapping purely as a provisioning source. For example, when a user does not belong to any Teams, they can still sign in to Datadog. diff --git a/content/en/account_management/saml/mobile-idp-login.md b/content/en/account_management/saml/mobile-idp-login.md index 8b315b2e71a..9f51d7b401e 100644 --- a/content/en/account_management/saml/mobile-idp-login.md +++ b/content/en/account_management/saml/mobile-idp-login.md @@ -31,17 +31,17 @@ In order to use the Datadog mobile app with Identity Provider (IdP) Initiated SA ### OneLogin -When configuring your OneLogin app, set the Relay State value on the **Application Details** page to `dd_m_idp`. +When configuring your OneLogin app, set the Relay State value on the {{< ui >}}Application Details{{< /ui >}} page to `dd_m_idp`. {{< img src="account_management/saml/one-login-mobile-idp-relay-state.png" alt="One Login's Application Details Page" >}} ### Okta -When configuring your Okta app, set the Default RelayState value on the **Configure SAML** page to `dd_m_idp`. +When configuring your Okta app, set the Default RelayState value on the {{< ui >}}Configure SAML{{< /ui >}} page to `dd_m_idp`. {{< img src="account_management/saml/okta-mobile-idp-relay-state.png" alt="Okta's Configure SAML page" >}} ### Google -When configuring your Google app for SAML, set the **Start URL** under the Service Provider Details to `dd_m_idp`. +When configuring your Google app for SAML, set the {{< ui >}}Start URL{{< /ui >}} under the Service Provider Details to `dd_m_idp`. {{< img src="account_management/saml/google-mobile-idp-relay-state.png" alt="Google's Service Provider Details Page" >}} ## Troubleshooting diff --git a/content/en/account_management/saml/okta.md b/content/en/account_management/saml/okta.md index fb3e283d661..8993d3c5e27 100644 --- a/content/en/account_management/saml/okta.md +++ b/content/en/account_management/saml/okta.md @@ -21,10 +21,10 @@ further_reading: This page tells you how to set up the Datadog application in Okta. Before proceeding, make sure that you are using the latest version of the Datadog application: -1. In Okta, click **Applications**. +1. In Okta, click {{< ui >}}Applications{{< /ui >}}. 1. Open the Datadog application. -1. Select the **General** tab. -1. Look for a field labeled **SSO Base URL**. +1. Select the {{< ui >}}General{{< /ui >}} tab. +1. Look for a field labeled {{< ui >}}SSO Base URL{{< /ui >}}. {{< img src="account_management/saml/okta/sso_base_url.png" alt="Datadog application configuration in Okta, highlighting the SSO base URL" style="width:80%;" >}} @@ -46,20 +46,20 @@ Set up Okta as the SAML identity provider (IdP) for Datadog with the following i ### Add the Datadog integration in Okta 1. Log in to your Okta admin dashboard. -1. In the left navigation, click **Applications**. -1. Click **Browse App Catalog**. +1. In the left navigation, click {{< ui >}}Applications{{< /ui >}}. +1. Click {{< ui >}}Browse App Catalog{{< /ui >}}. 1. Use the search bar to search for "Datadog". 1. Select the Datadog app for SAML and SCIM. -1. Click **Add Integration**. The General Settings dialog appears. -1. Populate the **SSO Base URL** field with your [Datadog website URL][3]. -1. Click **Done**. +1. Click {{< ui >}}Add Integration{{< /ui >}}. The General Settings dialog appears. +1. Populate the {{< ui >}}SSO Base URL{{< /ui >}} field with your [Datadog website URL][3]. +1. Click {{< ui >}}Done{{< /ui >}}. **Note:** The SSO Base URL field accepts custom subdomains if you are not using a standard Datadog website URL. Next, download the metadata details to upload to Datadog: -1. While in the settings dialog for the Datadog application in Okta, click the **Sign on** tab. -1. Scroll down until you see the **Metadata URL**. -1. Click **Copy**. +1. While in the settings dialog for the Datadog application in Okta, click the {{< ui >}}Sign on{{< /ui >}} tab. +1. Scroll down until you see the {{< ui >}}Metadata URL{{< /ui >}}. +1. Click {{< ui >}}Copy{{< /ui >}}. 1. Open a new browser tab and paste the metadata URL into the address bar. 1. Use your browser to save the content of the metadata URL as an XML file. @@ -70,8 +70,8 @@ Next, download the metadata details to upload to Datadog: #### Upload metadata details 1. Navigate to [Login Methods][4] under Organization Settings. -1. In the SAML component, click **Configure** or **Update**, depending on whether you have previously configured SAML. The SAML configuration page appears. -1. Click **Choose File**, and select the metadata file you previously downloaded from Okta. +1. In the SAML component, click {{< ui >}}Configure{{< /ui >}} or {{< ui >}}Update{{< /ui >}}, depending on whether you have previously configured SAML. The SAML configuration page appears. +1. Click {{< ui >}}Choose File{{< /ui >}}, and select the metadata file you previously downloaded from Okta. {{< img src="account_management/saml/okta/choose_file.png" alt="SAML configuration in Datadog, highlighting metadata upload button" style="width:100%;" >}} @@ -83,9 +83,9 @@ For the Datadog application to function correctly, you must activate IdP initiat To activate IdP initiated login, execute the following steps: 1. Navigate to the [SAML configuration page][5]. -1. Under **Additional Features**, click the checkbox for **Identity Provider (IdP) Initiated Login**. The component displays the **Assertion Consumer Service URL**. +1. Under {{< ui >}}Additional Features{{< /ui >}}, click the checkbox for {{< ui >}}Identity Provider (IdP) Initiated Login{{< /ui >}}. The component displays the {{< ui >}}Assertion Consumer Service URL{{< /ui >}}. 1. The content in the Assertion Consumer Service URL after `/saml/assertion` is your company ID. Enter this value with the `/id/` prefix in Okta to finalize your configuration. -1. Click **Save Changes**. +1. Click {{< ui >}}Save Changes{{< /ui >}}. {{< img src="account_management/saml/okta/company_id.png" alt="SAML configuration in Datadog, highlighting the company ID portion of the assertion consumer service URL" style="width:100%;" >}} @@ -94,24 +94,24 @@ Return to Okta for the next set of configuration steps. ### Add the company ID in Okta 1. Return to the Okta admin dashboard. -1. Select the **Sign on** tab. -1. Click **Edit**. -1. Scroll down to the **Advanced Sign-on Settings** section. -1. Paste your full company ID including the `/id/` prefix into the **Company ID** field (`/id/XXXXXX-XXXX-XXX-XXXX-XXXXXXX`). -1. Click **Save**. +1. Select the {{< ui >}}Sign on{{< /ui >}} tab. +1. Click {{< ui >}}Edit{{< /ui >}}. +1. Scroll down to the {{< ui >}}Advanced Sign-on Settings{{< /ui >}} section. +1. Paste your full company ID including the `/id/` prefix into the {{< ui >}}Company ID{{< /ui >}} field (`/id/XXXXXX-XXXX-XXX-XXXX-XXXXXXX`). +1. Click {{< ui >}}Save{{< /ui >}}. ## Service Provider (SP) initiated login To log in to Datadog using service provider-initiated login (SP-initiated SSO), you need the single sign-on (SSO) URL. You can find your SSO URL in two ways: on the SAML configuration page, or through email. ### SAML configuration page -The Datadog [SAML configuration page][5] displays the SSO URL next to the **Single Sign-on URL** heading. +The Datadog [SAML configuration page][5] displays the SSO URL next to the {{< ui >}}Single Sign-on URL{{< /ui >}} heading. ### Email 1. Navigate to the Datadog website URL for your organization. -1. Select **Using Single Sign-On?**. -1. Enter your email address, and click **Next**. -1. Check your email for a message containing the SSO URL, listed as **Login URL**. +1. Select {{< ui >}}Using Single Sign-On?{{< /ui >}}. +1. Enter your email address, and click {{< ui >}}Next{{< /ui >}}. +1. Check your email for a message containing the SSO URL, listed as {{< ui >}}Login URL{{< /ui >}}. After you find your SSO URL from either method, bookmark it for future reference. @@ -120,9 +120,9 @@ After you find your SSO URL from either method, bookmark it for future reference Follow the steps below to map Okta attributes to Datadog entities. This step is optional. 1. Navigate to the Okta admin dashboard. -1. Select the **Sign on** tab. -1. Click **Edit**. -1. Populate the **Attributes** with your [group attribute statements][6]. +1. Select the {{< ui >}}Sign on{{< /ui >}} tab. +1. Click {{< ui >}}Edit{{< /ui >}}. +1. Populate the {{< ui >}}Attributes{{< /ui >}} with your [group attribute statements][6]. 1. Set up your desired [mappings][7] in Datadog. ## Further Reading diff --git a/content/en/account_management/saml/safenet.md b/content/en/account_management/saml/safenet.md index 2cc877d2f57..9e4c7d24e48 100644 --- a/content/en/account_management/saml/safenet.md +++ b/content/en/account_management/saml/safenet.md @@ -13,8 +13,8 @@ Follow the [main SAML configuration instructions][1], then see the [SafeNet Trus ## Datadog -* The IdP metadata is available in the SafeNet Trusted Access console by clicking the **Download Metadata** button. -* In Datadog, ensure the **Identity Provider (IdP) Initiated Login** box is checked. +* The IdP metadata is available in the SafeNet Trusted Access console by clicking the {{< ui >}}Download Metadata{{< /ui >}} button. +* In Datadog, ensure the {{< ui >}}Identity Provider (IdP) Initiated Login{{< /ui >}} box is checked. * Datadog's [Service Provider metadata][3] is needed. ## Verify authentication @@ -23,7 +23,7 @@ Follow the [main SAML configuration instructions][1], then see the [SafeNet Trus Navigate to the Datadog login URL. Once redirected to the SafeNet Trusted Access sign-in page, enter your primary directory login information and approve the two-factor authentication. This redirects you back to Datadog after authentication. -**Note**: For IdP initiated mode, enter the **Assertion Consumer Service URL** found in Datadog on the SafeNet Trusted Access console. +**Note**: For IdP initiated mode, enter the {{< ui >}}Assertion Consumer Service URL{{< /ui >}} found in Datadog on the SafeNet Trusted Access console. ### Using STA user portal diff --git a/content/en/account_management/saml/troubleshooting.md b/content/en/account_management/saml/troubleshooting.md index 61de9765ea8..39c9cc7f002 100644 --- a/content/en/account_management/saml/troubleshooting.md +++ b/content/en/account_management/saml/troubleshooting.md @@ -27,7 +27,7 @@ To resolve, see the section below for the specific error. ### SAML is not enabled for this org -SAML is turned off for your account. Navigate to [Login Methods][1]. In the SAML section, ensure that **Enabled by Default** is set to **On**. +SAML is turned off for your account. Navigate to [Login Methods][1]. In the SAML section, ensure that {{< ui >}}Enabled by Default{{< /ui >}} is set to {{< ui >}}On{{< /ui >}}. **Note:** Configuring SAML requires the Datadog Admin Role or the Org Management (`org_management`) permission. @@ -56,8 +56,8 @@ If you are having trouble updating your IdP metadata file, verify that the metad To validate your metadata file: 1. Choose a SAML validation tool, such as the [SAML developer tool][5] by OneLogin. -2. Paste your metadata into the XML field and select **Metadata** in the XSD (schema file) field. -3. Click **Validate XML With the XSD Schema**. +2. Paste your metadata into the XML field and select {{< ui >}}Metadata{{< /ui >}} in the XSD (schema file) field. +3. Click {{< ui >}}Validate XML With the XSD Schema{{< /ui >}}. ## Roles errors @@ -82,7 +82,7 @@ If you have group mappings set and are not able to see your roles, your group ma ``` -2. Navigate to your profile and select **Organization Settings** in the bottom left corner of Datadog. +2. Navigate to your profile and select {{< ui >}}Organization Settings{{< /ui >}} in the bottom left corner of Datadog. 3. Select [**SAML Group Mappings**][7]. 4. Compare the attributes provided by your IdP in your SAML assertion to the attributes set in the [**SAML Group Mappings**][7] tab. @@ -90,7 +90,7 @@ If you have group mappings set and are not able to see your roles, your group ma 5. Resolve any discrepancies in either the Datadog SAML Group Mappings settings, or within your IdP settings. For example, if `memberof` is a set attribute in Datadog, and it's `member_Of` in your SAML assertion, resolve accordingly. -Discrepancies may occur when there is no match or a mismatch between the attribute key and value. For example, if you see a key value pair of `memberOf` and `name_of_your_group_goes_here` in **SAML Group Mappings**, you run into an issue because this pair is not included in the assertion sent over from your IdP. +Discrepancies may occur when there is no match or a mismatch between the attribute key and value. For example, if you see a key value pair of `memberOf` and `name_of_your_group_goes_here` in {{< ui >}}SAML Group Mappings{{< /ui >}}, you run into an issue because this pair is not included in the assertion sent over from your IdP. If you are having trouble logging in because of a role-based error, contact your Administrator to complete the troubleshooting steps above. @@ -98,7 +98,7 @@ If you are having trouble logging in because of a role-based error, contact your - Each IdP provides different types of attributes, and different ways to set attributes. For example, Azure uses [object IDs][8] for their attribute, or if you're using Okta, you must set attributes in [Okta settings][9]. Reference your IdP's attribute documentation for information. -- When you disable **SAML Group Mappings**, users are allowed to log in with SAML and have the same roles they are assigned to—even if the group membership changed in your IdP. +- When you disable {{< ui >}}SAML Group Mappings{{< /ui >}}, users are allowed to log in with SAML and have the same roles they are assigned to—even if the group membership changed in your IdP. ## Identity provider (IdP) errors diff --git a/content/en/account_management/scim/entra.md b/content/en/account_management/scim/entra.md index 0209ca5956c..698ac078b3b 100644 --- a/content/en/account_management/scim/entra.md +++ b/content/en/account_management/scim/entra.md @@ -36,40 +36,40 @@ When using SAML and SCIM together, Datadog strongly recommends disabling SAML ju ## Add Datadog to the Microsoft Entra ID application gallery 1. Sign in to the [Microsoft Entra admin center][6] as at least a [Cloud Application Administrator][7] -1. Browse to **Identity** -> **Applications** -> **Enterprise Applications** -1. Click **New Application** +1. Browse to {{< ui >}}Identity{{< /ui >}} -> {{< ui >}}Applications{{< /ui >}} -> {{< ui >}}Enterprise Applications{{< /ui >}} +1. Click {{< ui >}}New Application{{< /ui >}} 1. Type "Datadog" in the search box 1. Select the Datadog application from the gallery -1. Optionally, enter a name in the **Name** text box -1. Click **Create** +1. Optionally, enter a name in the {{< ui >}}Name{{< /ui >}} text box +1. Click {{< ui >}}Create{{< /ui >}} -**Note:** If you already have Datadog configured with Microsoft Entra ID for SSO, go to **Enterprise Applications** and select your existing Datadog application. +**Note:** If you already have Datadog configured with Microsoft Entra ID for SSO, go to {{< ui >}}Enterprise Applications{{< /ui >}} and select your existing Datadog application. ## Configure automatic user provisioning -1. In the application management screen, select **Provisioning** in the left panel -2. In the **Provisioning Mode** menu, select **Automatic** -3. Open **Admin Credentials** -4. Complete the **Admin Credentials** section as follows: - - **Tenant URL**: `https://{{< region-param key="dd_full_site" >}}/api/v2/scim?aadOptscim062020` +1. In the application management screen, select {{< ui >}}Provisioning{{< /ui >}} in the left panel +2. In the {{< ui >}}Provisioning Mode{{< /ui >}} menu, select {{< ui >}}Automatic{{< /ui >}} +3. Open {{< ui >}}Admin Credentials{{< /ui >}} +4. Complete the {{< ui >}}Admin Credentials{{< /ui >}} section as follows: + - {{< ui >}}Tenant URL{{< /ui >}}: `https://{{< region-param key="dd_full_site" >}}/api/v2/scim?aadOptscim062020` - **Note:** Use the appropriate subdomain for your site. To find your URL, see [Datadog sites][3]. - **Note:** The `?aadOptscim062020` part of the Tenant URL is specifically for Entra ID. This is a flag that tells Entra to correct its SCIM behavior as outlined in this [Microsoft Entra documentation][8]. If you are not using Entra ID, you should not include this suffix on the URL. - - **Secret Token**: Use a valid Datadog application key. You can create an application key on [your organization settings page][4]. To maintain continuous access to your data, use a [service account][5] application key. + - {{< ui >}}Secret Token{{< /ui >}}: Use a valid Datadog application key. You can create an application key on [your organization settings page][4]. To maintain continuous access to your data, use a [service account][5] application key. {{< img src="/account_management/scim/admin-credentials-entra-flag.png" alt="Azure AD Admin Credentials configuration screen">}} -5. Click **Test Connection**, and wait for the message confirming that the credentials are authorized to enable provisioning. -6. Click **Save**. The mapping section appears. See the following section to configure mapping. +5. Click {{< ui >}}Test Connection{{< /ui >}}, and wait for the message confirming that the credentials are authorized to enable provisioning. +6. Click {{< ui >}}Save{{< /ui >}}. The mapping section appears. See the following section to configure mapping. ## Attribute mapping ### User attributes -1. Expand the **Mappings** section -2. Click **Provision Azure Active Directory Users**. The Attribute Mapping page appears. -3. Set **Enabled** to **Yes** -4. Click the **Save** icon -5. Under **Target Object actions**, ensure Create, Update, and Delete actions are selected +1. Expand the {{< ui >}}Mappings{{< /ui >}} section +2. Click {{< ui >}}Provision Azure Active Directory Users{{< /ui >}}. The Attribute Mapping page appears. +3. Set {{< ui >}}Enabled{{< /ui >}} to {{< ui >}}Yes{{< /ui >}} +4. Click the {{< ui >}}Save{{< /ui >}} icon +5. Under {{< ui >}}Target Object actions{{< /ui >}}, ensure Create, Update, and Delete actions are selected 6. Review the user attributes that are synchronized from Microsoft Entra ID to Datadog in the attribute mapping section. Set the following mappings: | Microsoft Entra ID Attribute | Datadog Attribute | |----------------------------------|--------------------------------| @@ -81,7 +81,7 @@ When using SAML and SCIM together, Datadog strongly recommends disabling SAML ju {{< img src="/account_management/scim/ad-users-2.png" alt="Attribute mapping configuration, Provision Azure Active Directory Users">}} -7. After you set your mappings, click **Save**. +7. After you set your mappings, click {{< ui >}}Save{{< /ui >}}. ### Group attributes diff --git a/content/en/account_management/scim/okta.md b/content/en/account_management/scim/okta.md index e21812a8573..e87763fdc78 100644 --- a/content/en/account_management/scim/okta.md +++ b/content/en/account_management/scim/okta.md @@ -32,32 +32,32 @@ When using SAML and SCIM together, Datadog strongly recommends disabling SAML ju ## Select the Datadog application in the Okta application gallery -1. In your Okta portal, go to **Applications** -2. Click **Browse App Catalog** +1. In your Okta portal, go to {{< ui >}}Applications{{< /ui >}} +2. Click {{< ui >}}Browse App Catalog{{< /ui >}} 3. Type "Datadog" in the search box 4. Select the Datadog application -5. Click **Add Integration** +5. Click {{< ui >}}Add Integration{{< /ui >}} **Note:** If you already have Datadog configured with Okta, select your existing Datadog application. ## Configure automatic user provisioning -1. In the application management screen, select **Provisioning** in the left panel -2. Click **Configure API integration**. -3. Select **Enable API integration**. -4. Complete the **Credentials** section as follows: - - **Base URL**: `https://{{< region-param key="dd_full_site" >}}/api/v2/scim` **Note:** Use the appropriate subdomain for your site. To find your URL, see [Datadog sites][3]. - - **API Token**: Use a valid Datadog application key. You can create an application key on [your organization settings page][4]. To maintain continuous access to your data, use a [service account][5] application key. +1. In the application management screen, select {{< ui >}}Provisioning{{< /ui >}} in the left panel +2. Click {{< ui >}}Configure API integration{{< /ui >}}. +3. Select {{< ui >}}Enable API integration{{< /ui >}}. +4. Complete the {{< ui >}}Credentials{{< /ui >}} section as follows: + - {{< ui >}}Base URL{{< /ui >}}: `https://{{< region-param key="dd_full_site" >}}/api/v2/scim` **Note:** Use the appropriate subdomain for your site. To find your URL, see [Datadog sites][3]. + - {{< ui >}}API Token{{< /ui >}}: Use a valid Datadog application key. You can create an application key on [your organization settings page][4]. To maintain continuous access to your data, use a [service account][5] application key. {{< img src="/account_management/scim/okta-admin-credentials.png" alt="Okta Admin Credentials configuration screen">}} -5. Click **Test API Credentials**, and wait for the message confirming that the credentials are verified. -6. Click **Save**. The settings section appears. -7. Next to **Provisioning to App** , select **Edit** to enable the features: - - **Create Users** - - **Update User Attributes** - - **Deactivate Users** -8. Under **Datadog Attribute Mappings**, find the mapping of Okta attributes to Datadog attributes already pre-configured. You can re-map them if needed, but map the Okta values to the same set of Datadog values. +5. Click {{< ui >}}Test API Credentials{{< /ui >}}, and wait for the message confirming that the credentials are verified. +6. Click {{< ui >}}Save{{< /ui >}}. The settings section appears. +7. Next to {{< ui >}}Provisioning to App{{< /ui >}} , select {{< ui >}}Edit{{< /ui >}} to enable the features: + - {{< ui >}}Create Users{{< /ui >}} + - {{< ui >}}Update User Attributes{{< /ui >}} + - {{< ui >}}Deactivate Users{{< /ui >}} +8. Under {{< ui >}}Datadog Attribute Mappings{{< /ui >}}, find the mapping of Okta attributes to Datadog attributes already pre-configured. You can re-map them if needed, but map the Okta values to the same set of Datadog values. ## Configure automatic team provisioning @@ -67,12 +67,12 @@ With [Managed Teams][6], you control the core provisioning of a Datadog Team — ### Create a new team in Datadog -1. In your Datadog application in Okta, navigate to the **Push Groups** tab. +1. In your Datadog application in Okta, navigate to the {{< ui >}}Push Groups{{< /ui >}} tab. {{< img src="/account_management/scim/okta/pushed-groups.png" alt="Okta pushed groups configuration interface">}} -1. Click the **Push Groups** button. The pushed groups interface opens. +1. Click the {{< ui >}}Push Groups{{< /ui >}} button. The pushed groups interface opens. 1. Select the Okta group you want to push to Datadog. -1. In the **Match result & push action** column, ensure **Create group** is selected. -1. Click **Save**. +1. In the {{< ui >}}Match result & push action{{< /ui >}} column, ensure {{< ui >}}Create group{{< /ui >}} is selected. +1. Click {{< ui >}}Save{{< /ui >}}. To verify that the operation completed successfully, navigate to the [Teams list][7] in Datadog. Search for a Datadog Team matching the Okta group you configured. Verify that the team exists in Datadog and is managed externally. It may take a minute or two before the team appears in Datadog. @@ -84,13 +84,13 @@ You can map an existing Datadog Team to an Okta group. Establishing a link from **Note:** In order to synchronize an existing Datadog Team with an Okta group, the two names must match exactly. -1. In your Datadog application in Okta, navigate to the **Push Groups** tab. -1. Click the **Push Groups** button. The pushed groups interface opens. +1. In your Datadog application in Okta, navigate to the {{< ui >}}Push Groups{{< /ui >}} tab. +1. Click the {{< ui >}}Push Groups{{< /ui >}} button. The pushed groups interface opens. 1. Select the Okta group you want to synchronize with a Datadog Team. -1. In the **Match result & push action** column, ensure **Create group** is selected. -1. Click **Save**. +1. In the {{< ui >}}Match result & push action{{< /ui >}} column, ensure {{< ui >}}Create group{{< /ui >}} is selected. +1. Click {{< ui >}}Save{{< /ui >}}. -**Note:** When you select **Create group**, Okta displays a **No match found** message. You can ignore this message and proceed with creating the group to establish synchronization. +**Note:** When you select {{< ui >}}Create group{{< /ui >}}, Okta displays a {{< ui >}}No match found{{< /ui >}} message. You can ignore this message and proceed with creating the group to establish synchronization. ### Delete the connection between an Okta group and a Datadog Team @@ -100,27 +100,27 @@ You have two options for disconnecting an Okta group from a Datadog Team, with d This procedure allows you to manage team membership in Datadog instead of Okta. The team members stay unchanged. -1. In your Datadog application in Okta, navigate to the **Push Groups** tab. -1. Click the **Push Groups** button. The pushed groups interface opens. +1. In your Datadog application in Okta, navigate to the {{< ui >}}Push Groups{{< /ui >}} tab. +1. Click the {{< ui >}}Push Groups{{< /ui >}} button. The pushed groups interface opens. 1. Select the Okta group you want to unlink from its Datadog Team. -1. In the **Match result & push action** column, select **Unlink Pushed Group**. A dialog box appears. -1. Select **Leave the group in the target app**. -1. Click **Unlink**. -1. Click **Save**. +1. In the {{< ui >}}Match result & push action{{< /ui >}} column, select {{< ui >}}Unlink Pushed Group{{< /ui >}}. A dialog box appears. +1. Select {{< ui >}}Leave the group in the target app{{< /ui >}}. +1. Click {{< ui >}}Unlink{{< /ui >}}. +1. Click {{< ui >}}Save{{< /ui >}}. #### Remove team members from Datadog This procedure allows you to manage team membership in Datadog instead of Okta and removes the team members from the Datadog Team. -1. In your Datadog application in Okta, navigate to the **Push Groups** tab. -1. Click the **Push Groups** button. The pushed groups interface opens. +1. In your Datadog application in Okta, navigate to the {{< ui >}}Push Groups{{< /ui >}} tab. +1. Click the {{< ui >}}Push Groups{{< /ui >}} button. The pushed groups interface opens. 1. Select the Okta group you want to unlink from its Datadog Team. -1. In the **Match result & push action** column, select **Unlink Pushed Group**. A dialog box appears. -1. Select **Delete the group in the target app (recommended)**. -1. Click **Unlink**. -1. Click **Save**. +1. In the {{< ui >}}Match result & push action{{< /ui >}} column, select {{< ui >}}Unlink Pushed Group{{< /ui >}}. A dialog box appears. +1. Select {{< ui >}}Delete the group in the target app (recommended){{< /ui >}}. +1. Click {{< ui >}}Unlink{{< /ui >}}. +1. Click {{< ui >}}Save{{< /ui >}}. -**Note:** Contrary to the name of the option, selecting **Delete the group in the target app** does _not_ delete the team in Datadog. Instead, it removes all members from the team and removes the link between the group in Okta and the Datadog Team. +**Note:** Contrary to the name of the option, selecting {{< ui >}}Delete the group in the target app{{< /ui >}} does _not_ delete the team in Datadog. Instead, it removes all members from the team and removes the link between the group in Okta and the Datadog Team. ## Further Reading diff --git a/content/en/account_management/teams/_index.md b/content/en/account_management/teams/_index.md index 8c2c3d908ac..5734c0e7686 100644 --- a/content/en/account_management/teams/_index.md +++ b/content/en/account_management/teams/_index.md @@ -24,12 +24,12 @@ Access the team directory page from [Organization Settings][1] or by navigating ### Create team -1. On the [team directory page][1], click **New Team** at the upper right. -1. Choose a **Team Name**. -1. The **Handle** populates based on your team name. +1. On the [team directory page][1], click {{< ui >}}New Team{{< /ui >}} at the upper right. +1. Choose a {{< ui >}}Team Name{{< /ui >}}. +1. The {{< ui >}}Handle{{< /ui >}} populates based on your team name. 1. Use the dropdown menu to select team members and team managers. -1. Provide an optional **Description**. -1. Click **Create**. +1. Provide an optional {{< ui >}}Description{{< /ui >}}. +1. Click {{< ui >}}Create{{< /ui >}}. **Notes**: @@ -39,9 +39,9 @@ Access the team directory page from [Organization Settings][1] or by navigating ### Modify team 1. On the [team directory page][1], click the team you wish to modify. The [team detail page][3] appears. -1. Click the **Settings** cog at the top of the screen. A pop-up window appears. +1. Click the {{< ui >}}Settings{{< /ui >}} cog at the top of the screen. A pop-up window appears. 1. Select the item you wish to modify. -1. Make your changes, then click **Save**. +1. Make your changes, then click {{< ui >}}Save{{< /ui >}}. ### Choose provisioning source @@ -56,8 +56,8 @@ SAML All sources : Use SAML as a starting point, and allow overrides through the UI and API -1. On the [team directory page][1], click **Teams Settings**. -1. Select one of the options under **Team Provisioning Sources**. +1. On the [team directory page][1], click {{< ui >}}Teams Settings{{< /ui >}}. +1. Select one of the options under {{< ui >}}Team Provisioning Sources{{< /ui >}}. If you have teams with existing members, picking the SAML strict option overrides your settings and removes team members from those teams. Picking the All Sources option preserves existing memberships. To manage teams and team membership using SAML attributes, see [Map SAML attributes to Teams][4]. @@ -90,13 +90,13 @@ Datadog supports associating the following resources with team handles: Add a notification channel to your Team to route alerts to communication channels such as Slack or Microsoft Teams. Monitor alerts targeting `@team-` are redirected to the selected channel. 1. On the [team directory page][1], click the team you wish to modify. -1. Click the **Settings** cog at the top of the screen. A pop-up window appears. -1. Select **Notifications**. -1. Add a channel, then click **Save**. +1. Click the {{< ui >}}Settings{{< /ui >}} cog at the top of the screen. A pop-up window appears. +1. Select {{< ui >}}Notifications{{< /ui >}}. +1. Add a channel, then click {{< ui >}}Save{{< /ui >}}. ## Team filter -The team filter tailors your experience across Datadog by showing you content associated with your teams. The **My Teams** list includes teams you are a member of and teams you selected as a favorite. +The team filter tailors your experience across Datadog by showing you content associated with your teams. The {{< ui >}}My Teams{{< /ui >}} list includes teams you are a member of and teams you selected as a favorite. {{< img src="/account_management/teams/team-filter.png" alt="Monitor list page with red box around the team filter. Two out of three My Teams selected.">}} @@ -116,15 +116,15 @@ You can add or remove a team from your favorites from the team directory page or From the [team directory page][1]: 1. Click the team you wish to add as a favorite. The [team detail page][3] appears. -1. Click **Add Favorite** or **Remove Favorite** in the upper right. +1. Click {{< ui >}}Add Favorite{{< /ui >}} or {{< ui >}}Remove Favorite{{< /ui >}} in the upper right. Alternatively, also from the team directory page: 1. Hover over the team you wish to add or remove. Inline icons appear to the right of the team name. -1. Click the star (**Add to Favorites** or **Remove from Favorites**) icon. +1. Click the star ({{< ui >}}Add to Favorites{{< /ui >}} or {{< ui >}}Remove from Favorites{{< /ui >}}) icon. From the team filter: -1. If the filter is collapsed, click **My Teams** to expand it. -1. Click **Add Favorites**. A search box and list of teams appear. +1. If the filter is collapsed, click {{< ui >}}My Teams{{< /ui >}} to expand it. +1. Click {{< ui >}}Add Favorites{{< /ui >}}. A search box and list of teams appear. 1. To narrow the list of teams, start typing a team name in the search box. 1. Click the star next to the desired team to add or remove it from your favorites. diff --git a/content/en/account_management/teams/github.md b/content/en/account_management/teams/github.md index 9c109f4c32e..b4dc910bb25 100644 --- a/content/en/account_management/teams/github.md +++ b/content/en/account_management/teams/github.md @@ -39,18 +39,18 @@ Ensure your Datadog organization is [connected][3] to a GitHub organization. You ### Connect GitHub teams to Datadog Teams 1. Navigate to [Teams][4]. -1. In the upper right, click **GitHub Connections**. +1. In the upper right, click {{< ui >}}GitHub Connections{{< /ui >}}. 1. Configure your connection by selecting options for import type, sync members, and cadence. -1. Click **Save**. +1. Click {{< ui >}}Save{{< /ui >}}. ### View Datadog Teams 1. Navigate to [GitHub Connections][5]. -1. If the list of created and linked teams is empty, click **Refresh**. +1. If the list of created and linked teams is empty, click {{< ui >}}Refresh{{< /ui >}}. 1. Optionally, manually update Datadog Teams to reach your desired state. ### User configuration -After an admin enables team provisioning from GitHub, a notification appears on the Team detail page. The notification asks users **Log in to GitHub** to connect their accounts from Datadog to GitHub through OAuth. +After an admin enables team provisioning from GitHub, a notification appears on the Team detail page. The notification asks users {{< ui >}}Log in to GitHub{{< /ui >}} to connect their accounts from Datadog to GitHub through OAuth. {{< img src="account_management/teams/github/connect-to-github.png" alt="'Not Connected to GitHub' box with button to 'Log in to GitHub'" style="width:60%;">}} @@ -61,7 +61,7 @@ After a user links their accounts, Datadog adds the user to any Datadog Teams th For example, assume that user B is a member of team A in GitHub. The following sequence occurs in Datadog: 1. An admin enables Datadog Teams provisioning and user syncing from GitHub. 1. Team A is created in Datadog, empty. -1. User B sees a notification to **Log in to GitHub** and follows through. +1. User B sees a notification to {{< ui >}}Log in to GitHub{{< /ui >}} and follows through. 1. User B is provisioned into Team A in Datadog. ## Deleting teams diff --git a/content/en/account_management/teams/manage.md b/content/en/account_management/teams/manage.md index 2c5b2361455..6938aab925b 100644 --- a/content/en/account_management/teams/manage.md +++ b/content/en/account_management/teams/manage.md @@ -26,17 +26,17 @@ See the following instructions to customize your team. To modify the team page layout, you must have the `user_access_manage` or `teams_manage` permission. Alternately, you can be a team member or team manager of a team that is configured to allow members and managers to edit team details. -1. Click **Page Layout**. The page layout dialog appears. +1. Click {{< ui >}}Page Layout{{< /ui >}}. The page layout dialog appears. 1. To reorder the resources, click and drag the drag handle icons. -1. To hide a resource, mouse over an item and click the eye (**Hide content**) icon. +1. To hide a resource, mouse over an item and click the eye ({{< ui >}}Hide content{{< /ui >}}) icon. -Hidden resources appear at the bottom of the page layout dialog. To reveal a resource, mouse over it and click the **Unhide content** icon. +Hidden resources appear at the bottom of the page layout dialog. To reveal a resource, mouse over it and click the {{< ui >}}Unhide content{{< /ui >}} icon. ### Customize settings To modify the team details, you must have the `user_access_manage` or `teams_manage` permission. Alternately, you can be a team member or team manager of a team that is configured to allow members and managers to edit team details. -Click **Settings**. The settings dialog appears. +Click {{< ui >}}Settings{{< /ui >}}. The settings dialog appears. From the settings dialog, use the menu to customize the following team settings: - Members @@ -56,7 +56,7 @@ To differentiate members of your team, designate some of them as team managers. ### Team modification permissions -Under the team's settings, in the **Permissions** tab, specify which users can modify the team membership. The following options are available: +Under the team's settings, in the {{< ui >}}Permissions{{< /ui >}} tab, specify which users can modify the team membership. The following options are available: - Only users with the `user_access_manage` permission - Team managers - Team managers and members @@ -70,9 +70,9 @@ Invite only teams : Teams with restricted membership. Can be set as access control recipients. Created when you restrict team membership modification to one of the first three options. Open teams -: Teams with unrestricted membership. Cannot be set as access control recipients. Created when you allow **Anyone in the organization** to modify team membership. +: Teams with unrestricted membership. Cannot be set as access control recipients. Created when you allow {{< ui >}}Anyone in the organization{{< /ui >}} to modify team membership. -Users with the `user_access_manage` permission can set default rules on who can add or remove members, or edit team details. Set default rules with the **Default Settings** button on the team directory page. Override these policies for an individual team on the team details panel. +Users with the `user_access_manage` permission can set default rules on who can add or remove members, or edit team details. Set default rules with the {{< ui >}}Default Settings{{< /ui >}} button on the team directory page. Override these policies for an individual team on the team details panel. ### Teams managed outside Datadog @@ -91,7 +91,7 @@ This feature is not supported for your selected Datadog site ({{< region-param k With subteams, you can nest teams within each other to mimic your company's hierarchy in Datadog, allowing for a more complete and accurate ownership model. Subteams also provide an enhanced filtering experience; select a larger team (like a director-level group) to find all the data connected to any of its subteams. {{< img src="account_management/teams/teams_filter_hierarchies.png" alt="Filter Hierarchical Teams" >}} -On the **Subteams** tab, you can add and remove existing teams. For a clear view of a team's place in its hierarchy, go to [**Teams** > **Map View**][4], then search for the team by name. +On the {{< ui >}}Subteams{{< /ui >}} tab, you can add and remove existing teams. For a clear view of a team's place in its hierarchy, go to [**Teams** > **Map View**][4], then search for the team by name. To automate subteam management based on your organization's hierarchical structure, use the [Teams APIs][5]. ## Manage teams through an identity provider @@ -113,11 +113,11 @@ To manage teams and team membership using SAML attributes, see [Map SAML attribu ## Delegate team management -For an open membership model, configure your default team settings so **Anyone in the organization** can add or remove members. Assign the `teams_manage` permission to the appropriate roles to let anyone create teams or edit team details. +For an open membership model, configure your default team settings so {{< ui >}}Anyone in the organization{{< /ui >}} can add or remove members. Assign the `teams_manage` permission to the appropriate roles to let anyone create teams or edit team details. -If you prefer a team-driven membership model, set your default team settings so **Team Managers** or **Team Managers and Members** can add or remove members. Assign the `teams_manage` permission to a role containing all of your team managers. +If you prefer a team-driven membership model, set your default team settings so {{< ui >}}Team Managers{{< /ui >}} or {{< ui >}}Team Managers and Members{{< /ui >}} can add or remove members. Assign the `teams_manage` permission to a role containing all of your team managers. -To enforce a strict membership model, configure your default team settings so **Only users with user_access_manage** can add or remove members. Assign the `teams_manage` permission only to organization administrators. +To enforce a strict membership model, configure your default team settings so {{< ui >}}Only users with user_access_manage{{< /ui >}} can add or remove members. Assign the `teams_manage` permission only to organization administrators. [1]: https://app.datadoghq.com/organization-settings/teams [2]: /account_management/saml/mapping/#map-saml-attributes-to-teams diff --git a/content/en/account_management/users/_index.md b/content/en/account_management/users/_index.md index 9d9e526293d..9252eb1674a 100644 --- a/content/en/account_management/users/_index.md +++ b/content/en/account_management/users/_index.md @@ -21,22 +21,22 @@ further_reading:
The Datadog for Government site only supports SAML login.
{{< /site-region >}} -Datadog's **User** tab in **Organization Settings** allows you to manage your users and their associated roles. Switch between list and grid views by clicking **List View** or **Grid View** on the right. +Datadog's {{< ui >}}User{{< /ui >}} tab in {{< ui >}}Organization Settings{{< /ui >}} allows you to manage your users and their associated roles. Switch between list and grid views by clicking {{< ui >}}List View{{< /ui >}} or {{< ui >}}Grid View{{< /ui >}} on the right. ## Add new members and manage invites To add members to your organization: -1. Go to the Organization Settings page, then click the **Users** tab. -2. Click **Invite Users** in the upper right corner of the page. +1. Go to the Organization Settings page, then click the {{< ui >}}Users{{< /ui >}} tab. +2. Click {{< ui >}}Invite Users{{< /ui >}} in the upper right corner of the page. 3. Enter the email address of the user you wish to invite to your Datadog account. 4. Assign one or more [user roles][1] to the users. **Note**: Users with the Invite User permission can invite a user to any role they have themselves. Users with both the Invite User and Access Management permissions can invite a user to any role. -5. Click **Send Invites**. +5. Click {{< ui >}}Send Invites{{< /ui >}}. -The new user receives an email with a link to log in. This link is valid for 48 hours. The user is marked with the status `Invite Pending` until they log in. To cancel their invite before they log in, click the **Delete Invite** button on the right of the user line in list view, or on the user box in grid view. +The new user receives an email with a link to log in. This link is valid for 48 hours. The user is marked with the status `Invite Pending` until they log in. To cancel their invite before they log in, click the {{< ui >}}Delete Invite{{< /ui >}} button on the right of the user line in list view, or on the user box in grid view. -To resend an invite in list view, click the user to open the user side panel and click **Resend Invite**. Or in grid view, hover over the user box and click **Resend Invite**. +To resend an invite in list view, click the user to open the user side panel and click {{< ui >}}Resend Invite{{< /ui >}}. Or in grid view, hover over the user box and click {{< ui >}}Resend Invite{{< /ui >}}. ## Edit a user's roles @@ -44,10 +44,10 @@ Only users with the User Access Management permission, such as users with the Da To edit a user's roles: -1. Go to the **Users** tab of **Organization Settings**. -2. Select the **Edit** button on the right of the user line. +1. Go to the {{< ui >}}Users{{< /ui >}} tab of {{< ui >}}Organization Settings{{< /ui >}}. +2. Select the {{< ui >}}Edit{{< /ui >}} button on the right of the user line. 3. Select the new [user roles][2] for this user, or click the 'X' next to an existing role to remove it. -4. **Save** the new settings. +4. {{< ui >}}Save{{< /ui >}} the new settings. {{< img src="account_management/users/user_role_update.png" alt="User role update" style="width:80%;">}} @@ -61,11 +61,11 @@ Default login methods for an organization can be set through the Login Methods p To edit a user's login methods: -1. Go to the **Users** tab of **Organization Settings**. -2. Click **Edit** on the right of the user line. -3. Switch the toggle beside **Override Default Login Methods** to enable or disable overrides for the user. +1. Go to the {{< ui >}}Users{{< /ui >}} tab of {{< ui >}}Organization Settings{{< /ui >}}. +2. Click {{< ui >}}Edit{{< /ui >}} on the right of the user line. +3. Switch the toggle beside {{< ui >}}Override Default Login Methods{{< /ui >}} to enable or disable overrides for the user. 4. If enabling overrides, choose a set of login methods that the user can use to access Datadog. This can be a single option or all options that are configured for your organization. -5. Click **Save**. +5. Click {{< ui >}}Save{{< /ui >}}. **Note**: Overrides can be set only to valid login methods. If you have not configured SAML, you cannot choose that login method as an override for a user. @@ -74,10 +74,10 @@ To edit a user's login methods: Only users with the Access Management permission, such as users with the Datadog Admin Role, can disable members. You cannot permanently remove users, as they might have authored dashboards or monitors, and their user ID is used to keep a record of their actions. When a user is disabled, any application keys they had generated are automatically revoked. -1. Go to the **Users** tab of **Organization Settings**. -2. Select the **Edit** button on the right of the user line. -3. Click on the **Disable** toggle. -4. **Save** the changes. +1. Go to the {{< ui >}}Users{{< /ui >}} tab of {{< ui >}}Organization Settings{{< /ui >}}. +2. Select the {{< ui >}}Edit{{< /ui >}} button on the right of the user line. +3. Click on the {{< ui >}}Disable{{< /ui >}} toggle. +4. {{< ui >}}Save{{< /ui >}} the changes. 5. Confirm the action. **Note**: By default, disabled users are filtered out from the list of users in the User Management Page. If you have the correct permissions, you can filter by users with the status `Disabled` and re-enable them.