VAAS / VCP consistency

[hawksight]

PROBLEM SUMMARY

In multiple places in vcert help documentation we refer to to VAAS or VCP.
As far as I can tell these are both Acronyms for the same backend system.

We should strive to use one of the other if they are interchangeable.

STEPS TO REPRODUCE

vcert getcred -h

EXPECTED RESULTS

ACTUAL RESULTS

For example with vcert getcred command uses both terms within the hep

NAME:
   vcert getcred - To obtain a new access token for authentication

USAGE:
    vcert getcred --email <email address for Venafi Control Plane headless registration> [--password <password>] [--format (text|json)]
    vcert getcred -p vcp --token-url <VCP token url> --external-jwt <JWT from Identity Provider>

    vcert getcred -u https://tpp.example.com --username <TPP user> --password <TPP user password>
    vcert getcred -u https://tpp.example.com --p12-file <PKCS#12 client cert> --p12-password <PKCS#12 password> --trust-bundle /path-to/bundle.pem
    vcert getcred -u https://tpp.example.com -t <TPP refresh token>
    vcert getcred -u https://tpp.example.com -t <TPP refresh token> --scope <scopes and restrictions>
    vcert getcred -p tpp -u https://tpp.example.com -t <TPP refresh token>

    vcert getcred -p oidc -u https://authorization-server.com/oauth/token --username <okta user> --password <okta user password> --scope okta.behaviors.manage
    vcert getcred -p oidc -u https://authorization-server.com/oauth/token --client-id <okta client id> --client-secret <okta client secret> --scope okta.behaviors.manage

OPTIONS:
   --audience value            Use to specify the audience param to get an access token for OAuth 2.0 identity providers
                                supporting it like Auth0.
   --client-id value           Use to specify the application that will be using the token. (default: "vcert-cli")
   --client-secret value       Use to specify the client secret to get authorization from an OAuth 2.0 identity provider.
   --config value              Use to specify INI configuration file containing connection details instead
                                 For TPP: url, access_token, tpp_zone
                                 For VaaS: cloud_apikey, cloud_zone
                                 TPP & VaaS: trust_bundle, test_mode
   --device-url value          REQUIRED/Firefly working in device flow. The url endpoint of the OAuth 2.0 identity provider to request a device code. Example for Okta: --device-url https://${yourOktaDomain}/device
   --email value               REQUIRED/VaaS. Use to specify the email for headless registration on VaaS.
   --external-jwt value        REQUIRED/VCP. Use to specify the JWT of the Identity Provider associated with the service account that is requesting a new access token for Venafi Control Plane. Use in combination with --token-url option.
   --format value              Use to output credentials in an alternate format. Example: --format json
   --no-prompt                 Use to exclude credential and password prompts. If you enable the prompt and you enter incorrect information, an error is displayed. This is useful with scripting. (default: false)
   --p12-file value            Use to specify a client PKCS#12 archive for mutual TLS (for 2FA, use the getcred action to authenticate with Venafi Platform using a client certificate).
   --p12-password value        Use to specify the password for a client PKCS#12 archive. Use in combination with --p12-file option.
   --password value            Use to specify the Trust Protection Platform user's password or the optional password for the headless registration in VaaS or the password for OAuth 2.0 password flow grant.
   --platform value, -p value  Use to specify the platform VCert will use to execute the given command. Only accepted values are:
                                 For getcred command: --platform [TPP | VAAS | OIDC]
                                 For enroll command: --platform [TPP | VAAS | FIREFLY]
   --pm                        Use to request policy management scope - configuration:manage (default: false)
   --profile value             Use to specify effective section in INI configuration file specified by --config option.
   --scope value               Use to request specific scopes and restrictions. (default: "certificate:manage,revoke")
   --ssh                       Use to request a ssh certificate scope - ssh:manage (default: false)
   --token value, -t value     REQUIRED/TPP/VaaS/Firefly. Your access token (or refresh token for getcred) for Trust Protection Platform, Venafi as a Service or Firefly. Example: -t Ab01Cd23Ef45Uv67Wx89Yz==
   --token-url value           REQUIRED/VCP. Use to specify the URL to retrieve an access token for Venafi Control Plane. Use in combination with --external-jwt flag.
                                 Example: --token-url https://api.venafi.cloud/v1/oauth2/v2.0/aaaaaaaa-bbbb-cccc/token
   --trust-bundle value        Use to specify a PEM file name to be used as trust anchors when communicating with the remote server.
   --url value, -u value       REQUIRED/TPP/Firefly/OIDC. The URL of the service.
                                 TPP example: -u https://tpp.example.com
                                 Firefly example: -u https://firefly.example.com
                                 OIDC example: -u https://my.okta.domain//oauth2/v1/token
   --username value            Use to specify the username of a Trust Protection Platform or the username of OAuth 2.0 password flow grant.Required if -p12-file or -t is not present and may not be combined with either.
   --verbose                   Use to increase the level of logging detail, which is helpful when troubleshooting issues (default: false)
   --help, -h                  show help

Under vcert -h we are more consistent with the terminology:

Venafi Certificate Utility
   Version: v5.7.1
   Build Timestamp: 20240607.180655

USAGE:
   vcert [global options] command [command options] [arguments...]

AUTHOR:
   Ryan Treat <ryan.treat@venafi.com>
   Russel Vela <russel.vela@venafi.com>
   Luis Presuel <luis.presuel@venafi.com>
   Marcos Albornoz <marcos.albornoz@venafi.com>

ACTIONS:
   Command       Platform             Description

   gencsr                             To generate a certificate signing request (CSR)
   enroll        tpp | vcp | firefly  To enroll a certificate
   pickup        tpp | vcp            To retrieve a certificate
   renew         tpp | vcp            To renew a certificate
   retire        tpp | vcp            To retire a certificate
   revoke        tpp                  To revoke a certificate
   run           tpp | vcp | firefly  To retrieve and install certificates using a vcert playbook file
   provision           vcp            To provision a certificate to cloud keystore

   getpolicy     tpp | vcp            To retrieve the certificate policy of a zone
   setpolicy     tpp | vcp            To apply a certificate policy specification to a zone

   getcred       tpp | vcp | oidc     To obtain a new authentication token from any Venafi platform or to register for a new Venafi Control Plane user API key
   checkcred     tpp                  To check the validity of a Trust Protection Platform token and grant
   voidcred      tpp                  To invalidate a Trust Protection Platform authentication token

   sshenroll     tpp                  To enroll an SSH certificate
   sshpickup     tpp                  To retrieve an SSH certificate
   sshgetconfig  tpp                  To get the SSH CA public key and default principals

Using: vcp|tpp|firefly|oidc -> no VAAS mention.

ENVIRONMENT DETAILS

vcert version v5.7.1

COMMENTS/WORKAROUNDS

Note this probably affects most commands.