From af679c6575298c3bc1668fe32ee8859b5414f81c Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio Date: Wed, 10 Apr 2024 14:47:01 -0700 Subject: [PATCH 1/5] add admin and security video links --- content/admin/company/new-company.md | 4 ++++ content/admin/company/organizations.md | 5 +++++ content/admin/organization/manage-a-team.md | 11 +++-------- content/admin/organization/orgs.md | 10 ++-------- content/security/for-admins/group-mapping.md | 9 ++++++++- .../security/for-admins/image-access-management.md | 4 ++++ .../for-admins/registry-access-management.md | 4 ++++ content/security/for-admins/scim.md | 11 ++++++++++- .../for-admins/single-sign-on/configure/_index.md | 7 +++++++ .../single-sign-on/configure/configure-idp.md | 12 +++++++----- .../for-admins/single-sign-on/connect/_index.md | 8 ++++++++ 11 files changed, 62 insertions(+), 23 deletions(-) diff --git a/content/admin/company/new-company.md b/content/admin/company/new-company.md index de63e3f78c99..d4c19db7a1ea 100644 --- a/content/admin/company/new-company.md +++ b/content/admin/company/new-company.md @@ -61,3 +61,7 @@ For more information on how you can add organizations to your company, see [Add - [Manage organizations](./organizations.md) - [Manage company users](./users.md) - [Manage company owners](./owners.md) + +## More resources + +- [Video demo: Create a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=359) diff --git a/content/admin/company/organizations.md b/content/admin/company/organizations.md index a5b4901483dd..63d7733b6b3f 100644 --- a/content/admin/company/organizations.md +++ b/content/admin/company/organizations.md @@ -85,3 +85,8 @@ For more details about managing an organization, see [Organization administratio {{< /tab >}} {{< /tabs >}} + +## More resources + +- [Video demo: Managing a company and nested organizations](https://youtu.be/XZ5_i6qiKho?feature=shared&t=229) +- [Video demo: Adding nested organizations to a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=454) diff --git a/content/admin/organization/manage-a-team.md b/content/admin/organization/manage-a-team.md index 94714f417a4c..49d21c11f3e7 100644 --- a/content/admin/organization/manage-a-team.md +++ b/content/admin/organization/manage-a-team.md @@ -96,12 +96,7 @@ To view a team's permissions across all repositories: 1. Open **Organizations** > **_Your Organization_** > **Teams** > **_Team Name_**. 2. Select the **Permissions** tab, where you can view the repositories this team can access. -## Videos +## More resources -You can also check out the following videos for information about creating Teams -and Organizations in Docker Hub. - -- [Overview of organizations](https://www.youtube-nocookie.com/embed/G7lvSnAqed8) -- [Create an organization](https://www.youtube-nocookie.com/embed/b0TKcIqa9Po) -- [Working with Teams](https://www.youtube-nocookie.com/embed/MROKmtmWCVI) -- [Create Teams](https://www.youtube-nocookie.com/embed/78wbbBoasIc) \ No newline at end of file +- [Video: Docker teams](https://youtu.be/WKlT1O-4Du8?feature=shared&t=348) +- [Video demo: Roles, teams, and repositories](https://youtu.be/WKlT1O-4Du8?feature=shared&t=435) diff --git a/content/admin/organization/orgs.md b/content/admin/organization/orgs.md index 3f064196778d..8b7dce43706a 100644 --- a/content/admin/organization/orgs.md +++ b/content/admin/organization/orgs.md @@ -104,12 +104,6 @@ configure your organization. - **Billing**: Displays information about your existing [Docker subscription (plan)](../../subscription/_index.md), including the number of seats and next payment due date. For how to access the billing history and payment methods for your organization, see [View billing history](../../billing/core-billing/history.md). -## Videos +## More resources -You can also check out the following videos for information about creating Teams -and Organizations in Docker Hub. - -- [Overview of organizations](https://www.youtube-nocookie.com/embed/G7lvSnAqed8) -- [Create an organization](https://www.youtube-nocookie.com/embed/b0TKcIqa9Po) -- [Working with Teams](https://www.youtube-nocookie.com/embed/MROKmtmWCVI) -- [Create Teams](https://www.youtube-nocookie.com/embed/78wbbBoasIc) \ No newline at end of file +- [Video: Docker Hub Organizations](https://www.youtube.com/watch?v=WKlT1O-4Du8) diff --git a/content/security/for-admins/group-mapping.md b/content/security/for-admins/group-mapping.md index 6dce0c848d55..7f269c4c8bf5 100644 --- a/content/security/for-admins/group-mapping.md +++ b/content/security/for-admins/group-mapping.md @@ -99,4 +99,11 @@ Once complete, a user who signs in to Docker through SSO is automatically added > **Tip** > > [Enable SCIM](scim.md) to take advantage of automatic user provisioning and de-provisioning. If you don't enable SCIM users are only automatically provisioned. You have to de-provision them manually. -{ .tip } \ No newline at end of file +{ .tip } + +## More resources + +The following videos demonstrate how to use group mapping with your IdP. + +- [Video: Group mapping with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=3023) +- [Video: Attribute and group mapping with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=2039) diff --git a/content/security/for-admins/image-access-management.md b/content/security/for-admins/image-access-management.md index 41a3cfbcb94c..42e595e58173 100644 --- a/content/security/for-admins/image-access-management.md +++ b/content/security/for-admins/image-access-management.md @@ -36,3 +36,7 @@ You need to [configure a registry.json to enforce sign-in](configure-sign-in.md) {{< /tab >}} {{< /tabs >}} + +## More resources + +- [Video: Hardened Desktop Image Access Management](https://www.youtube.com/watch?v=r3QRKHA1A5U) diff --git a/content/security/for-admins/registry-access-management.md b/content/security/for-admins/registry-access-management.md index f7d4a0b3b6a8..4d3a39ea6052 100644 --- a/content/security/for-admins/registry-access-management.md +++ b/content/security/for-admins/registry-access-management.md @@ -63,3 +63,7 @@ There are certain limitations when using Registry Access Management: - Under the WSL 2 network, traffic from all Linux distributions is restricted (this will be resolved in the updated 5.15 series Linux kernel) Also, Registry Access Management operates on the level of hosts, not IP addresses. Developers can bypass this restriction within their domain resolution, for example by running Docker against a local proxy or modifying their operating system's `sts` file. Blocking these forms of manipulation is outside the remit of Docker Desktop. + +## More resources + +- [Video: Hardened Desktop Registry Access Management](https://www.youtube.com/watch?v=oA1WQZWnTAk) diff --git a/content/security/for-admins/scim.md b/content/security/for-admins/scim.md index e507acfdb249..6338d7fb3936 100644 --- a/content/security/for-admins/scim.md +++ b/content/security/for-admins/scim.md @@ -253,4 +253,13 @@ If SCIM is disabled, any user provisioned through SCIM will remain in the organi {{% admin-scim-disable product="admin" %}} {{< /tab >}} -{{< /tabs >}} \ No newline at end of file +{{< /tabs >}} + +## More resources + +The following videos demonstrate how to configure SCIM for your IdP. + +- [Video: Configure SCIM with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=1314) +- [Video: Attribute mapping with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=1998) +- [Video: Configure SCIM with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=1668) +- [Video: Attribute and group mapping with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=2039) diff --git a/content/security/for-admins/single-sign-on/configure/_index.md b/content/security/for-admins/single-sign-on/configure/_index.md index b7d44aae1b71..75aebbe5d879 100644 --- a/content/security/for-admins/single-sign-on/configure/_index.md +++ b/content/security/for-admins/single-sign-on/configure/_index.md @@ -56,6 +56,13 @@ This page walks through steps 1 and 2 using Docker Hub or the Admin Console. {{< /tab >}} {{< /tabs >}} +## More resources + +The following videos walk through verifying your domain to create your SSO connection in Docker. + +- [Video: Verify your domain for SSO with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=529) +- [Video: Verify your domain for SSO with Azure AD OIDC](https://youtu.be/bGquA8qR9jU?feature=shared&t=496) + ## What's next? [Continue configuration in your IdP](./configure-idp.md). diff --git a/content/security/for-admins/single-sign-on/configure/configure-idp.md b/content/security/for-admins/single-sign-on/configure/configure-idp.md index a8310911827f..26ececd17184 100644 --- a/content/security/for-admins/single-sign-on/configure/configure-idp.md +++ b/content/security/for-admins/single-sign-on/configure/configure-idp.md @@ -165,12 +165,14 @@ In the Docker console, paste the following values obtained in the previous steps {{< /tab >}} {{< /tabs >}} -## What's next? +## More resources -[Complete your connection](../connect/_index.md) in the Docker console, then test your connection. +The following videos demonstrate how to configure your IdP with your Docker SSO connection. -## More resources +- [Video: SSO connection with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=633) +- [Video: SSO connection with Azure Connect (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=630) +- [Video: SSO connection with Entra ID (Azure) SAML](https://youtu.be/bGquA8qR9jU?feature=shared&t=1246) -The following video provides an overview of configuring SSO with SAML in Entra ID (formerly Azure AD). +## What's next? - +[Complete your connection](../connect/_index.md) in the Docker console, then test your connection. diff --git a/content/security/for-admins/single-sign-on/connect/_index.md b/content/security/for-admins/single-sign-on/connect/_index.md index 9f55da196156..8f0b66d06d47 100644 --- a/content/security/for-admins/single-sign-on/connect/_index.md +++ b/content/security/for-admins/single-sign-on/connect/_index.md @@ -44,6 +44,14 @@ Make sure you have completed the following before you begin: {{< /tab >}} {{< /tabs >}} +## More resources + +The following videos demonstrate how to enforce SSO. + +- [Video: Enforce SSO with Okta SAML](https://youtu.be/c56YECO4YP4?feature=shared&t=1072) +- [Video: Enforce SSO with Azure AD (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=1087) + + ## What's next Learn how you can [manage your SSO connection](../manage/_index.md), domain, and users for your organization or company. From 5228d90c2ad4b3e2d7890b67c1e365178839d13d Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio Date: Wed, 10 Apr 2024 15:00:18 -0700 Subject: [PATCH 2/5] update spelling --- content/security/for-admins/single-sign-on/configure/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/security/for-admins/single-sign-on/configure/_index.md b/content/security/for-admins/single-sign-on/configure/_index.md index 75aebbe5d879..e4550ede9024 100644 --- a/content/security/for-admins/single-sign-on/configure/_index.md +++ b/content/security/for-admins/single-sign-on/configure/_index.md @@ -61,7 +61,7 @@ This page walks through steps 1 and 2 using Docker Hub or the Admin Console. The following videos walk through verifying your domain to create your SSO connection in Docker. - [Video: Verify your domain for SSO with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=529) -- [Video: Verify your domain for SSO with Azure AD OIDC](https://youtu.be/bGquA8qR9jU?feature=shared&t=496) +- [Video: Verify your domain for SSO with Azure AD (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=496) ## What's next? From ecb60b8d9a73e77e1c7bcc7cc590c35eba2f0616 Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio Date: Thu, 11 Apr 2024 14:22:52 -0700 Subject: [PATCH 3/5] add desktop links --- .../hardened-desktop/enhanced-container-isolation/_index.md | 4 ++++ .../desktop/hardened-desktop/settings-management/_index.md | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md b/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md index d9767f00ed98..94b7fb80f424 100644 --- a/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md +++ b/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md @@ -174,3 +174,7 @@ sysbox-runc ``` Without Enhanced Container Isolation, `docker inspect` outputs `runc`, which is the standard OCI runtime. + +## More resources + +- [Video: Enhanced Container Isolation](https://www.youtube.com/watch?v=oA1WQZWnTAk) diff --git a/content/desktop/hardened-desktop/settings-management/_index.md b/content/desktop/hardened-desktop/settings-management/_index.md index 4c668926eb5a..c37fd626777c 100644 --- a/content/desktop/hardened-desktop/settings-management/_index.md +++ b/content/desktop/hardened-desktop/settings-management/_index.md @@ -65,3 +65,7 @@ Docker doesn't automatically mandate that developers re-launch and re-authentica Any settings that are enforced, are grayed out in Docker Desktop and the user is unable to edit them, either via the Docker Desktop UI, CLI, or the `settings.json` file. In addition, if Enhanced Container Isolation is enforced, developers can't use privileged containers or similar techniques to modify enforced settings within the Docker Desktop Linux VM, for example, reconfigure proxy and networking of reconfigure Docker Engine. ![Proxy settings grayed out](/assets/images/grayed-setting.png) + +## More resources + +- [Video: Settings Managmeent](https://www.youtube.com/watch?v=I9oJOJ1P9PQ) From 26b9cc6ba70569159c39d6479b3663209e20b91c Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio Date: Thu, 11 Apr 2024 14:42:53 -0700 Subject: [PATCH 4/5] update idp links --- .../for-admins/single-sign-on/configure/configure-idp.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/content/security/for-admins/single-sign-on/configure/configure-idp.md b/content/security/for-admins/single-sign-on/configure/configure-idp.md index 26ececd17184..e5dff9732433 100644 --- a/content/security/for-admins/single-sign-on/configure/configure-idp.md +++ b/content/security/for-admins/single-sign-on/configure/configure-idp.md @@ -69,6 +69,8 @@ The user interface for your IdP may differ slightly from the following steps. Yo {{< tabs >}} {{< tab name="Okta" >}} +See [More resources](#more-resources) for a video overview on how to set up SSO with SAML in Okta. + 1. Go to the Okta admin portal. 2. Go to **Applications > Applications > Create App Integration**. 3. Select **SAML 2.0**, then select **Next**. @@ -89,7 +91,7 @@ The user interface for your IdP may differ slightly from the following steps. Yo 7. Select **I'm an Okta customer adding an internal app**. 8. Select **Finish**. 9. After you create the app, go to your app and select **View SAML setup instructions**. -10. Here you can find the **SAML Sign-in URL** and the **x509 Certificate**. Open the certificate file in a text editor and paste the contents of the file in the **x509 Certificate** field in Docker Hub or Admin Console. Then, paste the value of the **SAML Sign-in URL** and paste it into the corresponding field in Docker Hub or Admin Console. +10. Here you can find the **SAML Sign-in URL** and the **x509 Certificate**. Open the certificate file in a text editor and paste the contents of the file in the **x509 Certificate** field in Docker Hub or Admin Console. Then, copy the value of the **SAML Sign-in URL** and paste it into the corresponding field in Docker Hub or Admin Console. {{< /tab >}} {{< tab name="Entra ID SAML 2.0" >}} @@ -119,6 +121,8 @@ See [More resources](#more-resources) for a video overview on how to set up SSO {{< /tab >}} {{< tab name="Azure Connect (OIDC)" >}} +See [More resources](#more-resources) for a video overview on how to set up SSO with Azure Connect (OIDC). + ### Create app registration 1. Go to Azure AD admin portal. From c215a0d3da8fe9c45307ab4ffa5b39427f34d1fe Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio Date: Mon, 15 Apr 2024 09:20:05 -0700 Subject: [PATCH 5/5] update link names --- content/admin/company/new-company.md | 2 +- content/admin/company/organizations.md | 4 ++-- content/admin/organization/manage-a-team.md | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/content/admin/company/new-company.md b/content/admin/company/new-company.md index d4c19db7a1ea..64be3547fd91 100644 --- a/content/admin/company/new-company.md +++ b/content/admin/company/new-company.md @@ -64,4 +64,4 @@ For more information on how you can add organizations to your company, see [Add ## More resources -- [Video demo: Create a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=359) +- [Video: Create a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=359) diff --git a/content/admin/company/organizations.md b/content/admin/company/organizations.md index 63d7733b6b3f..209daafca497 100644 --- a/content/admin/company/organizations.md +++ b/content/admin/company/organizations.md @@ -88,5 +88,5 @@ For more details about managing an organization, see [Organization administratio ## More resources -- [Video demo: Managing a company and nested organizations](https://youtu.be/XZ5_i6qiKho?feature=shared&t=229) -- [Video demo: Adding nested organizations to a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=454) +- [Video: Managing a company and nested organizations](https://youtu.be/XZ5_i6qiKho?feature=shared&t=229) +- [Video: Adding nested organizations to a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=454) diff --git a/content/admin/organization/manage-a-team.md b/content/admin/organization/manage-a-team.md index 49d21c11f3e7..08271bd42355 100644 --- a/content/admin/organization/manage-a-team.md +++ b/content/admin/organization/manage-a-team.md @@ -99,4 +99,4 @@ To view a team's permissions across all repositories: ## More resources - [Video: Docker teams](https://youtu.be/WKlT1O-4Du8?feature=shared&t=348) -- [Video demo: Roles, teams, and repositories](https://youtu.be/WKlT1O-4Du8?feature=shared&t=435) +- [Video: Roles, teams, and repositories](https://youtu.be/WKlT1O-4Du8?feature=shared&t=435)