Deployments: Fix OIDC Setup Instructions #15085
Description
We have OIDC setup pages in the Pulumi Cloud docs:
- https://www.pulumi.com/docs/pulumi-cloud/access-management/oidc/provider/aws/
- https://www.pulumi.com/docs/pulumi-cloud/access-management/oidc/provider/azure/
- https://www.pulumi.com/docs/pulumi-cloud/access-management/oidc/provider/gcp/
These pages are attempting to serve two purposes in a single page: configuring OIDC for both Deployments and ESC.
We already have pages that cover OIDC setup end-to-end specifically for ESC:
- https://www.pulumi.com/docs/esc/environments/configuring-oidc/aws/
- https://www.pulumi.com/docs/esc/environments/configuring-oidc/azure/
- https://www.pulumi.com/docs/esc/environments/configuring-oidc/gcp/
In order to fix this issue, we should:
- Move the "Open ID provider" page and its children under "Deployments" in the navigation, add the appropriate aliases, and re-title the main page to "OIDC Setup" since that's what it's called in the Deployments settings UI (OIDC). (This needs to be a git mv operation in order to preserve document history and make the diff easier to review).
- In the main OIDC setup page, clearly explain that this page is describing how a deployment can get the necessary cloud credentials in order to manage resources. If the reader is looking for what permissions a deployment has within Pulumi Cloud itself, they should go to https://www.pulumi.com/docs/pulumi-cloud/deployments/reference/#deployment-permissions instead.
- Remove the content from "OIDC Setup" and each of its children each cloud setup page that pertains to ESC.
- Add a note shortcode of type "info" with identical text on each page that states that ESC should be the preferred approach over the Deployments OIDC integrations since it's more portable and easier to set up.
- Remove the section on automation from each cloud's setup page because the code it links to is out of date.