DataDog · janine-c · Oct 7, 2025 · Oct 7, 2025
@@ -13,7 +13,7 @@ further_reading:
       text: "Best practices for managing Datadog organizations at scale"
 ---
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">The Datadog for Government platform supports only SAML or basic authentication using a username/email and password. Before configuring SAML authentication, ensure that at least one username/email and password account is established to maintain access during the setup process. Datadog recommends enabling multi-factor authentication (MFA) for password-based accounts.
+<div class="alert alert-danger">The Datadog for Government platform supports only SAML or basic authentication using a username/email and password. Before configuring SAML authentication, ensure that at least one username/email and password account is established to maintain access during the setup process. Datadog recommends enabling multi-factor authentication (MFA) for password-based accounts.
 
 If you need SAML enabled for a trial account, contact <a href="https://docs.datadoghq.com/getting_started/support/">Datadog Support</a>.</div>
 
@@ -40,7 +40,7 @@ You can manage your timezone, visual accessibility preference, and email subscri
 
 Under email subscriptions, you have access to the following reports:
 {{< site-region region="us3,us5,gov,ap1,ap2" >}}
-<div class="alert alert-warning">Email digests are not available in the selected site ({{< region-param key="dd_site_name" >}}).</div>
+<div class="alert alert-danger">Email digests are not available in the selected site ({{< region-param key="dd_site_name" >}}).</div>
 {{< /site-region >}}
 
 * Daily Digest

@@ -85,7 +85,7 @@ To add a Datadog application key, navigate to [**Organization Settings** > **App
 {{< img src="account_management/app-key.png" alt="Navigate to the Application Keys page for your organization in Datadog" style="width:80%;" >}}
 
 {{< site-region region="ap2,gov" >}}
-<div class="alert alert-warning">Make sure to securely store your application key immediately after creation, as the key secret cannot be retrieved later.</div>
+<div class="alert alert-danger">Make sure to securely store your application key immediately after creation, as the key secret cannot be retrieved later.</div>
 {{< /site-region >}}
 
 **Notes:**

@@ -157,7 +157,7 @@ The Inspect Changes (Diff) tab in the audit event details panel compares the con
 
 ## Filter audit events based on Reference Tables
 
-<div class="alert alert-warning">Reference Tables containing over 1,000,000 rows cannot be used to filter events. See <a href="https://docs.datadoghq.com/integrations/guide/reference-tables/">Add Custom Metadata with Reference Tables</a> for more information on how to create and manage Reference Tables. </div>
+<div class="alert alert-danger">Reference Tables containing over 1,000,000 rows cannot be used to filter events. See <a href="https://docs.datadoghq.com/integrations/guide/reference-tables/">Add Custom Metadata with Reference Tables</a> for more information on how to create and manage Reference Tables. </div>
 
 Reference Tables allow you to combine metadata with audit events, providing more information to investigate Datadog user behavior. Add a query filter based on a Reference Table to perform lookup queries. For more information on activating and managing this feature, see the [Reference Tables][2] guide.
 

@@ -9,13 +9,13 @@ further_reading:
 ---
 
 {{% site-region region="gov" %}}
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 Audit Event Forwarding is not available in the US1-FED site.
 </div>
 {{% /site-region %}}
 
 {{% site-region region="us,us3,us5,eu,ap1,ap2" %}}
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 Audit Event Forwarding is in Preview.
 </div>
 {{% /site-region %}}

@@ -543,7 +543,7 @@ curl -X GET \
 
 ### Enable or disable all mappings
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 When mappings are enabled, all users logging in with SAML are stripped of their roles and reassigned roles based on the values in their SAML assertion. It's important to confirm you are receiving the expected SAML assertions in your login before enabling the mapping enforcement.
 </div>
 

@@ -13,7 +13,7 @@ algolia:
 
 ## Overview
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 Usage Attribution is an advanced feature included in the Enterprise plan. For all other plans, contact your account representative or <a href="mailto:[email protected]">[email protected]</a> to request this feature.
 </div>
 

@@ -27,7 +27,7 @@ To grant an account access to delete data, perform the following steps:
 
 ### Start deletions
 
-<div class="alert alert-danger">Deleted data can never be recovered, and deletions cannot be undone.</div>
+<div class="alert alert-warning">Deleted data can never be recovered, and deletions cannot be undone.</div>
 
 <div class="alert alert-info"><strong>For Logs</strong>: Deletions cannot be scoped to a specific index, and deletions occur across Index, Flex Indexes, and Online Archives.
 </div>

@@ -2,7 +2,7 @@
 title: Estimate and Control APM Usage
 ---
 
-<div class="alert alert-danger">
+<div class="alert alert-warning">
 This page describes deprecated features with configuration information relevant to legacy App Analytics, useful for troubleshooting or modifying some old setups. To have full control over your traces, use <a href="/tracing/trace_ingestion">ingestion controls</a> and <a href="/tracing/trace_retention">retention filters</a> instead.
 <br>
 </div>

@@ -74,7 +74,7 @@ To create a new application key, follow the steps below:
 The dialog box refreshes, showing you the key. Copy and paste the key into your desired location. After you close the dialog box, you cannot retrieve the value of the key.
 
 {{< site-region region="ap2,gov" >}}
-<div class="alert alert-warning">Service account application keys are one-time read only. Make sure to securely store your application key immediately after creation, as the key secret cannot be retrieved later.</div>
+<div class="alert alert-danger">Service account application keys are one-time read only. Make sure to securely store your application key immediately after creation, as the key secret cannot be retrieved later.</div>
 {{< /site-region >}}
 
 To revoke an application key, find the key in the service account detailed view side panel and hover over it. Pencil and trash can icons appear on the right. Click the trash can to revoke the key. After the key is revoked, click **Confirm**.

@@ -72,7 +72,7 @@ To query estimated cost data through the API, see [Get estimated cost across you
 
 ### Cost Summary (sub-organization)
 
-<div class="alert alert-warning">This feature is in limited availability. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
+<div class="alert alert-danger">This feature is in limited availability. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
 
 As a sub-organization, you can view the costs for your organization only. This restriction allows for more distributed ownership and removes the need to grant broader Admin permissions to the parent organization.
 

@@ -89,7 +89,7 @@ Time selection contains options to view usage graphs at daily, weekly, monthly o
 
 ## Billable on-demand pills and committed lines
 
-<div class="alert alert-warning">This feature is in beta. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
+<div class="alert alert-danger">This feature is in beta. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
 
 Purple on-demand pills highlight the portion of billable usage that is on-demand usage. Blue committed and allotted pills highlight the portion of your usage that is covered by commitments and <a href="https://www.datadoghq.com/pricing/allotments/">allotments</a> from parent products. The dashed `Committed` line shows commitments per product, without any allotments (such as Custom Metrics or Containers).
 
@@ -139,7 +139,7 @@ This data can be downloaded as a CSV file.
 
 ## First-time usage notifications
 
-<div class="alert alert-warning">This feature is in beta. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
+<div class="alert alert-danger">This feature is in beta. To request access and confirm your organization meets the feature criteria, contact your account representative or <a href="https://docs.datadoghq.com/help/">Customer Support</a>.</div>
 
 The first-time usage notifications feature sends email notifications when there is first-time billable usage for a new product not included in your current contract. Emails are sent approximately 48 hours after the usage first occurs during a given month.
 

@@ -11,7 +11,7 @@ algolia:
   tags: ['saml']
 ---
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">The Datadog for Government site only supports SAML login.</div>
+<div class="alert alert-danger">The Datadog for Government site only supports SAML login.</div>
 {{< /site-region >}}
 
 ## Overview
@@ -134,7 +134,7 @@ Some organizations might not want to invite all of their users to Datadog. If yo
 
 Administrators can set the default role for new JIT users. The default role is **Standard**, but you can choose to add new JIT users as **Read-Only**, **Administrators**, or any custom role.
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
   <strong>Important:</strong> If Role Mapping is enabled, it takes priority over the roles set during JIT provisioning. Without the proper Group Attribute statements, users might end up without roles and lose access to Datadog. To prevent users from being locked out after JIT provisioning, make sure to review your mapping definitions and check your assertions before enabling both Mappings and JIT.
 </div>
 

@@ -39,7 +39,7 @@ It's important to understand what is sent in an assertion before turning on mapp
 
 When a user logs in who has the specified identity provider attribute, they are automatically assigned the Datadog role. Likewise, if someone has that identity provider attribute removed, they lose access to the role (unless another mapping adds it).
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
   <strong>Important:</strong> If a user does <i>not</i> match any mapping, they lose any roles they had previously and are prevented from logging into the org with SAML. This includes roles that may be set with Just-In-Time provisioning. Double-check your mapping definitions and inspect your own assertions before enabling Mappings to prevent any scenarios where your users are unable to login.
 </div>
 

@@ -11,7 +11,7 @@ further_reading:
 ---
 
 {{% site-region region="gov" %}}
-<div class="alert alert-warning">
+<div class="alert alert-danger">
     In the {{< region-param key="dd_site_name" >}} site, you must manually configure the Datadog application in Okta using the <a href="/account_management/faq/okta/">legacy instructions</a>. Ignore the instructions on this page about the preconfigured Datadog application in the Okta application catalog.
 </div>
 {{% /site-region %}}

@@ -11,7 +11,7 @@ algolia:
 SCIM is available with the Infrastructure Pro and Infrastructure Enterprise plans.
 </div>
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
   Due to a Microsoft freeze on third-party app updates in Entra following a security incident in late 2024, Team provisioning via SCIM is unavailable. To create Teams in Datadog, use one of the supported alternatives: 
   <a href="https://docs.datadoghq.com/account_management/saml/mapping/" target="_blank">SAML mapping</a>, 
   <a href="https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/team" target="_blank">Terraform</a>, 

@@ -18,7 +18,7 @@ further_reading:
   text: "Manage your users with the USER API"
 ---
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">The Datadog for Government site only supports SAML login.</div>
+<div class="alert alert-danger">The Datadog for Government site only supports SAML login.</div>
 {{< /site-region >}}
 
 Datadog's **User** tab in **Organization Settings** allows you to manage your users and their associated roles. Switch between list and grid views by clicking **List View** or **Grid View** on the right.

diff --git a/content/en/actions/connections/_index.md b/content/en/actions/connections/_index.md
@@ -176,7 +176,7 @@ To use a connection group:
 
 **Note**: You can only use connections within a group if you have [Resolver permission][12] for those connections. If a workflow or app tries to use a connection you don't have Resolver permission for, it fails with a `403 Forbidden` error. To fix this issue, you can:
 - Configure the workflow or app so that it can't point to a connection that doesn't have a Resolver permission.
-- Remove the connection that doesn't have a Resolver permission from the connection group. <div class="alert alert-warning">If you are using a connection group for multiple workflows or multiple apps, removing a connection that another workflow relies on causes that workflow to fail.</div>
+- Remove the connection that doesn't have a Resolver permission from the connection group. <div class="alert alert-danger">If you are using a connection group for multiple workflows or multiple apps, removing a connection that another workflow relies on causes that workflow to fail.</div>
 
 ### Update a connection group
 
@@ -192,7 +192,7 @@ To delete a connection group:
 1. Hover over the group you want to delete and click the **delete (trash can)** icon.
 1. Click **Delete**.
 
-<div class="alert alert-danger">Deleting a connection group impacts any workflows and apps that are using that group.</div>
+<div class="alert alert-warning">Deleting a connection group impacts any workflows and apps that are using that group.</div>
 
 ## Further reading
 

@@ -8,7 +8,7 @@ further_reading:
 ---
 
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">Datastores are not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
+<div class="alert alert-danger">Datastores are not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
 {{< /site-region >}}
 
 ## Required Datadog role permissions

@@ -15,7 +15,7 @@ further_reading:
 ---
 
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">App Builder is not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
+<div class="alert alert-danger">App Builder is not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
 {{< /site-region >}}
 
 You can create and manage datastores from the [Datastore page][1].

@@ -15,7 +15,7 @@ further_reading:
 ---
 
 {{< site-region region="gov" >}}
-<div class="alert alert-warning">App Builder is not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
+<div class="alert alert-danger">App Builder is not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}).</div>
 {{< /site-region >}}
 
 You can reference and perform CRUD (Create, Read, Update, and Delete) operations on a datastore inside a workflow or an app. Additionally, you can create a workflow or app directly from an existing datastore.

@@ -31,7 +31,7 @@ further_reading:
 
 Private actions allow your Datadog workflows and apps to interact with services hosted on your private network without exposing them to the public internet. To use private actions, you must install a private action runner on a host in your network using Docker or [Kubernetes][1] and pair the runner with a [connection][2].
 
-<div class="alert alert-warning">To install a private action runner, your organization must have <a href="/remote_configuration">Remote Configuration</a> enabled.</div>
+<div class="alert alert-danger">To install a private action runner, your organization must have <a href="/remote_configuration">Remote Configuration</a> enabled.</div>
 
 When you first start the runner, it generates a private key for authentication with Datadog's servers. This private key is never accessible by Datadog and ensures you exclusive access. Datadog uses a public key derived from the private key as the means to authenticate specific runners.
 

@@ -7,7 +7,7 @@ disable_toc: false
 
 This page explains how to use the private action runner (PAR), which allows you to run custom scripts and Linux binaries within your Datadog workflows and apps. Unlike standard private actions that call specific APIs or services, the script action gives you the flexibility to execute arbitrary commands, shell scripts, and command-line tools directly from the private action runner in your private network.
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 <strong>Security Notice:</strong> The PAR script action runs within a containerized environment using a dedicated Linux user named <code>scriptuser</code> for enhanced security. Datadog enforces container sandboxing and only accepts signed tasks, but you decide which binaries and scripts are allowed. Always review every command you add to the script action allow-list, especially ones that take dynamic user input. Ensure that your actions are configured with the least privileged commands, and carefully review the permissions you share through connections. For more information, see <a href="/actions/connections/?tab=workflowautomation#connection-security-considerations">connection security considerations</a>.
 </div>
 

@@ -91,7 +91,7 @@ You can also filter the output by **Status** to see only `info`, `warn`, or `err
 
 ## Track workflow billing in Usage Attribution
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 Usage Attribution is an advanced feature included in the Enterprise plan. For all other plans, contact your account representative or <a href="mailto:[email protected]">[email protected]</a> to request this feature.
 </div>
 

@@ -14,7 +14,7 @@ algolia:
   tags: ['agent status command']
 ---
 
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 For Linux based systems where the <code>service</code> wrapper command is not available, <a href="/agent/faq/agent-v6-changes/?tab=linux#service-lifecycle-commands">consult the list of alternatives</a>.
 </div>
 

@@ -12,7 +12,7 @@ further_reading:
   text: "Send logs to external destinations with Observability Pipelines"
 ---
 
-<div class="alert alert-danger">
+<div class="alert alert-warning">
 Dual shipping can impact billing if you are sending data to multiple Datadog organizations. For more information about the impact of this configuration, contact <a href="/help/">Datadog Support</a>.
 </div>
 

@@ -54,7 +54,7 @@ The Datadog FIPS Agent does **not** support the following:
 [1]: /opentelemetry/setup/ddot_collector
 
 ## Compliance guidelines
-<div class="alert alert-warning">
+<div class="alert alert-danger">
 This is not an exhaustive list. These requirements are a baseline only. You are responsible for evaluating your environment and implementing any additional controls needed to achieve full FIPS compliance.
 </div>
 The following baseline controls apply to each platform. Your system may require additional controls: