Merge pull request #230333 from dlepow/wsrev

prmerger-automator[bot] · web-flow · commit e2169a7449a8 · 2023-03-13T16:59:47.000Z
[APIM] [Workspaces] Add'l review comments
diff --git a/articles/api-management/api-management-in-workspace.md b/articles/api-management/api-management-in-workspace.md
@@ -5,7 +5,7 @@ author: dlepow
 ms.topic: how-to
 ms.service: api-management
 ms.author: danlep
-ms.date: 02/22/2023
+ms.date: 03/10/2023
 ms.custom: 
 ---
 
@@ -16,13 +16,16 @@ This article is an introduction to managing APIs, products, subscriptions, and o
 [!INCLUDE [api-management-availability-premium-dev-standard](../../includes/api-management-availability-premium-dev-standard.md)]
 
 > [!NOTE]
-> Workspaces are supported in API Management REST API version 2022-09-01-preview or later.
+> * Workspaces are a preview feature of API Management and subject to certain [limitations](workspaces-overview.md#preview-limitations).
+> * This feature is being released during March and April 2023.
+> * Workspaces are supported in API Management REST API version 2022-09-01-preview or later.
+> * For pricing considerations, see [API Management pricing](https://azure.microsoft.com/pricing/details/api-management/).
 
 ## Prerequisites
 
 * An API Management instance. If needed, ask an administrator to [create one](get-started-create-service-instance.md).
 * A workspace. If needed, ask an administrator of your API Management instance to [create one](how-to-create-workspace.md).
-* Permissions to collaborate in the workspace. If needed, ask a workspace administrator to assign you appropriate [roles](api-management-role-based-access-control.md#built-in-workspace-roles) in the workspace.
+* Permissions to collaborate in the workspace. If needed, ask a workspace owner to assign you appropriate [roles](api-management-role-based-access-control.md#built-in-workspace-roles) in the workspace.
 
 ## Go to the workspace - portal
 
diff --git a/articles/api-management/api-management-role-based-access-control.md b/articles/api-management/api-management-role-based-access-control.md
@@ -49,8 +49,8 @@ A workspace collaborator must be assigned both a workspace-scoped role and a ser
 |API Management Workspace Reader     | workspace        | Has read-only access to entities in the workspace.         |
 |API Management Workspace API Developer      |   workspace      |   Has read access to entities in the workspace and read and write access to APIs, policies, schemas, products, policy fragments, named values, and tags.  |
 |API Management Workspace API Product Manager     |  workspace       |   Has read access to entities in the workspace and read and write access to products, subscriptions, groups, and email notifications recipients.  |
-| API Management Service Workspace Member    | service    |   Has read access to tags and products and write access to allow:<br/><br/> ▪️ Assigning APIs to products<br/> ▪️ Assigning tags to products and APIs |
-|  API Management Service Workspace API Product Manager  | service    | Has the same access as API Management Service Workspace Member as well as read access to users and write access to allow assigning users to groups.  |
+| API Management Workspace API Developer    | service    |   Has read access to tags and products and write access to allow:<br/><br/> ▪️ Assigning APIs to products<br/> ▪️ Assigning tags to products and APIs |
+|  API Management Service Workspace API Product Manager  | service    | Has the same access as API Management Workspace API Developer as well as read access to users and write access to allow assigning users to groups.  |
 
  
 ## Custom roles
diff --git a/articles/api-management/how-to-create-workspace.md b/articles/api-management/how-to-create-workspace.md
@@ -16,7 +16,10 @@ Set up a [workspace](workspaces-overview.md) (preview) to enable a decentralized
 [!INCLUDE [api-management-availability-premium-dev-standard](../../includes/api-management-availability-premium-dev-standard.md)]
 
 > [!NOTE]
-> Workspaces are supported in API Management REST API version 2022-09-01-preview or later.
+> * Workspaces are a preview feature of API Management and subject to certain [limitations](workspaces-overview.md#preview-limitations).
+> * This feature is being released during March and April 2023.
+> * Workspaces are supported in API Management REST API version 2022-09-01-preview or later.
+> * For pricing considerations, see [API Management pricing](https://azure.microsoft.com/pricing/details/api-management/).
 
 ## Prerequisites
 
@@ -38,7 +41,7 @@ The new workspace appears in the list on the **Workspaces** page. Select the wor
 
 After creating a workspace, assign permissions to users to manage the workspace's resources. Each workspace user must be assigned a workspace-specific RBAC role at the service level and at the workspace level, or granted equivalent permissions using custom roles.
 
-At minimum, assign an *administrator* of the workspace. Optionally, assign permissions to other workspace collaborators.
+At minimum, assign an *owner* of the workspace. Optionally, assign permissions to other workspace collaborators.
 
 * For a list of built-in workspace roles, see [How to use role-based access control in API Management](api-management-role-based-access-control.md).
 * For steps to assign a role, see [Assign Azure roles using the portal](../role-based-access-control/role-assignments-portal.md?tabs=current).
@@ -50,23 +53,23 @@ At minimum, assign an *administrator* of the workspace. Optionally, assign permi
 
 1. In the left menu, select **Access control (IAM)** > **+ Add**.
 
-1. Assign the administrator the following role:
+1. Assign the owner the following role:
     * **API Management Service Workspace API Product Manager**
 
 1. Assign one of the following roles to other members of the workspace:
-    * **API Management Service Workspace Member**
+    * **API Management Workspace API Developer**
     * **API Management Service Workspace API Product Manager**
 
 ### Assign a workspace-level role
 
 1. In the menu for your API Management instance, select **Workspaces (preview)**  > the name of the workspace that you created.
 1. In the **Workspace** window, select **Access control (IAM)**> **+ Add**.
     
-1. Assign the administrator the following role:
+1. Assign the owner the following role:
 
     * **API Management Workspace Owner** 
 
-1. Optionally, assign one of the following workspace-level roles to other workspace members to manage workspace APIs and other resources. The administrator of the workspace can also assign workspace-level roles.
+1. Optionally, assign one of the following workspace-level roles to other workspace members to manage workspace APIs and other resources. The owner of the workspace can also assign workspace-level roles.
 
     * **API Management Workspace Reader**
     * **API Management Workspace Contributor**
diff --git a/articles/api-management/workspaces-overview.md b/articles/api-management/workspaces-overview.md
@@ -7,7 +7,7 @@ author: dlepow
  
 ms.service: api-management
 ms.topic: conceptual
-ms.date: 03/07/2023
+ms.date: 03/10/2023
 ms.author: danlep
 ms.custom: 
 ---
@@ -31,11 +31,11 @@ An organization that manages APIs using Azure API Management may have multiple d
 
 The following is a sample workflow for creating and using a workspace.
 
-1. A central API platform team that manages the API Management instance creates a workspace and assigns its administrators and workspace members.
+1. A central API platform team that manages the API Management instance creates a workspace and assigns its owners and workspace members.
 
 1. A central API platform team uses DevOps tools to create a DevOps pipeline for APIs in that workspace. 
 
-1. Workspace administrators assign permissions to workspace members using RBAC roles - for example, permissions to create or read resources in the workspace.
+1. Workspace owners assign permissions to workspace members using RBAC roles - for example, permissions to create or read resources in the workspace.
 
 1. Workspace members develop, publish, productize, and maintain APIs in the workspace. 
 
@@ -94,7 +94,7 @@ Workspace members must be assigned both a service-level role and a workspace-lev
     * API gateways, including scaling, locations, and self-hosted gateways
     
     
-* **Resource references** - Resources in a workspace can reference other resources in the workspace and, in certain cases, resources from the service level. They can't reference resources from another workspace. 
+* **Resource references** - Resources in a workspace can reference other resources in the workspace and the following resources from the service level: products, tags, and users. They can't reference resources from another workspace. 
 
     For security reasons, it's not possible to reference service-level resources from workspace-level policies (for example, named values) or by resource names, such as `backend-id` in the [set-backend-service](set-backend-service-policy.md) policy.
 
