Merge pull request #67857 from sbeskin-redhat/OADP_2872_add

mburke5678 · web-flow · commit f8a536a35ac7 · 2023-11-27T10:44:03.000-05:00
OADP-2872 additional
diff --git a/modules/oadp-gcp-wif-cloud-authentication.adoc b/modules/oadp-gcp-wif-cloud-authentication.adoc
@@ -8,7 +8,7 @@
 
 Applications running outside Google Cloud use service account keys, such as usernames and passwords, to gain access to Google Cloud resources. These service account keys might become a security risk if they are not properly managed.
 
-With Google's workload identity federation you can use Identity and Access Management (IAM) to offer external identities IAM roles, including the ability to impersonate service accounts. This eliminates the maintenance and security risks associated with service account keys.
+With Google's workload identity federation, you can use Identity and Access Management (IAM) to offer IAM roles, including the ability to impersonate service accounts, to external identities. This eliminates the maintenance and security risks associated with service account keys.
 
 Workload identity federation handles encrypting and decrypting certificates, extracting user attributes, and validation. Identity federation externalizes authentication, passing it over to Security Token Services (STS), and reduces the demands on individual developers. Authorization and controlling access to resources remain the responsibility of the application.
 
@@ -17,6 +17,11 @@ Workload identity federation handles encrypting and decrypting certificates, ext
 Google workload identity federation is available for OADP 1.3.x and later.
 ====
 
+[NOTE]
+====
+For backing up volumes, OADP on GCP with Google workload identity federation authentication supports only CSI snapshots.
+====
+
 If you do not use Google workload identity federation cloud authentication, continue to _Installing the Data Protection Application_.
 
 .Prerequisites
diff --git a/modules/oadp-installing-oadp-rosa-sts.adoc b/modules/oadp-installing-oadp-rosa-sts.adoc
@@ -11,7 +11,8 @@ AWS Security Token Service (AWS STS) is a global web service that provides short
 
 [IMPORTANT]
 ====
-Restic and Kopia are not supported in the OADP on ROSA with AWS STS environment. Make sure that the Restic/Kopia node agent is disabled. Use native snapshots or CSI snapshots to back up volumes. See _Known Issues_ for more information.
+Restic and Kopia are not supported in the OADP on ROSA with AWS STS environment. Make sure that the Restic/Kopia node agent is disabled.
+For backing up volumes, OADP on ROSA with AWS STS supports only native snapshots and CSI snapshots. See _Known Issues_ for more information.
 ====
 
 [IMPORTANT]
@@ -55,7 +56,7 @@ $ oc create namespace openshift-adp
 $ oc -n openshift-adp create secret generic cloud-credentials \
   --from-file=${SCRATCH}/credentials
 ----
-
++
 [NOTE]
 ====
 In {product-title} versions 4.14 and later, the OADP Operator supports a new standardized STS workflow through the Operator Lifecycle Manager (OLM)
