From 680bcac85d5d2c31d6cb41cf649dcdde5ec41803 Mon Sep 17 00:00:00 2001 From: Stephanie Aurelio <133041642+stephaurelio@users.noreply.github.com> Date: Tue, 16 Apr 2024 08:58:49 -0700 Subject: [PATCH] Add admin video series links (#19779) * add admin and security video links * update spelling * add desktop links * update idp links * update link names --- content/admin/company/new-company.md | 4 ++++ content/admin/company/organizations.md | 5 +++++ content/admin/organization/manage-a-team.md | 11 +++------- content/admin/organization/orgs.md | 10 ++-------- .../enhanced-container-isolation/_index.md | 4 ++++ .../settings-management/_index.md | 4 ++++ content/security/for-admins/group-mapping.md | 9 ++++++++- .../for-admins/image-access-management.md | 4 ++++ .../for-admins/registry-access-management.md | 4 ++++ content/security/for-admins/scim.md | 11 +++++++++- .../single-sign-on/configure/_index.md | 7 +++++++ .../single-sign-on/configure/configure-idp.md | 20 ++++++++++++------- .../single-sign-on/connect/_index.md | 8 ++++++++ 13 files changed, 76 insertions(+), 25 deletions(-) diff --git a/content/admin/company/new-company.md b/content/admin/company/new-company.md index de63e3f78c..64be3547fd 100644 --- a/content/admin/company/new-company.md +++ b/content/admin/company/new-company.md @@ -61,3 +61,7 @@ For more information on how you can add organizations to your company, see [Add - [Manage organizations](./organizations.md) - [Manage company users](./users.md) - [Manage company owners](./owners.md) + +## More resources + +- [Video: Create a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=359) diff --git a/content/admin/company/organizations.md b/content/admin/company/organizations.md index a5b4901483..209daafca4 100644 --- a/content/admin/company/organizations.md +++ b/content/admin/company/organizations.md @@ -85,3 +85,8 @@ For more details about managing an organization, see [Organization administratio {{< /tab >}} {{< /tabs >}} + +## More resources + +- [Video: Managing a company and nested organizations](https://youtu.be/XZ5_i6qiKho?feature=shared&t=229) +- [Video: Adding nested organizations to a company](https://youtu.be/XZ5_i6qiKho?feature=shared&t=454) diff --git a/content/admin/organization/manage-a-team.md b/content/admin/organization/manage-a-team.md index 94714f417a..08271bd423 100644 --- a/content/admin/organization/manage-a-team.md +++ b/content/admin/organization/manage-a-team.md @@ -96,12 +96,7 @@ To view a team's permissions across all repositories: 1. Open **Organizations** > **_Your Organization_** > **Teams** > **_Team Name_**. 2. Select the **Permissions** tab, where you can view the repositories this team can access. -## Videos +## More resources -You can also check out the following videos for information about creating Teams -and Organizations in Docker Hub. - -- [Overview of organizations](https://www.youtube-nocookie.com/embed/G7lvSnAqed8) -- [Create an organization](https://www.youtube-nocookie.com/embed/b0TKcIqa9Po) -- [Working with Teams](https://www.youtube-nocookie.com/embed/MROKmtmWCVI) -- [Create Teams](https://www.youtube-nocookie.com/embed/78wbbBoasIc) \ No newline at end of file +- [Video: Docker teams](https://youtu.be/WKlT1O-4Du8?feature=shared&t=348) +- [Video: Roles, teams, and repositories](https://youtu.be/WKlT1O-4Du8?feature=shared&t=435) diff --git a/content/admin/organization/orgs.md b/content/admin/organization/orgs.md index 3f06419677..8b7dce4370 100644 --- a/content/admin/organization/orgs.md +++ b/content/admin/organization/orgs.md @@ -104,12 +104,6 @@ configure your organization. - **Billing**: Displays information about your existing [Docker subscription (plan)](../../subscription/_index.md), including the number of seats and next payment due date. For how to access the billing history and payment methods for your organization, see [View billing history](../../billing/core-billing/history.md). -## Videos +## More resources -You can also check out the following videos for information about creating Teams -and Organizations in Docker Hub. - -- [Overview of organizations](https://www.youtube-nocookie.com/embed/G7lvSnAqed8) -- [Create an organization](https://www.youtube-nocookie.com/embed/b0TKcIqa9Po) -- [Working with Teams](https://www.youtube-nocookie.com/embed/MROKmtmWCVI) -- [Create Teams](https://www.youtube-nocookie.com/embed/78wbbBoasIc) \ No newline at end of file +- [Video: Docker Hub Organizations](https://www.youtube.com/watch?v=WKlT1O-4Du8) diff --git a/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md b/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md index d9767f00ed..94b7fb80f4 100644 --- a/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md +++ b/content/desktop/hardened-desktop/enhanced-container-isolation/_index.md @@ -174,3 +174,7 @@ sysbox-runc ``` Without Enhanced Container Isolation, `docker inspect` outputs `runc`, which is the standard OCI runtime. + +## More resources + +- [Video: Enhanced Container Isolation](https://www.youtube.com/watch?v=oA1WQZWnTAk) diff --git a/content/desktop/hardened-desktop/settings-management/_index.md b/content/desktop/hardened-desktop/settings-management/_index.md index 4c668926eb..c37fd62677 100644 --- a/content/desktop/hardened-desktop/settings-management/_index.md +++ b/content/desktop/hardened-desktop/settings-management/_index.md @@ -65,3 +65,7 @@ Docker doesn't automatically mandate that developers re-launch and re-authentica Any settings that are enforced, are grayed out in Docker Desktop and the user is unable to edit them, either via the Docker Desktop UI, CLI, or the `settings.json` file. In addition, if Enhanced Container Isolation is enforced, developers can't use privileged containers or similar techniques to modify enforced settings within the Docker Desktop Linux VM, for example, reconfigure proxy and networking of reconfigure Docker Engine. ![Proxy settings grayed out](/assets/images/grayed-setting.png) + +## More resources + +- [Video: Settings Managmeent](https://www.youtube.com/watch?v=I9oJOJ1P9PQ) diff --git a/content/security/for-admins/group-mapping.md b/content/security/for-admins/group-mapping.md index 6dce0c848d..7f269c4c8b 100644 --- a/content/security/for-admins/group-mapping.md +++ b/content/security/for-admins/group-mapping.md @@ -99,4 +99,11 @@ Once complete, a user who signs in to Docker through SSO is automatically added > **Tip** > > [Enable SCIM](scim.md) to take advantage of automatic user provisioning and de-provisioning. If you don't enable SCIM users are only automatically provisioned. You have to de-provision them manually. -{ .tip } \ No newline at end of file +{ .tip } + +## More resources + +The following videos demonstrate how to use group mapping with your IdP. + +- [Video: Group mapping with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=3023) +- [Video: Attribute and group mapping with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=2039) diff --git a/content/security/for-admins/image-access-management.md b/content/security/for-admins/image-access-management.md index 41a3cfbcb9..42e595e581 100644 --- a/content/security/for-admins/image-access-management.md +++ b/content/security/for-admins/image-access-management.md @@ -36,3 +36,7 @@ You need to [configure a registry.json to enforce sign-in](configure-sign-in.md) {{< /tab >}} {{< /tabs >}} + +## More resources + +- [Video: Hardened Desktop Image Access Management](https://www.youtube.com/watch?v=r3QRKHA1A5U) diff --git a/content/security/for-admins/registry-access-management.md b/content/security/for-admins/registry-access-management.md index f7d4a0b3b6..4d3a39ea60 100644 --- a/content/security/for-admins/registry-access-management.md +++ b/content/security/for-admins/registry-access-management.md @@ -63,3 +63,7 @@ There are certain limitations when using Registry Access Management: - Under the WSL 2 network, traffic from all Linux distributions is restricted (this will be resolved in the updated 5.15 series Linux kernel) Also, Registry Access Management operates on the level of hosts, not IP addresses. Developers can bypass this restriction within their domain resolution, for example by running Docker against a local proxy or modifying their operating system's `sts` file. Blocking these forms of manipulation is outside the remit of Docker Desktop. + +## More resources + +- [Video: Hardened Desktop Registry Access Management](https://www.youtube.com/watch?v=oA1WQZWnTAk) diff --git a/content/security/for-admins/scim.md b/content/security/for-admins/scim.md index e507acfdb2..6338d7fb39 100644 --- a/content/security/for-admins/scim.md +++ b/content/security/for-admins/scim.md @@ -253,4 +253,13 @@ If SCIM is disabled, any user provisioned through SCIM will remain in the organi {{% admin-scim-disable product="admin" %}} {{< /tab >}} -{{< /tabs >}} \ No newline at end of file +{{< /tabs >}} + +## More resources + +The following videos demonstrate how to configure SCIM for your IdP. + +- [Video: Configure SCIM with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=1314) +- [Video: Attribute mapping with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=1998) +- [Video: Configure SCIM with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=1668) +- [Video: Attribute and group mapping with Entra ID (Azure)](https://youtu.be/bGquA8qR9jU?feature=shared&t=2039) diff --git a/content/security/for-admins/single-sign-on/configure/_index.md b/content/security/for-admins/single-sign-on/configure/_index.md index b7d44aae1b..e4550ede90 100644 --- a/content/security/for-admins/single-sign-on/configure/_index.md +++ b/content/security/for-admins/single-sign-on/configure/_index.md @@ -56,6 +56,13 @@ This page walks through steps 1 and 2 using Docker Hub or the Admin Console. {{< /tab >}} {{< /tabs >}} +## More resources + +The following videos walk through verifying your domain to create your SSO connection in Docker. + +- [Video: Verify your domain for SSO with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=529) +- [Video: Verify your domain for SSO with Azure AD (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=496) + ## What's next? [Continue configuration in your IdP](./configure-idp.md). diff --git a/content/security/for-admins/single-sign-on/configure/configure-idp.md b/content/security/for-admins/single-sign-on/configure/configure-idp.md index a831091182..e5dff97324 100644 --- a/content/security/for-admins/single-sign-on/configure/configure-idp.md +++ b/content/security/for-admins/single-sign-on/configure/configure-idp.md @@ -69,6 +69,8 @@ The user interface for your IdP may differ slightly from the following steps. Yo {{< tabs >}} {{< tab name="Okta" >}} +See [More resources](#more-resources) for a video overview on how to set up SSO with SAML in Okta. + 1. Go to the Okta admin portal. 2. Go to **Applications > Applications > Create App Integration**. 3. Select **SAML 2.0**, then select **Next**. @@ -89,7 +91,7 @@ The user interface for your IdP may differ slightly from the following steps. Yo 7. Select **I'm an Okta customer adding an internal app**. 8. Select **Finish**. 9. After you create the app, go to your app and select **View SAML setup instructions**. -10. Here you can find the **SAML Sign-in URL** and the **x509 Certificate**. Open the certificate file in a text editor and paste the contents of the file in the **x509 Certificate** field in Docker Hub or Admin Console. Then, paste the value of the **SAML Sign-in URL** and paste it into the corresponding field in Docker Hub or Admin Console. +10. Here you can find the **SAML Sign-in URL** and the **x509 Certificate**. Open the certificate file in a text editor and paste the contents of the file in the **x509 Certificate** field in Docker Hub or Admin Console. Then, copy the value of the **SAML Sign-in URL** and paste it into the corresponding field in Docker Hub or Admin Console. {{< /tab >}} {{< tab name="Entra ID SAML 2.0" >}} @@ -119,6 +121,8 @@ See [More resources](#more-resources) for a video overview on how to set up SSO {{< /tab >}} {{< tab name="Azure Connect (OIDC)" >}} +See [More resources](#more-resources) for a video overview on how to set up SSO with Azure Connect (OIDC). + ### Create app registration 1. Go to Azure AD admin portal. @@ -165,12 +169,14 @@ In the Docker console, paste the following values obtained in the previous steps {{< /tab >}} {{< /tabs >}} +## More resources + +The following videos demonstrate how to configure your IdP with your Docker SSO connection. + +- [Video: SSO connection with Okta](https://youtu.be/c56YECO4YP4?feature=shared&t=633) +- [Video: SSO connection with Azure Connect (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=630) +- [Video: SSO connection with Entra ID (Azure) SAML](https://youtu.be/bGquA8qR9jU?feature=shared&t=1246) + ## What's next? [Complete your connection](../connect/_index.md) in the Docker console, then test your connection. - -## More resources - -The following video provides an overview of configuring SSO with SAML in Entra ID (formerly Azure AD). - - diff --git a/content/security/for-admins/single-sign-on/connect/_index.md b/content/security/for-admins/single-sign-on/connect/_index.md index 9f55da1961..8f0b66d06d 100644 --- a/content/security/for-admins/single-sign-on/connect/_index.md +++ b/content/security/for-admins/single-sign-on/connect/_index.md @@ -44,6 +44,14 @@ Make sure you have completed the following before you begin: {{< /tab >}} {{< /tabs >}} +## More resources + +The following videos demonstrate how to enforce SSO. + +- [Video: Enforce SSO with Okta SAML](https://youtu.be/c56YECO4YP4?feature=shared&t=1072) +- [Video: Enforce SSO with Azure AD (OIDC)](https://youtu.be/bGquA8qR9jU?feature=shared&t=1087) + + ## What's next Learn how you can [manage your SSO connection](../manage/_index.md), domain, and users for your organization or company.