Merge pull request strongdm#315 from strongdm/docs/improve-workflow-builder-form

Improve Workflow Builder Access Request Form docs and remove Accessform approach

Author: camposer

README.md

@@ -64,7 +64,7 @@ Refer to [this docs](./docs/deploy/INFRASTRUCTURES.md) to learn more about the A
 
 ### Using disposable containers
 
-If you're using technologies that dispose containers, e.g. [Fargate](https://aws.amazon.com/fargate/), and manual approvals, you should enable state handling via `SDM_ENABLE_BOT_STATE_HANDLING` to persist manual grant requests. Please refer to the [documentation](docs/configure_accessbot/CONFIGURE_ACCESSBOT.md#bot-configuration) for more details of this variable.
+If you're using technologies that dispose containers, e.g. [Fargate](https://aws.amazon.com/fargate/), and manual approvals, you should enable state handling via `SDM_ENABLE_BOT_STATE_HANDLING` to persist manual grant requests. Please refer to the [documentation](docs/slack/CONFIGURE_ACCESSBOT.md#bot-configuration) for more details of this variable.
 
 To make the persistency work in this scenario, you need to mount a folder pointing to the path `/errbot/data/grant_requests` inside the container. This folder will store the grant requests state, persisting the data while the containers are disposed and redeployed.
 

docs/configure_accessbot/CONFIGURE_ACCESSBOT.md

@@ -55,7 +55,7 @@ You just need to remove the "SDM_" prefix when configuring them. Here's a usage
 * **SDM_AUTO_APPROVE_TAG**. Resource tag to be used for auto-approve resources. The tag value is not ignored, delete tag or set it false to disable. Disabled by default
 * **SDM_CONCEAL_RESOURCE_TAG**. Resource tag to be used for concealing resources, meaning that they are not going to be shown but remain accessible. Ideally set value to `true` or `false` (e.g. `conceal-resource=true`). If there's no value, it's interpreted as `true`. Disabled by default ([see below](#using-tags) for more info about using tags)
 * **SDM_CONTROL_RESOURCES_ROLE_NAME**. Role name to be used for getting available resources. Disabled by default
-* **SDM_EMAIL_SLACK_FIELD**. Slack Profile Tag to be used for specifying an SDM email. For further information, please refer to [CONFIGURE_ALTERNATIVE_EMAILS.md](./CONFIGURE_ALTERNATIVE_EMAILS.md).
+* **SDM_EMAIL_SLACK_FIELD**. Slack Profile Tag to be used for specifying an SDM email. For further information, please refer to [CONFIGURE_ALTERNATIVE_EMAILS.md](CONFIGURE_ALTERNATIVE_EMAILS.md).
 * **SDM_EMAIL_SUBADDRESS**. Flag to be used for specifying a subaddress for the SDM email (e.g. "user@email.com" becomes "user+sub@email.com" when SDM_EMAIL_SUBADDRESS equals to "sub"). Disabled by default
 * **SDM_ENABLE_BOT_STATE_HANDLING**. Boolean flag to enable persistent grant requests. When enabled, all grant requests will be synced in a local file, that way if AccessBot goes down, all ongoing requests will be restored. Default = false
 * **SDM_ENABLE_RESOURCES_FUZZY_MATCHING**. Flag to enable fuzzy matching for resources when a perfect match is not found. Default = true
@@ -213,4 +213,4 @@ In the example above, we're assuming that `SDM_ALLOW_ROLE_GROUPS_TAG=allow-group
 
 ## Resources access request form bot configuration
 
-* **SDM_ACCESS_FORM_BOT_NICKNAME**. Nickname of the access form bot. For further information, please refer to [CONFIGURE_ACCESSBOT_FORM.md](../slack/CONFIGURE_ACCESSBOT_FORM.md).
+* **SDM_ACCESS_FORM_BOT_NICKNAME**. Nickname of the Access Form bot. For further information, please refer to [CONFIGURE_WORKFLOW_BUILDER_ACCESSBOT_FORM.md](/docs/slack/CONFIGURE_WORKFLOW_BUILDER_ACCESSBOT_FORM.md).

docs/deploy/FARGATE.md

@@ -42,7 +42,7 @@ Note: If you don't have a File System ID, click on [Amazon EFS console](https://
 
 ![image](https://user-images.githubusercontent.com/49597325/181516509-37418164-2dc4-4f71-a7c3-2fdc4de26e5a.png)
 
-Note: The `SDM_ENABLE_BOT_STATE_HANDLING` is essential if you want to use manual approvals. For more information, please refer to the [CONFIGURE_ACCESSBOT](../configure_accessbot/CONFIGURE_ACCESSBOT.md#bot-configuration) docs
+Note: The `SDM_ENABLE_BOT_STATE_HANDLING` is essential if you want to use manual approvals. For more information, please refer to the [CONFIGURE_ACCESSBOT](../slack/CONFIGURE_ACCESSBOT.md#bot-configuration) docs
 
 10. In the `Storage and Logging` section, select the created volume and type "/errbot/data/grant_requests" in the `Container Path`
 

docs/ms-teams/CONFIGURE_MS_TEAMS.md

@@ -140,4 +140,4 @@ Due to some MS Teams current limitations, the following features are not support
 - Admins reachability: if you want the admins to manage the access requests via DMs, you need to make sure that all the
 `SDM_ADMINS` belong to all teams inside your organization, because when a user requests an access the bot searches for 
 the admins details inside the requester's team. So, because of this limitation we strongly recommend you to enable the
-[SDM_ADMINS_CHANNEL](/docs/configure_accessbot/CONFIGURE_ACCESSBOT.md#Bot-configuration) feature.
+[SDM_ADMINS_CHANNEL](/docs/slack/CONFIGURE_ACCESSBOT.md#Bot-configuration) feature.

docs/slack/CONFIGURE_ACCESSBOT_FORM.md

@@ -0,0 +1,55 @@
+---
+layout: default
+title: Slack - Accessform Usage
+nav_order: 4
+parent: Slack
+---
+
+# Configure AccessBot Form
+
+This is a solution for requesting access to resources via a form page built using [Workflow Builder](https://slack.com/help/articles/360035692513-Guide-to-Workflow-Builder).
+
+In case you already have an Access Form built from Workflow Builder, you can jump to the [Set Environment Variable](#Set-Environment-Variable). If you don't have one yet, please follow the next steps.
+
+## Set Up Workflow Builder Access Form
+
+In order to configure the access request form, you just need to add a new "Workflow shortcut" following the next images:
+
+![image](https://user-images.githubusercontent.com/20745533/197523236-92cd845f-7875-4c13-84ef-ecd57c71e8e2.png)
+
+![image](https://user-images.githubusercontent.com/20745533/197523285-aaa6c758-84f6-4021-92ff-53d75938b97b.png)
+
+Then, you should be able to open the access form:
+
+![image](https://user-images.githubusercontent.com/20745533/197523608-2e3abb8f-0e9c-4e11-9ffe-2171792480fe.png)
+
+![image](https://user-images.githubusercontent.com/20745533/197523654-7c140d26-8915-4b5c-9917-f966cd2f99b2.png)
+
+
+## Set Environment Variable
+
+Now that you have an access form, let's configure the environment. You only need to add the environment variable `SDM_ACCESS_FORM_BOT_NICKNAME` in your `env-file` with the Workflow bot nickname.
+
+To find out the Workflow bot's nickname run the following command in a terminal (in the project root):
+
+```bash
+$ python3 tools/get-slack-handle.py -d "AccessBot Form" 
+```
+
+After running this command, you should see something like this in the terminal:
+
+```
+The nick for that user is: @wb_bot_xxxxxxxxxxx
+```
+
+Finally, put that nickname as the value of the environment variable mentioned above.
+
+```
+SDM_ACCESS_FORM_BOT_NICKNAME=@wb_bot_xxxxxxxxxxx
+```
+
+## Usage Example
+
+The following gif shows an example of how to use the AccessBot form to request a resource from StrongDM.
+
+![accessbot-form](https://user-images.githubusercontent.com/82273420/163173633-243771d8-a31c-4f79-aaf6-102eb4265286.gif)