OSDOCS-10783: Add Cloud Expert Tutorial: ROSA with HCP private offer …

…acceptance and sharing

_attributes/attributes-openshift-dedicated.adoc

@@ -47,6 +47,8 @@
 //Formerly known as CodeReady Containers and CodeReady Workspaces
 :openshift-local-productname: Red Hat OpenShift Local
 :openshift-dev-spaces-productname: Red Hat OpenShift Dev Spaces
+:product-title: ROSA 
+:product-title-first: Red Hat OpenShift Service on AWS
 :hcp: hosted control planes
 :hcp-title: ROSA with HCP
 :hcp-title-first: {product-title} (ROSA) with {hcp} (HCP)

_topic_maps/_topic_map_rosa.yml

@@ -109,6 +109,8 @@ Topics:
 #  File: rosa-mobb-prerequisites-tutorial
 - Name: ROSA with HCP activation and account linking
   File: cloud-experts-rosa-hcp-activation-and-account-linking-tutorial
+- Name: ROSA with HCP private offer acceptance and sharing
+  File: cloud-experts-rosa-with-hcp-private-offer-acceptance-and-sharing
 - Name: Verifying Permissions for a ROSA STS Deployment
   File: rosa-mobb-verify-permissions-sts-deployment
 - Name: Using AWS WAF and Amazon CloudFront to protect ROSA workloads

_topic_maps/_topic_map_rosa_hcp.yml

@@ -113,6 +113,8 @@ Topics:
 #   File: rosa-mobb-prerequisites-tutorial
 - Name: ROSA with HCP activation and account linking
   File: cloud-experts-rosa-hcp-activation-and-account-linking-tutorial
+- Name: ROSA with HCP private offer acceptance and sharing
+  File: cloud-experts-rosa-with-hcp-private-offer-acceptance-and-sharing
 # - Name: Verifying Permissions for a ROSA STS Deployment
 #   File: rosa-mobb-verify-permissions-sts-deployment
 # - Name: Using AWS WAF and Amazon CloudFront to protect ROSA workloads

cloud_experts_tutorials/cloud-experts-rosa-with-hcp-private-offer-acceptance-and-sharing.adoc

@@ -0,0 +1,207 @@
+:_mod-docs-content-type: ASSEMBLY
+[id=“cloud-experts-rosa-with-hcp-private-offer-acceptance-and-sharing”]
+= Tutorial: ROSA with HCP private offer acceptance and sharing
+include::_attributes/attributes-openshift-dedicated.adoc[]
+:context: cloud-experts-rosa-with-hcp-private-offer-acceptance-and-sharing
+
+toc::[]
+
+This guide describes how to accept a private offer for {hcp-title-first} and how to ensure that all team members can use the private offer for the clusters they provision.
+
+{hcp-title} costs are composed of the AWS infrastructure costs and the {hcp-title} service costs. AWS infrastructure costs, such as the EC2 instances that are running the needed workloads, are charged to the AWS account where the infrastructure is deployed. ROSA service costs are charged to the AWS account specified as the "AWS billing account" when deploying a cluster.
+
+The cost components can be billed to different AWS accounts. Detailed description of how the ROSA service cost and AWS infrastructure costs are calculated can be found on the link:https://aws.amazon.com/rosa/pricing/[{product-title} Pricing page].
+
+== Accepting a private offer
+
+. When you get a private offer for {hcp-title}, you are provided with a unique URL that is accessible only by a specific AWS account ID that was specified by the seller.
++
+[NOTE]
+====
+Verify that you are logged in using the AWS account that was specified as the buyer. Attempting to access the offer using another AWS account produces a "page not found" error message as shown in Figure 11 in the troubleshooting section below.
+====
++
+.. You can see the offer selection drop down menu with a regular private offer pre-selected in Figure 1. This type of offer can be accepted only if the {hcp-title} was not activated before using the public offer or another private offer.
++
+.Regular private offer
++
+image::rosa-regular-private-offer.png[]
++
+.. You can see a private offer that was created for an AWS account that previously activated {hcp-title} using the public offer, showing the product name and the selected private offer labeled as "Upgrade", that replaces the currently running contract for {hcp-title} in Figure 2.
++
+.Private offer selection selection screen
++
+image::rosa-private-offer-selection-selection-screen.png[]
+
+.. The drop down menu allows selecting between multiple offers, if available. The previously activated public offer is shown together with the newly provided agreement based offer that is labeled as "Upgrade" in Figure 3.
++
+.Private offer selection dropdown
++
+image::rosa-private-offer-selection-dropdown.png[]
+
+. Verify that your offer configuration is selected. Figure 4 shows the bottom part of the offer page with the offer details.
++
+[NOTE]
+====
+The contract end date, the number of units included with the offer, and the payment schedule. In this example, 1 cluster and up to 3 nodes utilizing 4 vCPUs are included.
+====
++
+.Private offer details
++
+image::rosa-private-offer-details.png[]
+
+. Optional: you can link:https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-purchase-orders.html[add your own purchase order (PO) number] to the subscription that is being purchased, so it is included on your subsequent AWS invoices. Also, check the "Additional usage fees" that are charged for any usage above the scope of the "New offer configuration details".
++
+[NOTE]
+====
+Private offers have several available configurations. 
+
+* It is possible that the private offer you are accepting is set up with a fixed future start date. 
+* If you do not have another active {hcp-title} subscription at the time of accepting the private offer, a public offer or an older private offer entitlement, accept the private offer itself and continue with the account linking and cluster deployment steps after the specified service start date. 
+
+You must have an active {hcp-title} entitlement to complete these steps. Service start dates are always reported in the UTC time zone
+====
+
+. Create or upgrade your contract. 
++
+.. For private offers accepted by an AWS account that does not have {hcp-title} activated yet and is creating the first contract for this service, click the *Create contract button*.
++
+.Create contract button
++
+image::rosa-create-contract-button.png[]
++
+.. For agreement-based offers, click the *Upgrade current contract* button shown in Figures 4 and 6.
++
+.Upgrade contract button
++
+image::rosa-upgrade-contract-button.png[]
+
+. Click *Confirm*.
++
+.Private offer acceptance confirmation window
++
+image::rosa-private-offer-acceptance-confirmation-window.png[]
+
+. If the accepted private offer service start date is set to be immediately following the offer acceptance, click the *Set up your account* button in the confirmation modal window.
++
+.Subscription confirmation
++
+image::rosa-subscription-contfirmation.png[]
+
+. If the accepted private offer has a future start date specified, return to the private offer page after the service start date, and click the *Setup your account* button to proceed with the Red{nbsp}Hat and AWS account linking. 
++
+[NOTE]
+====
+With no agreement active, the account linking described below is not triggered, the "Account setup" process can be done only after the "Service start date".
+
+These are always in UTC time zone.
+====
+
+== Sharing a private offer
+
+. Clicking the *Set up your account* button in the previous step takes you to the AWS and Red{nbsp}Hat account linking step. At this time, you are already logged in with the AWS account that accepted the offer. If you are not logged in with a Red{nbsp}Hat account, you will be prompted to do so.
++
+{hcp-title} entitlement is shared with other team members through your Red{nbsp}Hat organization account. All existing users in the same Red{nbsp}Hat organization are able to select the billing AWS account that accepted the private offer by following the above described steps. You can link:https://www.redhat.com/wapps/ugc/protected/usermgt/userList.html[manage users in your Red{nbsp}Hat organization], when logged in as the Red{nbsp}Hat organization administrator, and invite or create new users.
++
+[NOTE]
+====
+{hcp-title} private offer cannot be shared with AWS linked accounts through the AWS License Manager.
+====
+
+. Add any users that you want to deploy ROSA clusters. Check link:https://access.redhat.com/customer-service-users[this user management FAQ] for more details about Red{nbsp}Hat account user management tasks. 
+
+. Verify that the already logged in Red{nbsp}Hat account includes all users that are meant to be ROSA cluster deployers benefiting from the accepted private offer.
+
+. Verify that the Red{nbsp}Hat account number and the AWS account ID are the desired accounts that are to be linked. This linking is unique and a Red{nbsp}Hat account can be connected only with a single AWS (billing) account.
++
+.AWS and Red{nbsp}Hat accounts connection
++
+image::rosa-aws-and-red-hat-accounts-connection.png[]
+
+. If you want to link the AWS account with another Red{nbsp}Hat account than is shown on this page in Figure 9, log out from the {hybrid-console} before connecting the accounts and repeat the step of setting the account by returning to the private offer URL that is already accepted.
++
+An AWS account can be connected with a single Red{nbsp}Hat account only. Once Red{nbsp}Hat and AWS accounts are connected, this cannot be changed by the user. If a change is needed, the user must create a support ticket.
++
+The account linking and initial cluster deployment steps are described in more detail in xref:../cloud_experts_tutorials/cloud-experts-rosa-hcp-activation-and-account-linking-tutorial.adoc#aws-and-redhat-account-and-subscription-linking[AWS and Red{nbsp}Hat account and subscription linking].
+
+. Agree to the terms and conditions and then click *Connect accounts*.
+
+== AWS billing account selection
+
+* When deploying {hcp-title} clusters, verify that end users select the AWS billing account that accepted the private offer. 
+
+* When using the web interface for deploying {hcp-title}, the Associated AWS infrastructure account" is typically set to the AWS account ID used by the administrator of the cluster that is being created. 
+** This can be the same AWS account as the billing AWS account. 
+** AWS resources are deployed into this account and all the billing associated with those resources are processed accordingly.
++
+.Infrastructure and billing AWS account selection during {hcp-title} cluster deployment
++
+image::rosa-infrastructure-and-billing-aws-account-selection-during-rosa-with-hcp-cluster-deployment.png[]
++
+** The drop-down for the AWS billing account on the screenshot above should be set to the AWS account that accepted the private offer, providing the purchased quota is intended to be used by the cluster that is being created. If different AWS accounts are selected in the infrastructure and billing "roles", the blue informative note visible in Figure 10 is shown.
+
+////
+//Commenting out for now, but we can examine how to incorporate the example scenario 
+
+== Example scenario
+
+* John is developer who briefly tested {hcp-title} by activating the service using their AWS account 123412341234, then deleted the cluster after the trial was completed.
+* John is responsible for the company's main AWS account 111111111111 and manages their AWS organization with several linked AWS accounts.
+* John accepts a private offer for {hcp-title} as described in "Accepting a private offer".
+* John connects the AWS account 111111111111, that was used for accepting the private offer, with their Red{nbsp}Hat account right after accepting the private offer as described in "Connecting AWS and Red{nbsp}Hat accounts".
+* Anne wants to deploy a new ROSA cluster. Normally, they use their AWS account 123412341234 which is linked to the master AWS account 111111111111 for all cloud infrastructure needs.
+* John makes sure that Anne Red{nbsp}Hat user is in the same Red{nbsp}Hat organization as John’s Red{nbsp}Hat user. John is the Red{nbsp}Hat organization administrator and can do that here.
+* Anne visits the {hybrid-console} and starts a new cluster deployment.
+* During the initial steps, Anne makes sure to select 111111111111 as the AWS billing account, while using their own AWS account 123412341234 as the AWS infrastructure account.
+* Note that Anne is also able to select their own AWS account 123412341234 as the billing account when creating a cluster because they previously activated the ROSA with HCP public offer. However, that would result in custom private offer pricing not being applied to this cluster. Therefore it is important for John to communicate the information about which AWS billing account is to be used by employees when creating a new cluster in order to benefit from a private offer that was accepted before.
+////
+
+== Troubleshooting
+
+The most frequent issues associated with private offer acceptance and Red{nbsp}Hat account linking.
+
+=== Accessing a private offer using a different AWS account
+
+* If you try accessing the private offer when logged in under AWS account ID that is not defined in the offer, and see the message shown in Figure 11, then verify that you are logged in as the desired AWS billing account. 
++
+.HTTP 404 error when using the private offer URL
++
+image::rosa-http-404-error-when-using-the-private-offer-url.png[]
++
+** Contact the seller if you need the private offer to be extended to another AWS account.
+
+=== The private offer cannot be accepted because of active subscription
+
+* If you try accessing a private offer that was created for the first time {hcp-title} activation, while you already have {hcp-title} activated using another public or private offer, and see the following notice, then contact the seller who provided you with the offer. 
++
+The seller can provide you with a new offer that will seamlessly replace your current agreement, without a need to cancel your previous subscription.
++
+.Existing subscription preventing private offer acceptance
++
+image::rosa-existing-subscription-preventing-private-offer-acceptance.png[]
+
+=== The AWS account is already linked to a different Red{nbsp}Hat account
+
+* If you see the error message "AWS account is already linked to a different Red{nbsp}Hat account" when you try to connect the AWS account that accepted the private offer with a presently logged-in Red{nbsp}Hat user, then the AWS account is already connected to another Red{nbsp}Hat user.
++
+.AWS account is already linked to a different Red{nbsp}Hat account
++
+image::rosa-aws-account-is-already-linked-to-a-different-red-hat-account.png[]
+
+* You can either log in using another Red{nbsp}Hat account or another AWS account. 
+
+** However, since this guide pertains to private offers, the assumption is that you are logged in with the AWS account that was specified as the buyer and already accepted the private offer so it is intended to be used as the billing account. Logging in as another AWS account is not expected after a private offer was accepted.
+
+* You can still log in with another Red{nbsp}Hat user which is already connected to the AWS account that accepted the private offer. Other Red{nbsp}Hat users belonging to the same Red{nbsp}Hat organization are able to use the linked AWS account as the ROSA with HCP AWS billing account when creating clusters as seen in Figure 10.
+
+* If you believe that the existing account linking might not be correct, see the "My team members belong to different Red{nbsp}Hat organizations" question below for tips on how you can proceed.
+
+=== My team members belong to different Red{nbsp}Hat organizations
+
+* An AWS account can be connected to a single Red{nbsp}Hat account only. Any user that wants to create a cluster and benefit from the private offer granted to this AWS account needs to be in the same Red{nbsp}Hat account. This can be achieved by inviting the user to the same Red{nbsp}Hat account and creating a new Red{nbsp}Hat user.
+
+=== Incorrect AWS billing account was selected when creating a cluster
+
+* If the user selected an incorrect AWS billing account, the fastest way to fix this is to delete the cluster and create a new one, while selecting the correct AWS billing account.
+
+* If this is a production cluster that cannot be easily deleted, please contact Red{nbsp}Hat support to change the billing account for an existing cluster. Expect some turnaround time for this to be resolved.