ASM-18306 & DOCS-493: added cloud auth info, improve page wording

[kgal-akl]

Summary

Kgal: add cloud id auth info.
harrison: improve page wording, fold in DOCS-493

Validation

• markdownlint run for edited Markdown files
• cspell run for edited Markdown files
• link check run for edited Markdown files

Safety Checklist

• No real credentials, tokens, account identifiers, tenant IDs, project numbers, or email addresses were added.
• All cloud identities in examples use placeholders (for example, <service-account-name>@<project-id>.iam.gserviceaccount.com, arn:aws:iam::<aws-account-id>:root, <azure-tenant-id>, and <resource-ocid>).
• Added examples were reviewed for sanitized values and non-production identifiers.

Jira

• DOCS-
• ASM-18306

Summary by CodeRabbit

• Documentation
  • Added cloud-specific install instructions for AWS IAM, GCP, and Azure AD (include cloud extra) and example shell commands.
  • Standardized authentication/login examples to use akeyless_api_url, access_id, and access_type; removed cloud_id from cloud-managed snippets.
  • New subsection showing how to generate and inject an AWS IAM cloud_id for login.
  • Clarified cloud_id auto-derivation vs when it must be supplied; minor wording and parameter-list clarifications (SSH/PKI).

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR updates the Ansible Akeyless plugin docs: adds cloud-specific installation steps, standardizes and expands login: YAML examples across auth methods (including Universal Identity), adds an AWS IAM cloud identity workflow, and clarifies when cloud_id must be provided versus when it can be auto-derived.

Changes

Ansible Plugin Configuration and Authentication

Layer / File(s)	Summary
Intro wording & Ansible Galaxy text docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md	Fixes introductory capitalization/wording and updates Ansible Galaxy installation phrasing for the akeyless.secrets_management collection.
Installation and cloud-extra prerequisites docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md	Adds pip install akeyless and cloud-specific `akeyless-cloud-id[aws
Authentication login: examples and cloud_id rules docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md	Standardizes login: YAML across auth methods (akeyless_api_url, access_id, access_type), removes cloud_id from aws_iam/gcp/azure_ad snippets, expands Universal Identity example, and adds AWS IAM cloud_id generation/injection workflow and rewritten cloud_id guidance.
Static/Dynamic/Rotated secrets 'Additional parameters' wording docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md	Normalizes multiple "Additional parameters..." lines to a consistent "are available" phrasing across Static, Dynamic, and Rotated Secret sections.
SSH certificate and PKI certificate field updates docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md	Updates SSH certificate Where list to include cert_username, public_key_data, optional ttl, and legacy_signing_alg_name; normalizes PKI certificate "Additional parameters..." wording.

Estimated Code Review Effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I nibble docs by lantern light,
I tuck cloud extras in just right,
YAML keys line up and sing,
cloud_id sleeps when the cloud can bring,
a happy hop — the changes bright.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title directly references the main changes: adding cloud authentication information and improving page wording, which aligns with the core objectives of the pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ASM-18306-use-cloudid-login

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/Integrations` &
Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md:
- Line 186: Update the `cloud_id` parameter description to use formal phrasing
and clearer structure: replace "different than" with "different from" and
"don't" with "do not"; define acronyms on first use by expanding "STS" to
"Security Token Service (STS)" and "FIPS" to "Federal Information Processing
Standards (FIPS)"; break the long sentence into two or three concise sentences
that state when auto-derivation is used, when the `akeyless-cloud-id` library
must be installed, and that if auto-derive fails or when running in a regional
STS different from us-east-1 (e.g., AWS GovCloud, FIPS endpoints) the user must
supply `cloud_id` explicitly (for example, via `akeyless get-cloud-identity`);
keep references to the `cloud_id` and `akeyless-cloud-id` symbols so the edit is
easy to locate.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0966f954-27d3-46ca-83a9-03b5cdb1e024

📥 Commits

Reviewing files that changed from the base of the PR and between 42c6804 and 08a03a6.

📒 Files selected for processing (1)

• docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md (1)

180-197: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Document the Akeyless CLI prerequisite for the get-cloud-identity workflow.

This section tells users to run akeyless get-cloud-identity, but prerequisites do not mention installing the Akeyless CLI. Add a prerequisite note (or an inline note in this subsection) so the flow is executable end-to-end.

Suggested doc patch

 Before using the Akeyless Ansible plugin, ensure the following prerequisites are met:
@@
 * The Akeyless Python package installed:
@@
   pip install akeyless

+* Akeyless CLI installed (required if you generate cloud_id manually with akeyless get-cloud-identity).
+
If you use aws_iam, gcp, or azure_ad authentication, also install akeyless-cloud-id with the matching cloud extra:

</details>

As per coding guidelines, "Examples and commands in documentation must be realistic and internally consistent."

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @docs/Integrations &
Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md around lines 180 -
197, Add a prerequisite note stating that the Akeyless CLI must be installed to
run the example that calls akeyless get-cloud-identity and that the
akeyless-cloud-id extra is required for aws_iam, gcp, or azure_ad flows;
update the subsection containing the get-cloud-identity example (the Login via AWS IAM/cloud_id example and the akeyless get-cloud-identity command)
to include a short bullet or inline note: "Akeyless CLI installed (required to
run akeyless get-cloud-identity); install akeyless-cloud-id with the
matching cloud extra for aws_iam, gcp, or azure_ad."

</details>

</blockquote></details>

</blockquote></details>

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@docs/Integrations` &
Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md:
- Around line 180-197: Add a prerequisite note stating that the Akeyless CLI
must be installed to run the example that calls `akeyless get-cloud-identity`
and that the `akeyless-cloud-id` extra is required for `aws_iam`, `gcp`, or
`azure_ad` flows; update the subsection containing the `get-cloud-identity`
example (the `Login via AWS IAM`/`cloud_id` example and the `akeyless
get-cloud-identity` command) to include a short bullet or inline note: "Akeyless
CLI installed (required to run `akeyless get-cloud-identity`); install
`akeyless-cloud-id` with the matching cloud extra for `aws_iam`, `gcp`, or
`azure_ad`."

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 97f34f4a-72a7-4708-8d63-51e98fcad28c

📥 Commits

Reviewing files that changed from the base of the PR and between 7c9869e and ef40660.

📒 Files selected for processing (1)

• docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md