Backport 2.5 4242 (ansible#4344)

* AAP-52745: Updating TOC and title of Getting started with Terraform and AAP guide (ansible#4214)

* Updating TOC and title of Getting started with Terraform and AAP guide

* Added more attributes

* Remove attributes from docinfo file

* Add Red Hat to name

* Update master.adoc to remove attributes (ansible#4269)

Testing build issue w/ attributes in the title. Can retest attributes in the title when building on stage.

* AAP-50389-FIXED: Add Vault content to HashiCorp Getting Started guide (ansible#4242)

* Add Vault content for HashiCorp Getting Started

* Add simlink

* Edits to Vault and terraform content

* Fixed code styles

* Edits based on feedback

* More edits and refinement

* Edits based on peer review

* Fixed links

* Added attributes

* More edits for accessibility

---------

Co-authored-by: ccopelloRH <[email protected]>

Author: jonquilwilliams

downstream/assemblies/terraform-aap/assembly-terraform-introduction.adoc

@@ -2,7 +2,7 @@
 
 [id="terraform-introduction"]
 
-= About this Integration
+= About the {Terraform} integration
 
 The integration of {PlatformName} and {TerraformEnterpriseFullName} offers a powerful solution for streamlining IT operations. This collaboration combines the strengths of both tools to save time and effort while reducing risks in complex IT environments.
 

downstream/assemblies/terraform-aap/assembly-terraform-product.adoc

@@ -0,0 +1,5 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="terraform-product"]
+
+= {Terraform} integration

downstream/assemblies/vault-aap/assembly-vault-authenticating.adoc

@@ -0,0 +1,17 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="vault-authenticating"]
+
+= Authenticating to `hashicorp.vault`
+
+After you install or migrate to the `hashicorp.vault` collection, authentication is configured in the {PlatformNameShort} user interface:
+
+* An administrator creates a custom credential type to authenticate to {Vault}.
+
+* Users create credentials (based on the credential type) to use with job templates in {PlatformNameShort}.
+
+
+
+include::vault-aap/con-vault-authentication-architecture.adoc[leveloffset=+1]
+include::vault-aap/proc-vault-creating-credential-type.adoc[leveloffset=+1]
+include::vault-aap/proc-vault-creating-custom-credential.adoc[leveloffset=+1]

downstream/assemblies/vault-aap/assembly-vault-introduction.adoc

@@ -0,0 +1,9 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="vault-introduction"]
+
+= About the {Vault} integration
+
+The integration of {PlatformName} and {VaultFullName} provides fully automated Key/Value V2 (KV2) secret lifecycle management for {Vault}.
+
+include::vault-aap/con-vault-intro.adoc[leveloffset=+1]

downstream/assemblies/vault-aap/assembly-vault-migrating-from-community.adoc

@@ -0,0 +1,19 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="vault-migrating-from-community-hashi-vault"]
+
+= Migrating from `community.hashi_vault`
+
+If you are using the `community.hashi_vault` collection, you can migrate your existing playbooks to the `hashicorp.vault` collection.
+
+There are two modules for `hashicorp.vault` that you must configure:
+
+* **`hashicorp.vault.kv2_secret`** - A unified module for CRUD operations on KV2 secrets.
+* **`hashicorp.vault.kv2_secret_get lookup`** - A lookup plugin for reading KV2 secrets.
+
+In the following procedures, you will replicate the parameters from the `community.hashi_vault` modules to these required `hashicorp.vault` modules.
+
+include::vault-aap/proc-vault-configuring-kv2-secret.adoc[leveloffset=+1]
+include::vault-aap/proc-vault-configuring-kv2-secret-get-lookup.adoc[leveloffset=+1]
+include::vault-aap/con-vault-migration-examples-secret-module.adoc[leveloffset=+1]
+include::vault-aap/con-vault-migration-examples-secret-get-lookup.adoc[leveloffset=+1]

downstream/assemblies/vault-aap/assembly-vault-product.adoc

@@ -0,0 +1,5 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="vault-product"]
+
+= {Vault} integration

downstream/assemblies/vault-aap/vault-aap

@@ -0,0 +1 @@
+../../modules/vault-aap

downstream/attributes/attributes.adoc

@@ -128,13 +128,22 @@
 :Runner: Ansible Runner
 :Role: Role ARG Spec
 
+//HashiCorp
+:HashiCorpFullName: IBM HashiCorp
+:HashiCorpShortName: HashiCorp
+
 // Terraform
 :TerraformEnterpriseFullName: IBM HashiCorp Terraform
 :TerraformEnterpriseShortName: Terraform Enterprise
 :TerraformCloudShortName: HCP Terraform
 :TerraformCommunityName: Terraform Community Edition
 :Terraform: Terraform
 
+// Vault
+:VaultFullName: IBM HashiCorp Vault
+:VaultCommunityName: Vault Community Edition
+:Vault: Vault
+
 // Ansible development tools
 :ToolsName: Ansible development tools
 :AAPRHDH: Ansible plug-ins for Red Hat Developer Hub
@@ -509,3 +518,13 @@
 :TitleSaaSAWSGuide: Red Hat Ansible Automation Platform Service on AWS
 :URLSaaSAWSGuide: {BaseURL}/ansible_on_clouds/2.x_latest/html/red_hat_ansible_automation_platform_service_on_aws
 :LinkSaaSAWSGuide: link:{URLSaaSAWSGuide}[{TitleSaaSAWSGuide}]
+//
+// titles/automation-dashboard
+:TitleAutomationDashboard: Using Automation Dashboard
+:URLAutomationDashboard: {BaseURL}/red_hat_ansible_automation_platform/{PlatformVers}/html/using_automation_dashboard
+:LinkAutomationDashboard: {URLAutomationDashboard}[{TitleAutomationDashboard}]
+//
+// titles/terraform (Hashicorp)
+:TitleHashiGuide: Getting Started with HashiCorp and Ansible Automation Platform Guide
+:URLHashiGuide: {BaseURL}/red_hat_ansible_automation_platform/{PlatformVers}/html/getting_started_with_hashicorp_and_ansible_automation_platform
+:LinkHashiGuide: link:{URLHashiGuide}[{TitleHashiGuide}]

downstream/modules/vault-aap/con-vault-authentication-architecture.adoc

@@ -0,0 +1,33 @@
+:_mod-docs-content-type: CONCEPT
+
+[id="vault-auth-architecture"]
+
+= Authentication architecture
+
+[role="_abstract"]
+
+The `hashicorp.vault` collection manages authentication through environment variables and client initialization. This approach enhances security by preventing sensitive credentials from being passed directly as module parameters within playbook tasks. Instead, `hashicorp.vault` injects credentials into job templates with environment variables, so you get simpler, cleaner task definitions while ensuring that authentication details remain secure.
+
+The following authentication types are supported:
+
+* **appRole authentication:** Use either one of the following methods when using appRole authentication:
+
+** Set the `VAULT_APPROLE_ROLE_ID` and `VAULT_APPROLE_SECRET_ID` environment variables. When you use environment variables, you must also create a custom credential type and credentials that will be passed to the job template.
+
+** Directly pass the `role_id` and `secret_id` parameters to the tasks, for example:
++
+----
+- name: Create a secret with AppRole authentication
+  hashicorp.vault.kv2_secret:
+    url: https://vault.example.com:8200
+    auth_method: approle
+    role_id: "{{ vault_role_id }}"
+    secret_id: "{{ vault_secret_id }}"
+    path: myapp/config
+    data:
+      api_key: secret-api-key
+----
+
+* **Token authentication:** Set the `VAULT_TOKEN` environment variable. 
++
+Optionally, you can configure parameters for the token. If parameters are not provided, then the module uses environment variables.

downstream/modules/vault-aap/con-vault-intro.adoc

@@ -0,0 +1,18 @@
+:_mod-docs-content-type: CONCEPT
+
+[id="vault-intro"]
+
+= Introduction
+
+[role="_abstract"]
+
+{Vault} lets you centrally store and manage secrets securely. The {PlatformNameShort} certified `hashicorp.vault` collection provides fully automated Key/Value V2 (KV2) secret lifecycle management for {Vault}. You can create, update, and delete secrets through playbooks.
+
+* **Existing `community.hashi_vault` users:** The `hashicorp.vault` solution is intended to replace unsupported `community.hashi_vault` collection. Use the migration path to keep your existing playbooks. For more information about migrating, see link:{URLHashiGuide}/vault-migrating-from-community-hashi-vault[Migrating from `community.hashi_vault`].
+
+* **New {Vault} users:** The `hashicorp.vault` collection is included in the supported execution environment from {HubName}.
+
+[NOTE]
+====
+Although the `hashicorp.vault` and `hashi.terraform` collections work independently of each other and are designed for different tasks, you can use them together in advanced workflows.
+====