From ac9523bcad6075b6abac233e16ca04e9a0b8baf6 Mon Sep 17 00:00:00 2001
From: melGL <81323402+melgl@users.noreply.github.com>
Date: Tue, 26 Mar 2024 13:54:57 -0500
Subject: [PATCH] Clarify AWS Auth instructions for Grafana Cloud users
 (#84312)

* Clarify "Grafana Assume Role" feature instructions for Grafana Cloud users

Following the recommendations provided in Support escalation https://github.com/grafana/support-escalations/issues/8277

* Update docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md

Co-authored-by: Jack Baldry <jack.baldry@grafana.com>

* Update docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md

Co-authored-by: Jack Baldry <jack.baldry@grafana.com>

---------

Co-authored-by: Eve Meelan <81647476+Eve832@users.noreply.github.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
---
 .../datasources/aws-cloudwatch/aws-authentication/index.md   | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md b/docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md
index 78d0021b2c6..97ca8723f7f 100644
--- a/docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md
+++ b/docs/sources/datasources/aws-cloudwatch/aws-authentication/index.md
@@ -72,7 +72,7 @@ The Grafana Assume Role also helps facilitate this. Using this role, Grafana's A
 
 If the **Assume Role ARN** field is left empty, Grafana uses the provided credentials from the selected authentication method directly, and permissions to AWS data must be attached directly to those credentials. The **Assume Role ARN** field is optional for all authentication methods except for Grafana Assume Role.
 
-To disable this feature, refer to the [`assume_role_enabled` documentation][configure-grafana-assume-role-enabled].
+To disable this feature in open source Grafana or Grafana Enterprise, refer to the [`assume_role_enabled` documentation][configure-grafana-assume-role-enabled].
 
 ### Use an external ID
 
@@ -156,7 +156,8 @@ The Grafana Assume Role authentication provider lets you authenticate with AWS w
 
 To use the Grafana Assume Role:
 
-1. Put in a request to Customer Support to enable`awsDatasourcesTempCredentials`.
+1. Grafana Cloud customers need to open a support ticket to enable the feature `awsDatasourcesTempCredentials`.
+   This feature is enabled by default in open source Grafana and Grafana Enterprise.
 2. Once the feature is enabled, create a new CloudWatch data source (or update an existing one) and select **Grafana Assume Role** as an authentication provider.
 3. In the AWS Console, create a new IAM role, and under **Trusted entity type**, select **Another AWS account** as the trusted Entity.
 4. Enter Grafana's account id (displayed in the instructions box on the **Settings** tab of the CloudWatch data source configuration) and check the **Require external ID** box.