ci: remove Azure portal internal links from docs (#2122)

* Remove Azure internal links from docs

* Ignore Azure internal link in dev-docs

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

.lycheeignore

@@ -1,5 +1,7 @@
 http://localhost:
-# TODO: Remove when site fixed their TLS chain (https://github.com/edgelesssys/constellation/pull/430)
+# TODO: Remove when site fixed their TLS chain (<https://github.com/edgelesssys/constellation/pull/430>)
 https://www.ntia.gov/SBOM
-# Twitter times out on request, maybe someone pulled the plug of this subsystem...
+# Twitter times out on request, maybe someone pulled the plug of this subsystem
 https://twitter.com/EdgelessSystems
+# Azure portal internal link, will return 403 for crawlers, or error when not logged in
+https://portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Compute%2Fgalleries

docs/docs/workflows/config.md

@@ -178,9 +178,9 @@ The following describes the configuration fields and how you obtain the required
   * `westeurope`
   * `southeastasia`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add three role assignments to the identity: `Owner`, `Virtual Machine Contributor`, and `Application Insights Component Contributor`. The `scope` of all three should refer to the previously created cluster resource group.
 

docs/versioned_docs/version-2.0/getting-started/first-steps.md

@@ -77,9 +77,9 @@ The following steps guide you through the process of creating a cluster and depl
       * `northeurope`
       * `westeurope`
 
-    * **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration field to the name of the created resource group.
+    * **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration field to the name of the created resource group.
 
-    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
       Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -88,7 +88,7 @@ The following steps guide you through the process of creating a cluster and depl
       The user-assigned identity is used by instances of the cluster to access other cloud resources.
       For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-    * **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+    * **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
       Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -147,11 +147,11 @@ The following steps guide you through the process of creating a cluster and depl
 
     * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-      - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-      - `Compute Network Admin (roles/compute.networkAdmin)`
-      - `Compute Security Admin (roles/compute.securityAdmin)`
-      - `Compute Storage Admin (roles/compute.storageAdmin)`
-      - `Service Account User (roles/iam.serviceAccountUser)`
+      * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+      * `Compute Network Admin (roles/compute.networkAdmin)`
+      * `Compute Security Admin (roles/compute.securityAdmin)`
+      * `Compute Storage Admin (roles/compute.storageAdmin)`
+      * `Service Account User (roles/iam.serviceAccountUser)`
 
       Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 

docs/versioned_docs/version-2.1/getting-started/first-steps.md

@@ -82,9 +82,9 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
       * `northeurope`
       * `westeurope`
 
-    * **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration field to the name of the created resource group.
+    * **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration field to the name of the created resource group.
 
-    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
       Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -93,7 +93,7 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
       The user-assigned identity is used by instances of the cluster to access other cloud resources.
       For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-    * **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+    * **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
       Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -152,11 +152,11 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
 
     * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-      - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-      - `Compute Network Admin (roles/compute.networkAdmin)`
-      - `Compute Security Admin (roles/compute.securityAdmin)`
-      - `Compute Storage Admin (roles/compute.storageAdmin)`
-      - `Service Account User (roles/iam.serviceAccountUser)`
+      * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+      * `Compute Network Admin (roles/compute.networkAdmin)`
+      * `Compute Security Admin (roles/compute.securityAdmin)`
+      * `Compute Storage Admin (roles/compute.storageAdmin)`
+      * `Service Account User (roles/iam.serviceAccountUser)`
 
       Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 

docs/versioned_docs/version-2.2/getting-started/first-steps.md

@@ -89,9 +89,9 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
       * `northeurope`
       * `westeurope`
 
-    * **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration field to the name of the created resource group.
+    * **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration field to the name of the created resource group.
 
-    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+    * **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
       Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -100,7 +100,7 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
       The user-assigned identity is used by instances of the cluster to access other cloud resources.
       For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-    * **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+    * **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
       Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -159,11 +159,11 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
 
     * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-      - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-      - `Compute Network Admin (roles/compute.networkAdmin)`
-      - `Compute Security Admin (roles/compute.securityAdmin)`
-      - `Compute Storage Admin (roles/compute.storageAdmin)`
-      - `Service Account User (roles/iam.serviceAccountUser)`
+      * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+      * `Compute Network Admin (roles/compute.networkAdmin)`
+      * `Compute Security Admin (roles/compute.securityAdmin)`
+      * `Compute Storage Admin (roles/compute.storageAdmin)`
+      * `Service Account User (roles/iam.serviceAccountUser)`
 
       Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 

docs/versioned_docs/version-2.3/workflows/config.md

@@ -72,6 +72,7 @@ constellation iam create azure --region=westus --resourceGroup=constellTest --se
 This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`.
 
 Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
+
 * `westus`
 * `eastus`
 * `northeurope`
@@ -110,6 +111,7 @@ constellation iam create aws --zone=eu-central-1a --prefix=constellTest
 This command creates IAM configuration for the AWS zone `eu-central-1a` using the prefix `constellTest` for all named resources being created.
 
 Constellation OS images are currently replicated to the following regions:
+
 * `eu-central-1`
 * `us-east-2`
 * `ap-south-1`
@@ -146,9 +148,9 @@ The following describes the configuration fields and how you obtain the required
   * `northeurope`
   * `westeurope`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -157,7 +159,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -191,11 +193,11 @@ The following describes the configuration fields and how you obtain the required
 
 * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-  - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-  - `Compute Network Admin (roles/compute.networkAdmin)`
-  - `Compute Security Admin (roles/compute.securityAdmin)`
-  - `Compute Storage Admin (roles/compute.storageAdmin)`
-  - `Service Account User (roles/iam.serviceAccountUser)`
+  * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+  * `Compute Network Admin (roles/compute.networkAdmin)`
+  * `Compute Security Admin (roles/compute.securityAdmin)`
+  * `Compute Storage Admin (roles/compute.storageAdmin)`
+  * `Service Account User (roles/iam.serviceAccountUser)`
 
   Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 
@@ -242,10 +244,12 @@ Now that you've configured your CSP, you can [create your cluster](./create.md).
 You can keep created IAM configurations and reuse them for new clusters. Alternatively, you can also delete them if they aren't being used anymore.
 
 **Prerequisites:**
+
 * [Terraform](https://developer.hashicorp.com/terraform/downloads) is installed on your machine.
 * Access to the `terraform.tfstate` file created by the `constellation iam create` command.
 
 You can delete the IAM configuration using the following commands:
+
 ```bash
 # Navigate to the directory containing the terraform.tfstate file
 cd constellation-iam-terraform

docs/versioned_docs/version-2.4/workflows/config.md

@@ -72,6 +72,7 @@ constellation iam create azure --region=westus --resourceGroup=constellTest --se
 This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`.
 
 Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
+
 * `westus`
 * `eastus`
 * `northeurope`
@@ -110,6 +111,7 @@ constellation iam create aws --zone=eu-central-1a --prefix=constellTest
 This command creates IAM configuration for the AWS zone `eu-central-1a` using the prefix `constellTest` for all named resources being created.
 
 Constellation OS images are currently replicated to the following regions:
+
 * `eu-central-1`
 * `us-east-2`
 * `ap-south-1`
@@ -146,9 +148,9 @@ The following describes the configuration fields and how you obtain the required
   * `northeurope`
   * `westeurope`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -157,7 +159,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -191,11 +193,11 @@ The following describes the configuration fields and how you obtain the required
 
 * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-  - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-  - `Compute Network Admin (roles/compute.networkAdmin)`
-  - `Compute Security Admin (roles/compute.securityAdmin)`
-  - `Compute Storage Admin (roles/compute.storageAdmin)`
-  - `Service Account User (roles/iam.serviceAccountUser)`
+  * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+  * `Compute Network Admin (roles/compute.networkAdmin)`
+  * `Compute Security Admin (roles/compute.securityAdmin)`
+  * `Compute Storage Admin (roles/compute.storageAdmin)`
+  * `Service Account User (roles/iam.serviceAccountUser)`
 
   Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 
@@ -242,10 +244,12 @@ Now that you've configured your CSP, you can [create your cluster](./create.md).
 You can keep created IAM configurations and reuse them for new clusters. Alternatively, you can also delete them if they aren't being used anymore.
 
 **Prerequisites:**
+
 * [Terraform](https://developer.hashicorp.com/terraform/downloads) is installed on your machine.
 * Access to the `terraform.tfstate` file created by the `constellation iam create` command.
 
 You can delete the IAM configuration using the following commands:
+
 ```bash
 # Navigate to the directory containing the terraform.tfstate file
 cd constellation-iam-terraform

docs/versioned_docs/version-2.5/workflows/config.md

@@ -78,6 +78,7 @@ constellation iam create azure --region=westus --resourceGroup=constellTest --se
 This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`.
 
 Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
+
 * `westus`
 * `eastus`
 * `northeurope`
@@ -116,6 +117,7 @@ constellation iam create aws --zone=eu-central-1a --prefix=constellTest
 This command creates IAM configuration for the AWS zone `eu-central-1a` using the prefix `constellTest` for all named resources being created.
 
 Constellation OS images are currently replicated to the following regions:
+
 * `eu-central-1`
 * `us-east-2`
 * `ap-south-1`
@@ -152,9 +154,9 @@ The following describes the configuration fields and how you obtain the required
   * `northeurope`
   * `westeurope`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](hhttps://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -163,7 +165,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -197,11 +199,11 @@ The following describes the configuration fields and how you obtain the required
 
 * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-  - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-  - `Compute Network Admin (roles/compute.networkAdmin)`
-  - `Compute Security Admin (roles/compute.securityAdmin)`
-  - `Compute Storage Admin (roles/compute.storageAdmin)`
-  - `Service Account User (roles/iam.serviceAccountUser)`
+  * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+  * `Compute Network Admin (roles/compute.networkAdmin)`
+  * `Compute Security Admin (roles/compute.securityAdmin)`
+  * `Compute Storage Admin (roles/compute.storageAdmin)`
+  * `Service Account User (roles/iam.serviceAccountUser)`
 
   Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 
@@ -248,10 +250,12 @@ Now that you've configured your CSP, you can [create your cluster](./create.md).
 You can keep created IAM configurations and reuse them for new clusters. Alternatively, you can also delete them if they aren't being used anymore.
 
 **Prerequisites:**
+
 * [Terraform](https://developer.hashicorp.com/terraform/downloads) is installed on your machine.
 * Access to the `terraform.tfstate` file created by the `constellation iam create` command.
 
 You can delete the IAM configuration using the following commands:
+
 ```bash
 # Navigate to the directory containing the terraform.tfstate file
 cd constellation-iam-terraform

docs/versioned_docs/version-2.6/workflows/config.md

@@ -91,6 +91,7 @@ constellation iam create azure --region=westus --resourceGroup=constellTest --se
 This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`.
 
 Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
+
 * `westus`
 * `eastus`
 * `northeurope`
@@ -129,6 +130,7 @@ constellation iam create aws --zone=eu-central-1a --prefix=constellTest
 This command creates IAM configuration for the AWS zone `eu-central-1a` using the prefix `constellTest` for all named resources being created.
 
 Constellation OS images are currently replicated to the following regions:
+
 * `eu-central-1`
 * `us-east-2`
 * `ap-south-1`
@@ -165,9 +167,9 @@ The following describes the configuration fields and how you obtain the required
   * `northeurope`
   * `westeurope`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add two role assignments to the identity: `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of both should refer to the previously created cluster resource group.
 
@@ -176,7 +178,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -210,11 +212,11 @@ The following describes the configuration fields and how you obtain the required
 
 * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-  - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-  - `Compute Network Admin (roles/compute.networkAdmin)`
-  - `Compute Security Admin (roles/compute.securityAdmin)`
-  - `Compute Storage Admin (roles/compute.storageAdmin)`
-  - `Service Account User (roles/iam.serviceAccountUser)`
+  * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+  * `Compute Network Admin (roles/compute.networkAdmin)`
+  * `Compute Security Admin (roles/compute.securityAdmin)`
+  * `Compute Storage Admin (roles/compute.storageAdmin)`
+  * `Service Account User (roles/iam.serviceAccountUser)`
 
   Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 
@@ -261,6 +263,7 @@ Now that you've configured your CSP, you can [create your cluster](./create.md).
 You can keep a created IAM configuration and reuse it for new clusters. Alternatively, you can also delete it if you don't want to use it anymore.
 
 Delete the IAM configuration by executing the following command in the same directory where you executed `constellation iam create` (the directory that contains [`constellation-iam-terraform`](../reference/terraform.md) as a subdirectory):
+
 ```bash
 constellation iam destroy
 ```

docs/versioned_docs/version-2.7/workflows/config.md

@@ -91,6 +91,7 @@ constellation iam create azure --region=westus --resourceGroup=constellTest --se
 This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`.
 
 Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
+
 * `westus`
 * `eastus`
 * `northeurope`
@@ -129,6 +130,7 @@ constellation iam create aws --zone=eu-central-1a --prefix=constellTest
 This command creates IAM configuration for the AWS zone `eu-central-1a` using the prefix `constellTest` for all named resources being created.
 
 Constellation OS images are currently replicated to the following regions:
+
 * `eu-central-1`
 * `eu-west-1`
 * `eu-west-3`
@@ -167,9 +169,9 @@ The following describes the configuration fields and how you obtain the required
   * `northeurope`
   * `westeurope`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add three role assignments to the identity: `Owner`, `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of all three should refer to the previously created cluster resource group.
 
@@ -178,7 +180,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 
@@ -212,11 +214,11 @@ The following describes the configuration fields and how you obtain the required
 
 * **serviceAccountKeyPath**: To configure this, you need to create a GCP [service account](https://cloud.google.com/iam/docs/service-accounts) with the following permissions:
 
-  - `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
-  - `Compute Network Admin (roles/compute.networkAdmin)`
-  - `Compute Security Admin (roles/compute.securityAdmin)`
-  - `Compute Storage Admin (roles/compute.storageAdmin)`
-  - `Service Account User (roles/iam.serviceAccountUser)`
+  * `Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1)`
+  * `Compute Network Admin (roles/compute.networkAdmin)`
+  * `Compute Security Admin (roles/compute.securityAdmin)`
+  * `Compute Storage Admin (roles/compute.storageAdmin)`
+  * `Service Account User (roles/iam.serviceAccountUser)`
 
   Afterward, create and download a new JSON key for this service account. Place the downloaded file in your Constellation workspace, and set the config parameter to the filename, e.g., `constellation-129857-15343dba46cb.json`.
 
@@ -265,6 +267,7 @@ Now that you've configured your CSP, you can [create your cluster](./create.md).
 You can keep a created IAM configuration and reuse it for new clusters. Alternatively, you can also delete it if you don't want to use it anymore.
 
 Delete the IAM configuration by executing the following command in the same directory where you executed `constellation iam create` (the directory that contains [`constellation-iam-terraform`](../reference/terraform.md) as a subdirectory):
+
 ```bash
 constellation iam destroy
 ```

docs/versioned_docs/version-2.8/workflows/config.md

@@ -171,9 +171,9 @@ The following describes the configuration fields and how you obtain the required
   * `westeurope`
   * `southeastasia`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add three role assignments to the identity: `Owner`, `Virtual Machine Contributor` and `Application Insights Component Contributor`. The `scope` of all three should refer to the previously created cluster resource group.
 
@@ -182,7 +182,7 @@ The following describes the configuration fields and how you obtain the required
   The user-assigned identity is used by instances of the cluster to access other cloud resources.
   For more information about managed identities refer to [Azure's documentation](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities).
 
-* **appClientID**: [Create a new app registration in Azure](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade/quickStartType~/null/isMSAApp~/false).
+* **appClientID**: [Create a new app registration in Azure](https://learn.microsoft.com/azure/active-directory/develop/quickstart-register-app).
 
   Set `Supported account types` to `Accounts in this organizational directory only` and leave the `Redirect URI` empty.
 

docs/versioned_docs/version-2.9/workflows/config.md

@@ -178,9 +178,9 @@ The following describes the configuration fields and how you obtain the required
   * `westeurope`
   * `southeastasia`
 
-* **resourceGroup**: [Create a new resource group in Azure](https://portal.azure.com/#create/Microsoft.ResourceGroup) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
+* **resourceGroup**: [Create a new resource group in Azure](https://learn.microsoft.com/azure/azure-resource-manager/management/manage-resource-groups-portal) for your Constellation cluster. Set this configuration     field to the name of the created resource group.
 
-* **userAssignedIdentity**: [Create a new managed identity in Azure](https://portal.azure.com/#create/Microsoft.ManagedIdentity). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
+* **userAssignedIdentity**: [Create a new managed identity in Azure](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities). You should create the identity in a different resource group as all resources within the cluster resource group will be deleted on cluster termination.
 
   Add three role assignments to the identity: `Owner`, `Virtual Machine Contributor`, and `Application Insights Component Contributor`. The `scope` of all three should refer to the previously created cluster resource group.