CTA article addition (SharePoint#9628)

cindylay · web-flow · commit e2d8c34aa297 · 2024-04-09T22:32:51.000+03:00
* CTA article addition

* CTA article addition 2

* edits to the spe admin role

* numbering

* fix comment
diff --git a/docs/embedded/concepts/admin-exp/billing.md b/docs/embedded/concepts/admin-exp/billing.md
@@ -24,7 +24,7 @@ To enable PAYG on SharePoint Embedded, you need:
 ## Roles and Permissions
 
 - Admin who will set up billing relationship for SharePoint Embedded  will need to have owner or contributor permissions on Azure subscription.
-- Admin will need to have a SharePoint administrator role to operate billing cmdlets.
+- Admin will need to have a SharePoint Embedded Administrator role to operate billing cmdlets.
 
 ## Steps to establish billing
 
diff --git a/docs/embedded/concepts/admin-exp/cta.md b/docs/embedded/concepts/admin-exp/cta.md
@@ -7,11 +7,18 @@ ms.localizationpriority: high
 
 # Consuming Tenant Admin
 
-The organizations that use the SharePoint Embedded applications on their Microsoft 365 tenants are the consuming tenants and the persona that is responsible for managing these applications on their Microsoft 365 tenancy is the consuming tenant administrator. Consuming tenant administrators can perform various administrative actions on the SharePoint Embedded applications registered on their Microsoft 365 tenant and on the Containers that hold the content. They can also manage tenant level configurations and ensure that data is stored in a secure, protected way that meets customers’ business and compliance policies. In this article, we describe the enterprise manageability features that are supported and available to the consuming tenant administrator.
+> [!IMPORTANT]
+> Assign the SharePoint Embedded Administrator role available in M365 Admin Center or Microsoft Entra to execute SharePoint Embedded Container commandlets mentioned in this article.
+> 
+> Global Administrators can continue to execute SharePoint Embedded container cmdlets.
+> 
+> If you are a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets.
+
+The organizations that use the SharePoint Embedded applications on their Microsoft 365(Microsoft 365) tenants are the consuming tenants and the persona that is responsible for managing these applications on their Microsoft 365 tenancy is the consuming tenant administrator. Consuming tenant administrators can perform various administrative actions on the SharePoint Embedded applications registered on their Microsoft 365 tenant and on the Containers that hold the content. They can also manage tenant level configurations and ensure that data is stored in a secure, protected way that meets customers’ business and compliance policies. In this article, we describe the enterprise manageability features that are supported and can be performed by the consuming tenant administrator.
 
 ## 1. Consuming Tenant Admin Role
 
-Microsoft 365 SharePoint Administrator serves as the consuming tenant admin. Global Administrators in Microsoft 365 can assign users the SharePoint Administrator. The Global Administrator role already has all the permissions of the SharePoint Administrator role. For information about assigning a user the SharePoint Administrator role, see [Assign admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/assign-admin-roles).
+Microsoft 365 SharePoint Embedded Administrator serves as the consuming tenant admin.  Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator. The Global Administrator role already has all the permissions of the SharePoint Embedded Administrator role. A SharePoint Administrator can assign themselves the SharePoint Embedded Administrator role to act as a Consuming Tenant Admin for SharePoint Embedded. The SharePoint Embedded Role is available in Microsoft Entra and M365 Admin Center.
 
 ## 2. Administration Tools
 
@@ -113,39 +120,7 @@ Admins can permanently delete a Container from the deleted container collection
 Remove-SPODeletedContainer -Identity <ContainerId>
 ```
 
-## 5. Tenant Administration
-
-SharePoint Online enables admins to manage various tenant-wide settings with the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) PowerShell command. This command allows administrators to modify global settings that affect the behavior and functionality of SharePoint Online for all users in the organization.
-
-These tenant-wide settings are also applicable to all SharePoint Embedded applications on the tenant. These settings include conditional access policies, BlockDownloadFileTypePolicy, and SharingCapability to name a few. Learn more about the Set-SPOTenant settings here: [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant).
-
-### Unique External Sharing settings for SharePoint Embedded
-
-Admins can configure external sharing settings ONLY for SharePoint Embedded applications at the tenant level with the following commands. The external sharing features let users in your organization share content with people outside the organization (such as partners, vendors, clients, or customers), ensuring sensitive data isn't accidentally shared with unauthorized users.
-
-```powershell
-Set-SPOTenant -ContainerSharingCapability <ContainerSharingCapabilities>
-```
-
-> [!NOTE]
->
-> - External sharing for SharePoint Embedded defaults to the tenant setting set with `Set-SPOTenant [-SharingCapability <SharingCapabilities>]`.
-> - External sharing settings for SharePoint Embedded must be equally or more restrictive than the tenant-wide external sharing settings.
-
-Other unique sharing settings for SharePoint Embedded applications include:
-
-```powershell
-Set-SPOTenant -ContainerDefaultShareLinkScope
-```
-
-```powershell
-Set-SPOTenant -ContainerDefaultShareLinkRole
-```
-
-```powershell
-Set-SPOTenant -ContainerDefaultLinkToExistingAccess
-```
 
-## 6. Security and Compliance Administration
+## 5. Security and Compliance Administration
 
 SharePoint Embedded uses Microsoft’s comprehensive compliance and data governance solutions to help organizations manage risks, protect, and govern sensitive data, and respond to regulatory requirements. Security and compliance solutions work in a similar manner in the SharePoint Embedded platform as they do today in Microsoft 365 platform so that data is stored in a secure, protected way that meets customers’ business and compliance policies while making it easy for Compliance and SharePoint Administrators to enforce critical security and compliance policies on the content. For information on supported security and compliance capabilities, see [Security and Compliance](../security-and-compliance.md).
diff --git a/docs/embedded/concepts/admin-exp/dev-admin.md b/docs/embedded/concepts/admin-exp/dev-admin.md
@@ -12,7 +12,7 @@ Organizations that create file management applications with the help of SharePoi
 
 ## Developer Admin Role
 
-A Microsoft 365 SharePoint Administrator serves as the developer admin. Global Administrators in Microsoft 365 can assign users the SharePoint Administrator role. The Global Administrator role already has all the permissions of the SharePoint Administrator role. For information about assigning a user the SharePoint administrator role, see Assign admin roles in the Microsoft 365 admin center.
+A Microsoft 365 SharePoint Embedded Administrator serves as the developer admin. Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator role. The Global Administrator role already has all the permissions of the SharePoint Embedded Administrator role. For information about assigning a user the SharePoint Embedded Administrator role, see Assign admin roles in the Microsoft 365 admin center.
 
 ### Billing responsibilities of Developer admin
 
@@ -27,6 +27,12 @@ To get started using PowerShell to manage SharePoint Embedded, you have to insta
 > [!IMPORTANT]
 > You need version 16.0.24211.12000 or higher to run the commands for SharePoint Embedded.
 
+> [!IMPORTANT]
+> Assign the SharePoint Embedded Administrator role available in M365 Admin Center or Microsoft Entra to execute SharePoint Embedded Container commandlets mentioned in this article.
+> 
+> Global Administrators can continue to execute SharePoint Embedded container cmdlets.
+> 
+> If you are a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets.
 ## PowerShell cmdlets for admin experience
 
 ### Creation of container types
@@ -78,8 +84,8 @@ For more information about billing, see [Billing](./billing.md).
 
 ## Roles and Permissions
 
-The user or admin who will set up billing relationship for SharePoint Embedded will need to have owner or contributor permissions on Azure subscription.
+The user or admin who will set up billing relationship for SharePoint Embedded will need to have owner or contributor permissions on a Azure subscription.
 
 If you don't have an Azure subscription, follow steps here to [create a subscription](/azure/cloud-adoption-framework/ready/azure-best-practices/initial-subscriptions)
 
-The user or admin will need to have a SharePoint administrator role to operate SPO PowerShell cmdlets.
+
diff --git a/docs/embedded/concepts/app-concepts/containertypes.md b/docs/embedded/concepts/app-concepts/containertypes.md
@@ -16,12 +16,14 @@ There are two kinds of Container Types that a developer tenant can create:
 1. [Trial Container Types](#trial-container-types)
 1. [Standard Container Types](#standard-container-types)
 
+
+
 ## Trial Container Types
 
 To enable customers to explore the development of SharePoint Embedded applications and assess its features, we offer the ability to create a Trial Container Type. Each customer can have only one Trial Container Type in their tenant at a time. The tenant developing the application can utilize Trial Container Types, which aren't linked to a billing profile. In this scenario, the partner tenant remains the same as the consuming tenant. The Trial Container Type remains valid for up to 30 days but can be removed at any time within this period. There are two ways to create a Trial Container Type:
 
 - You can use [SharePoint Embedded Visual Studio Code Extension](../../getting-started/spembedded-for-vscode.md) to create a Trial Container Type in just a few steps. The Visual Studio Code extension also registers your Container Type and creates Containers for you.
-- A Trial Container Type can be created using SharePoint PowerShell. You must be a SharePoint Administrator or Global Administrator to run this cmdlet.
+- A Trial Container Type can be created using SharePoint PowerShell. You must be a SharePoint Embedded Administrator or Global Administrator to run this cmdlet. If you are a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets.
 
 ```powershell
 New-SPOContainerType
@@ -46,7 +48,17 @@ Standard Container Types are associated with a billing profile in [Azure portal]
 
 A developer admin can create a new billable Container Type using the following PowerShell cmdlet. Tenants can create a maximum of five Container Types. Trial Container Types don't count against the maximum number of Container Types that a Partner tenant can create.
 
-You must be a SharePoint Administrator or Global Administrator to run this cmdlet and must have the latest version of SharePoint PowerShell module.
+
+> [!IMPORTANT]
+> Assign the SharePoint Embedded Administrator role available in M365 Admin Center or Microsoft Entra to execute SharePoint Embedded Container commandlets mentioned in this article.
+> 
+> Global Administrators can continue to execute SharePoint Embedded container cmdlets.
+> 
+> If you are a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets.
+
+
+> [!NOTE]
+> The user or admin who will set up billing relationship for SharePoint Embedded will need to have owner or contributor permissions on the Azure subscription.
 
 ```powershell
 New-SPOContainerType
diff --git a/docs/embedded/concepts/security-and-compliance.md b/docs/embedded/concepts/security-and-compliance.md
@@ -97,7 +97,7 @@ Policy tips are shown today for files hosted in SharePoint Online so that users
 Global Administrators and SharePoint Administrators can set and remove sensitivity labels on a SharePoint Embedded Container by using the newly created SharePoint PowerShell cmdlet:
 
 ```powershell
-Set -SPOContainer -Identity <ContainerID/ContainerSiteURL> -SensitivityLabel <SensitivityLabelGUID>
+Set-SPOContainer -Identity <ContainerID/ContainerSiteURL> -SensitivityLabel <SensitivityLabelGUID>
 ```
 
 To learn more about setting sensitivity labels, see [Learn about sensitivity labels](/purview/sensitivity-labels).
