From 5467c328b75e1a84130801dddf3b492e59d070ec Mon Sep 17 00:00:00 2001
From: Manuel Sopena Ballesteros <manuel.sopena@cscs.ch>
Date: Tue, 18 Jun 2024 09:15:12 +0200
Subject: [PATCH] update docs

---
 docs/qa.md       | 8 ++++++++
 docs/security.md | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/docs/qa.md b/docs/qa.md
index 9ad0b02d..8bf42ab0 100644
--- a/docs/qa.md
+++ b/docs/qa.md
@@ -4,6 +4,14 @@
     - List most common questions when using manta (eg: like a howto guide)
     - Don't put errors here
 
+**Q: Can I run manta from my laptop?**
+
+**A:** Alps system management APIs are not accessible from the public network.
+External users need to run manta from a hardened environment within CSCS.
+CSCS staff can create a SOCKS5 proxy through bastion and run manta from outside CSCS.
+
+---
+
 **Q: `manta get ...` only shows information for 1 cluster, I am missing other clusters data**
 
 **A:** make sure manta is not locked to a cluster, run `manta config show` and make sure there is no `Current HSM` value.
diff --git a/docs/security.md b/docs/security.md
index 9daa55b6..265cbd4e 100644
--- a/docs/security.md
+++ b/docs/security.md
@@ -8,3 +8,5 @@ Manta validates the users command against the information in their JWT authentic
 If the user tries to submit an operation against a cluster or node that does not have access, then the operation will fail.
 
 Discuss about how manta uses the JWT auth token to restrict user actions
+
+Alps system management APIs are not publicly available, manta needs to run from a hardened environment within CSCS