diff --git a/website/content/api-docs/secret/pki.mdx b/website/content/api-docs/secret/pki.mdx
index 59a847e3c3..b3ee111f6f 100644
--- a/website/content/api-docs/secret/pki.mdx
+++ b/website/content/api-docs/secret/pki.mdx
@@ -1611,7 +1611,9 @@ source is more consistent with expectations of external apps, but see
the [PKI Considerations](/vault/docs/secrets/pki/considerations) page
for a discussion on cluster size and unified CRLs/OCSP.
-~> Note: Unified CRLs are a Vault Enterprise only feature.
+
+ Unified CRLs require a Vault Enterprise license or HCP Plus cluster.
+
These are unauthenticated endpoints.
@@ -1691,7 +1693,9 @@ source is more consistent with expectations of external apps, but see
the [PKI Considerations](/vault/docs/secrets/pki/considerations) page
for a discussion on cluster size and unified CRLs/OCSP.
-~> Note: Unified OCSP is a Vault Enterprise only feature.
+
+ Unified OCSP requires a Vault Enterprise license or HCP Plus cluster.
+
At this time there are certain limitations of the OCSP implementation at this path:
@@ -3820,7 +3824,8 @@ the CRL.
revocations on, to regenerate the delta CRL. Must be shorter than CRL
expiry.
-- `cross_cluster_revocation` `(bool: false)` - Enables cross-cluster revocation
+- `cross_cluster_revocation` `(bool: false)` -
+ Enables cross-cluster revocation
request queues. When a serial not issued on this local cluster is presented
to Vault via the [`/revoke` API](#revoke-certificate), it is replicated
across clusters and the cluster which issued that certificate will revoke
@@ -3831,11 +3836,10 @@ the CRL.
cross-cluster revocation request will be created.
API calls to revoke a certificate with Proof of Possession (PoP) cannot
be satisfied if the certificate is not available locally and will
- not result in a cross-cluster revocation request.
+ not result in a cross-cluster revocation request.
-~> Note: `cross_cluster_revocation` is a Vault Enterprise only feature.
-
-- `unified_crl` `(bool: false)` - Enables unified CRL and OCSP building. This
+- `unified_crl` `(bool: false)` -
+ Enables unified CRL and OCSP building. This
synchronizes all revocations between clusters; a single, unified CRL will be
built on the active node of the primary performance replication (PR)
cluster. Any node in any PR cluster will be able to serve this unified CRL
@@ -3846,17 +3850,14 @@ the CRL.
cluster, but revoked via BYOC on another, this option will inform the
issuing cluster of the revocation.
-~> Note: `unified_crl` is a Vault Enterprise only feature.
-
-- `unified_crl_on_existing_paths` `(bool: false)` - Enables serving the
+- `unified_crl_on_existing_paths` `(bool: false)` -
+ Enables serving the
unified CRL and OCSP on the existing, previously cluster-local paths
(e.g., `/pki/crl` will now contain the unified CRL when enabled). This
allows transitioning AIA-based consumption of CRLs to a unified view
without having to re-issue certificates or update scripts pulling
a single CRL.
-~> Note: `unified_crl_on_existing_paths` is a Vault Enterprise only feature.
-
#### Sample payload
```json
diff --git a/website/content/api-docs/system/config-control-group.mdx b/website/content/api-docs/system/config-control-group.mdx
index 4bd1a3ae6e..ae7e270503 100644
--- a/website/content/api-docs/system/config-control-group.mdx
+++ b/website/content/api-docs/system/config-control-group.mdx
@@ -6,7 +6,7 @@ description: The '/sys/config/control-group' endpoint configures control groups.
# `/sys/config/control-group`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
The `/sys/config/control-group` endpoint is used to configure Control Group
settings.
diff --git a/website/content/api-docs/system/config-group-policy-application.mdx b/website/content/api-docs/system/config-group-policy-application.mdx
index 5a262d6110..80fabd0ff1 100644
--- a/website/content/api-docs/system/config-group-policy-application.mdx
+++ b/website/content/api-docs/system/config-group-policy-application.mdx
@@ -6,7 +6,7 @@ description: The '/sys/config/group-policy-application' endpoint is used to conf
# `/sys/config/group-policy-application`
-~> **Enterprise Only** – These endpoints require Vault Enterprise Platform.
+@include 'alerts/enterprise-and-hcp.mdx'
The `sys/config/group-policy-application` endpoint can be used to configure the
mode of policy application for identity groups in Vault. This setting dictates
diff --git a/website/content/api-docs/system/config-reload.mdx b/website/content/api-docs/system/config-reload.mdx
index c7ee4c5676..3d82d4589f 100644
--- a/website/content/api-docs/system/config-reload.mdx
+++ b/website/content/api-docs/system/config-reload.mdx
@@ -17,9 +17,7 @@ Currently, it only supports reloading license information from files on disk.
- `subsystem` `(string: )` - Specifies the subsystem for Vault to reload. This is part of the request URL.
-## Reload license file
-
-~> **Enterprise Only** – This endpoint requires Vault Enterprise.
+## Reload license file
When the `:subsystem` URL parameter is specified as `license`, Vault re-reads
the license file if the license was provided using the `license_path` configuration
diff --git a/website/content/api-docs/system/control-group.mdx b/website/content/api-docs/system/control-group.mdx
index 1f73716a47..8ffd0f5870 100644
--- a/website/content/api-docs/system/control-group.mdx
+++ b/website/content/api-docs/system/control-group.mdx
@@ -6,7 +6,7 @@ description: The '/sys/control-group' endpoint handles the Control Group workflo
## Authorize control group request
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
This endpoint authorizes a control group request.
diff --git a/website/content/api-docs/system/lease-count-quotas.mdx b/website/content/api-docs/system/lease-count-quotas.mdx
index bb2458a1cf..5922cb0f40 100644
--- a/website/content/api-docs/system/lease-count-quotas.mdx
+++ b/website/content/api-docs/system/lease-count-quotas.mdx
@@ -6,7 +6,7 @@ description: The `/sys/quotas/lease-count` endpoint is used to create, edit and
# `/sys/quotas/lease-count`
-~> **Enterprise Only** – These endpoints require Vault Enterprise Platform.
+@include 'alerts/enterprise-and-hcp.mdx'
The `/sys/quotas/lease-count` endpoint is used to create, edit and delete lease count quotas.
diff --git a/website/content/api-docs/system/license.mdx b/website/content/api-docs/system/license.mdx
index 2cba6033b8..abc803e55a 100644
--- a/website/content/api-docs/system/license.mdx
+++ b/website/content/api-docs/system/license.mdx
@@ -8,7 +8,7 @@ description: |-
# `/sys/license/status`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
The `/sys/license/status` endpoint is used to view update the license used in
Vault.
diff --git a/website/content/api-docs/system/managed-keys.mdx b/website/content/api-docs/system/managed-keys.mdx
index 350e7d8764..9fac46db2c 100644
--- a/website/content/api-docs/system/managed-keys.mdx
+++ b/website/content/api-docs/system/managed-keys.mdx
@@ -99,7 +99,9 @@ $ curl \
#### PKCS#11 backend parameters
-~> NOTE: The `pkcs11` backend is only available with Vault Enterprise Plus (HSMs) edition
+
+ The pkcs11 backend is only available with Vault Enterprise plus HSMs
+
- `type` `(string: "pkcs11")` - To select a PKCS#11 backend, the type parameter must be set to `pkcs11`.
diff --git a/website/content/api-docs/system/policies.mdx b/website/content/api-docs/system/policies.mdx
index 21c449236c..8ce662873e 100644
--- a/website/content/api-docs/system/policies.mdx
+++ b/website/content/api-docs/system/policies.mdx
@@ -10,7 +10,11 @@ description: >-
The `/sys/policies` endpoints are used to manage ACL, RGP, and EGP policies in Vault.
-~> **NOTE**: This endpoint is only available in Vault version 0.9+. Please also note that RGPs and EGPs are Vault Enterprise Premium features and the associated endpoints are not available in Vault Open Source or Vault Enterprise Pro.
+
+/sys/policies endpoints are only available in Vault version 0.9+.
+RGPs and EGPs are Vault Enterprise upgrade features that are not available in
+Vault Open Source or basic Vault Enterprise installations.
+
## List ACL policies
diff --git a/website/content/api-docs/system/replication/index.mdx b/website/content/api-docs/system/replication/index.mdx
index a52a89a109..b18813fc72 100644
--- a/website/content/api-docs/system/replication/index.mdx
+++ b/website/content/api-docs/system/replication/index.mdx
@@ -8,7 +8,7 @@ description: >-
# `/sys/replication`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
## Attempt recovery
diff --git a/website/content/api-docs/system/replication/replication-dr.mdx b/website/content/api-docs/system/replication/replication-dr.mdx
index 94b07fdc75..51c1d22ba8 100644
--- a/website/content/api-docs/system/replication/replication-dr.mdx
+++ b/website/content/api-docs/system/replication/replication-dr.mdx
@@ -8,7 +8,7 @@ description: >-
# `/sys/replication/dr`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-only.mdx'
## Check DR status
diff --git a/website/content/api-docs/system/replication/replication-performance.mdx b/website/content/api-docs/system/replication/replication-performance.mdx
index d090019836..e08f18447d 100644
--- a/website/content/api-docs/system/replication/replication-performance.mdx
+++ b/website/content/api-docs/system/replication/replication-performance.mdx
@@ -8,7 +8,7 @@ description: >-
# `/sys/replication/performance`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
## Check performance status
diff --git a/website/content/api-docs/system/sealwrap-rewrap.mdx b/website/content/api-docs/system/sealwrap-rewrap.mdx
index 3d6e8498fe..5efe23e98f 100644
--- a/website/content/api-docs/system/sealwrap-rewrap.mdx
+++ b/website/content/api-docs/system/sealwrap-rewrap.mdx
@@ -8,7 +8,7 @@ description: >-
# `/sys/sealwrap/rewrap`
-~> **Enterprise Only** – These endpoints require Vault Enterprise.
+@include 'alerts/enterprise-and-hcp.mdx'
The `/sys/sealwrap/rewrap` endpoint is used to rewrap all seal wrapped entries.
This is useful when you want to upgrade seal wrapped entries to use the latest
diff --git a/website/content/api-docs/system/storage/raftautosnapshots.mdx b/website/content/api-docs/system/storage/raftautosnapshots.mdx
index a9b0eec501..5dbf7374bf 100644
--- a/website/content/api-docs/system/storage/raftautosnapshots.mdx
+++ b/website/content/api-docs/system/storage/raftautosnapshots.mdx
@@ -16,7 +16,7 @@ snapshots with Vault's Raft storage backend.
## Create/update an automated snapshots config
--> **Note**: This feature requires [Vault Enterprise](https://www.hashicorp.com/products/vault/)
+@include 'alerts/enterprise-and-hcp.mdx'
**This endpoint requires sudo capability.**
diff --git a/website/content/docs/enterprise/automated-integrated-storage-snapshots.mdx b/website/content/docs/enterprise/automated-integrated-storage-snapshots.mdx
index 9e04dee1bd..774be135a0 100644
--- a/website/content/docs/enterprise/automated-integrated-storage-snapshots.mdx
+++ b/website/content/docs/enterprise/automated-integrated-storage-snapshots.mdx
@@ -9,7 +9,7 @@ description: |-
# Automated integrated storage snapshots
--> **Note**: This feature requires [Vault Enterprise](https://www.hashicorp.com/products/vault/)
+@include 'alerts/enterprise-and-hcp.mdx'
Any production system should include a provision for taking regular backups.
Vault Enterprise can be configured to take and store snapshots at a specific
diff --git a/website/content/docs/enterprise/automated-upgrades.mdx b/website/content/docs/enterprise/automated-upgrades.mdx
index 3b8b578b27..a9a6cc6e8b 100644
--- a/website/content/docs/enterprise/automated-upgrades.mdx
+++ b/website/content/docs/enterprise/automated-upgrades.mdx
@@ -7,10 +7,10 @@ description: |-
# Automated upgrades
-~> **Note**: Automated Upgrades requires [Vault Enterprise](https://www.hashicorp.com/products/vault/) to be
-configured to use Integrated Storage.
+@include 'alerts/enterprise-only.mdx'
-Vault Enterprise Automated Upgrades allows operators to upgrade the Vault version currently running in a cluster automatically.
+Operators running Vault Enterprise with integrated storage can use automated
+upgrades to upgrade the Vault version currently running in a cluster automatically.
There are a few different ways to make this upgrade happen,
and control which versions are being upgraded to. With no additional configuration,
Vault will check the version of Vault that each node in the cluster is running. If a blue/green
diff --git a/website/content/docs/enterprise/consistency.mdx b/website/content/docs/enterprise/consistency.mdx
index b4b240c2df..40e92cb505 100644
--- a/website/content/docs/enterprise/consistency.mdx
+++ b/website/content/docs/enterprise/consistency.mdx
@@ -6,6 +6,8 @@ description: Vault Enterprise Consistency Model
# Vault eventual consistency
+@include 'alerts/enterprise-and-hcp.mdx'
+
When running in a cluster, Vault has an eventual consistency model.
Only one node (the leader) can write to Vault's storage.
Users generally expect read-after-write consistency: in other
diff --git a/website/content/docs/enterprise/control-groups.mdx b/website/content/docs/enterprise/control-groups.mdx
index e929710573..3f91e1acc7 100644
--- a/website/content/docs/enterprise/control-groups.mdx
+++ b/website/content/docs/enterprise/control-groups.mdx
@@ -4,9 +4,9 @@ page_title: Vault Enterprise Control Groups
description: Vault Enterprise has support for Control Group Authorization.
---
-# Vault enterprise control groups
+# Vault Enterprise control groups
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise has support for Control Group Authorization. Control Groups
add additional authorization factors to be required before satisfying a request.
diff --git a/website/content/docs/enterprise/entropy-augmentation.mdx b/website/content/docs/enterprise/entropy-augmentation.mdx
index f3fff6a6e8..0d415c3fb0 100644
--- a/website/content/docs/enterprise/entropy-augmentation.mdx
+++ b/website/content/docs/enterprise/entropy-augmentation.mdx
@@ -8,9 +8,12 @@ description: |-
# Entropy augmentation
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-only.mdx'
-~> **Warning** This feature is not available with FIPS 140-2 Inside variants of Vault.
+
+ Entropy augmentation is not available with "FIPS 140-2 Inside" variants of
+ Vault.
+
Vault Enterprise features a mechanism to sample entropy (or randomness for
cryptographic operations) from external cryptographic modules via the [seals](/vault/docs/configuration/seal)
diff --git a/website/content/docs/enterprise/fips/fips1402.mdx b/website/content/docs/enterprise/fips/fips1402.mdx
index a434994ada..ce9fa97904 100644
--- a/website/content/docs/enterprise/fips/fips1402.mdx
+++ b/website/content/docs/enterprise/fips/fips1402.mdx
@@ -8,7 +8,7 @@ description: |-
# FIPS 140-2 inside
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-only.mdx'
Special builds of Vault Enterprise (marked with a `fips1402` feature name)
include built-in support for FIPS 140-2 compliance. Unlike using Seal Wrap
diff --git a/website/content/docs/enterprise/fips/index.mdx b/website/content/docs/enterprise/fips/index.mdx
index 643b488aa5..ee2cbf207e 100644
--- a/website/content/docs/enterprise/fips/index.mdx
+++ b/website/content/docs/enterprise/fips/index.mdx
@@ -6,6 +6,8 @@ description: An overview of FIPS compliance in Vault.
# FIPS
+@include 'alerts/enterprise-only.mdx'
+
The [Federal Information Processing Standard](https://www.nist.gov/federal-information-standards-fips)
is a cryptography-focused certification standard for U.S. Government usage.
diff --git a/website/content/docs/enterprise/fips/sealwrap.mdx b/website/content/docs/enterprise/fips/sealwrap.mdx
index 5d667a836a..5a1f285014 100644
--- a/website/content/docs/enterprise/fips/sealwrap.mdx
+++ b/website/content/docs/enterprise/fips/sealwrap.mdx
@@ -9,7 +9,7 @@ description: |-
# Seal wrap for FIPS compliance
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-only.mdx'
Vault Enterprise features a mechanism to wrap values with an extra layer of
encryption for supporting [seals](/vault/docs/configuration/seal). This adds an
diff --git a/website/content/docs/enterprise/hsm/behavior.mdx b/website/content/docs/enterprise/hsm/behavior.mdx
index a512a4de34..2e0a0c1e8a 100644
--- a/website/content/docs/enterprise/hsm/behavior.mdx
+++ b/website/content/docs/enterprise/hsm/behavior.mdx
@@ -8,6 +8,8 @@ description: >-
# Vault enterprise HSM behavioral changes
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page contains information about the behavioral differences that take
effect when using Vault with an HSM.
diff --git a/website/content/docs/enterprise/hsm/index.mdx b/website/content/docs/enterprise/hsm/index.mdx
index 95083c2f51..cb9a11e3ba 100644
--- a/website/content/docs/enterprise/hsm/index.mdx
+++ b/website/content/docs/enterprise/hsm/index.mdx
@@ -8,7 +8,7 @@ description: >-
# Vault enterprise HSM support
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-and-hcp.mdx'
- Root key Wrapping: Vault protects its root key by transiting it through
the HSM for encryption rather than splitting into key shares
diff --git a/website/content/docs/enterprise/hsm/security.mdx b/website/content/docs/enterprise/hsm/security.mdx
index fc51204f5f..cd12571dbf 100644
--- a/website/content/docs/enterprise/hsm/security.mdx
+++ b/website/content/docs/enterprise/hsm/security.mdx
@@ -6,6 +6,8 @@ description: Recommendations to ensure the security of a Vault Enterprise HSM de
# Vault enterprise HSM security details
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page provides information to help ensure that a Vault HSM deployment is
performed as securely as possible.
diff --git a/website/content/docs/enterprise/lease-count-quotas.mdx b/website/content/docs/enterprise/lease-count-quotas.mdx
index 2580eb64f5..2be6e035de 100644
--- a/website/content/docs/enterprise/lease-count-quotas.mdx
+++ b/website/content/docs/enterprise/lease-count-quotas.mdx
@@ -7,6 +7,8 @@ description: |-
# Lease count quotas
+@include 'alerts/enterprise-only.mdx'
+
Vault features an extension to resource quotas that allows operators to enforce
limits on how many leases are created. For a given lease count quota, if the
number of leases in the cluster hits the configured limit, `max_leases`, additional
diff --git a/website/content/docs/enterprise/license/autoloading.mdx b/website/content/docs/enterprise/license/autoloading.mdx
index 35d936a5ab..450e8cedcf 100644
--- a/website/content/docs/enterprise/license/autoloading.mdx
+++ b/website/content/docs/enterprise/license/autoloading.mdx
@@ -6,6 +6,8 @@ description: An overview of license autoloading.
# License autoloading
+@include 'alerts/enterprise-and-hcp.mdx'
+
Prior to Vault 1.8, Vault Enterprise would be licensed using special binaries
that contained embedded licenses, or via a license written into Vault storage
using the [POST sys/license API](/vault/api-docs/system/license#install-license).
diff --git a/website/content/docs/enterprise/license/index.mdx b/website/content/docs/enterprise/license/index.mdx
index 5861298c52..c5bb7b81ec 100644
--- a/website/content/docs/enterprise/license/index.mdx
+++ b/website/content/docs/enterprise/license/index.mdx
@@ -6,6 +6,8 @@ description: An overview of license.
# Vault license
+@include 'alerts/enterprise-and-hcp.mdx'
+
Licenses and EULA enhancements have been introduced in Vault 1.8 release. Please refer to the [FAQ](/vault/docs/enterprise/license/faq) for common questions concerning these changes.
The [Install a HashiCorp Enterprise License](/vault/tutorials/enterprise/hashicorp-enterprise-license) tutorial provides the instruction to load your Vault license.
diff --git a/website/content/docs/enterprise/license/utilization-reporting.mdx b/website/content/docs/enterprise/license/utilization-reporting.mdx
index 06a0f9c9af..e1b83f121f 100644
--- a/website/content/docs/enterprise/license/utilization-reporting.mdx
+++ b/website/content/docs/enterprise/license/utilization-reporting.mdx
@@ -7,6 +7,8 @@ description: >-
# Automated license utilization reporting
+@include 'alerts/enterprise-and-hcp.mdx'
+
Automated license utilization reporting sends license utilization data to
HashiCorp without requiring you to manually collect and report them. It also
lets you review your license usage with the monitoring solution you already use
diff --git a/website/content/docs/enterprise/managed-keys.mdx b/website/content/docs/enterprise/managed-keys.mdx
index d7387b5634..688c65285d 100644
--- a/website/content/docs/enterprise/managed-keys.mdx
+++ b/website/content/docs/enterprise/managed-keys.mdx
@@ -7,6 +7,7 @@ description: >-
# Managed keys
+@include 'alerts/enterprise-and-hcp.mdx'
Within certain environments, customers want to leverage key management systems
external to Vault, when handling, storing, and interacting with
diff --git a/website/content/docs/enterprise/mfa/index.mdx b/website/content/docs/enterprise/mfa/index.mdx
index 89bf4dbee4..2b7c9d1321 100644
--- a/website/content/docs/enterprise/mfa/index.mdx
+++ b/website/content/docs/enterprise/mfa/index.mdx
@@ -8,7 +8,7 @@ description: >-
# Vault enterprise MFA support
--> **Note**: This section highlights the Step-up Enterprise MFA feature and its capabilities specifically available for [Vault Enterprise](https://www.hashicorp.com/products/vault/) users.
+@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise has support for Multi-factor Authentication (MFA), using
different authentication types. MFA is built on top of the Identity system of
diff --git a/website/content/docs/enterprise/mfa/mfa-duo.mdx b/website/content/docs/enterprise/mfa/mfa-duo.mdx
index 2f749a5c21..54f178c6a4 100644
--- a/website/content/docs/enterprise/mfa/mfa-duo.mdx
+++ b/website/content/docs/enterprise/mfa/mfa-duo.mdx
@@ -6,6 +6,8 @@ description: Vault Enterprise supports Duo MFA type.
# Duo MFA
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page demonstrates the Duo MFA on ACL'd paths of Vault.
## Configuration
diff --git a/website/content/docs/enterprise/mfa/mfa-okta.mdx b/website/content/docs/enterprise/mfa/mfa-okta.mdx
index 2d7d8a4624..12d0f68b5b 100644
--- a/website/content/docs/enterprise/mfa/mfa-okta.mdx
+++ b/website/content/docs/enterprise/mfa/mfa-okta.mdx
@@ -6,6 +6,8 @@ description: Vault Enterprise supports Okta MFA type.
# Okta MFA
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page demonstrates the Okta MFA on ACL'd paths of Vault.
## Configuration
diff --git a/website/content/docs/enterprise/mfa/mfa-pingid.mdx b/website/content/docs/enterprise/mfa/mfa-pingid.mdx
index cbec2bf01c..6020a6de23 100644
--- a/website/content/docs/enterprise/mfa/mfa-pingid.mdx
+++ b/website/content/docs/enterprise/mfa/mfa-pingid.mdx
@@ -6,6 +6,8 @@ description: Vault Enterprise supports PingID MFA type.
# PingID MFA
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page demonstrates PingID MFA on ACL'd paths of Vault.
## Configuration
diff --git a/website/content/docs/enterprise/mfa/mfa-totp.mdx b/website/content/docs/enterprise/mfa/mfa-totp.mdx
index 7fec3e9043..d5383e24f4 100644
--- a/website/content/docs/enterprise/mfa/mfa-totp.mdx
+++ b/website/content/docs/enterprise/mfa/mfa-totp.mdx
@@ -6,6 +6,8 @@ description: Vault Enterprise supports TOTP MFA type.
# TOTP MFA
+@include 'alerts/enterprise-and-hcp.mdx'
+
This page demonstrates the TOTP MFA on ACL'd paths of Vault.
## Configuration
diff --git a/website/content/docs/enterprise/namespaces.mdx b/website/content/docs/enterprise/namespaces.mdx
index e4476b406a..68e78dd1fd 100644
--- a/website/content/docs/enterprise/namespaces.mdx
+++ b/website/content/docs/enterprise/namespaces.mdx
@@ -6,14 +6,7 @@ description: >-
Multi-tenancy (SMT) and self-management.
---
-# Vault enterprise namespaces
-
-
-
-This feature is available in all versions of [Vault
-Enterprise](https://www.hashicorp.com/products/vault/).
-
-
+# Vault Enterprise namespaces
Many organizations implement Vault as a "service", providing centralized
management for teams within an organization while ensuring that those teams
diff --git a/website/content/docs/enterprise/performance-standby.mdx b/website/content/docs/enterprise/performance-standby.mdx
index 7812ae1a09..4b25852b56 100644
--- a/website/content/docs/enterprise/performance-standby.mdx
+++ b/website/content/docs/enterprise/performance-standby.mdx
@@ -6,7 +6,7 @@ description: Performance Standby Nodes - Vault Enterprise
# Performance standby nodes
--> **Note**: This feature requires [Vault Enterprise Premium](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-and-hcp.mdx'
Vault supports a multi-server mode for high availability. This mode protects
against outages by running multiple Vault servers. High availability mode
diff --git a/website/content/docs/enterprise/pkcs11-provider/aws-xks.mdx b/website/content/docs/enterprise/pkcs11-provider/aws-xks.mdx
index c6b85e7f4c..6df9aac849 100644
--- a/website/content/docs/enterprise/pkcs11-provider/aws-xks.mdx
+++ b/website/content/docs/enterprise/pkcs11-provider/aws-xks.mdx
@@ -7,6 +7,8 @@ description: |-
# Vault with AWS KMS external key store (XKS) via PKCS#11 and XKS proxy
+@include 'alerts/enterprise-and-hcp.mdx'
+
~> **Note**: AWS [`xks-proxy`](https://github.com/aws-samples/aws-kms-xks-proxy) is used in this document as a sample implementation.
Vault's KMIP Secrets Engine can be used as an external key store for the AWS KMS [External Key Store (XKS)](https://aws.amazon.com/blogs/aws/announcing-aws-kms-external-key-store-xks/) protocol using the AWS [`xks-proxy`](https://github.com/aws-samples/aws-kms-xks-proxy) along
diff --git a/website/content/docs/enterprise/pkcs11-provider/index.mdx b/website/content/docs/enterprise/pkcs11-provider/index.mdx
index 6fe998c3d8..295c1e3750 100644
--- a/website/content/docs/enterprise/pkcs11-provider/index.mdx
+++ b/website/content/docs/enterprise/pkcs11-provider/index.mdx
@@ -9,6 +9,8 @@ description: |-
# PKCS#11 provider
+@include 'alerts/enterprise-and-hcp.mdx'
+
[PKCS#11](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html)
is an open standard C API that provides a means to access cryptographic capabilities on a device.
For example, it is often used to access a Hardware Security Module (HSM) (like a [Yubikey](https://www.yubico.com/)) from a local program (such as [GPG](https://gnupg.org/)).
diff --git a/website/content/docs/enterprise/pkcs11-provider/oracle-tde.mdx b/website/content/docs/enterprise/pkcs11-provider/oracle-tde.mdx
index c7347021a0..5b60f9842d 100644
--- a/website/content/docs/enterprise/pkcs11-provider/oracle-tde.mdx
+++ b/website/content/docs/enterprise/pkcs11-provider/oracle-tde.mdx
@@ -7,6 +7,8 @@ description: |-
# Oracle TDE
+@include 'alerts/enterprise-and-hcp.mdx'
+
[Oracle Transparent Data Encryption](https://docs.oracle.com/database/121/ASOAG/introduction-to-transparent-data-encryption.htm#ASOAG10270) (TDE)
is supported with the [Vault PKCS#11 provider](/vault/docs/enterprise/pkcs11-provider).
In this setup, Vault's KMIP engine generates and store the "TDE Master Encryption Key" that the Oracle Database uses to encrypt and decrypt the "TDE Table Keys".
diff --git a/website/content/docs/enterprise/redundancy-zones.mdx b/website/content/docs/enterprise/redundancy-zones.mdx
index 960bdb9245..e88ad1f27b 100644
--- a/website/content/docs/enterprise/redundancy-zones.mdx
+++ b/website/content/docs/enterprise/redundancy-zones.mdx
@@ -7,8 +7,7 @@ description: |-
# Redundancy zones
--> **Note**: This feature requires [Vault Enterprise](https://www.hashicorp.com/products/vault/)
-configured to use Integrated Storage.
+@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise Redundancy Zones provide both read scaling and resiliency benefits by enabling
the deployment of non-voting nodes alongside voting nodes on a per availability zone basis.
diff --git a/website/content/docs/enterprise/replication.mdx b/website/content/docs/enterprise/replication.mdx
index ae9052964c..ad276cfa54 100644
--- a/website/content/docs/enterprise/replication.mdx
+++ b/website/content/docs/enterprise/replication.mdx
@@ -7,14 +7,10 @@ description: >-
recovery workloads.
---
-# Vault enterprise replication
+# Vault Enterprise replication
## Overview
-
--> **Note**: All versions of [Vault Enterprise](https://www.hashicorp.com/products/vault/)
-have support for Disaster Recovery replication. Performance Replication requires
-Vault Enterprise Premium.
-
+
Many organizations have infrastructure that spans multiple datacenters. Vault
provides the critical services of identity management, secrets storage, and
policy management. This functionality is expected to be highly available and
@@ -87,6 +83,8 @@ secondaries to have a different configuration than their primary. Tokens and le
## Performance replication
+@include 'alerts/enterprise-and-hcp.mdx'
+
In Performance Replication, secondaries keep track of their own tokens and leases
but share the underlying configuration, policies, and supporting secrets (K/V values,
encryption keys for `transit`, etc).
diff --git a/website/content/docs/enterprise/sealwrap.mdx b/website/content/docs/enterprise/sealwrap.mdx
index 9f6978a051..da7664017e 100644
--- a/website/content/docs/enterprise/sealwrap.mdx
+++ b/website/content/docs/enterprise/sealwrap.mdx
@@ -8,7 +8,7 @@ description: |-
# Seal wrap
--> **Note**: This feature requires [Vault Enterprise Plus](https://www.hashicorp.com/products/vault/).
+@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise features a mechanism to wrap values with an extra layer of
encryption for supporting [seals](/vault/docs/configuration/seal). This adds an
diff --git a/website/content/docs/enterprise/sentinel/examples.mdx b/website/content/docs/enterprise/sentinel/examples.mdx
index 8a47168ff6..8a562b4b23 100644
--- a/website/content/docs/enterprise/sentinel/examples.mdx
+++ b/website/content/docs/enterprise/sentinel/examples.mdx
@@ -6,6 +6,8 @@ description: An overview of how Sentinel interacts with Vault Enterprise.
# Examples
+@include 'alerts/enterprise-and-hcp.mdx'
+
Following are some examples that help to introduce concepts. If you are
unfamiliar with writing Sentinel policies in Vault, please read through to
understand some best practices.
diff --git a/website/content/docs/enterprise/sentinel/index.mdx b/website/content/docs/enterprise/sentinel/index.mdx
index 8208e1a59a..b5ae785d47 100644
--- a/website/content/docs/enterprise/sentinel/index.mdx
+++ b/website/content/docs/enterprise/sentinel/index.mdx
@@ -4,15 +4,9 @@ page_title: Vault Enterprise Sentinel Integration
description: An overview of how Sentinel interacts with Vault Enterprise.
---
-# Overview
+# Vault Enterprise and Sentinel integration
-
-
-Sentinel requires [Vault
-Enterprise](https://www.hashicorp.com/products/vault/pricing/) license, or an
-[HCP Vault Plus](/hcp/docs/vault/tiers-and-features#plus-tier) cluster.
-
-
+@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise integrates HashiCorp Sentinel to provide a rich set of access
control functionality. Because Vault is a security-focused product trusted with
diff --git a/website/content/docs/enterprise/sentinel/properties.mdx b/website/content/docs/enterprise/sentinel/properties.mdx
index 9d78d64b5b..b40582bb79 100644
--- a/website/content/docs/enterprise/sentinel/properties.mdx
+++ b/website/content/docs/enterprise/sentinel/properties.mdx
@@ -6,6 +6,8 @@ description: An overview of how Sentinel interacts with Vault Enterprise.
# Properties
+@include 'alerts/enterprise-and-hcp.mdx'
+
Vault injects a rich set of data into the running Sentinel environment,
allowing for very fine-grained controls. The set of available properties are
enumerated on this page.
diff --git a/website/content/docs/platform/mssql/index.mdx b/website/content/docs/platform/mssql/index.mdx
index 6b9c549d7b..a5a8b3e980 100644
--- a/website/content/docs/platform/mssql/index.mdx
+++ b/website/content/docs/platform/mssql/index.mdx
@@ -7,8 +7,11 @@ description: >-
# Vault EKM provider for SQL server
--> **Note**: This feature requires [Vault Enterprise](https://www.hashicorp.com/products/vault/)
-with the Advanced Data Protection Key Management module.
+
+Requires
+Vault Enterprise
+ with Advanced Data Protection Key Management module.
+
Microsoft SQL Server supports [Transparent Data Encryption][tde] (TDE). The
Database Encryption Keys (DEK) can be protected by asymmetric Key Encryption
diff --git a/website/content/partials/alerts/enterprise-and-hcp.mdx b/website/content/partials/alerts/enterprise-and-hcp.mdx
new file mode 100644
index 0000000000..3788d7890e
--- /dev/null
+++ b/website/content/partials/alerts/enterprise-and-hcp.mdx
@@ -0,0 +1,6 @@
+
+ Vault Enterprise
+ license or
+ HCP Vault Plus
+ cluster required
+
\ No newline at end of file
diff --git a/website/content/partials/alerts/enterprise-only.mdx b/website/content/partials/alerts/enterprise-only.mdx
new file mode 100644
index 0000000000..4553be74c6
--- /dev/null
+++ b/website/content/partials/alerts/enterprise-only.mdx
@@ -0,0 +1,4 @@
+
+ Vault Enterprise
+ license required
+
\ No newline at end of file