From e3a279e2784129598a34be5aeecac121eb912316 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Fri, 1 Nov 2024 15:34:19 -0400
Subject: [PATCH 01/10] docs: Update meta content - Configuration
---
website/content/docs/configuration/index.mdx | 3 ++-
.../content/docs/configuration/listener/index.mdx | 5 ++---
website/content/docs/configuration/worker/index.mdx | 12 ++++++------
.../configuration/worker/worker-configuration.mdx | 4 ++--
4 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/website/content/docs/configuration/index.mdx b/website/content/docs/configuration/index.mdx
index 13c8939ce4..8bb4a30359 100644
--- a/website/content/docs/configuration/index.mdx
+++ b/website/content/docs/configuration/index.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Overview/top-level parameters
-description: Boundary configuration reference.
+description: >-
+ Learn about the parameters that make up the Boundary HCL configuration file. View parameters for HCP and self-managed Boundary installations.
---
# Configuration
diff --git a/website/content/docs/configuration/listener/index.mdx b/website/content/docs/configuration/listener/index.mdx
index c7042eb260..26feea5774 100644
--- a/website/content/docs/configuration/listener/index.mdx
+++ b/website/content/docs/configuration/listener/index.mdx
@@ -1,9 +1,8 @@
---
layout: docs
page_title: Listeners - configuration
-description: |-
- The listener stanza configures the addresses and ports on which Boundary will
- respond to requests.
+description: >-
+ Learn about Boundary listener configuration settings for TCP and Unix listeners. Configure the addresses and ports on which Boundary responds to requests.
---
# `listener` stanza
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 24aff48b9b..70b13fce72 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Worker - configuration
-description: |-
- The worker stanza configures worker-specific parameters.
+description: >-
+ Learn about Boundary worker configuration settings for configuring proxies, storage, and worker roles. Use multi-hop configurations to chain workers together.
---
# Worker stanza
@@ -11,19 +11,19 @@ The `worker` stanza configures Boundary worker-specific parameters.
All workers within Boundary use certificates and encryption keys to identify
themselves and protect data in transit. However, there are three different
-ways to register them so that registration of workers can fit into any workflow; controller-led, worker-led, and via external KMS.
+ways to register them so that registration of workers can fit into any workflow; controller-led, worker-led, and via external KMS.
The differences in how they are configured are in the sub-pages linked at the
bottom of this page.
Workers registered via the worker-led or controller-led methods must be registered in
the system via an API call, and require storage on disk to store the current set
-of credentials. Workers registering via an external KMS auto-register after successful authentication, making them an easy mechanism to
+of credentials. Workers registering via an external KMS auto-register after successful authentication, making them an easy mechanism to
use for automatic scaling. This also means they are not required to store
credentials locally; each time they connect the KMS is used to reauthenticate
them.
-~> Prior to version 0.15 of Boundary, there were two different types of workers, PKI & KMS workers.
+~> Prior to version 0.15 of Boundary, there were two different types of workers, PKI & KMS workers.
If you are using pre-0.15 workers, with pre-0.15 upstreams please be sure to switch the documentation
version to `0.13.x` - `0.14.x` for correct information.
@@ -87,7 +87,7 @@ worker {
Session recordings are stored in the local storage while they are in progress.
When the session is complete, Boundary moves the local session recording to remote storage and deletes the local copy.
-- `recording_storage_minimum_available_capacity` - A value measured in bytes that defines the worker's local storage state.
+- `recording_storage_minimum_available_capacity` - A value measured in bytes that defines the worker's local storage state.
Boundary compares this value with the available local disk space found in the `recording_storage_path` to determine if a worker can be used for session recording operations.
The supported suffixes are kb, kib, mb, mib, gb, gib, tb, tib, which are not case sensitive. Example: 2GB, 2gb, 2GiB, 2gib.
The possible storage states based on the `recording_storage_minimum_available_capacity` are:
diff --git a/website/content/docs/configuration/worker/worker-configuration.mdx b/website/content/docs/configuration/worker/worker-configuration.mdx
index 0adf359952..8fcbbbcd55 100644
--- a/website/content/docs/configuration/worker/worker-configuration.mdx
+++ b/website/content/docs/configuration/worker/worker-configuration.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Worker configuration
-description: |-
- Worker-specific parameters.
+description: >-
+ Learn about authorizing Boundary workers to the cluster and configuring workers for session recording storage. View a complete worker configuration example.
---
# Worker configuration
From d9fd69beea19f724167761091944a0c0adbe38da Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Fri, 1 Nov 2024 15:52:32 -0400
Subject: [PATCH 02/10] docs: Revisions
---
website/content/docs/configuration/index.mdx | 2 +-
website/content/docs/configuration/listener/index.mdx | 2 +-
website/content/docs/configuration/worker/index.mdx | 2 +-
.../content/docs/configuration/worker/worker-configuration.mdx | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/website/content/docs/configuration/index.mdx b/website/content/docs/configuration/index.mdx
index 8bb4a30359..705d2b9c4d 100644
--- a/website/content/docs/configuration/index.mdx
+++ b/website/content/docs/configuration/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Overview/top-level parameters
description: >-
- Learn about the parameters that make up the Boundary HCL configuration file. View parameters for HCP and self-managed Boundary installations.
+ Learn about the parameters that make up the Boundary HCL configuration file. View parameters for HCP and self-managed installations.
---
# Configuration
diff --git a/website/content/docs/configuration/listener/index.mdx b/website/content/docs/configuration/listener/index.mdx
index 26feea5774..52369a4473 100644
--- a/website/content/docs/configuration/listener/index.mdx
+++ b/website/content/docs/configuration/listener/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Listeners - configuration
description: >-
- Learn about Boundary listener configuration settings for TCP and Unix listeners. Configure the addresses and ports on which Boundary responds to requests.
+ Learn about listener configuration settings for TCP and Unix listeners. Configure the addresses and ports on which Boundary responds to requests.
---
# `listener` stanza
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 70b13fce72..98500b2807 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Worker - configuration
description: >-
- Learn about Boundary worker configuration settings for configuring proxies, storage, and worker roles. Use multi-hop configurations to chain workers together.
+ Learn about worker configuration settings for configuring proxies, storage, and worker roles. Use multi-hop configurations to chain workers together.
---
# Worker stanza
diff --git a/website/content/docs/configuration/worker/worker-configuration.mdx b/website/content/docs/configuration/worker/worker-configuration.mdx
index 8fcbbbcd55..32bab11559 100644
--- a/website/content/docs/configuration/worker/worker-configuration.mdx
+++ b/website/content/docs/configuration/worker/worker-configuration.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Worker configuration
description: >-
- Learn about authorizing Boundary workers to the cluster and configuring workers for session recording storage. View a complete worker configuration example.
+ Learn about authorizing workers to the cluster and configuring workers for session recording storage. View a complete worker configuration example.
---
# Worker configuration
From edfe706f6b0078c6b436534b5857e7830f0f2157 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Tue, 12 Nov 2024 13:05:26 -0500
Subject: [PATCH 03/10] docs: Edits
---
website/content/docs/configuration/listener/index.mdx | 2 +-
website/content/docs/configuration/worker/index.mdx | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/website/content/docs/configuration/listener/index.mdx b/website/content/docs/configuration/listener/index.mdx
index 52369a4473..cc2e2a6798 100644
--- a/website/content/docs/configuration/listener/index.mdx
+++ b/website/content/docs/configuration/listener/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Listeners - configuration
description: >-
- Learn about listener configuration settings for TCP and Unix listeners. Configure the addresses and ports on which Boundary responds to requests.
+ Learn about TCP and Unix listener configuration settings. Understand where to change the default addresses and ports on which Boundary responds to requests.
---
# `listener` stanza
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 98500b2807..70d229b278 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Worker - configuration
description: >-
- Learn about worker configuration settings for configuring proxies, storage, and worker roles. Use multi-hop configurations to chain workers together.
+ Learn about worker configuration for proxies, storage, and tags. Understand how multi-hop configurations let you chain workers together in private networks.
---
# Worker stanza
From 0a2a481c1d9b48aaeaca3b5946b0ee5004652ac6 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Tue, 12 Nov 2024 16:49:28 -0500
Subject: [PATCH 04/10] docs: Update KMS topics
---
website/content/docs/configuration/kms/aead.mdx | 4 ++--
website/content/docs/configuration/kms/alicloudkms.mdx | 2 +-
website/content/docs/configuration/kms/awskms.mdx | 5 ++---
website/content/docs/configuration/kms/azurekeyvault.mdx | 2 +-
website/content/docs/configuration/kms/gcpckms.mdx | 2 +-
website/content/docs/configuration/kms/index.mdx | 4 ++--
website/content/docs/configuration/kms/ocikms.mdx | 4 ++--
website/content/docs/configuration/kms/transit.mdx | 4 ++--
website/content/docs/configuration/listener/tcp.mdx | 5 ++---
website/content/docs/configuration/listener/unix.mdx | 4 ++--
10 files changed, 17 insertions(+), 19 deletions(-)
diff --git a/website/content/docs/configuration/kms/aead.mdx b/website/content/docs/configuration/kms/aead.mdx
index d17e51d8d3..282509a3d8 100644
--- a/website/content/docs/configuration/kms/aead.mdx
+++ b/website/content/docs/configuration/kms/aead.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: AEAD - configuration
-description: |-
- The AEAD KMS configures AEAD-specific parameters.
+description: >-
+ Learn about using the Authenticated Encryption with Associated Data (AEAD) KMS for key management. AEAD is typically used for development workflows or testing.
---
# `aead` KMS
diff --git a/website/content/docs/configuration/kms/alicloudkms.mdx b/website/content/docs/configuration/kms/alicloudkms.mdx
index 08d52f3731..8237df4e94 100644
--- a/website/content/docs/configuration/kms/alicloudkms.mdx
+++ b/website/content/docs/configuration/kms/alicloudkms.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: AliCloud KMS - KMSs - configuration
description: >-
- The AliCloud KMS configures Boundary to use AliCloud KMS for key management.
+ Learn about using the AliCloud KMS for key management and configuring parameters and authentication. View an example alicloudkms configuration.
---
# `alicloudkms` KMS
diff --git a/website/content/docs/configuration/kms/awskms.mdx b/website/content/docs/configuration/kms/awskms.mdx
index 96d75320da..a51ccc529a 100644
--- a/website/content/docs/configuration/kms/awskms.mdx
+++ b/website/content/docs/configuration/kms/awskms.mdx
@@ -1,9 +1,8 @@
---
layout: docs
page_title: AWS KMS - KMSs - Configuration
-description: |-
- The AWS KMS configures Boundary to use AWS KMS for key management.
- mechanism.
+description: >-
+ Learn about using the AWS KMS for key management, configuring parameters and authentication, and best practices for key rotation. View an example configuration.
---
# `awskms`
diff --git a/website/content/docs/configuration/kms/azurekeyvault.mdx b/website/content/docs/configuration/kms/azurekeyvault.mdx
index 889b69996f..3d75e909e9 100644
--- a/website/content/docs/configuration/kms/azurekeyvault.mdx
+++ b/website/content/docs/configuration/kms/azurekeyvault.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Azure Key Vault - seals - configuration
description: >-
- The Azure Key Vault seal configures Boundary to use Azure Key Vault for key management.
+ Learn about using the Azure Key Vault KMS for key management and configuring parameters and authentication. View an example azurekeyvault configuration.
---
# `azurekeyvault` KMS
diff --git a/website/content/docs/configuration/kms/gcpckms.mdx b/website/content/docs/configuration/kms/gcpckms.mdx
index 23056c896e..040eeba6d3 100644
--- a/website/content/docs/configuration/kms/gcpckms.mdx
+++ b/website/content/docs/configuration/kms/gcpckms.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: GCP Cloud KMS - KMSs - configuration
description: >-
- The GCP Cloud KMS configures Boundary to use GCP Cloud KMS for key management.
+ Learn about using the GCP Cloud KMS for key management and configuring parameters and authentication. View an example gcpkms configuration.
---
# `gcpckms` KMS
diff --git a/website/content/docs/configuration/kms/index.mdx b/website/content/docs/configuration/kms/index.mdx
index 13238667f5..92219ebedc 100644
--- a/website/content/docs/configuration/kms/index.mdx
+++ b/website/content/docs/configuration/kms/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: KMS - configuration
-description: |-
- The KMS stanza configures KMS-specific parameters.
+description: >-
+ Learn about using the kms stanza to configure key management system parameters. Discover resources for learning about specific KMS technologies.
---
# `kms` stanza
diff --git a/website/content/docs/configuration/kms/ocikms.mdx b/website/content/docs/configuration/kms/ocikms.mdx
index 95da4158cc..ae329d2a89 100644
--- a/website/content/docs/configuration/kms/ocikms.mdx
+++ b/website/content/docs/configuration/kms/ocikms.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: OCI KMS - KMSs - configuration
-description: |-
- The OCI KMS configures Boundary to use OCI KMS for key management.
+description: >-
+ Learn about using the OCI KMS for key management and configuring parameters and authentication. View an example configuration. Understand OCI KMS key rotation.
---
# `ocikms` KMS
diff --git a/website/content/docs/configuration/kms/transit.mdx b/website/content/docs/configuration/kms/transit.mdx
index b6e59940df..7e42f34ee8 100644
--- a/website/content/docs/configuration/kms/transit.mdx
+++ b/website/content/docs/configuration/kms/transit.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Vault Transit - seals - configuration
-description: |-
- The Transit configures Boundary to use Vault's Transit Secret Engine for key management.
+description: >-
+ Learn about using the Vault transit secrets engine for key management and configuring parameters and authentication. View an example Transit KMS configuration.
---
# `transit` seal
diff --git a/website/content/docs/configuration/listener/tcp.mdx b/website/content/docs/configuration/listener/tcp.mdx
index 566a9de0fc..a40ad64676 100644
--- a/website/content/docs/configuration/listener/tcp.mdx
+++ b/website/content/docs/configuration/listener/tcp.mdx
@@ -1,9 +1,8 @@
---
layout: docs
page_title: TCP - listeners - configuration
-description: |-
- The TCP listener configures Boundary to listen on the specified TCP address and
- port.
+description: >-
+ Learn about using the TCP listener on a TCP address and port, and view configurable parameters. Understand custom response headers. View example configurations.
---
# `tcp` listener
diff --git a/website/content/docs/configuration/listener/unix.mdx b/website/content/docs/configuration/listener/unix.mdx
index c080d304db..1fd510486b 100644
--- a/website/content/docs/configuration/listener/unix.mdx
+++ b/website/content/docs/configuration/listener/unix.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Unix domain socket - listeners - configuration
-description: |-
- The Unix listener configures Boundary to listen on the specified Unix domain socket.
+description: >-
+ Learn about using the Unix listener on a specified Unix domain socket, and view configurable parameters. View example Unix listener configurations.
---
# `unix` listener
From 43256c26cf7f5205afcc82fb4a8816de2ec35c85 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 13 Nov 2024 11:09:38 -0500
Subject: [PATCH 05/10] docs: Updates credential management topics
---
.../credential-management/configure-credential-brokering.mdx | 2 +-
.../credential-management/configure-credential-injection.mdx | 2 +-
.../docs/configuration/credential-management/index.mdx | 2 +-
.../credential-management/static-cred-boundary.mdx | 4 ++--
.../configuration/credential-management/static-cred-vault.mdx | 4 ++--
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx b/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
index 3829f99981..b5c9f9f76a 100644
--- a/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
+++ b/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure targets with credential brokering
-description: |-
+description: >-
Configure credential brokering workflows so that Boundary centrally manages credentials and returns them to users when they successfully connect to a target.
---
diff --git a/website/content/docs/configuration/credential-management/configure-credential-injection.mdx b/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
index 6c76b3868a..70bbdeb22f 100644
--- a/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
+++ b/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure targets with credential injection
-description: |-
+description: >-
Configure credential injection so Boundary provides users with a passwordless experience when connecting to targets. Availabile exclusively for Enterprise users.
---
diff --git a/website/content/docs/configuration/credential-management/index.mdx b/website/content/docs/configuration/credential-management/index.mdx
index e0ab55b775..86adf91922 100644
--- a/website/content/docs/configuration/credential-management/index.mdx
+++ b/website/content/docs/configuration/credential-management/index.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure credentials with Boundary
-description: |-
+description: >-
Credential stores let you store and manage credentials in Boundary. Learn about configuring user workflows with credential management or credential injection.
---
diff --git a/website/content/docs/configuration/credential-management/static-cred-boundary.mdx b/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
index 3f3c719235..26cf542ba3 100644
--- a/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
+++ b/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Manage static credentials with Boundary
-description: |-
- Create a static credential store to manage static credentials in Boundary. Credential stores let you configure targets for credential brokering or injection.
+description: >-
+ Create a static credential store to manage static credentials. Credential stores let you configure targets for credential brokering or injection.
---
# Create a static credential store
diff --git a/website/content/docs/configuration/credential-management/static-cred-vault.mdx b/website/content/docs/configuration/credential-management/static-cred-vault.mdx
index ab4101f9a7..6cb82cff08 100644
--- a/website/content/docs/configuration/credential-management/static-cred-vault.mdx
+++ b/website/content/docs/configuration/credential-management/static-cred-vault.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Manage static credentials with Vault
-description: |-
- Create a Vault credential store to manage credentials in Boundary. Credential stores let you configure targets for credential brokering or credential injection.
+description: >-
+ Create a Vault credential store to manage credentials. Credential stores let you configure targets for credential brokering or credential injection.
---
# Create a Vault credential store
From f549dc1d8674a8d4b54e2da261719e9d85f4da2f Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 13 Nov 2024 11:32:27 -0500
Subject: [PATCH 06/10] docs: Updates IAM topics
---
website/content/docs/common-workflows/manage-roles.mdx | 3 ++-
.../identity-access-management/assignable-permissions.mdx | 4 ++--
.../docs/configuration/identity-access-management/index.mdx | 4 ++--
.../identity-access-management/permission-grant-formats.mdx | 4 ++--
.../identity-access-management/resource-table.mdx | 4 ++--
5 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/website/content/docs/common-workflows/manage-roles.mdx b/website/content/docs/common-workflows/manage-roles.mdx
index 0c0781928c..f45f162be9 100644
--- a/website/content/docs/common-workflows/manage-roles.mdx
+++ b/website/content/docs/common-workflows/manage-roles.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Manage roles and permissions
-description: How to manage roles, permissions, and grants.
+description: >-
+ Use roles to manage permissions assigned to users and groups. Create roles and assign principals and grants to them. Add grant scopes and configure inheritance.
---
# Manage roles and permissions
diff --git a/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx b/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
index a7100acc29..ad38c10135 100644
--- a/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
+++ b/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Assignable permissions
-description: |-
- Assignable permissions
+description: >-
+ Learn about using actions and output fields to grant users permissions to any resources that are identified by ID or Type.
---
# Assignable permissions
diff --git a/website/content/docs/configuration/identity-access-management/index.mdx b/website/content/docs/configuration/identity-access-management/index.mdx
index db15d7abe3..5e8f1a6987 100644
--- a/website/content/docs/configuration/identity-access-management/index.mdx
+++ b/website/content/docs/configuration/identity-access-management/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Permissions index
-description: |-
- Boundary's permissions model
+description: >-
+ Learn about Boundary's RBAC, allow-only permissions model. Understand how permissions are configured using grant strings and roles.
---
# Permissions in Boundary
diff --git a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
index d7ad3599f6..f3e86232d0 100644
--- a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
+++ b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Permission grant formats
-description: |-
- Permission grant formats
+description: >-
+ Learn how to construct grant strings that map resources and permissions. Understand ID, Type, Pinned, and Wildcard grant formats.View possible grant templates.
---
# Permission grant formats
diff --git a/website/content/docs/configuration/identity-access-management/resource-table.mdx b/website/content/docs/configuration/identity-access-management/resource-table.mdx
index 87ce7b6309..39bee9e133 100644
--- a/website/content/docs/configuration/identity-access-management/resource-table.mdx
+++ b/website/content/docs/configuration/identity-access-management/resource-table.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Resource table
-description: |-
- Resource table
+description: >-
+ View a list of resources and their available permissions parameters and actions to help you configure and manage permissions.
---
# Resource tables
From 7ef7134ab24735f080f2d471915a0331f3a0dad8 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 13 Nov 2024 12:08:36 -0500
Subject: [PATCH 07/10] docs: Updates session recording topics
---
.../configure-storage-policy.mdx | 26 +++++++++----------
.../configure-worker-storage.mdx | 4 +--
.../create-storage-bucket.mdx | 4 +--
.../enable-session-recording.mdx | 4 +--
.../configuration/session-recording/index.mdx | 4 +--
.../storage-providers/configure-minio.mdx | 2 +-
.../configure-s3-compliant.mdx | 4 +--
.../storage-providers/configure-s3.mdx | 4 +--
.../update-storage-policy.mdx | 4 +--
9 files changed, 28 insertions(+), 28 deletions(-)
diff --git a/website/content/docs/configuration/session-recording/configure-storage-policy.mdx b/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
index 6b924097d0..6e9ddfd72e 100644
--- a/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
+++ b/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure storage bucket policies
-description: |-
- How to configure storage bucket lifecycle policies for session recording in Boundary
+description: >-
+ Configure storage bucket policies to manage the lifecycles of session recordings. Specify retention and deletion policies to codify compliance periods.
---
# Configure storage bucket policies
@@ -50,7 +50,7 @@ Complete the following steps to create a storage policy in Boundary for session
1. Complete the following fields to create the Boundary storage policy:
- **Name**: (Optional) The name field is optional, but if you enter a name it must be unique.
- **Description**: (Optional) An optional description of the Boundary storage policy for identification purposes.
- - **Retention Policy**: (Required) Specifies how long a recording must be stored, in days.
+ - **Retention Policy**: (Required) Specifies how long a recording must be stored, in days.
Policy values include:
- `Forever`: If enabled, the **Deletion Policy** field is disabled.
- `Custom`: Specify a custom retention policy in days.
@@ -186,7 +186,7 @@ In this example, recordings stored within the global scope must be retained for
- Boundary does not support an undo action. Storage policies are meant to enforce compliance to a specific law or regulation. Updating the storage policy of a session recording can have immediate and possibly unexpected results such as the immediate deletion of session recordings.
+ Boundary does not support an undo action. Storage policies are meant to enforce compliance to a specific law or regulation. Updating the storage policy of a session recording can have immediate and possibly unexpected results such as the immediate deletion of session recordings.
@@ -216,7 +216,7 @@ The following example applies the policy created above to an org named `prod-dat
```shell-session
$ boundary policies list
- Policy information:
+ Policy information:
ID: pst_WZ3SQSSYJY
Version: 1
Type: storage
@@ -382,12 +382,12 @@ Check that the storage policy was successfully attached to the `prod-databases`
Storage Policy ID: pst_WZ3SQSSYJY
Updated Time: Thu, 25 Jan 2024 22:00:27 MST
Version: 7
-
+
Scope (parent):
ID: global
Name: global
Type: global
-
+
Authorized Actions:
detach-storage-policy
no-op
@@ -503,7 +503,7 @@ New session recordings under the `prod-databases` scope should now show a `retai
1. Create a new session recording on a target within the `prod-databases` org.
1. Log in to Boundary.
-1. Click **Session Recordings** in the navigation panel.
+1. Click **Session Recordings** in the navigation panel.
1. Click **View** for a new recording that was made after the storage policy was attached to the `prod-databases` scope.
1. Under **Session details**, verify that the *Retain until* and *Delete after* dates match the durations defined in the `soc2-policy`.
@@ -564,7 +564,7 @@ New session recordings under the `prod-databases` scope should now show a `retai
Storage Bucket ID: sb_DC8SPb9uc2
Type: ssh
Updated Time: Mon, 29 Jan 2024 23:25:53 MST
-
+
...
... More Output ...
...
@@ -581,18 +581,18 @@ New session recordings under the `prod-databases` scope should now show a `retai
1. The following API call is an example of reading the details of a session recording with the `soc2-policy` storage policy applied to the `prod-databases` scope.
List the available session recordings. This example recursively lists all recordings within the global scope.
-
+
```shell-session
$ curl --header "Content-Type: application/json" \
--header "Authorization: Bearer $(boundary config get-token)" \
--request GET \
$BOUNDARY_ADDR/v1/session-recordings?recursive=true&scope_id=global | jq
```
-
+
**Example output:**
-
+
-
+
```plaintext
{
"items": [
diff --git a/website/content/docs/configuration/session-recording/configure-worker-storage.mdx b/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
index 0652a8aa2e..6c00f1301b 100644
--- a/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
+++ b/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure workers for local storage
-description: |-
- How to configure Boundary workers for session recording.
+description: >-
+ Configure workers for session recording storage. View requirements and an example configuration. Understand possible storage states for local and remote storage.
---
# Configure workers for session recording
diff --git a/website/content/docs/configuration/session-recording/create-storage-bucket.mdx b/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
index f1bc270097..7fa84683c8 100644
--- a/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
+++ b/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Create a storage bucket
-description: |-
- How to create a storage bucket for session recording in Boundary
+description: >-
+ Create a storage bucket in an external storage provider to store recorded sessions. You can review recorded sessions later for compliance and threat management.
---
# Create a storage bucket
diff --git a/website/content/docs/configuration/session-recording/enable-session-recording.mdx b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
index 33f4ee387e..90320af53c 100644
--- a/website/content/docs/configuration/session-recording/enable-session-recording.mdx
+++ b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Enable session recording on a target
-description: |-
- How to enable session recording on a target in Boundary
+description: >-
+ Enable session recording for targets so that any user sessions connecting to them are recorded for compliance and threat management.
---
# Enable session recording on a target
diff --git a/website/content/docs/configuration/session-recording/index.mdx b/website/content/docs/configuration/session-recording/index.mdx
index d1aaaf67cf..fc42bee0db 100644
--- a/website/content/docs/configuration/session-recording/index.mdx
+++ b/website/content/docs/configuration/session-recording/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Overview
-description: |-
- An overview of session recording in Boundary
+description: >-
+ Learn about using session recording to audit user sessions for compliance and threat management. Understand considerations for local and remote storage.
---
# Overview
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
index 988dd8cce0..5be0a68a00 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Configure MinIO
description: |-
- How to configure MinIO as a storage provider for Boundary session recording.
+ Configure MinIO as a storage provider for recorded sessions. Understand session recording and MinIO requirements. View an example configuration.
---
# Configure MinIO as a storage provider
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
index 9e6d2c1d6d..1b5fc358db 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure S3-compliant storage
-description: |-
- How to configure an S3-compliant storage provider for Boundary session recording.
+description: >-
+ Configure an S3-compliant storage provider for recorded sessions. Understand session recording and storage provider requirements. View an example configuration.
---
# Configure an S3-compliant storage provider
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
index 9df0154281..3a85f07570 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure Amazon S3
-description: |-
- How to configure Amazon S3 as a storage provider for Boundary session recording.
+description: >-
+ Configure Amazon S3 as a storage provider for recorded sessions. Understand session recording and AWS requirements. View an example configuration.
---
# Configure Amazon S3 as a storage provider
diff --git a/website/content/docs/configuration/session-recording/update-storage-policy.mdx b/website/content/docs/configuration/session-recording/update-storage-policy.mdx
index febda9084e..8096accc7e 100644
--- a/website/content/docs/configuration/session-recording/update-storage-policy.mdx
+++ b/website/content/docs/configuration/session-recording/update-storage-policy.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Update storage bucket policies
-description: |-
- How to update a storage bucket policy for session recordings in Boundary
+description: >-
+ Update storage bucket policies to manage the lifecycles of session recordings. Understand how changing a policy affects existing and new recorded sessions.
---
# Update storage bucket policies
From 612a17ee5fb0e1ba2a931cac8176642d4bd579bd Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 13 Nov 2024 12:21:10 -0500
Subject: [PATCH 08/10] docs: Updates configuration topics
---
website/content/docs/configuration/controller.mdx | 6 +++---
website/content/docs/configuration/plugins.mdx | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/website/content/docs/configuration/controller.mdx b/website/content/docs/configuration/controller.mdx
index 0f29811505..b47273044b 100644
--- a/website/content/docs/configuration/controller.mdx
+++ b/website/content/docs/configuration/controller.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Controller - configuration
-description: |-
- The controller stanza configures controller-specifc parameters.
+description: >-
+ Learn about configuring controller-specific parameters. Understand how to configure the required KMS stanzas, and view a complete configuration example.
---
# `controller` stanza
@@ -81,7 +81,7 @@ description will be read.
bind a publicly accessible IP to a NIC on the host directly, such as an Amazon
EIP. This value can be a direct address string, can refer to a file on disk (file://)
from which an address will be read; an env var (env://) from which the
- address will be read; or a [go-sockaddr template](https://godoc.org/github.com/hashicorp/go-sockaddr/template).
+ address will be read; or a [go-sockaddr template](https://godoc.org/github.com/hashicorp/go-sockaddr/template).
Note that the address should not include the protocol prefixes like `http://` or `https://`.
- `auth_token_time_to_live` - Maximum time to live (TTL) for all auth tokens globally (pertains
diff --git a/website/content/docs/configuration/plugins.mdx b/website/content/docs/configuration/plugins.mdx
index 1c4e5d1485..021c7fa6be 100644
--- a/website/content/docs/configuration/plugins.mdx
+++ b/website/content/docs/configuration/plugins.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Plugins - configuration
-description: |-
- The plugins stanza configures plugin-specific parameters.
+description: >-
+ Learn about the plugin-specific parameter that configures a directory for Boundary to use for writing and executing its built-in plugins.
---
# `plugin` stanza
From 90c489e9dc22520070d581f26f8f2701f123efe2 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 13 Nov 2024 13:04:15 -0500
Subject: [PATCH 09/10] docs: Update titles
---
website/content/docs/configuration/controller.mdx | 2 +-
.../content/docs/configuration/credential-management/index.mdx | 2 +-
website/content/docs/configuration/index.mdx | 2 +-
website/content/docs/configuration/kms/aead.mdx | 2 +-
website/content/docs/configuration/kms/alicloudkms.mdx | 2 +-
website/content/docs/configuration/kms/awskms.mdx | 2 +-
website/content/docs/configuration/kms/azurekeyvault.mdx | 2 +-
website/content/docs/configuration/kms/gcpckms.mdx | 2 +-
website/content/docs/configuration/kms/index.mdx | 2 +-
website/content/docs/configuration/kms/ocikms.mdx | 2 +-
website/content/docs/configuration/kms/transit.mdx | 2 +-
website/content/docs/configuration/listener/index.mdx | 2 +-
website/content/docs/configuration/listener/tcp.mdx | 2 +-
website/content/docs/configuration/listener/unix.mdx | 2 +-
website/content/docs/configuration/plugins.mdx | 2 +-
website/content/docs/configuration/session-recording/index.mdx | 2 +-
.../session-recording/storage-providers/configure-minio.mdx | 2 +-
.../session-recording/storage-providers/configure-s3.mdx | 2 +-
website/content/docs/configuration/worker/index.mdx | 2 +-
19 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/website/content/docs/configuration/controller.mdx b/website/content/docs/configuration/controller.mdx
index b47273044b..7388608448 100644
--- a/website/content/docs/configuration/controller.mdx
+++ b/website/content/docs/configuration/controller.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Controller - configuration
+page_title: Controller configuration
description: >-
Learn about configuring controller-specific parameters. Understand how to configure the required KMS stanzas, and view a complete configuration example.
---
diff --git a/website/content/docs/configuration/credential-management/index.mdx b/website/content/docs/configuration/credential-management/index.mdx
index 86adf91922..d77b714928 100644
--- a/website/content/docs/configuration/credential-management/index.mdx
+++ b/website/content/docs/configuration/credential-management/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Configure credentials with Boundary
+page_title: Credential management with Boundary
description: >-
Credential stores let you store and manage credentials in Boundary. Learn about configuring user workflows with credential management or credential injection.
---
diff --git a/website/content/docs/configuration/index.mdx b/website/content/docs/configuration/index.mdx
index 705d2b9c4d..99b31e0d07 100644
--- a/website/content/docs/configuration/index.mdx
+++ b/website/content/docs/configuration/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Overview/top-level parameters
+page_title: Top-level configuration parameters
description: >-
Learn about the parameters that make up the Boundary HCL configuration file. View parameters for HCP and self-managed installations.
---
diff --git a/website/content/docs/configuration/kms/aead.mdx b/website/content/docs/configuration/kms/aead.mdx
index 282509a3d8..d6e29dd4bf 100644
--- a/website/content/docs/configuration/kms/aead.mdx
+++ b/website/content/docs/configuration/kms/aead.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: AEAD - configuration
+page_title: AEAD KMS configuration
description: >-
Learn about using the Authenticated Encryption with Associated Data (AEAD) KMS for key management. AEAD is typically used for development workflows or testing.
---
diff --git a/website/content/docs/configuration/kms/alicloudkms.mdx b/website/content/docs/configuration/kms/alicloudkms.mdx
index 8237df4e94..5c941ef8fa 100644
--- a/website/content/docs/configuration/kms/alicloudkms.mdx
+++ b/website/content/docs/configuration/kms/alicloudkms.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: AliCloud KMS - KMSs - configuration
+page_title: AliCloud KMS configuration
description: >-
Learn about using the AliCloud KMS for key management and configuring parameters and authentication. View an example alicloudkms configuration.
---
diff --git a/website/content/docs/configuration/kms/awskms.mdx b/website/content/docs/configuration/kms/awskms.mdx
index a51ccc529a..4b97367930 100644
--- a/website/content/docs/configuration/kms/awskms.mdx
+++ b/website/content/docs/configuration/kms/awskms.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: AWS KMS - KMSs - Configuration
+page_title: AWS KMS Configuration
description: >-
Learn about using the AWS KMS for key management, configuring parameters and authentication, and best practices for key rotation. View an example configuration.
---
diff --git a/website/content/docs/configuration/kms/azurekeyvault.mdx b/website/content/docs/configuration/kms/azurekeyvault.mdx
index 3d75e909e9..66b9275f16 100644
--- a/website/content/docs/configuration/kms/azurekeyvault.mdx
+++ b/website/content/docs/configuration/kms/azurekeyvault.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Azure Key Vault - seals - configuration
+page_title: Azure Key Vault configuration
description: >-
Learn about using the Azure Key Vault KMS for key management and configuring parameters and authentication. View an example azurekeyvault configuration.
---
diff --git a/website/content/docs/configuration/kms/gcpckms.mdx b/website/content/docs/configuration/kms/gcpckms.mdx
index 040eeba6d3..5ff0f21ab5 100644
--- a/website/content/docs/configuration/kms/gcpckms.mdx
+++ b/website/content/docs/configuration/kms/gcpckms.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: GCP Cloud KMS - KMSs - configuration
+page_title: GCP Cloud KMS configuration
description: >-
Learn about using the GCP Cloud KMS for key management and configuring parameters and authentication. View an example gcpkms configuration.
---
diff --git a/website/content/docs/configuration/kms/index.mdx b/website/content/docs/configuration/kms/index.mdx
index 92219ebedc..685146deb6 100644
--- a/website/content/docs/configuration/kms/index.mdx
+++ b/website/content/docs/configuration/kms/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: KMS - configuration
+page_title: KMS configuration
description: >-
Learn about using the kms stanza to configure key management system parameters. Discover resources for learning about specific KMS technologies.
---
diff --git a/website/content/docs/configuration/kms/ocikms.mdx b/website/content/docs/configuration/kms/ocikms.mdx
index ae329d2a89..9b2656a7a7 100644
--- a/website/content/docs/configuration/kms/ocikms.mdx
+++ b/website/content/docs/configuration/kms/ocikms.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: OCI KMS - KMSs - configuration
+page_title: OCI KMS configuration
description: >-
Learn about using the OCI KMS for key management and configuring parameters and authentication. View an example configuration. Understand OCI KMS key rotation.
---
diff --git a/website/content/docs/configuration/kms/transit.mdx b/website/content/docs/configuration/kms/transit.mdx
index 7e42f34ee8..891ea9b16a 100644
--- a/website/content/docs/configuration/kms/transit.mdx
+++ b/website/content/docs/configuration/kms/transit.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Vault Transit - seals - configuration
+page_title: Vault Transit configuration
description: >-
Learn about using the Vault transit secrets engine for key management and configuring parameters and authentication. View an example Transit KMS configuration.
---
diff --git a/website/content/docs/configuration/listener/index.mdx b/website/content/docs/configuration/listener/index.mdx
index cc2e2a6798..2f5b93347a 100644
--- a/website/content/docs/configuration/listener/index.mdx
+++ b/website/content/docs/configuration/listener/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Listeners - configuration
+page_title: Listener configuration
description: >-
Learn about TCP and Unix listener configuration settings. Understand where to change the default addresses and ports on which Boundary responds to requests.
---
diff --git a/website/content/docs/configuration/listener/tcp.mdx b/website/content/docs/configuration/listener/tcp.mdx
index a40ad64676..849ca97f2f 100644
--- a/website/content/docs/configuration/listener/tcp.mdx
+++ b/website/content/docs/configuration/listener/tcp.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: TCP - listeners - configuration
+page_title: TCP listener configuration
description: >-
Learn about using the TCP listener on a TCP address and port, and view configurable parameters. Understand custom response headers. View example configurations.
---
diff --git a/website/content/docs/configuration/listener/unix.mdx b/website/content/docs/configuration/listener/unix.mdx
index 1fd510486b..4f60862598 100644
--- a/website/content/docs/configuration/listener/unix.mdx
+++ b/website/content/docs/configuration/listener/unix.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Unix domain socket - listeners - configuration
+page_title: Unix domain socket listener configuration
description: >-
Learn about using the Unix listener on a specified Unix domain socket, and view configurable parameters. View example Unix listener configurations.
---
diff --git a/website/content/docs/configuration/plugins.mdx b/website/content/docs/configuration/plugins.mdx
index 021c7fa6be..67d5a00db4 100644
--- a/website/content/docs/configuration/plugins.mdx
+++ b/website/content/docs/configuration/plugins.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Plugins - configuration
+page_title: Plugin configuration
description: >-
Learn about the plugin-specific parameter that configures a directory for Boundary to use for writing and executing its built-in plugins.
---
diff --git a/website/content/docs/configuration/session-recording/index.mdx b/website/content/docs/configuration/session-recording/index.mdx
index fc42bee0db..f0202502e8 100644
--- a/website/content/docs/configuration/session-recording/index.mdx
+++ b/website/content/docs/configuration/session-recording/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Overview
+page_title: Session recording overview
description: >-
Learn about using session recording to audit user sessions for compliance and threat management. Understand considerations for local and remote storage.
---
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
index 5be0a68a00..e827ca92e1 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Configure MinIO
+page_title: Configure MinIO storage
description: |-
Configure MinIO as a storage provider for recorded sessions. Understand session recording and MinIO requirements. View an example configuration.
---
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
index 3a85f07570..afdd30db4b 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Configure Amazon S3
+page_title: Configure Amazon S3 storage
description: >-
Configure Amazon S3 as a storage provider for recorded sessions. Understand session recording and AWS requirements. View an example configuration.
---
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 70d229b278..9e5d7f937b 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -1,6 +1,6 @@
---
layout: docs
-page_title: Worker - configuration
+page_title: Worker configuration overview
description: >-
Learn about worker configuration for proxies, storage, and tags. Understand how multi-hop configurations let you chain workers together in private networks.
---
From be44dea52c5a898945b527bb0d25be941d18a805 Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Wed, 4 Dec 2024 10:58:11 -0500
Subject: [PATCH 10/10] Apply batch suggestions from code review
Co-authored-by: Robin Beck
---
.../configuration/identity-access-management/index.mdx | 2 +-
.../permission-grant-formats.mdx | 2 +-
.../session-recording/enable-session-recording.mdx | 2 +-
.../storage-providers/configure-minio.mdx | 2 +-
website/content/docs/configuration/worker/index.mdx | 8 ++++----
.../docs/configuration/worker/worker-configuration.mdx | 2 +-
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/website/content/docs/configuration/identity-access-management/index.mdx b/website/content/docs/configuration/identity-access-management/index.mdx
index 5e8f1a6987..8eedea3e57 100644
--- a/website/content/docs/configuration/identity-access-management/index.mdx
+++ b/website/content/docs/configuration/identity-access-management/index.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Permissions index
description: >-
- Learn about Boundary's RBAC, allow-only permissions model. Understand how permissions are configured using grant strings and roles.
+ Learn about Boundary's RBAC (Role-based access control), allow-only permissions model. Understand how permissions are configured using grant strings and roles.
---
# Permissions in Boundary
diff --git a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
index f3e86232d0..1a6d1ee56d 100644
--- a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
+++ b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Permission grant formats
description: >-
- Learn how to construct grant strings that map resources and permissions. Understand ID, Type, Pinned, and Wildcard grant formats.View possible grant templates.
+ Learn how to construct grant strings that map resources and permissions. Understand ID, Type, Pinned, and Wildcard grant formats. View possible grant templates.
---
# Permission grant formats
diff --git a/website/content/docs/configuration/session-recording/enable-session-recording.mdx b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
index 90320af53c..56e310a71b 100644
--- a/website/content/docs/configuration/session-recording/enable-session-recording.mdx
+++ b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Enable session recording on a target
description: >-
- Enable session recording for targets so that any user sessions connecting to them are recorded for compliance and threat management.
+ Enable session recording for targets so that user sessions are recorded for compliance and threat management.
---
# Enable session recording on a target
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
index e827ca92e1..35add2959e 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure MinIO storage
-description: |-
+description: >-
Configure MinIO as a storage provider for recorded sessions. Understand session recording and MinIO requirements. View an example configuration.
---
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 9e5d7f937b..e8fcb12563 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -11,14 +11,14 @@ The `worker` stanza configures Boundary worker-specific parameters.
All workers within Boundary use certificates and encryption keys to identify
themselves and protect data in transit. However, there are three different
-ways to register them so that registration of workers can fit into any workflow; controller-led, worker-led, and via external KMS.
+ways to register them so that registration of workers can fit into any workflow: controller-led, worker-led, and via external KMS.
The differences in how they are configured are in the sub-pages linked at the
bottom of this page.
-Workers registered via the worker-led or controller-led methods must be registered in
-the system via an API call, and require storage on disk to store the current set
-of credentials. Workers registering via an external KMS auto-register after successful authentication, making them an easy mechanism to
+Workers registered using the worker-led or controller-led methods must be registered in
+the system using an API call, and require storage on disk to store the current set
+of credentials. Workers registering using an external KMS auto-register after successful authentication, making them an easy mechanism to
use for automatic scaling. This also means they are not required to store
credentials locally; each time they connect the KMS is used to reauthenticate
them.
diff --git a/website/content/docs/configuration/worker/worker-configuration.mdx b/website/content/docs/configuration/worker/worker-configuration.mdx
index 32bab11559..a741aabeb9 100644
--- a/website/content/docs/configuration/worker/worker-configuration.mdx
+++ b/website/content/docs/configuration/worker/worker-configuration.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Worker configuration
description: >-
- Learn about authorizing workers to the cluster and configuring workers for session recording storage. View a complete worker configuration example.
+ Learn about authorizing workers to the controller and configuring workers for session recording storage. View a complete worker configuration example.
---
# Worker configuration