Backport of Fix broken links caught in weekly report into release/1.1…

…6.x (#18527) * backport of commit e7fa829 * fix merge conflicts --------- Co-authored-by: Tu Nguyen <im2nguyen@gmail.com> Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
hashicorp · Aug 29, 2023 · 6bd6730 · 6bd6730
1 parent 0f8aa6c
commit 6bd6730
Show file tree

Hide file tree

Showing 20 changed files with 37 additions and 36 deletions.
diff --git a/website/content/api-docs/agent/service.mdx b/website/content/api-docs/agent/service.mdx
@@ -693,10 +693,10 @@ For the `Connect` field, the parameters are:
   If this is true, then service mesh proxies, DNS queries, etc. will be able to
   service discover this service.
 - `Proxy` `(Proxy: nil)` -
-  [**Deprecated**](/consul/docs/connect/proxies/managed-deprecated) Specifies that
-  a managed service mesh proxy should be started for this service instance, and
-  optionally provides configuration for the proxy. The format is as documented
-  in [Managed Proxy Deprecation](/consul/docs/connect/proxies/managed-deprecated).
+  **Deprecated** Specifies that a managed service mesh proxy should be started 
+  for this service instance, and optionally provides configuration for the proxy. 
+  Managed proxies (which have been deprecated since Consul v1.3.0) have been 
+  [removed](/consul/docs/connect/proxies) since v1.6.0.
 - `SidecarService` `(ServiceDefinition: nil)` - Specifies an optional nested
   service definition to register. For more information see
   [Sidecar Service Registration](/consul/docs/connect/registration/sidecar-service).

diff --git a/website/content/commands/exec.mdx b/website/content/commands/exec.mdx
@@ -40,7 +40,7 @@ execute this command.
 | `key:write`     | `"_rexec"` prefix |
 | `event:write`   | `"_rexec"` prefix |
 
-In addition to the above, the policy associated with the [agent token](/consul/docs/security/acl/acl-tokens#acl-agent-token) should have `write` on `"_rexec"` key prefix. This is for the agents to read the `exec` command and write its output back to the KV store.
+In addition to the above, the policy associated with the [agent token](/consul/docs/security/acl/tokens#acl-agent-token) should have `write` on `"_rexec"` key prefix. This policy permits agents to read the `exec` command and write its output back to the KV store.
 
 ## Usage
 

diff --git a/website/content/docs/agent/config/config-files.mdx b/website/content/docs/agent/config/config-files.mdx
@@ -909,7 +909,7 @@ Refer to the [formatting specification](https://golang.org/pkg/time/#ParseDurati
 
     - `default` ((#acl_tokens_default)) - When provided, this agent will
       use this token by default when making requests to the Consul servers
-      instead of the [anonymous token](/consul/docs/security/acl/acl-tokens#anonymous-token).
+      instead of the [anonymous token](/consul/docs/security/acl/tokens#anonymous-token).
       Consul HTTP API requests can provide an alternate token in their authorization header
       to override the `default` or anonymous token on a per-request basis,
       as described in [HTTP API Authentication](/consul/api-docs/api-structure#authentication).

diff --git a/website/content/docs/agent/limits/usage/init-rate-limits.mdx b/website/content/docs/agent/limits/usage/init-rate-limits.mdx
@@ -23,7 +23,7 @@ Because each network has different needs and application, you need to find out w
 	    write_rate = 500.0
     }
     ``` 
-1. Observe the logs and metrics for your application's typical cycle, such as a 24 hour period. Refer to [Monitor traffic rate limit data](/consul/docs/agent/limits/usage/monitor-rate-limit) for additional information. Call the [`/agent/metrics`](/consul/api-docs/agent#view-metrics) HTTP API endpoint and check the data for the following metrics:  
+1. Observe the logs and metrics for your application's typical cycle, such as a 24 hour period. Refer to [Monitor traffic rate limit data](/consul/docs/agent/limits/usage/monitor-rate-limits) for additional information. Call the [`/agent/metrics`](/consul/api-docs/agent#view-metrics) HTTP API endpoint and check the data for the following metrics:  
 
     - `rpc.rate_limit.exceeded` with value `global/read` for label `limit_type`
     - `rpc.rate_limit.exceeded` with value `global/write` for label `limit_type`

diff --git a/website/content/docs/agent/limits/usage/limit-request-rates-from-ips.mdx b/website/content/docs/agent/limits/usage/limit-request-rates-from-ips.mdx
@@ -6,7 +6,7 @@ description: Learn how to set read and request rate limits on RPC and gRPC traff
 
 # Limit traffic rates from source IP addresses
 
-This topic describes how to configure RPC and gRPC traffic rate limits for source IP addresses. This enables you to specify a budget for read and write requests to prevent any single source IP from overwhelming the Consul server and negatively affecting the network. For information about setting global traffic rate limits, refer to [Set a global limit on traffic rates](/consul/docs/agent/limits/usage/set-global-traffic-rate-limits). For an overview of Consul's server rate limiting capabilities, refer to [Limit traffic rates overview](/consul/docs/agent/limits).
+This topic describes how to configure RPC and gRPC traffic rate limits for source IP addresses. This enables you to specify a budget for read and write requests to prevent any single source IP from overwhelming the Consul server and negatively affecting the network. For information about setting global traffic rate limits, refer to [Set a global limit on traffic rates](/consul/docs/agent/limits/usage/set-global-traffic-rate-limits). For an overview of Consul's server rate limiting capabilities, refer to [Limit traffic rates overview](/consul/docs/agent/limits). 
 
 <EnterpriseAlert>
 
@@ -69,4 +69,4 @@ $ kubectl apply control-plane-request-limit.yaml
 
 ## Disable request rate limits
 
-Set the [limits.request_limits.mode](/consul/docs/agent/config/config-files#mode-1) in the agent configuration to `disabled` to allow services to exceed the specified read and write requests limits. The `disabled` mode applies to all request rate limits, even limits specified in the [control plane request limits configuration entry](/consul/docs/connect/config-entries/control-plane-request-limit).  Note that any other mode specified in the agent configuration only applies to global traffic rate limits.
+Set the [`limits.request_limits.mode`](/consul/docs/agent/config/config-files#mode-1) in the agent configuration to `disabled` to allow services to exceed the specified read and write requests limits. The `disabled` mode applies to all request rate limits, even limits specifed in the [control plane request limits configuration entry](/consul/docs/connect/config-entries/control-plane-request-limit). Note that any other mode specified in the agent configuration only applies to global traffic rate limits.  
diff --git a/website/content/docs/agent/limits/usage/monitor-rate-limits.mdx b/website/content/docs/agent/limits/usage/monitor-rate-limits.mdx
@@ -64,7 +64,7 @@ $ curl http://127.0.0.1:8500/v1/agent/metrics
 }
 ```
 
-Refer to [Telemetry](/consul/docs/telemetry) for additional information.
+Refer to [Telemetry](/consul/docs/agent/telemetry) for additional information.
 
 ## Request denials
 

diff --git a/website/content/docs/agent/limits/usage/set-global-traffic-rate-limits.mdx b/website/content/docs/agent/limits/usage/set-global-traffic-rate-limits.mdx
@@ -59,4 +59,4 @@ You should continue to monitor request traffic to ensure that request rates rema
 
 ## Disable request rate limits
 
-Set the [`limits.request_limits.mode`](/consul/docs/agent/config/config-files#mode-1) to `disabled` to allow services to exceed the specified read and write requests limits, even limits specified in the [control plane request limits configuration entry](/consul/docs/connect/config-entries/control-plane-request-limit). Note that any other mode specified in the agent configuration only applies to global traffic rate limits.
+Set the [`limits.request_limits.mode`](/consul/docs/agent/config/config-files#mode-1) to `disabled` to allow services to exceed the specified read and write requests limits, even limits specified in the [control plane request limits configuration entry](/consul/docs/connect/config-entries/control-plane-request-limit). Note that any other mode specified in the agent configuration only applies to global traffic rate limits. 
diff --git a/website/content/docs/connect/ca/vault.mdx b/website/content/docs/connect/ca/vault.mdx
@@ -99,7 +99,7 @@ The key after the slash refers to the corresponding option name in the agent con
    - `MountPath`/ `mount_path` (`string: <AuthMethod.Type>`) - The mount path of the auth method.
       If not provided the auth method type will be used as the mount path.
 
-   - `Params`/`params` (`map: nil`) - The parameters to configure the auth method. The configuration parameters needed will depend on which auth type you are using. Please refer to the Vault Agent auto-auth method documentation for details on their configuration options: [AppRole](/vault/docs/agent/autoauth/methods/approle#configuration), [AWS](/vault/docs/agent/autoauth/methods/aws#configuration), [Azure](/vault/docs/agent/autoauth/methods/azure#configuration), [GCP](/vault/docs/agent/autoauth/methods/gcp#configuration), [JWT](/vault/docs/agent/autoauth/methods/jwt#configuration), [Kubernetes](/vault/docs/agent/autoauth/methods/kubernetes#configuration).
+   - `Params`/`params` (`map: nil`) - The parameters to configure the auth method. The required configuration parameters depend on which auth type you are using. Refer to the Vault Agent auto-auth method documentation for details on their configuration options: [AppRole](/vault/docs/agent-and-proxy/autoauth/methods/approle#configuration), [AWS](/vault/docs/agent-and-proxy/autoauth/methods/aws#configuration), [Azure](/vault/docs/agent-and-proxy/autoauth/methods/azure#configuration), [GCP](/vault/docs/agent-and-proxy/autoauth/methods/gcp#configuration), [JWT](/vault/docs/agent-and-proxy/autoauth/methods/jwt#configuration), [Kubernetes](/vault/docs/agent-and-proxy/autoauth/methods/kubernetes#configuration).
 
    Only the authentication related fields (for example, JWT's `path` and `role`) are supported. The optional management fields (for example: `remove_jwt_after_reading`) are not supported.
 

diff --git a/website/content/docs/connect/proxies/envoy-extensions/configuration/wasm.mdx b/website/content/docs/connect/proxies/envoy-extensions/configuration/wasm.mdx
@@ -116,7 +116,7 @@ This section provides details about the fields you can configure for the `wasm`
 
 ### `Protocol`
 
-Specifies the type of Wasm filter to apply. You can set either `tcp` or `http`. Set the `Protocol` to the protocol that the Wasm plugin implements when loaded by the filter. For Consul to apply the filter, the protocol must match the service’s protocol.
+Specifies the type of Wasm filter to apply. You can set either `tcp` or `http`. Set the `Protocol` to the protocol that the Wasm plugin implements when loaded by the filter. For Consul to apply the filter, the protocol must match the service's protocol.
 
 #### Values
 
@@ -360,7 +360,7 @@ Specifies the number of times Envoy retries to fetch plugin data if the initial
 
 ### `PluginConfig{}.VmConfig{}.Configuration`
 
-Specifies the configuration Envoy encodes as bytes and passes to the plugin during VM startup. Refer to [`proxy_on_vm_start` in the Proxy Wasm ABI documentation](https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT#proxy_on_vm_start) for additional information.
+Specifies the configuration Envoy encodes as bytes and passes to the plugin during VM startup. Refer to [`proxy_on_vm_start` in the Proxy Wasm ABI documentation](https://github.com/proxy-wasm/spec/tree/cefc2cbab70eaba2c187523dff0b38fce2f90771/abi-versions/vNEXT#proxy_on_vm_start) for additional information.
 
 #### Values
 
@@ -370,11 +370,11 @@ Specifies the configuration Envoy encodes as bytes and passes to the plugin duri
 
 ### `PluginConfig{}.VmConfig{}.EnvironmentVariables{}`
 
-Specifies environment variables for Envoy to inject into this VM so that they are available through WASI's `environ_get` and `environ_get_sizes` system calls.
+Specifies environment variables for Enovy to inject into this VM so that they are available through WASI's `environ_get` and `environ_get_sizes` system calls. 
 
-In most cases, WASI calls the functions implicitly in your language's standard library. As a result, you do not need to call them directly. You can also access environment variables as you would on native platforms.
+In most cases, WASI calls the functions implicitly in your language's standard library. As a result, you do not need to call them directly. You can also access environment variables as you would on native platforms. 
 
-Envoy rejects the configuration if there’s conflict of key space.
+Envoy rejects the configuration if there is a key space conflict.
 
 The `EnvironmentVariables` field is a map containing parameters for setting the keys and values.
 
@@ -387,12 +387,12 @@ The following table describes the parameters contained in the `EnvironmentVariab
 
 | Parameter | Description | Data type | Default |
 | ---       | ---         | ---       | ---     |
-| `HostEnvKeys` | Specifies a list of Envoy environment variable keys to expose to the VM. If a key exists in Envoy’s environment variables, then the key-value pair is injected. Envoy ignores `HostEnvKeys` that do not exist in its environment variables. | List | None |
+| `HostEnvKeys` | Specifies a list of Envoy environment variable keys to expose to the VM. If a key exists in Envoy's environment variables, then the key-value pair is injected. Envoy ignores `HostEnvKeys` that do not exist in its environment variables. | List | None |
 | `KeyValues` | Specifies a map of explicit key-value pairs to inject into the VM. | <nobr>Map of </nobr>string keys and values | None |
 
 ### `PluginConfig{}.Configuration`
 
-Specifies the configuration Consul encodes as bytes and passes to the plugin during plugin startup. Refer to [`proxy_on_configure` in the Envoy documentation](https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT#proxy_on_configure) for additional information.
+Specifies the configuration Consul encodes as bytes and passes to the plugin during plugin startup. Refer to [`proxy_on_configure` in the Envoy documentation](https://github.com/proxy-wasm/spec/tree/cefc2cbab70eaba2c187523dff0b38fce2f90771/abi-versions/vNEXT#proxy_on_configure) for additional information.
 
 #### Values
 

diff --git a/website/content/docs/ecs/terraform/secure-configuration.mdx b/website/content/docs/ecs/terraform/secure-configuration.mdx
@@ -53,7 +53,7 @@ the AWS IAM auth method.
 ## ACL controller
 
 1. Create a policy that grants `acl:write` and `operator:write` access for the controller. Refer to the [ACL policies documentation](/consul/docs/security/acl/acl-policies) for instructions.
-1. Create a token and link it to the ACL controller policy. Refer to the [ACL tokens documentation](/consul/docs/security/acl/acl-tokens) for instructions.
+1. Create a token and link it to the ACL controller policy. Refer to the [ACL tokens documentation](/consul/docs/security/acl/tokens) for instructions.
 1. Create a Secrets Manager secret containing the ACL controller's token and a Secrets Manager secret containing the Consul CA cert.
 
 ```hcl

diff --git a/website/content/docs/enterprise/index.mdx b/website/content/docs/enterprise/index.mdx
@@ -101,7 +101,7 @@ Available Enterprise features per Consul form and license include:
 | [Network Segments](/consul/docs/enterprise/network-segments/network-segments-overview)    | No                                      | Yes                 | With Global Visibility, Routing, and Scale module |
 | [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | No                                      | Yes                 | Yes                                               |
 | [Redundancy Zones](/consul/docs/enterprise/redundancy)          | Not applicable                          | Yes                 | With Global Visibility, Routing, and Scale module |
-| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | No | Yes | N/A |
+| [Sameness Groups](/consul/docs/connect/config-entries/sameness-group) | No | Yes | N/A |
 | [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | All tiers | Yes | With Governance and Policy module |
 
 
@@ -129,7 +129,7 @@ Consul Enterprise feature availability can change depending on your server and c
 | [Network Segments](/consul/docs/enterprise/network-segments/network-segments-overview)            |  &#9989;  |  &#10060;  |  &#10060;  |
 | [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc)         |  &#9989;  |  &#9989;   |   &#9989;  |
 | [Redundancy Zones](/consul/docs/enterprise/redundancy)                  |  &#9989;  |  &#9989;   |   &#9989;  |
-| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
+| [Sameness Groups](/consul/docs/connect/config-entries/sameness-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
 | [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | &#9989; | &#9989; | &#9989; |
 
 </Tab>
@@ -149,7 +149,7 @@ Consul Enterprise feature availability can change depending on your server and c
 | [Network Segments](/consul/docs/enterprise/network-segments/network-segments-overview)            |  &#10060; |  &#10060;  |  &#10060;  |
 | [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc)         |  &#9989;  |  &#9989;   |  &#9989;  |
 | [Redundancy Zones](/consul/docs/enterprise/redundancy)                  |  &#10060; |  &#10060;  |  &#10060;  |
-| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
+| [Sameness Groups](/consul/docs/connect/config-entries/sameness-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
 | [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | &#9989; | &#9989; | &#9989; |
 
 </Tab>
@@ -169,7 +169,7 @@ Consul Enterprise feature availability can change depending on your server and c
 | [Network Segments](/consul/docs/enterprise/network-segments/network-segments-overview)            |  &#10060; |  &#10060;  |  &#10060;  |
 | [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc)         |  &#10060; |  &#10060;  |  &#10060;  |
 | [Redundancy Zones](/consul/docs/enterprise/redundancy)                  |  n/a      |  n/a       |  n/a       |
-| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
+| [Sameness Groups](/consul/docs/connect/config-entries/sameness-group)    |  &#9989;  |  &#9989;   |   &#9989;  |
 | [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | &#9989; | &#9989; | &#9989; |
 
 </Tab>

diff --git a/website/content/docs/k8s/connect/onboarding-tproxy-mode.mdx b/website/content/docs/k8s/connect/onboarding-tproxy-mode.mdx
@@ -10,7 +10,7 @@ This topic describes how to run Consul in permissive mTLS mode so that you can s
 
 ## Background
 
-When [transparent proxy mode](/consul/docs/k8s/transparent-proxy/) is enabled, all service-to-service traffic is secured by mTLS. Until the services that you want to add to the network are fully onboarded, your network may have a mix of mTLS and non-mTLS traffic, which can result in broken service-to-service communication. This situation occurs because sidecar proxies for existing mesh services reject traffic from services that are not yet onboarded.
+When [transparent proxy mode](/consul/docs/k8s/connect/transparent-proxy) is enabled, all service-to-service traffic is secured by mTLS. Until the services that you want to add to the network are fully onboarded, your network may have a mix of mTLS and non-mTLS traffic, which can result in broken service-to-service communication. This situation occurs because sidecar proxies for existing mesh services reject traffic from services that are not yet onboarded.
 
 You can enable the `permissive` mTLS mode to ensure existing non-mTLS service-to-service traffic is allowed during the onboarding phase. The `permissive` mTLS mode enables sidecar proxies to accept both mTLS and non-mTLS traffic to an application. Using this mode enables you to onboard without downtime and without being required to reconfigure or redeploy your application.
 

diff --git a/...content/docs/k8s/deployment-configurations/multi-cluster/vms-and-kubernetes.mdx b/...content/docs/k8s/deployment-configurations/multi-cluster/vms-and-kubernetes.mdx
@@ -258,7 +258,8 @@ You'll need:
      }
    }
    ```
-1. If ACLs are enabled you'll also need to modify the [anonymous token](/consul/docs/security/acl/acl-tokens#anonymous-token) policy to have the following permissions:
+
+1. If ACLs are enabled you must also modify the [anonymous token](/consul/docs/security/acl/tokens#anonymous-token) policy to have the following permissions:
 
    ```hcl
    node_prefix "" {

diff --git a/website/content/docs/release-notes/consul/v1_11_x.mdx b/website/content/docs/release-notes/consul/v1_11_x.mdx
@@ -23,7 +23,7 @@ description: >-
 
 - The legacy ACL system that was deprecated in Consul 1.4.0 has been removed. Before upgrading you should verify that all tokens and policies have been migrated to the newer ACL system. Complete the [Migrate Legacy ACL Tokens](/consul/tutorials/security-operations/access-control-token-migration) tutorial to learn more.
 
-- The `agent_master` ACL token has been renamed to `agent_recovery` ACL token. In addition, the `consul acl set-agent-token master` command has been replaced with `consul acl set-agent-token recovery`. See [ACL Agent Recovery Token](/consul/docs/security/acl/acl-tokens#acl-agent-recovery-token) and [Consul ACL Set Agent Token](/consul/commands/acl/set-agent-token) for more information.
+- The `agent_master` ACL token has been renamed to `agent_recovery` ACL token. In addition, the `consul acl set-agent-token master` command has been replaced with `consul acl set-agent-token recovery`. Refer to [ACL Agent Recovery Token](/consul/docs/security/acl/tokens#acl-agent-recovery-token) and [Consul ACL Set Agent Token](/consul/commands/acl/set-agent-token) for more information.
 
 - Drops support for Envoy versions 1.15.x and 1.16.x