From dd8907c1371c8d4fd789b51be884430f35132ff1 Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:26:07 -0500 Subject: [PATCH 1/8] /docs/security/security-models --- website/content/docs/security/security-models/core.mdx | 4 ++-- website/content/docs/security/security-models/index.mdx | 4 ++-- website/content/docs/security/security-models/nia.mdx | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/website/content/docs/security/security-models/core.mdx b/website/content/docs/security/security-models/core.mdx index 223a057b7d..11f2cfdc70 100644 --- a/website/content/docs/security/security-models/core.mdx +++ b/website/content/docs/security/security-models/core.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Consul Core Security Model +page_title: Security Models: Consul Core description: >- - Security model including requirements, recommendations, and threats for the core Consul product. +The security model for Consul Core details requirements and recommendations for securing access to your network. Learn about potential threats and how to protect Consul from malicious actors. --- ## Overview diff --git a/website/content/docs/security/security-models/index.mdx b/website/content/docs/security/security-models/index.mdx index 51f83df46a..abf86f1863 100644 --- a/website/content/docs/security/security-models/index.mdx +++ b/website/content/docs/security/security-models/index.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Security Models +page_title: Security Models: Overview description: >- - Overview and links to various Consul security models. +Security models are the set of requirements and recommendations for securely operating a Consul deployment. Learn about security models and how they differ between environments. --- ## Overview diff --git a/website/content/docs/security/security-models/nia.mdx b/website/content/docs/security/security-models/nia.mdx index ec8d9a2e45..cc1b484a3e 100644 --- a/website/content/docs/security/security-models/nia.mdx +++ b/website/content/docs/security/security-models/nia.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Consul NIA Security Model +page_title: Security Models: Network Infrastructure Automation (NIA) description: >- - Security model including requirements, recommendations, and threats for Consul Network Infrastructure Automation (NIA). +The NIA security model details requirements and recommendations for securing access to your network when using Consul-Terraform-Sync (CTS). Learn about potential threats and how to protect Consul from malicious actors. --- ## Overview From 8a58aab610152b7933daa85726904cb68e82f7a2 Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:27:16 -0500 Subject: [PATCH 2/8] /docs/security --- website/content/docs/security/encryption.mdx | 6 ++---- website/content/docs/security/index.mdx | 8 ++------ 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/website/content/docs/security/encryption.mdx b/website/content/docs/security/encryption.mdx index 88812feec1..fafcffdb16 100644 --- a/website/content/docs/security/encryption.mdx +++ b/website/content/docs/security/encryption.mdx @@ -1,10 +1,8 @@ --- layout: docs -page_title: Encryption +page_title: Encryption Systems description: >- - The Consul agent supports encrypting all of its network traffic. The exact - method of encryption is described on the encryption internals page. There are - two separate encryption systems, one for gossip traffic and one for RPC. +Two encryption systems protect Consul’s network communications. Learn how keys secure gossip between agents and how RPC with TLS certificates verifies the authenticity of servers and clients. --- # Encryption diff --git a/website/content/docs/security/index.mdx b/website/content/docs/security/index.mdx index 28451fd34a..ef5e80d3f0 100644 --- a/website/content/docs/security/index.mdx +++ b/website/content/docs/security/index.mdx @@ -1,12 +1,8 @@ --- layout: docs -page_title: Security +page_title: Security: Overview description: >- - Consul relies on both a lightweight gossip mechanism and an RPC system to - provide various features. Both of the systems have different security - mechanisms that stem from their designs. However, the security mechanisms of - Consul have a common goal: to provide confidentiality, integrity, and - authentication. +Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter. --- ## Security Models From 6c0f27f42745cebc28a910e0d5e428decdf2564e Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:32:13 -0500 Subject: [PATCH 3/8] /docs/security/acl --- .../docs/security/acl/acl-federated-datacenters.mdx | 4 ++-- website/content/docs/security/acl/acl-legacy.mdx | 7 ++----- website/content/docs/security/acl/acl-migrate-tokens.mdx | 9 ++------- website/content/docs/security/acl/acl-policies.mdx | 4 ++-- website/content/docs/security/acl/acl-roles.mdx | 7 +++---- website/content/docs/security/acl/acl-rules.mdx | 6 +++--- website/content/docs/security/acl/acl-tokens.mdx | 6 +++--- website/content/docs/security/acl/index.mdx | 4 ++-- 8 files changed, 19 insertions(+), 28 deletions(-) diff --git a/website/content/docs/security/acl/acl-federated-datacenters.mdx b/website/content/docs/security/acl/acl-federated-datacenters.mdx index 0309452c23..bf4c80612b 100644 --- a/website/content/docs/security/acl/acl-federated-datacenters.mdx +++ b/website/content/docs/security/acl/acl-federated-datacenters.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: ACL in Federated Datacenters +page_title: ACLs for Federated Datacenters description: >- - This topic describes the specific ACL bootstrapping policies that are necessary when ACLs are enabled for federated, multi-datacenter deployments. +You can apply ACLs in federated datacenters to secure access for distributed deployments. Learn how to create replication tokens from agent tokens and apply them to server and client agents. --- # ACLs in Federated Datacenters diff --git a/website/content/docs/security/acl/acl-legacy.mdx b/website/content/docs/security/acl/acl-legacy.mdx index 23a72e5a6a..ad02df455e 100644 --- a/website/content/docs/security/acl/acl-legacy.mdx +++ b/website/content/docs/security/acl/acl-legacy.mdx @@ -1,11 +1,8 @@ --- layout: docs -page_title: ACL System (Legacy Mode) +page_title: Legacy ACL System description: >- - Consul provides an optional Access Control List (ACL) system which can be used - to control access to data and APIs. The ACL system is a Capability-based - system that relies on tokens which can have fine grained rules applied to - them. It is very similar to AWS IAM in many ways. +Consul's original ACL system was updated in version 1.4.0 and the legacy system is no longer supported as of 1.11.0. Learn how Consul's original ACLs worked and how it differs from current ACLs. --- # ACL System in Legacy Mode diff --git a/website/content/docs/security/acl/acl-migrate-tokens.mdx b/website/content/docs/security/acl/acl-migrate-tokens.mdx index 36387783c8..f643bcfb04 100644 --- a/website/content/docs/security/acl/acl-migrate-tokens.mdx +++ b/website/content/docs/security/acl/acl-migrate-tokens.mdx @@ -1,13 +1,8 @@ --- layout: docs -page_title: ACL Token Migration +page_title: Token Migration (ACL) description: >- - Consul 1.4.0 introduces a new ACL system with improvements for the security - and - - management of ACL tokens and policies. This guide documents how to upgrade - - existing (now called "legacy") tokens after upgrading to 1.4.0. +Migrate legacy tokens when updating to Consul 1.4.0+ from earlier versions to use the improved ACL system. Learn about the migration process, how to update tokens, and examples for creating policies. --- # ACL Token Migration diff --git a/website/content/docs/security/acl/acl-policies.mdx b/website/content/docs/security/acl/acl-policies.mdx index 25af824c6d..c2234a408d 100644 --- a/website/content/docs/security/acl/acl-policies.mdx +++ b/website/content/docs/security/acl/acl-policies.mdx @@ -2,10 +2,10 @@ layout: docs page_title: ACL Policies description: >- - This topic describes policies as used in Consul's access control list (ACL) system. A policy is a group of one or more ACL rules that define which services and agents are authorized to communicate with other resources in the network. +Policies are groups of one or more rules that link resources to access permissions and tokens in the ACL system. Learn how to format and combine rules into policies and implement policies in Consul. --- -# Policies +# ACL Policies This topic describes policies, which are components in Consul's access control list (ACL) system. Policies define which services and agents are authorized to interact with resources in the network. diff --git a/website/content/docs/security/acl/acl-roles.mdx b/website/content/docs/security/acl/acl-roles.mdx index ded89f2d38..d5e0932293 100644 --- a/website/content/docs/security/acl/acl-roles.mdx +++ b/website/content/docs/security/acl/acl-roles.mdx @@ -1,12 +1,11 @@ --- layout: docs -page_title: Roles +page_title: ACL Roles description: >- - This topic describes roles within the access control list (ACL) system. A role is a named set of policies and service identities. - They enable you to reuse policies by decoupling the policies from the token distributed to team members. +Roles are a collection of ACL policies that enable service and node identities. Learn how roles allow you to reuse and update policies without requiring unique tokens for each requestor. --- -# Roles +# ACL Roles A role is a collection of policies that your ACL administrator can link to a token. They enable you to reuse policies by decoupling the policies from the token distributed to team members. diff --git a/website/content/docs/security/acl/acl-rules.mdx b/website/content/docs/security/acl/acl-rules.mdx index 45dda4ccb3..c813377e80 100644 --- a/website/content/docs/security/acl/acl-rules.mdx +++ b/website/content/docs/security/acl/acl-rules.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: ACL Rules Reference +page_title: ACL Rules description: >- - This topic provides reference information for the types of access control level (ACL) rules you can create and how they affect access to datacenter resources. +Rules define read, write, and deny access for datacenter resources. Learn about these resources and how to assign rules to them, as well as their restrictions and API interactions. --- -# Rules Reference +# ACL Rules This topic provides reference information for the types of access control list (ACL) rules you can create and how they affect access to datacenter resources. For details on how to create rules and group them into policies, see [Policies](/docs/security/acl/acl-policies). diff --git a/website/content/docs/security/acl/acl-tokens.mdx b/website/content/docs/security/acl/acl-tokens.mdx index 8c80be719d..06025109ad 100644 --- a/website/content/docs/security/acl/acl-tokens.mdx +++ b/website/content/docs/security/acl/acl-tokens.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Tokens +page_title: ACL Tokens description: >- - This topic describes access control list (ACL) tokens. Tokens are the core method of authentication in Consul. +Tokens authenticate users, services, and agents in Consul’s ACL system. Learn about token attributes, special-purpose and built-in tokens, and how to pass a token’s SecretID in the CLI and API. --- -# Tokens +# ACL Tokens This topic describes access control list (ACL) tokens, which are the core method of authentication in Consul. diff --git a/website/content/docs/security/acl/index.mdx b/website/content/docs/security/acl/index.mdx index e41b0e86a3..03939cc57e 100644 --- a/website/content/docs/security/acl/index.mdx +++ b/website/content/docs/security/acl/index.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Access Control List (ACL) Overview +page_title: Access Control List (ACL): Overview description: >- - This topic describes provides an overview of the optional access control list (ACL) system shipped with Consul. The ACL system authenticates requests and authorizes access to resources. It is used by the UI, API, and CLI for service-to-service communication and agent-to-agent communication. +Consul's ACL system secures communication and controls access to the API, CLI, and UI. Learn about ACL components and how they interact to authenticate requests and authorize access for your network. --- # Access Control List (ACL) Overview From 8d742d5fe72bd54d1d28b7f760706a177bec5180 Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:36:17 -0500 Subject: [PATCH 4/8] /docs/integrate --- website/content/docs/integrate/download-tools.mdx | 5 ++--- website/content/docs/integrate/nia-integration.mdx | 5 +++-- website/content/docs/integrate/partnerships.mdx | 3 ++- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/website/content/docs/integrate/download-tools.mdx b/website/content/docs/integrate/download-tools.mdx index a42e1c64d0..af9700c7be 100644 --- a/website/content/docs/integrate/download-tools.mdx +++ b/website/content/docs/integrate/download-tools.mdx @@ -1,9 +1,8 @@ --- layout: docs page_title: Consul Tools -description: |- - From this page you can download various tools for Consul. These tools are - maintained by HashiCorp and the Consul Community. +description: >- +Consul Tools provide additional functionality by integrating other products and services with Consul. Learn about tools created by Hashicorp, as well as add-ons developed by the Consul community. --- # Download Consul Tools diff --git a/website/content/docs/integrate/nia-integration.mdx b/website/content/docs/integrate/nia-integration.mdx index a3eb0da6df..5e6bd99a17 100644 --- a/website/content/docs/integrate/nia-integration.mdx +++ b/website/content/docs/integrate/nia-integration.mdx @@ -1,7 +1,8 @@ --- layout: docs -page_title: Network Infrastructure Automation Integration Program -description: Guide to partnership integrations for Consul NIA +page_title: Network Infrastructure Automation (NIA) Integration Program +description: >- +The NIA Integration Program allows approved partners to develop Terraform modules for Consul-Terraform-Sync (CTS) that Hashicorp reviews and officially verifies. Learn about the program and how to get more information. --- # Network Infrastructure Automation Integration Program diff --git a/website/content/docs/integrate/partnerships.mdx b/website/content/docs/integrate/partnerships.mdx index 76e4f379e3..1966288905 100644 --- a/website/content/docs/integrate/partnerships.mdx +++ b/website/content/docs/integrate/partnerships.mdx @@ -1,7 +1,8 @@ --- layout: docs page_title: Consul Integration Program -description: Guide to partnership integrations for Consul. +description: >- +The Consul Integration Program allows approved partners to develop Consul integrations that Hashicorp reviews and officially verifies. Learn about the program and how to get more information. --- # Consul Integration Program From 977ac69f1d0249551c34d01be5c3f2664c8a52fb Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:38:47 -0500 Subject: [PATCH 5/8] /docs/discovery --- website/content/docs/discovery/checks.mdx | 9 +++------ website/content/docs/discovery/dns.mdx | 8 +++----- website/content/docs/discovery/services.mdx | 11 +++-------- 3 files changed, 9 insertions(+), 19 deletions(-) diff --git a/website/content/docs/discovery/checks.mdx b/website/content/docs/discovery/checks.mdx index 2ee0ea8db8..22f856bade 100644 --- a/website/content/docs/discovery/checks.mdx +++ b/website/content/docs/discovery/checks.mdx @@ -1,14 +1,11 @@ --- layout: docs -page_title: Monitor Services - Check Definitions +page_title: Configure Health Checks description: >- - One of the primary roles of the agent is management of system- and - application-level health checks. A health check is considered to be - application-level if it is associated with a service. A check is defined in a - configuration file or added at runtime over the HTTP interface. +To check the health of a service instance or node, Consul periodically attempts a connection. Learn about the types of health checks and how to define them in agent and service configuration files. --- -# Checks +# Health Checks One of the primary roles of the agent is management of system-level and application-level health checks. A health check is considered to be application-level if it is associated with a diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 72fe5e208a..2bd18704eb 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Find Services - DNS Interface +page_title: Query services with DNS description: >- - One of the primary query interfaces for Consul is DNS. The DNS interface - allows applications to make use of service discovery without any high-touch - integration with Consul. +Domain Name Service (DNS) is the main way to look up, query, and address Consul nodes and services. Learn how a DNS lookup can help you find services by tag, name, namespace, partition, datacenter, or domain. --- -# DNS Interface +# Query services with DNS One of the primary query interfaces for Consul is DNS. The DNS interface allows applications to make use of service diff --git a/website/content/docs/discovery/services.mdx b/website/content/docs/discovery/services.mdx index 5536ef3b03..1155f97db4 100644 --- a/website/content/docs/discovery/services.mdx +++ b/website/content/docs/discovery/services.mdx @@ -1,16 +1,11 @@ --- layout: docs -page_title: Register Services - Service Definitions +page_title: Service Configuration Files description: >- - One of the main goals of service discovery is to provide a catalog of - available services. To that end, the agent provides a simple service - definition format to declare the availability of a service and to potentially - associate it with a health check. A health check is considered to be - application level if it is associated with a service. A service is defined in - a configuration file or added at runtime over the HTTP interface. +Use configuration files to define and register services with Consul and associate services with health checks. Learn how to format service definitions with this reference page and sample code. --- -# Services +# Service Configuration Files One of the main goals of service discovery is to provide a catalog of available services. To that end, the agent provides a simple service definition format From add1b0a61c3ce3217606d4a4487755b34c701628 Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:41:42 -0500 Subject: [PATCH 6/8] /docs/agent/config --- website/content/docs/agent/config/cli-flags.mdx | 6 +++--- website/content/docs/agent/config/config-files.mdx | 6 +++--- website/content/docs/agent/config/index.mdx | 8 +++----- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/website/content/docs/agent/config/cli-flags.mdx b/website/content/docs/agent/config/cli-flags.mdx index caf3b6444e..007926bf75 100644 --- a/website/content/docs/agent/config/cli-flags.mdx +++ b/website/content/docs/agent/config/cli-flags.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Consul Agent CLI Reference +page_title: Agents: CLI Reference description: >- - This topic describes the supported options for configuring Consul agents on the command line. +Add flags to the `consul agent` command to configure agent properties and actions from the CLI. Learn about configurable options and how to format them with examples. --- -# Command-line Options ((#commandline_options)) +# Agents Command-line Reference ((#commandline_options)) -> **Note:** Some CLI arguments may be different from HCL keys. See [Configuration Key Reference](/docs/agent/config/config-files#config_key_reference) for equivalent HCL Keys. diff --git a/website/content/docs/agent/config/config-files.mdx b/website/content/docs/agent/config/config-files.mdx index 2631378731..bdbf72f982 100644 --- a/website/content/docs/agent/config/config-files.mdx +++ b/website/content/docs/agent/config/config-files.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Consul Agent Configuration Reference +page_title: Agents: Configuration File Reference description: >- - This topic describes the supported parameters for configuring Consul agents in HCL and JSON configuration files. +Use agent configuration files to assign attributes to agents on startup. Learn about agent configuration file parameters and formatting with this reference page and sample code. --- -# Configuration Files ((#configuration_files)) +# Agents Configuration File Reference ((#configuration_files)) You can create one or more files to configure the Consul agent on startup. We recommend grouping similar configurations into separate files, such as ACL parameters, to make it diff --git a/website/content/docs/agent/config/index.mdx b/website/content/docs/agent/config/index.mdx index d0d260fa09..b1c17fc96c 100644 --- a/website/content/docs/agent/config/index.mdx +++ b/website/content/docs/agent/config/index.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Configuration +page_title: Agents: Configuration Explained description: >- - The agent has various configuration options that can be specified via the - command-line or via configuration files. All of the configuration options are - completely optional. Defaults are specified with their descriptions. +Agent configuration is the process of defining server and client agents with CLI flags and definition files. Learn what properties can be configured on reload and how Consul sets precedence for configuration settings. --- -# Configuration +# Agent Configuration The agent has various configuration options that can be specified via the command-line or via configuration files. All of the configuration From f91f01c891dca815e76b35d0af13d47cb1c1f8bf Mon Sep 17 00:00:00 2001 From: boruszak Date: Tue, 13 Sep 2022 14:45:42 -0500 Subject: [PATCH 7/8] /docs/agent --- website/content/docs/agent/config-entries.mdx | 7 +++---- website/content/docs/agent/index.mdx | 8 +++----- website/content/docs/agent/rpc.mdx | 7 ++----- website/content/docs/agent/sentinel.mdx | 8 +++----- website/content/docs/agent/telemetry.mdx | 8 +++----- 5 files changed, 14 insertions(+), 24 deletions(-) diff --git a/website/content/docs/agent/config-entries.mdx b/website/content/docs/agent/config-entries.mdx index 09098e96cc..5ee87f7064 100644 --- a/website/content/docs/agent/config-entries.mdx +++ b/website/content/docs/agent/config-entries.mdx @@ -1,12 +1,11 @@ --- layout: docs -page_title: Configuration Entries +page_title: How to Use Configuration Entries description: >- - Consul allows storing configuration entries centrally to be used as defaults - for configuring other aspects of Consul. +Configuration entries define default properties for Consul components. Learn how to use the `consul config` command to create, manage, and delete configuration entries. --- -# Configuration Entries +# How to Use Configuration Entries Configuration entries can be created to provide cluster-wide defaults for various aspects of Consul. diff --git a/website/content/docs/agent/index.mdx b/website/content/docs/agent/index.mdx index 640afcc7ec..fdd1bfe9a4 100644 --- a/website/content/docs/agent/index.mdx +++ b/website/content/docs/agent/index.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Agent +page_title: Agents Overview description: >- - The Consul agent is the core process of Consul. The agent maintains membership - information, registers services, runs checks, responds to queries, and more. - The agent must run on every node that is part of a Consul cluster. +Agents maintain membership, register services, respond to queries, and make most of Consul’s functions possible. Learn how to start, stop, and configure agents, as well as their requirements and lifecycles. --- -# Consul Agent +# Agents Overview This topic provides an overview of the Consul agent, which is the core process of Consul. The agent maintains membership information, registers services, runs checks, responds to queries, and more. diff --git a/website/content/docs/agent/rpc.mdx b/website/content/docs/agent/rpc.mdx index 6628117a6d..5f37606781 100644 --- a/website/content/docs/agent/rpc.mdx +++ b/website/content/docs/agent/rpc.mdx @@ -1,11 +1,8 @@ --- layout: docs -page_title: RPC +page_title: Legacy RPC Protocol description: >- - The Consul agent provides a complete RPC mechanism that can be used to control - the agent programmatically. This RPC mechanism is the same one used by the CLI - but can be used by other applications to easily leverage the power of Consul - without directly embedding. +Consul agents originally could be controlled through the RPC protocol. This feature was deprecated in version 0.8 in favor of the HTTP API. Learn about agent RPC interactions and how they worked. --- # RPC Protocol diff --git a/website/content/docs/agent/sentinel.mdx b/website/content/docs/agent/sentinel.mdx index c25da5293a..1fe333c281 100644 --- a/website/content/docs/agent/sentinel.mdx +++ b/website/content/docs/agent/sentinel.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Sentinel in Consul +page_title: Sentinel ACL Policies (Enterprise) description: >- - Consul Enterprise uses Sentinel to augment the built-in ACL system to provide - advanced policy enforcement. Sentinel policies can currently execute on KV - modify and service registration. +Sentinel allows you to include conditional logic when formatting policies. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities. --- -# Sentinel Overview +# Sentinel ACL Policies diff --git a/website/content/docs/agent/telemetry.mdx b/website/content/docs/agent/telemetry.mdx index 20abe377a1..789061cf28 100644 --- a/website/content/docs/agent/telemetry.mdx +++ b/website/content/docs/agent/telemetry.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Telemetry +page_title: Agents: Enable Metrics description: >- - The Consul agent collects various runtime metrics about the performance of - different libraries and subsystems. These metrics are aggregated on a ten - second interval and are retained for one minute. +Configure agent telemetry to collect operations metrics you can use to debug and observe deployments. Learn about configuration options, the metrics you can collect, and why they're important. --- -# Telemetry +# Agent Telemetry The Consul agent collects various runtime metrics about the performance of different libraries and subsystems. These metrics are aggregated on a ten From 0dba086cdb199efd9ac0e0a8a48435bd2c81390f Mon Sep 17 00:00:00 2001 From: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Date: Thu, 15 Sep 2022 12:10:20 -0500 Subject: [PATCH 8/8] Apply suggestions from code review Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/agent/config-entries.mdx | 2 +- website/content/docs/agent/config/config-files.mdx | 2 +- website/content/docs/agent/config/index.mdx | 2 +- website/content/docs/agent/index.mdx | 2 +- website/content/docs/agent/sentinel.mdx | 4 ++-- website/content/docs/agent/telemetry.mdx | 2 +- website/content/docs/discovery/checks.mdx | 2 +- website/content/docs/discovery/dns.mdx | 4 ++-- website/content/docs/discovery/services.mdx | 6 +++--- website/content/docs/integrate/download-tools.mdx | 2 +- website/content/docs/integrate/nia-integration.mdx | 2 +- website/content/docs/integrate/partnerships.mdx | 2 +- .../content/docs/security/acl/acl-federated-datacenters.mdx | 4 ++-- website/content/docs/security/acl/acl-legacy.mdx | 2 +- website/content/docs/security/acl/acl-migrate-tokens.mdx | 4 ++-- website/content/docs/security/acl/acl-policies.mdx | 2 +- website/content/docs/security/acl/acl-roles.mdx | 2 +- website/content/docs/security/acl/acl-rules.mdx | 2 +- website/content/docs/security/acl/acl-tokens.mdx | 2 +- website/content/docs/security/encryption.mdx | 2 +- website/content/docs/security/security-models/core.mdx | 4 ++-- website/content/docs/security/security-models/nia.mdx | 2 +- 22 files changed, 29 insertions(+), 29 deletions(-) diff --git a/website/content/docs/agent/config-entries.mdx b/website/content/docs/agent/config-entries.mdx index 5ee87f7064..358b656681 100644 --- a/website/content/docs/agent/config-entries.mdx +++ b/website/content/docs/agent/config-entries.mdx @@ -2,7 +2,7 @@ layout: docs page_title: How to Use Configuration Entries description: >- -Configuration entries define default properties for Consul components. Learn how to use the `consul config` command to create, manage, and delete configuration entries. +Configuration entries define the behavior of Consul service mesh components. Learn how to use the `consul config` command to create, manage, and delete configuration entries. --- # How to Use Configuration Entries diff --git a/website/content/docs/agent/config/config-files.mdx b/website/content/docs/agent/config/config-files.mdx index bdbf72f982..c72416104c 100644 --- a/website/content/docs/agent/config/config-files.mdx +++ b/website/content/docs/agent/config/config-files.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Agents: Configuration File Reference description: >- -Use agent configuration files to assign attributes to agents on startup. Learn about agent configuration file parameters and formatting with this reference page and sample code. +Use agent configuration files to assign attributes to agents and configure multiple agents at once. Learn about agent configuration file parameters and formatting with this reference page and sample code. --- # Agents Configuration File Reference ((#configuration_files)) diff --git a/website/content/docs/agent/config/index.mdx b/website/content/docs/agent/config/index.mdx index b1c17fc96c..06fbfea6b8 100644 --- a/website/content/docs/agent/config/index.mdx +++ b/website/content/docs/agent/config/index.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Agents: Configuration Explained description: >- -Agent configuration is the process of defining server and client agents with CLI flags and definition files. Learn what properties can be configured on reload and how Consul sets precedence for configuration settings. +Agent configuration is the process of defining server and client agent properties with CLI flags and configuration files. Learn what properties can be configured on reload and how Consul sets precedence for configuration settings. --- # Agent Configuration diff --git a/website/content/docs/agent/index.mdx b/website/content/docs/agent/index.mdx index fdd1bfe9a4..7030a781ef 100644 --- a/website/content/docs/agent/index.mdx +++ b/website/content/docs/agent/index.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Agents Overview description: >- -Agents maintain membership, register services, respond to queries, and make most of Consul’s functions possible. Learn how to start, stop, and configure agents, as well as their requirements and lifecycles. +Agents maintain register services, respond to queries, maintain datacenter membership information, and make most of Consul’s functions possible. Learn how to start, stop, and configure agents, as well as their requirements and lifecycle. --- # Agents Overview diff --git a/website/content/docs/agent/sentinel.mdx b/website/content/docs/agent/sentinel.mdx index 1fe333c281..b44d5bdb26 100644 --- a/website/content/docs/agent/sentinel.mdx +++ b/website/content/docs/agent/sentinel.mdx @@ -2,10 +2,10 @@ layout: docs page_title: Sentinel ACL Policies (Enterprise) description: >- -Sentinel allows you to include conditional logic when formatting policies. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities. +Sentinel allows you to include conditional logic in access control policies. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities for controlling key-value (KV) write access. --- -# Sentinel ACL Policies +# Sentinel for KV ACL Policy Enforcement diff --git a/website/content/docs/agent/telemetry.mdx b/website/content/docs/agent/telemetry.mdx index 789061cf28..a290bc65de 100644 --- a/website/content/docs/agent/telemetry.mdx +++ b/website/content/docs/agent/telemetry.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Agents: Enable Metrics description: >- -Configure agent telemetry to collect operations metrics you can use to debug and observe deployments. Learn about configuration options, the metrics you can collect, and why they're important. +Configure agent telemetry to collect operations metrics you can use to debug and observe Consul behavior and performance. Learn about configuration options, the metrics you can collect, and why they're important. --- # Agent Telemetry diff --git a/website/content/docs/discovery/checks.mdx b/website/content/docs/discovery/checks.mdx index 22f856bade..a9ab2a5d33 100644 --- a/website/content/docs/discovery/checks.mdx +++ b/website/content/docs/discovery/checks.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Configure Health Checks description: >- -To check the health of a service instance or node, Consul periodically attempts a connection. Learn about the types of health checks and how to define them in agent and service configuration files. +Agents can be configured to periodically perform custom checks on the health of a service instance or node. Learn about the types of health checks and how to define them in agent and service configuration files. --- # Health Checks diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 2bd18704eb..3566aa7c34 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Query services with DNS +page_title: Find services with DNS description: >- -Domain Name Service (DNS) is the main way to look up, query, and address Consul nodes and services. Learn how a DNS lookup can help you find services by tag, name, namespace, partition, datacenter, or domain. +For service discovery use cases, Domain Name Service (DNS) is the main interface to look up, query, and address Consul nodes and services. Learn how a Consul DNS lookup can help you find services by tag, name, namespace, partition, datacenter, or domain. --- # Query services with DNS diff --git a/website/content/docs/discovery/services.mdx b/website/content/docs/discovery/services.mdx index 1155f97db4..d4c4c8fc94 100644 --- a/website/content/docs/discovery/services.mdx +++ b/website/content/docs/discovery/services.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Service Configuration Files +page_title: Register Services with Service Definitions description: >- -Use configuration files to define and register services with Consul and associate services with health checks. Learn how to format service definitions with this reference page and sample code. +Define and register services and their health checks with Consul to make a service available for service discovery or service mesh access. Learn how to format service definitions with this reference page and sample code. --- -# Service Configuration Files +# Register Services with Service Definitions One of the main goals of service discovery is to provide a catalog of available services. To that end, the agent provides a simple service definition format diff --git a/website/content/docs/integrate/download-tools.mdx b/website/content/docs/integrate/download-tools.mdx index af9700c7be..d9b817f572 100644 --- a/website/content/docs/integrate/download-tools.mdx +++ b/website/content/docs/integrate/download-tools.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Consul Tools description: >- -Consul Tools provide additional functionality by integrating other products and services with Consul. Learn about tools created by Hashicorp, as well as add-ons developed by the Consul community. +Consul's capabilities can be extended through integration with other tools. Learn about Consul-related tools created by HashiCorp and by the Consul community. --- # Download Consul Tools diff --git a/website/content/docs/integrate/nia-integration.mdx b/website/content/docs/integrate/nia-integration.mdx index 5e6bd99a17..fb32209172 100644 --- a/website/content/docs/integrate/nia-integration.mdx +++ b/website/content/docs/integrate/nia-integration.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Network Infrastructure Automation (NIA) Integration Program description: >- -The NIA Integration Program allows approved partners to develop Terraform modules for Consul-Terraform-Sync (CTS) that Hashicorp reviews and officially verifies. Learn about the program and how to get more information. +The Network Infrastructure Automation (NIA) Integration Program allows partners to develop Terraform modules for Consul-Terraform-Sync (CTS) that HashiCorp reviews to consider publishing as officially verified. Learn about how to participate in the program. --- # Network Infrastructure Automation Integration Program diff --git a/website/content/docs/integrate/partnerships.mdx b/website/content/docs/integrate/partnerships.mdx index 1966288905..b1f1924df0 100644 --- a/website/content/docs/integrate/partnerships.mdx +++ b/website/content/docs/integrate/partnerships.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Consul Integration Program description: >- -The Consul Integration Program allows approved partners to develop Consul integrations that Hashicorp reviews and officially verifies. Learn about the program and how to get more information. +The Consul Integration Program allows approved partners to develop Consul integrations that HashiCorp reviews to consider publishing as officially verified. Learn about how to participate in the program. --- # Consul Integration Program diff --git a/website/content/docs/security/acl/acl-federated-datacenters.mdx b/website/content/docs/security/acl/acl-federated-datacenters.mdx index bf4c80612b..935c42adac 100644 --- a/website/content/docs/security/acl/acl-federated-datacenters.mdx +++ b/website/content/docs/security/acl/acl-federated-datacenters.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: ACLs for Federated Datacenters +page_title: ACL Setup for WAN Federated Datacenters description: >- -You can apply ACLs in federated datacenters to secure access for distributed deployments. Learn how to create replication tokens from agent tokens and apply them to server and client agents. +Consul's access control list (ACL) system can span multiple datacenters that are WAN federated. Learn how to replicate the ACL system from the primary datacenter to secondary datacenters using a replication token. --- # ACLs in Federated Datacenters diff --git a/website/content/docs/security/acl/acl-legacy.mdx b/website/content/docs/security/acl/acl-legacy.mdx index ad02df455e..ad2aed31b5 100644 --- a/website/content/docs/security/acl/acl-legacy.mdx +++ b/website/content/docs/security/acl/acl-legacy.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Legacy ACL System description: >- -Consul's original ACL system was updated in version 1.4.0 and the legacy system is no longer supported as of 1.11.0. Learn how Consul's original ACLs worked and how it differs from current ACLs. +Consul's legacy ACL system was deprecated in version 1.4.0 and removed in version 1.11.0. Learn how Consul's legacy ACL system worked and how it differs from the current ACL system. --- # ACL System in Legacy Mode diff --git a/website/content/docs/security/acl/acl-migrate-tokens.mdx b/website/content/docs/security/acl/acl-migrate-tokens.mdx index f643bcfb04..379f46e8c0 100644 --- a/website/content/docs/security/acl/acl-migrate-tokens.mdx +++ b/website/content/docs/security/acl/acl-migrate-tokens.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Token Migration (ACL) +page_title: Legacy ACL Token Migration description: >- -Migrate legacy tokens when updating to Consul 1.4.0+ from earlier versions to use the improved ACL system. Learn about the migration process, how to update tokens, and examples for creating policies. +Migrate legacy tokens when updating to Consul 1.4.0+ from earlier versions to use the current ACL system. Learn about the migration process, how to update tokens, and examples for creating policies. --- # ACL Token Migration diff --git a/website/content/docs/security/acl/acl-policies.mdx b/website/content/docs/security/acl/acl-policies.mdx index c2234a408d..23fae1c0a5 100644 --- a/website/content/docs/security/acl/acl-policies.mdx +++ b/website/content/docs/security/acl/acl-policies.mdx @@ -2,7 +2,7 @@ layout: docs page_title: ACL Policies description: >- -Policies are groups of one or more rules that link resources to access permissions and tokens in the ACL system. Learn how to format and combine rules into policies and implement policies in Consul. +ACL policies define access control rules for resources in Consul. When an ACL token is submitted with a request, Consul authorizes access based on the token's associated policies. Learn how to format and combine rules into policies and apply them to tokens. --- # ACL Policies diff --git a/website/content/docs/security/acl/acl-roles.mdx b/website/content/docs/security/acl/acl-roles.mdx index d5e0932293..9f0722519d 100644 --- a/website/content/docs/security/acl/acl-roles.mdx +++ b/website/content/docs/security/acl/acl-roles.mdx @@ -2,7 +2,7 @@ layout: docs page_title: ACL Roles description: >- -Roles are a collection of ACL policies that enable service and node identities. Learn how roles allow you to reuse and update policies without requiring unique tokens for each requestor. +Roles are a named collection of ACL policies, service identities, and node identities. Learn how roles allow you to reuse and update access control policies without needing to distribute new tokens to users. --- # ACL Roles diff --git a/website/content/docs/security/acl/acl-rules.mdx b/website/content/docs/security/acl/acl-rules.mdx index c813377e80..9387a2e814 100644 --- a/website/content/docs/security/acl/acl-rules.mdx +++ b/website/content/docs/security/acl/acl-rules.mdx @@ -2,7 +2,7 @@ layout: docs page_title: ACL Rules description: >- -Rules define read, write, and deny access for datacenter resources. Learn about these resources and how to assign rules to them, as well as their restrictions and API interactions. +Rules define read, write, and deny access controls for datacenter resources. Learn about these resources and how to assign rules to them, as well as their restrictions and API interactions. --- # ACL Rules diff --git a/website/content/docs/security/acl/acl-tokens.mdx b/website/content/docs/security/acl/acl-tokens.mdx index 06025109ad..7742bbbdfb 100644 --- a/website/content/docs/security/acl/acl-tokens.mdx +++ b/website/content/docs/security/acl/acl-tokens.mdx @@ -2,7 +2,7 @@ layout: docs page_title: ACL Tokens description: >- -Tokens authenticate users, services, and agents in Consul’s ACL system. Learn about token attributes, special-purpose and built-in tokens, and how to pass a token’s SecretID in the CLI and API. +Tokens are used to authenticate users, services, and agents and authorize their access to resources in Consul. Learn about token attributes, special-purpose and built-in tokens, and how to pass a token’s SecretID in the CLI and API. --- # ACL Tokens diff --git a/website/content/docs/security/encryption.mdx b/website/content/docs/security/encryption.mdx index fafcffdb16..3cde539f8a 100644 --- a/website/content/docs/security/encryption.mdx +++ b/website/content/docs/security/encryption.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Encryption Systems description: >- -Two encryption systems protect Consul’s network communications. Learn how keys secure gossip between agents and how RPC with TLS certificates verifies the authenticity of servers and clients. +Consul supports encrypting all of its network traffic. Remote Process Calls (RPCs) between client and server agents can be encrypted with TLS and authenticated with certificates. Gossip communication between all agents can also be encrypted. --- # Encryption diff --git a/website/content/docs/security/security-models/core.mdx b/website/content/docs/security/security-models/core.mdx index 11f2cfdc70..7ea2304d37 100644 --- a/website/content/docs/security/security-models/core.mdx +++ b/website/content/docs/security/security-models/core.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Security Models: Consul Core +page_title: Security Models: Consul description: >- -The security model for Consul Core details requirements and recommendations for securing access to your network. Learn about potential threats and how to protect Consul from malicious actors. +The security model for Consul Core details requirements and recommendations for securing your deployment of Consul. Learn about potential threats and how to protect Consul from malicious actors. --- ## Overview diff --git a/website/content/docs/security/security-models/nia.mdx b/website/content/docs/security/security-models/nia.mdx index cc1b484a3e..0bfd0a5829 100644 --- a/website/content/docs/security/security-models/nia.mdx +++ b/website/content/docs/security/security-models/nia.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Security Models: Network Infrastructure Automation (NIA) description: >- -The NIA security model details requirements and recommendations for securing access to your network when using Consul-Terraform-Sync (CTS). Learn about potential threats and how to protect Consul from malicious actors. +The NIA security model details requirements and recommendations for securing your Consul-Terraform-Sync (CTS) deployment. Learn about potential threats and how to protect CTS from malicious actors. --- ## Overview