openshift
diff --git a/‎modules/aws-direct-connect.adoc‎
Lines changed: 14 additions & 7 deletions b/‎modules/aws-direct-connect.adoc‎
Lines changed: 14 additions & 7 deletions
diff --git a/‎modules/aws-vpc.adoc‎
Lines changed: 8 additions & 11 deletions b/‎modules/aws-vpc.adoc‎
Lines changed: 8 additions & 11 deletions
diff --git a/‎modules/aws-vpn.adoc‎
Lines changed: 9 additions & 8 deletions b/‎modules/aws-vpn.adoc‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎modules/cloud-experts-deploying-application-scaling-node-autoscaling.adoc‎
Lines changed: 1 addition & 1 deletion b/‎modules/cloud-experts-deploying-application-scaling-node-autoscaling.adoc‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/cluster-autoscaler-about.adoc‎
Lines changed: 2 additions & 2 deletions b/‎modules/cluster-autoscaler-about.adoc‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎modules/config-aws-access.adoc‎
Lines changed: 11 additions & 6 deletions b/‎modules/config-aws-access.adoc‎
Lines changed: 11 additions & 6 deletions
@@ -4,20 +4,22 @@
 
 :_mod-docs-content-type: PROCEDURE
 [id="aws-direct-connect_{context}"]
-= Configure AWS Direct Connect
+= Configuring AWS Direct Connect
 
-[role="_abstract"]
-Configure AWS Direct Connect to establish a dedicated network connection between your remote network and your {product-title} cluster Virtual Private Cloud (VPC).
 
-{AWS} Direct Connect requires a hosted Virtual Interface (VIF) connected to a Direct Connect Gateway (DXGateway), which is in turn associated to a Virtual Gateway (VGW) or a Transit Gateway. This allows you to access a remote VPC in the same or another account.
+{AWS} Direct Connect requires a hosted Virtual Interface (VIF) connected to a Direct Connect Gateway (DXGateway), which is in turn associated to a Virtual Gateway (VGW) or a Transit Gateway in order to access a remote Virtual Private Cloud (VPC) in the same or another account.
+
+If you do not have an existing DXGateway, the typical process involves creating the hosted VIF, with the DXGateway and VGW being created in your AWS account.
+
+If you have an existing DXGateway connected to one or more existing VGWs, the process involves your AWS account sending an Association Proposal to the DXGateway owner. The DXGateway owner must ensure that the proposed CIDR will not conflict with any other VGWs they have associated.
 
 .Prerequisites
 
-* The Classless Inter-Domain Routing (CIDR) range of the {product-title} VPC does not conflict with any other associated VGWs.
+* Confirm the CIDR range of the {product-title} VPC will not conflict with any other VGWs you have associated.
 * Gather the following information:
 ** The Direct Connect Gateway ID.
 ** The AWS Account ID associated with the virtual interface.
-** The Border Gateway Protocol (BGP) Autonomous System Number (ASN) assigned for the DXGateway. Optional: the Amazon default ASN may also be used.
+** The BGP ASN assigned for the DXGateway. Optional: the Amazon default ASN may also be used.
 
 .Procedure
 
@@ -32,4 +34,9 @@ Configure AWS Direct Connect to establish a dedicated network connection between
 [WARNING]
 ====
 When connecting to an existing DXGateway, you are responsible for the link:https://aws.amazon.com/directconnect/pricing/[costs].
-====
+====
+
+[role="_additional-resources"]
+.Additional resources
+
+* For more information and troubleshooting help, see the link:https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html[AWS Direct Connect] guide.
@@ -4,19 +4,16 @@
 
 :_mod-docs-content-type: PROCEDURE
 [id="aws-vpc_{context}"]
-= Configure AWS Virtual Private Cloud peering
+= Configuring AWS VPC peering
 
-[role="_abstract"]
-Configure an {AWS} Virtual Private Cloud (VPC) peering connection to route traffic between two VPCs using private IPv4 or IPv6 addresses.
 
-[IMPORTANT]
+A Virtual Private Cloud (VPC) peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. You can configure an {AWS} VPC containing an {product-title} cluster to peer with another AWS VPC network.
+
+[WARNING]
 ====
 Before you attempt to uninstall a cluster, you must remove any VPC peering connections from the cluster's VPC. Failure to do so might result in a cluster not completing the uninstall process.
-====
 
-[NOTE]
-====
-AWS supports inter-region VPC peering between all commercial regions excluding China. For more information, see link:https://aws.amazon.com/vpc/faqs/#Peering_Connections[AWS VPC FAQs].
+AWS supports inter-region VPC peering between all commercial regions link:https://aws.amazon.com/vpc/faqs/#Peering_Connections[excluding China].
 ====
 
 .Prerequisites
@@ -25,8 +22,8 @@ AWS supports inter-region VPC peering between all commercial regions excluding C
 ** Customer AWS account number
 ** Customer VPC ID
 ** Customer VPC Region
-** Customer VPC Classless Inter-Domain Routing (CIDR)
-* The CIDR block of the {product-title} Cluster VPC does not overlap or match the Customer VPC CIDR block. See the Amazon VPC link:https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html[Unsupported VPC peering configurations] documentation for details on invalid configurations.
+** Customer VPC CIDR
+* Check the CIDR block used by the {product-title} Cluster VPC. If it overlaps or matches the CIDR block for the Customer VPC, then peering between these two VPCs is not possible; see the Amazon VPC link:https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html[Unsupported VPC peering configurations] documentation for details. If the CIDR blocks do not overlap, you can proceed with the procedure.
 
 .Procedure
 
@@ -39,4 +36,4 @@ AWS supports inter-region VPC peering between all commercial regions excluding C
 [role="_additional-resources"]
 .Additional resources
 
-* link:https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html[AWS VPC guide]
+* For more information and troubleshooting help, see the link:https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html[AWS VPC] guide.
@@ -4,24 +4,25 @@
 
 :_mod-docs-content-type: PROCEDURE
 [id="aws-vpn_{context}"]
-= Configure an AWS Virtual Private Network
+= Configuring an AWS VPN
 
-[role="_abstract"]
-Configure an AWS Site-to-Site Virtual Private Network (VPN) connection to enable secure communication between your {product-title} cluster Virtual Private Cloud (VPC) and your remote on-site network.
+
+You can configure an {AWS} {product-title} cluster to use a customer’s on-site hardware Virtual Private Network (VPN) device. By default, instances that you launch into an AWS Virtual Private Cloud (VPC) cannot communicate with your own (remote) network. You can enable access to your remote network from your VPC by creating an AWS Site-to-Site VPN connection, and configuring routing to pass traffic through the connection.
 
 [NOTE]
 ====
-AWS VPN does not currently provide a managed option to apply Network Address Translation (NAT) to VPN traffic. See the link:https://aws.amazon.com/premiumsupport/knowledge-center/configure-nat-for-vpn-traffic/[AWS Knowledge Center] for more details.
+AWS VPN does not currently provide a managed option to apply NAT to VPN traffic. See the link:https://aws.amazon.com/premiumsupport/knowledge-center/configure-nat-for-vpn-traffic/[AWS Knowledge Center] for more details.
 
 Routing all traffic, for example `0.0.0.0/0`, through a private connection is not supported. This requires deleting the internet gateway, which disables SRE management traffic.
 ====
 
 .Prerequisites
 
-* Hardware VPN gateway device model and software version, for example Cisco Adaptive Security Appliance (ASA) running version 8.3. See the link:https://docs.aws.amazon.com/vpc/latest/adminguide/Introduction.html#DevicesTested[AWS documentation] to confirm whether your gateway device is supported by AWS.
+* Hardware VPN gateway device model and software version, for example Cisco ASA running version 8.3. See the link:https://docs.aws.amazon.com/vpc/latest/adminguide/Introduction.html#DevicesTested[AWS documentation] to confirm whether your gateway device is supported by AWS.
 * Public, static IP address for the VPN gateway device.
-* Border Gateway Protocol (BGP) or static routing: if BGP, the Autonomous System Number (ASN) is available. If static routing, at least one static route is configured.
-* Optional: Internet Protocol (IP) address and port/protocol of a reachable service to test the VPN connection.
+* BGP or static routing: if BGP, the ASN is required. If static routing, you must
+configure at least one static route.
+* Optional: IP and port/protocol of a reachable service to test the VPN connection.
 
 .Procedure
 
@@ -43,4 +44,4 @@ Note the VPC subnet information, which you must add to your configuration as the
 [role="_additional-resources"]
 .Additional resources
 
-* link:https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html[AWS VPN guide]
+* For more information and troubleshooting help, see the link:https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html[AWS VPN] guide.
@@ -9,7 +9,7 @@
 [role="_abstract"]
 {product-title} allows you to use node autoscaling. In this scenario, you will create a new project with a job that has a large workload that the cluster cannot handle. With autoscaling enabled, when the load is larger than your current capacity, the cluster will automatically create new nodes to handle the load.
 
-{product-title} allows you to use link:https://docs.openshift.com/rosa/rosa_cluster_admin/rosa-nodes-about-autoscaling-nodes.html[node autoscaling]. In this scenario, you will create a new project with a job that has a large workload that the cluster cannot handle. With autoscaling enabled, when the load is larger than your current capacity, the cluster will automatically create new nodes to handle the load.
+{product-title} allows you to use link:https://docs.openshift.com/rosa/rosa_cluster_admin/rosa_nodes/rosa-nodes-about-autoscaling-nodes.html[node autoscaling]. In this scenario, you will create a new project with a job that has a large workload that the cluster cannot handle. With autoscaling enabled, when the load is larger than your current capacity, the cluster will automatically create new nodes to handle the load.
 
 .Prerequisites
 
 
@@ -10,10 +10,10 @@
 
 :_mod-docs-content-type: CONCEPT
 [id="cluster-autoscaler-about_{context}"]
-= The cluster autoscaler
+= About the cluster autoscaler
 
 [role="_abstract"]
-The cluster autoscaler adjusts the size of an {product-title} cluster to meet its current deployment needs. It uses declarative, Kubernetes-style arguments to provide infrastructure management that does not rely on objects of a specific cloud provider.
+The cluster autoscaler adjusts the size of an {product-title} cluster to meet its current deployment needs. It uses declarative, Kubernetes-style arguments to provide infrastructure management that does not rely on objects of a specific cloud provider. The cluster autoscaler has a cluster scope, and is not associated with a particular namespace.
 ifdef::openshift-rosa-hcp[]
 In {product-title}, the Cluster Autoscaler is fully managed, which means it is hosted along with the control plane.
 endif::openshift-rosa-hcp[]
 
@@ -4,10 +4,11 @@
 
 :_mod-docs-content-type: PROCEDURE
 [id="config-aws-access_{context}"]
-= Configure AWS infrastructure access
 
-[role="_abstract"]
-Configure AWS infrastructure access to enable AWS Identity and Access Management (IAM) users to have federated access to the AWS Management Console for your {product-title} cluster.
+= Configuring AWS infrastructure access
+
+// TODO: I see {AWS} and {GCP} only used a handful of time, but their written out form much more. Should all hardcoded instances be updated to use the attributes?
+{AWS} infrastructure access allows link:https://access.redhat.com/node/3610411[Customer Portal Organization Administrators] and cluster owners to enable AWS Identity and Access Management (IAM) users to have federated access to the AWS Management Console for their {product-title} cluster. Administrators can select between `Network Management` or `Read-only` access options.
 
 .Prerequisites
 
@@ -53,7 +54,7 @@ It is not recommended to set a permissions boundary.
 
 .. Click *Next: Tags*, then click *Next: Review*. Confirm the configuration is correct.
 .. Click *Create user*, a success page appears.
-.. Gather the IAM user’s Amazon Resource Name (ARN). The ARN has the following format: `arn:aws:iam::000111222333:user/username`. Click *Close*.
+.. Gather the IAM user’s Amazon Resource Name (ARN). The ARN will have the following format: `arn:aws:iam::000111222333:user/username`. Click *Close*.
 
 . Open {cluster-manager-url} in your browser and select the cluster you want to allow AWS infrastructure access.
 
@@ -65,6 +66,10 @@ It is not recommended to set a permissions boundary.
 
 . Sign in to your AWS account with your Account ID or alias, IAM user name, and password.
 
-. In a new browser tab, paste the AWS OSD Console URL that routes to the AWS Switch Role page.
+. In a new browser tab, paste the AWS OSD Console URL that will be used to route to the AWS Switch Role page.
+
+. Your account number and role will be filled in already. Choose a display name if necessary, then click *Switch Role*.
+
+.Verification
 
-. Your account number and role are filled in already. Choose a display name if necessary, then click *Switch Role*.
+* You now see *VPC* under *Recently visited services*.