OSDOCS-18316 [ROSA] CQA: GovCloud Book

modules/rosa-govcloud-deploy-cluster.adoc

@@ -5,6 +5,7 @@
 [id="rosa-govcloud-deploy-cluster_{context}"]
 = Preparing to deploy a {product-title} cluster in AWS GovCloud
 
+[role="_abstract"]
 To deploy a {product-title} cluster in AWS GovCloud, you must be logged in to your Red{nbsp}Hat FedRAMP account.
 
 .Prerequisites
@@ -20,19 +21,19 @@ To deploy a {product-title} cluster in AWS GovCloud, you must be logged in to yo
 +
 . In your terminal:
 +
-.. Run `rosa login` and paste your copied token in order to log into the service.
+.. Run `rosa login` and paste your copied token to log in to the service.
 +
 [source,terminal]
 ----
 $ rosa login --govcloud --token=<TOKEN>
 ----
 +
-====
 [NOTE]
-Depending on your AWS CLI configuration, you may need to add a government region to the end of the command string like `--region us-gov-west-1`.
+====
+Depending on your AWS CLI configuration, you might need to add a government region to the end of the command string, such as `--region us-gov-west-1`.
 ====
 +
-.. Run `rosa whoami` to confirm all information is correct ensuring that you are using the AWS Gov region and the OCM API is “https://api.openshiftusgov.com”..
+.. Run `rosa whoami` to confirm all information is correct ensuring that you are using the AWS Gov region and the {cluster-manager-first} API is “https://api.openshiftusgov.com”..
 +
 [source,terminal]
 ----

modules/rosa-govcloud-fedramp-signup.adoc

@@ -6,34 +6,30 @@
 [id="rosa-govcloud-fedramp-signup_{context}"]
 = Signing up for a Red Hat FedRAMP account
 
+[role="_abstract"]
 To access {product-title} in AWS GovCloud, you must sign up for a Red{nbsp}Hat FedRAMP account.
 
 .Procedure
-. Navigate to link:https://console.redhat.com/openshift/create/rosa/govcloud[].
+. Navigate to link:https://console.redhat.com/openshift/create/rosa/govcloud[the ROSA GovCloud access request form].
 . Complete the access request form.
-. Click *Submit* to sign up.
+. Click *Submit* to sign up. You receive a _Submission confirmation_.
 +
-You will receive a _Submission confirmation_.
-
-Red{nbsp}Hat's confirmed stateside support team will contact you through email for the following information:
-
-* *Admin details* to include your _organization name_, _administrator first and last name_ and _administrator email_.
-
+Red{nbsp}Hat's confirmed stateside support team contacts you through email for the following information:
++
+* *Admin details* to include your _organization name_, _administrator first and surname_ and _administrator email_.
 * *User authentication* option to the FedRAMP {hybrid-console-second} from one of the following two options:
-
-** _Local group in a Red{nbsp}Hat managed Keycloak instance_, where users will be required to setup multi-factor authentication (MFA) with an approved device.
+** _Local group in a Red{nbsp}Hat managed Keycloak instance_, where users will be required to setup multifactor authentication (MFA) with an approved device.
 +
-====
 [NOTE]
+====
 Only device link:https://www.yubico.com/product/yubikey-5c-nfc-fips[YubiKEY 5C NFC FIPS] currently accepted.
 ====
++
 ** _Customer managed Identity Provider (IdP), integrated via OpenID Connect (OIDC)_, where you will need to provide the following:
 *** *Discovery Endpoint:* The IdP's OIDC discovery URL (typically ending in _/.well-known/openid-configuration_). This allows Keycloak to automatically fetch most of the IdP's settings.
 *** *Client ID and secret:* Credentials that allow Keycloak to authenticate with the customer's IdP.
 *** *Email domain(s):* A list of approved email domains. Only users with an email address from one of these domains will be allowed to log in.
-*** *Essential claim:* A specific key-value pair (e.g., _"rh-approved": "true"_) that must be present in a user's token from the IdP to grant them access.
-+
-In this configuration, the customer takes on the responsibility for implementing FIPS 140-2 validated MFA.
+*** *Essential claim:* A specific key-value pair (e.g., _"rh-approved": "true"_) that must be present in a user's token from the IdP to grant them access. In this configuration, the customer takes on the responsibility for implementing FIPS 140-2 validated MFA.
 
 
 // Following process with a sign up button will not be available until https://issues.redhat.com/browse/CRCPLAN-397 is complete.

modules/rosa-govcloud-manage-fedramp.adoc

@@ -10,16 +10,16 @@ To change your FedRAMP account password, you must have access to your Red{nbsp}H
 
 .Procedure
 
-. Navigate to link:https://sso.openshiftusgov.com/realms/redhat-external/account[].
+. Navigate to link:https://sso.openshiftusgov.com/realms/redhat-external/account[the Red Hat FedRAMP account management page].
 . Sign in with your current username and password.
 . Under the middle box called _Account Security_, click *Signing In*.
-. Under _Basic Authentication_, select *Password*.
+. Under _Basic authentication_, select *Password*.
 . Click *Update* and choose a password that meets the following requirements:
 +
 * Minimum of fifteen (15) characters
 * At least one (1) upper-case letter
 * At least one (1) lower-case letter
 * At least one (1) number
-* At least one (1) special character (e.g. ~ ! @ # $ % ^ & * ( ) _ + = - ‘ [ ] / ? > <)
+* At least one (1) special character (e.g. ~ ! @ # $ % ^ & * ( ) _ + = - ' [ ] / ? > <)
 . Confirm your password.
 . Click *Submit*.

modules/rosa-govcloud-privatelink-create-cluster.adoc

@@ -5,7 +5,8 @@
 [id="rosa-aws-privatelink-create-cluster_{context}"]
 = Creating an AWS PrivateLink cluster
 
-You can create an AWS PrivateLink cluster using the {rosa-cli-first}.
+[role="_abstract"]
+You can create an AWS PrivateLink cluster by using the {rosa-cli-first}.
 
 [NOTE]
 ====
@@ -28,9 +29,7 @@ endif::openshift-rosa-hcp[]
 
 .Procedure
 
-Creating a cluster can take up to 40 minutes.
-
-. With AWS PrivateLink, you can create a cluster with a single availability zone (Single-AZ) or multiple availability zones (Multi-AZ). In either case, your machine's classless inter-domain routing (CIDR) must match your virtual private cloud's CIDR. See link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-requirements_installing-aws-vpc[Requirements for using your own VPC] and link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-validation_installing-aws-vpc[VPC validation] for more information.
+. With AWS PrivateLink, you can create a cluster with a single availability zone (Single-AZ) or many availability zones (Multi-AZ). In either case, your machine's classless inter-domain routing (CIDR) must match your virtual private cloud's CIDR. See link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-requirements_installing-aws-vpc[Requirements for using your own VPC] and link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-validation_installing-aws-vpc[VPC validation] for more information.
 +
 [IMPORTANT]
 ====
@@ -39,9 +38,12 @@ If you use a firewall, you must configure it so that {product-title} can access
 For more information, see the AWS PrivateLink firewall prerequisites section.
 ====
 +
---
-include::snippets/rosa-long-cluster-name.adoc[]
---
+[NOTE]
+====
+If your cluster name is longer than 15 characters, it will contain an automatically generated domain prefix as a sub-domain for your provisioned cluster on `*.openshiftapps.com`.
+
+To customize the subdomain, use the `--domain-prefix` flag. The domain prefix cannot be longer than 15 characters, must be unique, and cannot be changed after cluster creation.
+====
 +
 ** To create a Single-AZ cluster:
 +
@@ -56,7 +58,7 @@ $ rosa create cluster --private-link --cluster-name=<cluster-name> [--machine-ci
 $ rosa create cluster --private-link --multi-az --cluster-name=<cluster-name> [--machine-cidr=<VPC CIDR>/16] --subnet-ids=<private-subnet-id1>,<private-subnet-id2>,<private-subnet-id3>
 ----
 
-. Enter the following command to check the status of your cluster. During cluster creation, the `State` field from the output will transition from `pending` to `installing`, and finally to `ready`.
+. Enter the following command to check the status of your cluster. During cluster creation, the `State` field from the output changesfrom `pending` to `installing`, and finally to `ready`.
 +
 [source,terminal]
 ----

modules/rosa-govcloud-support-ticket.adoc

@@ -5,11 +5,12 @@
 [id="rosa-govcloud-support-ticket_{context}"]
 = Opening a support ticket
 
-To get access to open a support ticket please complete the following.
+[role="_abstract"]
+To get access to open a support ticket, complete the following steps.
 
 .Procedure
 
-. If you need to create an account, please contact fedramp-css@openshiftusgov.com.
-. Once access is granted, navigate to link:https://redhatgov.servicenowservices.com/css[].
+. If you need to create an account, contact fedramp-css@openshiftusgov.com.
+. After you receive access, navigate to the link:https://redhatgov.servicenowservices.com/css[Red Hat GovCloud support portal].
 . Click *Create Case* and complete the required information.
 . Click *Submit*.

rosa_govcloud/rosa-govcloud-account-management.adoc

@@ -7,7 +7,7 @@ include::_attributes/attributes-openshift-dedicated.adoc[]
 toc::[]
 
 [role="_abstract"]
-Once you have access to the FedRAMP accounts, you can manage the credentials as needed.
+When you have access to the FedRAMP accounts, you can manage the credentials according to your needs.
 
 include::modules/rosa-govcloud-manage-fedramp.adoc[leveloffset=+1]
 

rosa_govcloud/rosa-govcloud-getting-started.adoc

@@ -16,7 +16,7 @@ toc::[]
 //Federal and government agencies can be granted access to the {product-title} in AWS GovCloud environment without further verification. However, commercial organizations and Federal Information Security Modernization Act (FISMA) R&D Universities must provide documentation to show that they are supporting a government contract or in the process of bidding on a government contract such as a request for proposal (RFP) or request for information (RFI) pre-bid stage. The customers who are in the government support verification process can review a subset of the FedRAMP Authority to Operate (ATO) documentation, but cannot gain access to the {product-title} in AWS GovCloud environment until verification is complete.
 
 [role="_abstract"]
-This service is for use by federal and government agencies, or by commercial organizations and Federal Information Security Modernization Act (FISMA) R&D Universities supporting a government contract or in the process of bidding on a government contract such as a request for proposal (RFP) or request for information (RFI) pre-bid stage.
+This service is for use by federal and government agencies, or by commercial organizations and Federal Information Security Modernization Act (FISMA) research and development universities supporting a government contract or in the process of bidding on a government contract such as a request for proposal (RFP) or request for information (RFI) pre-bid stage.
 
 //Snippet for accessing ROSA in AWS GovCloud
 include::snippets/rosa-access-govcloud.adoc[]

rosa_govcloud/rosa-install-govcloud-cluster.adoc

@@ -7,13 +7,12 @@ include::_attributes/attributes-openshift-dedicated.adoc[]
 toc::[]
 
 [role="_abstract"]
-To install a {product-title} cluster in AWS GovCloud you must:
-
-* Meet the requirements to access AWS GovCloud.
-* Complete the steps in xref:../rosa_govcloud/rosa-govcloud-getting-started.adoc#rosa-govcloud-getting-started[Getting started with {product-title} in AWS GovCloud]:
-** Preparing to access {product-title} in AWS GovCloud.
-** Signing up for a Red{nbsp}Hat FedRAMP account following.
+You can install a {product-title} cluster in AWS GovCloud with or without AWS PrivateLink. Before you begin, ensure that you meet the requirements to access AWS GovCloud, you have prepared to access {product-title} in AWS GovCloud, and you have signed up for a Red{nbsp}Hat FedRAMP account.
 
 include::modules/rosa-govcloud-deploy-cluster.adoc[leveloffset=+1]
 
 include::modules/rosa-govcloud-privatelink-create-cluster.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+* xref:../rosa_govcloud/rosa-govcloud-getting-started.adoc#rosa-govcloud-getting-started[Getting started with {product-title} in AWS GovCloud]