EKS user journey (#1715)

* Revise steps * Fixed tables * Clean up steps, improve flow * Add info based on prototype. * Verify steps, add resources * Several small changes * Add links to existing OIDC documentation * Add links to other docs * Last changes from final workflow walkthrough * Updates for internal style, grammar: add aws acct * Fix repeated 'the' * Vale fixes * Incorporate first comments * Revise info block, add link * Added review comments * Fix typo in policy name * Revised KMS key creation section * Apply suggestions from code review Co-authored-by: Karl Cardenas <[email protected]> * Apply suggestions from code review Co-authored-by: Karl Cardenas <[email protected]> * Incorporate review comments for KMS key * Fix typo * Create new page for KMS key * Add Access EKS Cluster section * Minor change to Access EKS Cluster * Replace kubelogin prereq w. aws-iam-authenticator * Revised Access EKS Cluster, step 9, prereqs * docs: updates and clarifications * Fix typo --------- Co-authored-by: Karl Cardenas <[email protected]> (cherry picked from commit 7e40ede)
spectrocloud · Nov 8, 2023 · f04476d · f04476d
1 parent b44ae62
commit f04476d
Show file tree

Hide file tree

Showing 5 changed files with 359 additions and 158 deletions.
diff --git a/docs/docs-content/clusters/public-cloud/aws/add-aws-accounts.md b/docs/docs-content/clusters/public-cloud/aws/add-aws-accounts.md
@@ -21,17 +21,17 @@ Palette supports integration with AWS Cloud Accounts. This also includes support
 
 ## AWS Account
 
-<br />
+This section provides guidance in creating an AWS account that uses static or dynamic access credentials.
 
 ### Static Access Credentials
 
-To add an AWS cloud account using static access credentials follow these steps:
+Use the steps below to add an AWS cloud account using static access credentials.
 
 #### Prerequisites
 
 - An AWS account
 - Sufficient access to create an IAM role or IAM user.
-- Palette IAM policies. Please review the [Required IAM Policies](required-iam-policies.md) section for guidance.
+- Palette IAM policies. Review the [Required IAM Policies](required-iam-policies.md) section for guidance.
 
 
 #### Add AWS Account to Palette
@@ -40,95 +40,101 @@ To add an AWS cloud account using static access credentials follow these steps:
     - [IAM User creation guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html).
 
 
-2. In the AWS console, assign the Palette required IAM policies to the role or the IAM user that Palette will use.
+2. In the AWS console, assign the Palette-required IAM policies to the IAM role or the IAM user that Palette will use.
 
 
-3. Log in to [Palette](https://console.spectrocloud.com) as Tenant admin.
+3. Log in to [Palette](https://console.spectrocloud.com) as tenant admin.
 
 
-4. Go to **Tenant Settings** > **Cloud Accounts** and click **+Add AWS Account**.
+4. From the left **Main Menu**, click on **Tenant Settings**. 
 
 
-5. In the cloud account creation wizard provide the following information:
+5. Select **Cloud Accounts**, and click **+Add AWS Account**.
+
+
+6. In the cloud account creation wizard provide the following information:
    * **Account Name:** Custom name for the cloud account.
 
    * **Description:** Optional description for the cloud account.
-   * **Partition:** Choose **AWS** from the drop-down menu.
+   * **Partition:** Choose **AWS** from the **drop-down Menu**.
 
    * **Credentials:**
        * AWS Access key
        * AWS Secret access key
 
 
-6. Click the **Validate** button to validate the credentials. 
+7. Click the **Validate** button to validate the credentials. 
 
-7. Once the credentials are validated, the **Add IAM Policies** toggle displays. Toggle **Add IAM Policies** on.
+8. Once the credentials are validated, the **Add IAM Policies** toggle displays. Toggle **Add IAM Policies** on.
 
-8. A drop-down menu displays a lists of available AWS IAM policies in your AWS account. Select any desired IAM policies you want to assign to Palette IAM role or IAM user.
+9. Use the **drop-down Menu**, which lists available IAM policies in your AWS account, to select any desired IAM policies you want to assign to Palette IAM role or IAM user.
 
 
 #### Validate
 
-You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts navigate to the left **Main Menu**. Click on **Tenant Settings**. Next, click on **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS sections.
+You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts, navigate to the left **Main Menu** and click on **Tenant Settings**. Next, click on **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS section.
 
 
 
 ### Dynamic Access Credentials
 
-To add an AWS cloud account using STS credentials follow the steps below:
+Use the steps below to add an AWS cloud account using Security Token Service (STS) credentials.
 
 #### Prerequisites
 
-- An AWS account
+- An AWS account.
 - Sufficient access to create an IAM role or IAM user.
-- Palette IAM policies. Please review the [Required IAM Policies](required-iam-policies.md) section for guidance.
+- Palette IAM policies. Review the [Required IAM Policies](required-iam-policies.md) section for guidance.
 
 
 #### Add AWS Account to Palette
 
-1. Log in to [Palette](https://console.spectrocloud.com) as Tenant admin.
+1. Log in to [Palette](https://console.spectrocloud.com) as tenant admin.
 
 
-2. Go to **Tenant Settings** > **Cloud Accounts** and click **+Add AWS Account**.
+2. From the left **Main Menu**, click on **Tenant Settings**.
 
 
-3. In the cloud account creation wizard give the following information:
-   * **Account Name**
-   * **Description**
-   * Select **STS** authentication for validation:
+3. Select **Cloud Accounts**, and click **+Add AWS Account**.
+
+
+4. In the cloud account creation wizard give the following information:
+   * **Account Name**:  Custom name for the cloud account.
+   * **Description**: Optional description for the cloud account.
+   * Select **STS** authentication for validation.
 
 
-4. You will be provided with information on the right hand-side of the wizard. You will need this information to create an IAM Role for Palette. The following table lists out the information provided by the wizard after your selects **STS**.
+5. You will be provided with information on the right side of the wizard. You will need this information to create an IAM Role for Palette. The following table lists the information provided by the wizard after you select **STS**.
 
     |**Parameter**|**Description**|
     |---------|---------------|
     |**Trusted Entity Type**| Another AWS account|
     |**Account ID**|Copy the Account ID displayed on the UI|
     |**Require External ID**| Enable|
     |**External ID**|Copy the External ID displayed on the UI|
-    |**Permissions Policy**|Search and select the 4 policies added in step #2|
+    |**Permissions Policy**|Search and select the 4 policies added in step 2|
     |**Role Name**|SpectroCloudRole|
 
-5. In the AWS console, create a new IAM role for Palette. Use the following resources if you need additional help.
+6. In the AWS console, create a new IAM role for Palette. Use the following resources if you need additional help.
     - [IAM Role creation guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html).
     - [IAM User creation guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html).
 
 
-6. In the AWS console, assign the [Palette required IAM policies](required-iam-policies.md) to the role that Palette will use.
+7. In the AWS console, assign the [Palette required IAM policies](required-iam-policies.md) to the role that Palette will use.
 
 
-7. In the AWS console, browse to the **Role Details** page and copy the Amazon Resource Name (ARN) for the role.
+8. In the AWS console, browse to the **Role Details** page and copy the Amazon Resource Name (ARN) for the role.
 
 
-8. In Palette, paste the role ARN into the **ARN** input box. 
+9. In Palette, paste the role ARN into the **ARN** input box. 
 
 
-9. Click the **Validate** button to validate the credentials.
+10. Click the **Validate** button to validate the credentials.
 
 
 #### Validate
 
-You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts navigate to the left **Main Menu**. Click on **Tenant Settings**. Next, click on **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS sections.
+You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts navigate to the left **Main Menu**. Click on **Tenant Settings**. Next, click on **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS section.
 
 
 
@@ -137,11 +143,13 @@ You can validate the account is available in Palette by reviewing the list of cl
 
 ## AWS GovCloud Account
 
-Palette supports integration with [AWS GovCloud (US)](https://aws.amazon.com/govcloud-us/?whats-new-ess.sort-by=item.additionalFields.postDateTime&whats-new-ess.sort-order=desc). Using Palette you can deploy Kubernetes clusters to your AWS GovCloud account. To get started with AWS GovCloud and Palette, use the following steps.
-<br />
+Palette supports integration with [AWS GovCloud (US)](https://aws.amazon.com/govcloud-us/?whats-new-ess.sort-by=item.additionalFields.postDateTime&whats-new-ess.sort-order=desc). Using Palette you can deploy Kubernetes clusters to your AWS GovCloud account. This section provides guidance in creating an AWS GovCloud account that uses static or dynamic access credentials.
 
 ### Static Access Credentials
 
+Use the steps below to add an AWS cloud account using static access credentials.
+
+
 #### Prerequisites
 
 - An AWS account
@@ -161,10 +169,13 @@ Palette supports integration with [AWS GovCloud (US)](https://aws.amazon.com/gov
 3. Log in to [Palette](https://console.spectrocloud.com) as Tenant admin.
 
 
-4. Go to **Tenant Settings** > **Cloud Accounts** and click **+Add AWS Account**.
+4. From the left **Main Menu**, click on **Tenant Settings**.
+
+
+5. Select **Cloud Accounts**, and click **+Add AWS Account**.
 
 
-5. In the cloud account creation wizard provide the following information:
+6. In the cloud account creation wizard provide the following information:
    * **Account Name:** Custom name for the cloud account.
 
    * **Description:** Optional description for the cloud account.
@@ -175,20 +186,20 @@ Palette supports integration with [AWS GovCloud (US)](https://aws.amazon.com/gov
        * AWS Secret access key
 
 
-6. Click the **Validate** button to validate the credentials. 
+7. Click on the **Validate** button to validate the credentials. 
 
-7. Once the credentials are validated, the **Add IAM Policies** toggle displays. Toggle **Add IAM Policies** on.
+8. Once the credentials are validated, the **Add IAM Policies** toggle displays. Toggle **Add IAM Policies** on.
 
-8. A drop-down menu displays a lists of available AWS IAM policies in your AWS account. Select any desired IAM policies you want to assign to Palette IAM role or IAM user.
+9. Use the **drop-down Menu**, which lists available IAM policies in your AWS account, to select any desired IAM policies you want to assign to Palette IAM role or IAM user.
 
 
 #### Validate
 
-You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts navigate to the left **Main Menu**. Click on **Tenant Settings**. Next, click **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS sections.
+You can validate the account is available in Palette by reviewing the list of cloud accounts. To review the list of cloud accounts navigate to the left **Main Menu**. Click on **Tenant Settings**. Next, click **Cloud Accounts**. Your newly added AWS cloud account is listed under the AWS section.
 
 ### Dynamic Access Credentials
 
-To add an AWS GovCloud cloud account using STS credentials follow the steps below:
+Use the steps below to add an AWS cloud account using STS credentials.
 
 #### Prerequisites
 
@@ -202,16 +213,19 @@ To add an AWS GovCloud cloud account using STS credentials follow the steps belo
 1. Log in to [Palette](https://console.spectrocloud.com) as Tenant admin.
 
 
-2. Go to **Tenant Settings** > **Cloud Accounts** and click **+Add AWS Account**.
+2. From the left **Main Menu**, click on **Tenant Settings**.
+
+
+3. Select **Cloud Accounts**, and click **+Add AWS Account**.
 
 
-3. In the cloud account creation wizard give the following information:
+4. In the cloud account creation wizard give the following information:
    * **Account Name**
    * **Description**
    * Select **STS** authentication for validation:
 
 
-4. You will be provided with information on the right hand-side of the wizard. You will need this information to create an IAM Role for Palette. The following table lists out the information provided by the wizard after you selects **STS**.
+5. You will be provided with information on the right side of the wizard. You will need this information to create an IAM Role for Palette. The following table lists the information provided by the wizard after you select **STS**.
 
     |**Parameter**|**Description**|
     |---------|---------------|
@@ -222,21 +236,21 @@ To add an AWS GovCloud cloud account using STS credentials follow the steps belo
     |**Permissions Policy**|Search and select the 4 policies added in step #2|
     |**Role Name**|SpectroCloudRole|
 
-5. In the AWS console, create a new IAM role for Palette. Use the following resources if you need additional help.
+6. In the AWS console, create a new IAM role for Palette. Use the following resources if you need additional help.
     - [IAM Role creation guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html).
     - [IAM User creation guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html).
 
 
-6. In the AWS console, assign the [Palette required IAM policies](required-iam-policies.md) to the role that Palette will use.
+7. In the AWS console, assign the [Palette required IAM policies](required-iam-policies.md) to the role that Palette will use.
 
 
-7. In the AWS console, browse to the **Role Details** page and copy the Amazon Resource Name (ARN) for the role.
+8. In the AWS console, browse to the **Role Details** page and copy the Amazon Resource Name (ARN) for the role.
 
 
-8. In Palette, paste the role arn into the **ARN** input box. 
+9. In Palette, paste the role ARN into the **ARN** input box. 
 
 
-9. Click the **Validate** button to validate the credentials.
+10. Click on the **Validate** button to validate the credentials.
 
 
 #### Validate