[RHACS] [Docs] [rhacs-docs-main] ROX-33164: Fixing DITA errors in configuration/configure-endpoints.adoc

configuration/configure-endpoints.adoc

@@ -7,18 +7,21 @@ include::modules/common-attributes.adoc[]
 toc::[]
 
 [role="_abstract"]
-Learn how to configure endpoints for {product-title} ({product-title-short}) by using a YAML configuration file.
+Configure endpoints for {product-title} ({product-title-short}) by using a YAML configuration file.
 
-You can use a YAML configuration file to configure exposed endpoints.
-You can use this configuration file to define one or more endpoints for {product-title} and customize the TLS settings for each endpoint, or disable the TLS for specific endpoints.
-You can also define if client authentication is required, and which client certificates to accept.
+//Configuring endpoints overview
+include::modules/configure-endpoints-overview.adoc[leveloffset=+1]
 
+//Custom YAML configuration
 include::modules/custom-yaml-configuration.adoc[leveloffset=+1]
 
+//Configuring endpoints during a new installation
 include::modules/configure-endpoints-new-install.adoc[leveloffset=+1]
 
+//Configuring endpoints for an existing instance
 include::modules/configure-endpoints-existing.adoc[leveloffset=+1]
 
 include::modules/restarting-the-central-container.adoc[leveloffset=+2]
 
+//Enabling traffic flow through custom ports
 include::modules/enable-traffic-flow-through-custom-ports.adoc[leveloffset=+1]

modules/configure-endpoints-existing.adoc

@@ -5,16 +5,21 @@
 [id="configure-endpoints-existing_{context}"]
 = Configuring endpoints for an existing instance
 
+[role="_abstract"]
 You can configure endpoints for an existing instance of {product-title}.
 
+[NOTE]
+====
+If you expose any additional ports other than the default port `8443`, you must create network policies that allow traffic on those additional ports.
+====
+
 .Procedure
 . Download the existing config map:
 +
 [source,terminal]
 ----
 $ oc -n stackrox get cm/central-endpoints -o go-template='{{index .data "endpoints.yaml"}}'  > <directory_path>/central_endpoints.yaml
 ----
-
 . In the downloaded `central_endpoints.yaml` file, specify your custom YAML configuration.
 . Upload and apply the modified `central_endpoints.yaml` configuration file:
 +
@@ -25,9 +30,4 @@ oc label -f - --local -o yaml app.kubernetes.io/name=stackrox | \
 oc apply -f -
 ----
 
-. Restart Central.
-
-[NOTE]
-====
-If you expose any additional ports other than the default port `8443`, you must create network policies that allow traffic on those additional ports.
-====
+. Restart Central.

modules/configure-endpoints-new-install.adoc

@@ -5,16 +5,17 @@
 [id="configure-endpoints-new-install_{context}"]
 = Configuring endpoints during a new installation
 
+[role="_abstract"]
 When you install {product-title} by using the `roxctl` CLI, it creates a folder named `central-bundle`, which contains the necessary YAML manifests and scripts to deploy Central.
 
+[NOTE]
+====
+If you expose any additional ports other than the default port `8443`, you must create network policies that allow traffic on those additional ports.
+====
+
 .Procedure
 . After you generate the `central-bundle`, open the `./central-bundle/central/02-endpoints-config.yaml` file.
 . In this file, add your custom YAML configuration under the `data:` section of the key `endpoints.yaml`.
-Make sure that you maintain a 4 space indentation for the YAML configuration.
+Maintain a 4 space indentation for the YAML configuration.
 . Continue the installation instructions as usual.
-{product-title} uses the specified configuration.
-
-[NOTE]
-====
-If you expose any additional ports other than the default port `8443`, you must create network policies that allow traffic on those additional ports.
-====
+{product-title} uses the specified configuration.

modules/configure-endpoints-overview.adoc

@@ -0,0 +1,14 @@
+// Module included in the following assemblies:
+//
+// * configuration/configure-endpoints.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="configure-endpoints-overview_{context}"]
+= Configuring endpoints overview
+
+[role="_abstract"]
+You can use a YAML configuration file to define endpoints and customize their settings for {product-title}.
+
+You can use a YAML configuration file to configure exposed endpoints.
+You can use this configuration file to define one or more endpoints for {product-title} and customize the TLS settings for each endpoint, or disable the TLS for specific endpoints.
+You can also define if the endpoints require client authentication, and which client certificates to accept.

modules/custom-yaml-configuration.adoc

@@ -14,7 +14,7 @@ When you use the custom YAML configuration file, you can configure the following
 * Enable or disable TLS.
 * Specify server certificates.
 * Client Certificate Authorities (CA) to trust for client authentication.
-* Specify if client certificate authentication (`mTLS`) is required.
+* Specify if the endpoints require client certificate authentication (`mTLS`).
 
 You can use the configuration file to specify endpoints either during the installation or on an existing instance of {product-title}.
 However, if you expose any additional ports other than the default port `8443`, you must create network policies that allow traffic on those additional ports.
@@ -71,7 +71,7 @@ For example,
 `endpoints.protocols`:: Specifies the protocols to use for the specified endpoint.
 Acceptable values are `http` and `grpc`.
 If you do not specify a value, Central listens to both HTTP and gRPC traffic on the specified port.
-If you want to expose an endpoint exclusively for the {product-title-short} portal, use `http`.
+If you want to expose an endpoint only for the {product-title-short} portal, use `http`.
 However, you cannot use the endpoint for service-to-service communication or for the `roxctl` CLI, because these clients require both gRPC and HTTP.
 To enable both HTTP and gRPC protocols for the endpoint, you must not specify a value for this key.
 If you want to restrict an endpoint to {product-title} services only, use the *clientAuth* option.
@@ -81,8 +81,8 @@ If you do not specify a value, {product-title} enables TLS with the default sett
 If you do not specify a value, it defaults to `false`.
 When you set it to `true`, you cannot specify  values for `serverCerts` and `clientAuth`.
 `endpoints.tls.serverCerts`:: Specifies a list of sources from which to configure server TLS certificates.
-The `serverCerts` list is order-dependent, it means that the first item in the list determines the certificate that Central uses by default, when there is no matching Server Name Indication (SNI).
-You can use this to specify multiple certificates and Central automatically selects the right certificate based on SNI.
+The `serverCerts` list is order-dependent, it means that the first item in the list determines the certificate that Central uses by default, when there is no matching Server Name indication (SNI).
+You can use this to specify many certificates and Central automatically selects the right certificate based on SNI.
 Acceptable values are:
 * `default`: use the already configured custom TLS certificate if it exists.
 * `service`: use the internal service certificate that  {product-title} generates.

modules/enable-traffic-flow-through-custom-ports.adoc

@@ -5,7 +5,8 @@
 [id="enable-traffic-flow-through-custom-ports_{context}"]
 = Enabling traffic flow through custom ports
 
-If you are exposing a port to another service running in the same cluster or to an ingress controller, you must only allow traffic from the services in your cluster or from the proxy of the ingress controller.
+[role="_abstract"]
+If you are exposing a port to another service running in the same cluster or to an ingress controller, allow traffic only from the services in your cluster or from the proxy of the ingress controller.
 Otherwise, if you are exposing a port by using a load balancer service, you might want to allow traffic from all sources, including external sources. Use the procedure listed in this section to allow traffic from all sources.
 
 .Procedure