Merge pull request #102530 from xenolinux/A14

[enterprise-4.14] OSDOCS#14994: Minor SSCSI fixes

Author: xenolinux

modules/secrets-store-aws.adoc

@@ -15,27 +15,27 @@ endif::[]
 [id="secrets-store-aws_{context}"]
 = Mounting secrets from {secrets-store-provider}
 
-You can use the {secrets-store-operator} to mount secrets from {secrets-store-provider} to a CSI volume in {product-title}. To mount secrets from {secrets-store-provider}, your cluster must be installed on AWS and use AWS Security Token Service (STS).
+You can use the {secrets-store-operator} to mount secrets from {secrets-store-provider} to a CSI volume in {product-title}. To mount secrets from {secrets-store-provider}, your must install your cluster on AWS and use AWS Security Token Service (STS).
 
 [IMPORTANT]
 ====
-It is not supported to use the {secrets-store-operator} with {secrets-store-provider} in a hosted control plane cluster.
+To use the {secrets-store-operator} with {secrets-store-provider} is not supported in {hcp}.
 ====
 
 .Prerequisites
 
-* Your cluster is installed on AWS and uses AWS Security Token Service (STS).
-* You have installed the {secrets-store-operator}. See _Installing the {secrets-store-driver}_ for instructions.
-* You have configured {secrets-store-provider} to store the required secrets.
-* You have extracted and prepared the `ccoctl` binary.
-* You have installed the `jq` CLI tool.
 * You have access to the cluster as a user with the `cluster-admin` role.
+* You have installed the `jq` tool.
+* You have extracted and prepared the `ccoctl` utility.
+* You have installed the cluster on {aws-first} and the cluster uses {aws-short} Security Token Service (STS).
+* You have installed the {secrets-store-operator}. For more information, see "Installing the {secrets-store-driver}".
+* You have configured {secrets-store-provider} to store the required secrets.
 
 .Procedure
 
 . Install the {secrets-store-provider} provider:
 
-.. Create a YAML file with the following configuration for the provider resources:
+.. Create a YAML file by using the following example configuration:
 +
 [IMPORTANT]
 ====
@@ -153,24 +153,23 @@ $ oc adm policy add-scc-to-user privileged -z csi-secrets-store-provider-aws -n
 $ oc apply -f aws-provider.yaml
 ----
 
-. Grant permission to allow the service account to read the AWS secret object:
+. Grant the read permission to the service account for the AWS secret object:
 
 .. Create a directory to contain the credentials request by running the following command:
 +
 [source,terminal]
 ----
-$ mkdir credentialsrequest-dir-aws
+$ mkdir <aws_creds_directory_name>
 ----
 
-.. Create a YAML file with the following configuration for the credentials request:
+.. Create a YAML file that defines the `CredentialsRequest` resource configuration. See the following example configuration:
 +
-.Example `credentialsrequest.yaml` file
 [source,yaml]
 ----
 apiVersion: cloudcredential.openshift.io/v1
 kind: CredentialsRequest
 metadata:
-  name: aws-provider-test
+  name: aws-creds-request
   namespace: openshift-cloud-credential-operator
 spec:
   providerSpec:
@@ -196,10 +195,10 @@ endif::aws-systems-manager-parameter-store[]
     name: aws-creds
     namespace: my-namespace
   serviceAccountNames:
-  - aws-provider
+  - <service_account_name>
 ----
 
-.. Retrieve the OIDC provider by running the following command:
+.. Retrieve the OpenID Connect (OIDC) provider by running the following command:
 +
 [source,terminal]
 ----
@@ -219,8 +218,8 @@ Copy the OIDC provider name `<oidc_provider_name>` from the output to use in the
 ----
 $ ccoctl aws create-iam-roles \
     --name my-role --region=<aws_region> \
-    --credentials-requests-dir=credentialsrequest-dir-aws \
-    --identity-provider-arn arn:aws:iam::<aws_account>:oidc-provider/<oidc_provider_name> --output-dir=credrequests-ccoctl-output
+    --credentials-requests-dir=<aws_creds_dir_name> \
+    --identity-provider-arn arn:aws:iam::<aws_account_id>:oidc-provider/<oidc_provider_name> --output-dir=<output_dir_name>
 ----
 +
 .Example output

modules/secrets-store-azure.adoc

@@ -6,14 +6,14 @@
 [id="secrets-store-azure_{context}"]
 = Mounting secrets from Azure Key Vault
 
-You can use the {secrets-store-operator} to mount secrets from Azure Key Vault to a CSI volume in {product-title}. To mount secrets from Azure Key Vault, your cluster must be installed on Microsoft Azure.
+You can use the {secrets-store-operator} to mount secrets from Azure Key Vault to a Container Storage Interface (CSI) volume in {product-title}. To mount secrets from Azure Key Vault, your cluster must be installed on Microsoft Azure.
 
 .Prerequisites
 
 * Your cluster is installed on Azure.
-* You have installed the {secrets-store-operator}. See _Installing the {secrets-store-driver}_ for instructions.
-* You have configured Azure Key Vault to store the required secrets.
-* You have installed the Azure CLI (`az`).
+* You installed the {secrets-store-operator}. See _Installing the {secrets-store-driver}_ for instructions.
+* You configured Azure Key Vault to store the required secrets.
+* You installed the Azure CLI (`az`).
 * You have access to the cluster as a user with the `cluster-admin` role.
 
 .Procedure
@@ -283,11 +283,11 @@ $ oc create -f deployment.yaml
 
 * Verify that you can access the secrets from Azure Key Vault in the pod volume mount:
 
-.. List the secrets in the pod mount:
+.. List the secrets in the pod mount by running the following command:
 +
 [source,terminal]
 ----
-$ oc exec busybox-<hash> -n my-namespace -- ls /mnt/secrets-store/
+$ oc exec my-azure-deployment-<hash> -n my-namespace -- ls /mnt/secrets-store/
 ----
 +
 .Example output
@@ -296,11 +296,11 @@ $ oc exec busybox-<hash> -n my-namespace -- ls /mnt/secrets-store/
 secret1
 ----
 
-.. View a secret in the pod mount:
+.. View a secret in the pod mount by running the following command:
 +
 [source,terminal]
 ----
-$ oc exec busybox-<hash> -n my-namespace -- cat /mnt/secrets-store/secret1
+$ oc exec my-azure-deployment-<hash> -n my-namespace -- cat /mnt/secrets-store/secret1
 ----
 +
 .Example output