TELCODOCS-2171#Remove refs to telco in Day2Ops Security files and file names

Author: amolnar-gh

_topic_maps/_topic_map.yml

@@ -3590,11 +3590,11 @@ Topics:
     Dir: security
     Topics:
     - Name: Security basics
-      File: telco-security-basics
+      File: security-basics
     - Name: Host security
-      File: telco-security-host-sec
+      File: security-host-sec
     - Name: Security context constraints
-      File: telco-security-sec-context-constraints
+      File: security-sec-context-constraints
 ---
 Name: Specialized hardware and driver enablement
 Dir: hardware_enablement

edge_computing/day_2_core_cnf_clusters/security/security-basics.adoc

@@ -0,0 +1,52 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="security-basics"]
+= Security basics
+include::_attributes/common-attributes.adoc[]
+:context: security-basics
+
+toc::[]
+
+Security is a critical component of {product-title} deployments, particularly when running cloud-native applications. 
+
+You can enhance security for high-bandwidth network deployments by following key security considerations. By implementing these standards and best practices, you can strengthen security in most use cases.
+
+include::modules/security-rbac-overview.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../../authentication/using-rbac.adoc#authorization-overview_using-rbac[Using RBAC to define and apply permissions]
+
+include::modules/security-sec-accounts-overview.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../../authentication/understanding-and-creating-service-accounts.adoc#understanding-and-creating-service-accounts[Understanding and creating service accounts]
+
+include::modules/security-identity-prov-config.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../../authentication/understanding-identity-provider.adoc#understanding-identity-provider[Understanding identity provider configuration]
+
+include::modules/security-replacing-kubeadmin-user.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../../authentication/identity_providers/configuring-htpasswd-identity-provider.adoc#identity-provider-htpasswd-about_configuring-htpasswd-identity-provider[Configuring an htpasswd identity provider]
+
+include::modules/security-sec-considerations-telco.adoc[leveloffset=+1]
+
+include::modules/security-pod-sec-in-kub-and-ocp.adoc[leveloffset=+1]
+
+include::modules/security-infra.adoc[leveloffset=+1]
+
+include::modules/security-lifecycle-mgmnt.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../../edge_computing/day_2_core_cnf_clusters/updating/telco-update-welcome.adoc#[Upgrading a telco core CNF clusters]

edge_computing/day_2_core_cnf_clusters/security/telco-security-host-sec.adoc renamed to edge_computing/day_2_core_cnf_clusters/security/security-host-sec.adoc

@@ -1,27 +1,27 @@
 :_mod-docs-content-type: ASSEMBLY
-[id="telco-security-host-sec"]
+[id="security-host-sec"]
 = Host security
 include::_attributes/common-attributes.adoc[]
-:context: telco-security-host-sec
+:context: security-host-sec
 
 toc::[]
 
-include::modules/telco-security-rhcos-overview.adoc[leveloffset=+1]
+include::modules/security-rhcos-overview.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
 .Additional resources
 
 * xref:../../../architecture/architecture-rhcos.adoc#rhcos-about_architecture-rhcos[About RHCOS]
 
-* xref:../../../architecture/architecture-rhcos.adoc[Red Hat Enterprise Linux CoreOS (RHCOS)].
+* xref:../../../architecture/architecture-rhcos.adoc[Red Hat Enterprise Linux CoreOS (RHCOS)]
 
-* xref:../../../edge_computing/day_2_core_cnf_clusters/security/telco-security-host-sec.adoc#telco-security-linux-capabilities-overview_telco-security-host-sec[Linux capabilities].
+* xref:../../../edge_computing/day_2_core_cnf_clusters/security/security-host-sec.adoc#security-linux-capabilities-overview_security-host-sec[Linux capabilities]
 
-include::modules/telco-security-command-line-host-access.adoc[leveloffset=+1]
+include::modules/security-command-line-host-access.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
 .Additional resources
 
-* xref:../../../support/troubleshooting/investigating-pod-issues.adoc#starting-debug-pods-with-root-access_investigating-pod-issues[Starting debug pods with root access].
+* xref:../../../support/troubleshooting/investigating-pod-issues.adoc#starting-debug-pods-with-root-access_investigating-pod-issues[Starting debug pods with root access]
 
-include::modules/telco-security-linux-capabilities-overview.adoc[leveloffset=+1]
+include::modules/security-linux-capabilities-overview.adoc[leveloffset=+1]

edge_computing/day_2_core_cnf_clusters/security/telco-security-sec-context-constraints.adoc renamed to edge_computing/day_2_core_cnf_clusters/security/security-sec-context-constraints.adoc

@@ -1,8 +1,8 @@
 :_mod-docs-content-type: ASSEMBLY
-[id="telco-security-sec-context-constraints"]
+[id="security-sec-context-constraints"]
 = Security context constraints
 include::_attributes/common-attributes.adoc[]
-:context: telco-security-sec-context-constraints
+:context: security-sec-context-constraints
 :imagesdir: images
 
 toc::[]
@@ -43,10 +43,13 @@ You can use the following basic SCCs:
 The `restricted-v2` SCC is the most restrictive SCC provided by a new installation and is used by default for authenticated users. It aligns with Pod Security Admission (PSA) restrictions and improves security, as the original `restricted` SCC is less restrictive. It also helps transition from the original SCCs to v2 across multiple releases. Eventually, the original SCCs get deprecated. Therefore, it is recommended to use the `restricted-v2` SCC.
 
 You can examine the `restricted-v2` SCC by running the following command:
++
 [source,terminal]
 ----
 $ oc describe scc restricted-v2
 ----
+
++
 .Example output
 [source,terminal]
 ----

edge_computing/day_2_core_cnf_clusters/security/telco-security-basics.adoc

@@ -18,4 +18,4 @@ As an administrator, you can use tools to collect and analyze the available data
 For more information, see xref:../day_2_core_cnf_clusters/observability/telco-observability.adoc#telco-observability[Observability in telco core CNF clusters].
 
 Security:: You can enhance security for high-bandwidth network deployments in telco environments by following key security considerations.
-For more information, see xref:../day_2_core_cnf_clusters/security/telco-security-basics.adoc#telco-security-basics[Security basics].
+For more information, see xref:../day_2_core_cnf_clusters/security/security-basics.adoc#security-basics[Security basics].

edge_computing/day_2_core_cnf_clusters/telco-day-2-welcome.adoc

@@ -1,9 +1,9 @@
 // Module included in the following assemblies:
 //
-// * edge_computing/day_2_core_cnf_clusters/security/telco-security-host-sec.adoc
+// * edge_computing/day_2_core_cnf_clusters/security/security-host-sec.adoc
 
 :_mod-docs-content-type: CONCEPT
-[id="telco-security-command-line-host-access_{context}"]
+[id="security-command-line-host-access_{context}"]
 = Command-line host access
 
 Direct access to a host must be restricted to avoid modifying the host or accessing pods that should not be accessed. For users who need direct access to a host, it is recommended to use an external authenticator, like SSSD with LDAP, to manage access. This helps maintain consistency across the cluster through the Machine Config Operator.

modules/telco-security-command-line-host-access.adoc renamed to modules/security-command-line-host-access.adoc

@@ -1,9 +1,9 @@
 // Module included in the following assemblies:
 //
-// * edge_computing/day_2_core_cnf_clusters/security/telco-security-basics.adoc
+// * edge_computing/day_2_core_cnf_clusters/security/security-basics.adoc
 
 :_mod-docs-content-type: CONCEPT
-[id="telco-security-identity-prov-config_{context}"]
+[id="security-identity-prov-config_{context}"]
 = Identity provider configuration
 
 Configuring an identity provider is the first step in setting up users on the cluster. You can manage groups at the organizational level by using an identity provider. 

modules/telco-security-identity-prov-config.adoc renamed to modules/security-identity-prov-config.adoc

@@ -0,0 +1,11 @@
+// Module included in the following assemblies:
+//
+// * edge_computing/day_2_core_cnf_clusters/security/security-basics.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="security-infra_{context}"]
+= Bare-metal infrastructure
+
+Hardware requirements:: In several industries, such as telco and finance, clusters are primarily built on bare-metal hardware. This means that the (op-system-first) operating system is installed directly on the physical machines, without using virtual machines. This reduces network connectivity complexity, minimizes latency, and optimizes CPU usage for applications.
+
+Network requirements:: Networks in these industries sometimes require much higher bandwidth compared to standard IT networks. For example, Telco networks commonly use dual-port 25 GB connections or 100 GB network interface cards (NICs) to handle massive data throughput. Security is critical, requiring encrypted connections and secure endpoints to protect sensitive personal data.

modules/security-infra.adoc

@@ -1,11 +1,11 @@
 // Module included in the following assemblies:
 //
-// * edge_computing/day_2_core_cnf_clusters/security/telco-security-basics.adoc
+// * edge_computing/day_2_core_cnf_clusters/security/security-basics.adoc
 
 :_mod-docs-content-type: CONCEPT
-[id="telco-security-lifecycle-mgmnt_{context}"]
+[id="security-lifecycle-mgmnt_{context}"]
 = Lifecycle management
 
 Upgrades are critical for security. When a vulnerability is discovered, it is patched in the latest z-stream release. This fix is then rolled back through each lower y-stream release until all supported versions are patched. Releases that are no longer supported do not receive patches. Therefore, it is important to upgrade {product-title} clusters regularly to stay within a supported release and ensure they remain protected against vulnerabilities.
 
-For more information about lifecycle management and upgrades, see "Upgrading a telco core CNF clusters".
+For more information about lifecycle management and upgrades, see "Upgrading {product-title} clusters".