add image for create_complete and change a couple more explanation lines

Author: sivanel97

docs/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws-v3/Overview.md

@@ -41,11 +41,9 @@ We're actively working on adding support for additional AWS resource types to pr
 
 AWS Hosted by Port provides several advantages over the standard AWS integration:
 
-- **Fully Hosted**: No infrastructure to maintain, update, or monitor.
-- **Simplified Installation**: Just deploy CloudFormation templates to create IAM roles.
-- **Complete Data**: Ensures no missing or incomplete resource information.
-- **Periodic Sync**: Regular updates to keep your catalog current.
-- **Zero Maintenance**: Port handles all updates, scaling, and infrastructure management.
+- **Fully hosted**: No infrastructure to maintain, update, or monitor.
+- **Simplified installation**: Just deploy CloudFormation templates to create IAM roles.
+- **Complete data**: Ensures no missing or incomplete resource information.
 
 ## Getting started
 

docs/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws-v3/iam-role-architecture.md

@@ -37,7 +37,7 @@ PortIntegrationOIDCProvider:
         Value: !Ref IntegrationIdentifier
 ```
 
-**Key Details**:
+**Key details**:
 - **EKS OIDC URL**: Points to Port's production EKS cluster in EU-West-1.
 - **Client ID**: Uses `sts.amazonaws.com` for IRSA authentication.
 - **Reusable**: Can be shared across multiple integrations in the same account.
@@ -66,11 +66,9 @@ The IAM role uses an **OIDC (OpenID Connect) trust policy** with **IRSA (IAM Rol
 }
 ```
 
-**Key Security Features**:
-- **IRSA Authentication**: Uses EKS service account-based authentication.
-- **Audience Validation**: Only AWS STS service can assume the role.
-- **Subject Validation**: Role is tied to Port's specific EKS service account.
-- **Temporary Credentials**: All access uses short-lived tokens (typically 1 hour).
+**Key security features**:
+- **OIDC authentication**: Role is tied to Port's specific EKS service account.
+- **Temporary credentials**: All access uses short-lived tokens (typically 1 hour).
 
 ### Permissions policy
 
@@ -81,12 +79,12 @@ ManagedPolicyArns:
   - arn:aws:iam::aws:policy/ReadOnlyAccess
 ```
 
-**Strategic Benefits**:
-- **Future-Proof**: Automatically includes new AWS services without CloudFormation updates.
-- **Operational Simplicity**: No need to redeploy when adding support for new services.
-- **Comprehensive Coverage**: Access to all AWS services with read-only permissions.
-- **AWS Maintained**: AWS manages and updates the policy as needed.
-- **Read-Only Security**: Only read permissions, no write/delete/create access.
+**Strategic benefits**:
+- **Future-proof**: Automatically includes new AWS services without CloudFormation updates.
+- **Operational simplicity**: No need to redeploy when adding support for new services.
+- **Comprehensive coverage**: Access to all AWS services with read-only permissions.
+- **AWS maintained**: AWS manages and updates the policy as needed.
+- **Read-Only security**: Only read permissions, no write/delete/create access.
 
 ## Security considerations
 

docs/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws-v3/installations.md

@@ -50,14 +50,15 @@ For a single AWS account, you will deploy a CloudFormation stack that creates th
 
 <h4>Step 2: Deploy CloudFormation Stack</h4>
 
-- **Access the CloudFormation Template**:
+- **Access the CloudFormation template**:
    - Go to [Data Sources](https://app.getport.io/settings/data-sources) page.
    - Click on the `+ Data source` button in the top right corner of the page.
    - Select **AWS Hosted by Port** from the cloud providers section.
-   - Select **Single Account** and click the `Click here` link in step 3 of the installation form.
+   - Select **Single Account**.
+   - In step 3 of the installation form, click the `Click here` link. This will open CloudFormation with pre-configured parameters.
    - This will open CloudFormation with pre-configured parameters.
 
-- **Deploy via AWS Console**:
+- **Deploy via AWS console**:
    - In the CloudFormation console, review the pre-configured parameters.
    - Scroll down to the bottom of the page.
    - Check the box that states **"I acknowledge that AWS CloudFormation might create IAM resources with custom names"**.  
@@ -67,15 +68,16 @@ For a single AWS account, you will deploy a CloudFormation stack that creates th
 
 <h4>Step 3: Configure Integration in Port</h4>
 
-- **Get the Role ARN**:
+- **Get the role ARN**:
    - Ensure the stack shows `CREATE_COMPLETE` status.
+      <img src='/img/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws/CREATE_COMPLETE.png' width='60%' border='1px' />
    - After CloudFormation deployment completes, go to the **Outputs** tab.
    - Copy the value of **PortIntegrationRoleArn**.
       <img src='/img/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws/PortIntegreationRoleArn-value.png' width='90%' border='1px' />
    - Paste it into the **Account Role Arn** field in the Port integration form.
    - Click `Done`.
 
-- **Verify Connection**:
+- **Verify connection**:
    - Port will automatically detect the IAM role created by CloudFormation.
    - The integration will start discovering your AWS resources.
 
@@ -87,13 +89,13 @@ For multiple AWS accounts, you will use AWS Organizations and deploy the integra
 
 <h4>Understanding AWS Organizations</h4>
 
-- **Management Account**: The main account that manages your organization.
-- **Member Accounts**: Individual AWS accounts in your organization.
-- **Organizational Units (OUs)**: Logical groupings of accounts (like folders in a file system).
+- **Management account**: The main account that manages your organization.
+- **Member accounts**: Individual AWS accounts in your organization.
+- **Organizational units (OUs)**: Logical groupings of accounts (like folders in a file system).
 - **OU IDs**: Unique identifiers for organizational units (format: `ou-abcd-12345678`).
 - **Root**: The top-level container for all accounts and OUs (format: `r-xxxxxxxxx`).
 
-**Example Organization Structure**:
+**Example organization structure**:
 ```
 Root (r-1234)
 ├── Management Account (123456789012)
@@ -112,27 +114,23 @@ Root (r-1234)
 You must run the multi-account installation from your AWS Organizations **management account**. This is because only the management account can deploy StackSets across member accounts.
 :::
 
-- **Access Management Account**:
+- **Find your OU ID**:
    - Log into your AWS Organizations management account.
    - Navigate to [AWS Organizations](https://us-east-1.console.aws.amazon.com/organizations/v2/home/accounts) service.
-
-- **Find Your OU IDs**:
-   - In AWS Organizations, open **organizational units** in the left sidebar.
-   - Click an OU (e.g., **Production**).
-   - Copy the OU ID from the details page (format `ou-xxxx-xxxxxxxx` or `r-xxxx`).
-   - You can also target specific account IDs if needed.
+   - Under **Organizational structure** copy the OU ID from the details page (format `ou-xxxx-xxxxxxxx` or `r-xxxx`).
+   - You can also target specific account IDs if needed using the `Account scope` field.
 
 <h4>Step 2: Deploy Multi-Account CloudFormation Stack</h4>
 
-- **Access the CloudFormation Template**:
+- **Access the CloudFormation template**:
    - Go to the  [Data sources](https://app.getport.io/settings/data-sources) page of your portal.
    - Click on the `+ Data source` button in the top right corner of the page.
    - Select **AWS Hosted by Port** from the cloud providers section.
    - Select **Multiple Accounts** and paste the OU ID you previously copied.
    - Choose the scope of the account (**All accounts**, **All accounts except selected**, **Selected accounts only**).
-   - Click the `Click here` link in step 3 of the installation form, this will open CloudFormation with pre-configured parameters.
+   - In step 3 of the installation form, click the `Click here` link, this will open CloudFormation with pre-configured parameters.
 
-- **Deploy via AWS Console**:
+- **Deploy via AWS console**:
    - In the CloudFormation console, review the pre-configured parameters.
    - Scroll down to the bottom of the page.
    - Check the box **"I acknowledge that AWS CloudFormation might create IAM resources with custom names"**. 
@@ -142,24 +140,24 @@ You must run the multi-account installation from your AWS Organizations **manage
 
 <h4>Step 3: Monitor Deployment</h4>
 
-- **Check StackSet Status**:
-   - Go to **CloudFormation** → **Stack** → **Stack details** → **Events tab** in your management account.
-   - Monitor the deployment progress across all target accounts.
-   - Ensure all stack instances show `CREATE_COMPLETE` status.
+- **Check StackSet status**:
+   - Go to **CloudFormation** → **Stacks** in your management account.
+   - Make sure your stack status is `CREATE_COMPLETE`.
+     <img src='/img/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws/CREATE_COMPLETE.png' width='60%' border='1px' />
 
-- **Verify IAM Roles**:
+- **Verify IAM roles**:
    - Check that the IAM roles were created in each target account.
 
 <h4>Step 4: Configure Integration in Port</h4>
 
-- **Get the Role ARN**:
+- **Get the role ARN**:
    - After CloudFormation deployment completes, go to the **Outputs** tab.
    - Copy the value of **PortIntegrationRoleArn**.
       <img src='/img/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws/PortIntegreationRoleArn-value.png' width='90%' border='1px' />
    - Paste it into the **Account Role Arn** field in the Port integration form.
    - Click `Done`.
 
-- **Verify Multi-Account Connection**:
+- **Verify multi-Account connection**:
    - Port will automatically detect the IAM roles across all accounts.
    - The integration will start discovering resources from all configured accounts.
 
@@ -174,6 +172,6 @@ Common Installation Issue - CloudFormation Stack Creation Failures.
 **Error**: `Stack creation failed: CREATE_FAILED`
 
 **Solutions**:
-- **Insufficient IAM Permissions**: Ensure your AWS user has CloudFormation and IAM permissions.
-- **OIDC Provider Already Exists**: Set "Create OIDC Provider" to `false` if you already have one.
+- **Insufficient IAM permissions**: Ensure your AWS user has CloudFormation and IAM permissions.
+- **OIDC provider already Eeists**: Set "Create OIDC Provider" to `false` if you already have one.