From b5706624fd7ad182033ba409c9bbe9423f18614f Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Fri, 20 Sep 2024 14:25:34 -0400 Subject: [PATCH 1/8] DOCSP-42973-compass-nested-components --- .../aggregation-pipeline-builder-settings.txt | 6 +- .../general-connection.txt | 73 ++-- .../in-use-encryption.txt | 400 +++++++++--------- .../tls-ssl-connection.txt | 6 +- source/includes/extended-json-table.rst | 4 +- source/includes/steps-create-index.yaml | 28 +- source/includes/steps-export-filter.yaml | 4 +- source/includes/steps-export.yaml | 4 +- 8 files changed, 255 insertions(+), 270 deletions(-) diff --git a/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt b/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt index 4efb64304..61efccbe1 100644 --- a/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt +++ b/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt @@ -44,10 +44,8 @@ the upper right of the pipeline builder to open the :guilabel:`Settings` panel. :pipeline:`$bucket`, and :pipeline:`$bucketAuto` pipeline stages. Lower limits improve pipeline run time but might result in missing documents. - .. note:: - - This setting is only applied to document previews. It is not applied - when the pipeline is run. + This setting is only applied to document previews. It is not applied + when the pipeline is run. - 100000 Learn More diff --git a/source/connect/advanced-connection-options/general-connection.txt b/source/connect/advanced-connection-options/general-connection.txt index 04f4bd7c1..0697be03c 100644 --- a/source/connect/advanced-connection-options/general-connection.txt +++ b/source/connect/advanced-connection-options/general-connection.txt @@ -38,56 +38,53 @@ Procedure .. step:: Click the :guilabel:`General` tab. - .. procedure:: - :style: connected + a) Select a connection string scheme. - .. step:: Select a connection string scheme. + You can select one of the following options: - You can select one of the following options: + .. list-table:: + :header-rows: 1 + :class: border-table - .. list-table:: - :header-rows: 1 - :class: border-table + * - Connection String Scheme + - Definition - * - Connection String Scheme - - Definition + * - mongodb + - :manual:`Standard Connection String Format `. + The standard format of the MongoDB connection URI is used to + connect to a MongoDB deployment by specifying its hosts directly. - * - mongodb - - :manual:`Standard Connection String Format `. - The standard format of the MongoDB connection URI is used to - connect to a MongoDB deployment by specifying its hosts directly. + * - mongodb+srv + - :manual:`DNS Seed List Connection Format + `. + The ``+srv`` indicates to |compass| that the hostname that follows + corresponds to a DNS SRV record. - * - mongodb+srv - - :manual:`DNS Seed List Connection Format - `. - The ``+srv`` indicates to |compass| that the hostname that follows - corresponds to a DNS SRV record. + b) Enter a Hostname. - .. step:: Enter a Hostname. + In the :guilabel:`Host` field, enter the hosts or hostname of the server + where the deployment is running. - In the :guilabel:`Host` field, enter the hosts or hostname of the server - where the deployment is running. + If you are running your deployment locally, this value is ``localhost``. + If you are connecting to an Atlas cluster, see + :atlas:`Connect to Database Deployment ` + for Atlas-specific guidance on how to connect with |compass-short|. - If you are running your deployment locally, this value is ``localhost``. - If you are connecting to an Atlas cluster, see - :atlas:`Connect to Database Deployment ` - for Atlas-specific guidance on how to connect with |compass-short|. + If you are not sure of your hostname, contact your Database + Administrator for information. - If you are not sure of your hostname, contact your Database - Administrator for information. + c) (Optional) Enable Direct Connection. - .. step:: (Optional) Enable Direct Connection. + When you use the ``mongodb`` Connection String Scheme, you have the + option to enable a :driver:`Direct Connection + `. When you + enable this setting, |compass-short| runs all operations on the specified + host. - When you use the ``mongodb`` Connection String Scheme, you have the - option to enable a :driver:`Direct Connection - `. When you - enable this setting, |compass-short| runs all operations on the specified - host. - - .. important:: - When you specify ``directConnection`` and connect to a secondary member - of a replica set, your write operations fail because it is not the - primary member. + .. important:: + When you specify ``directConnection`` and connect to a secondary member + of a replica set, your write operations fail because it is not the + primary member. .. step:: (Optional) For advanced connection configuration options, click the :ref:`Advanced ` tab. diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index 2d6492cd2..dd715c032 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -37,232 +37,230 @@ Procedure .. step:: Click the :guilabel:`In-Use Encryption` tab. - .. procedure:: - :style: connected - .. step:: Provide a :guilabel:`Key Vault Namespace`. + a) Provide a :guilabel:`Key Vault Namespace`. - A :guilabel:`Key Vault Namespace` refers to a collection that - contains all the data keys used for encryption and decryption. + A :guilabel:`Key Vault Namespace` refers to a collection that + contains all the data keys used for encryption and decryption. - Specify a collection in which data encryption keys are stored in - the format ``.``. The non-official default - database/collection for keyVault is ``encryption.__keyVault``. + Specify a collection in which data encryption keys are stored in + the format ``.``. The non-official default + database/collection for keyVault is ``encryption.__keyVault``. - .. step:: Select a :guilabel:`KMS Provider`. + b) Select a :guilabel:`KMS Provider`. - You can select from the following Key Management Systems: + You can select from the following Key Management Systems: - - :ref:`Local KMS ` - - - :ref:`AWS ` - - - :ref:`GCP ` - - - :ref:`Azure ` - - - :ref:`KMIP ` + - :ref:`Local KMS ` + + - :ref:`AWS ` + + - :ref:`GCP ` + + - :ref:`Azure ` + + - :ref:`KMIP ` - .. _local-kms: - - Local KMS - ~~~~~~~~~ - - You can locally manage your key as a KMS using the - :v6.0:`Local KMS ` - option. - - Click :guilabel:`Generate Random Key` to generate a 96-byte long - base64-encoded string. You need this key to access encrypted and - decrypted data. + .. _local-kms: - .. warning:: + Local KMS + ~~~~~~~~~ + + You can locally manage your key as a KMS using the + :v6.0:`Local KMS ` + option. + + Click :guilabel:`Generate Random Key` to generate a 96-byte long + base64-encoded string. You need this key to access encrypted and + decrypted data. - |compass-short| does not save KMS credentials by default. Copy - and save the key in an external location. + .. warning:: - .. _aws-compass-encryption: + |compass-short| does not save KMS credentials by default. Copy + and save the key in an external location. - AWS - ~~~ + .. _aws-compass-encryption: - You can use :v6.0:`AWS ` - to manage your keys. + AWS + ~~~ - Specify the following fields: + You can use :v6.0:`AWS ` + to manage your keys. - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 + Specify the following fields: - * - Field - - Required - - Description + .. list-table:: + :header-rows: 1 + :widths: 30 30 70 - * - Access Key Id - - Yes - - Value of your AWS access key Id. + * - Field + - Required + - Description - * - Secret Access Key - - Yes - - Value of your AWS secret key. + * - Access Key Id + - Yes + - Value of your AWS access key Id. - * - Session Token - - No - - Value of your AWS session token. - - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. - - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. - - .. _gcp-compass-encryption: - - GCP - ~~~ + * - Secret Access Key + - Yes + - Value of your AWS secret key. - You can use :v6.0:`Google Cloud Services ` to manage your keys. - - Specify the following fields: + * - Session Token + - No + - Value of your AWS session token. + + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. + + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. + + .. _gcp-compass-encryption: - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 + GCP + ~~~ - * - Field - - Required - - Description - - * - Service Account Email - - Yes - - The service account email to authenticate. - - * - Private Key - - Yes - - A base64-encoded private key. - - * - Endpoint - - No - - A host with an optional port. - - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. - - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. - - - .. _azure-compass-encryption: - - Azure - ~~~~~ - - You can use :v6.0:`Azure Key Vault ` - to manage your keys. - - Specify the following fields: - - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 - - * - Field - - Required - - Description - - * - Tenant Id - - Yes - - Identifies the organization for the account. - - * - Client Id - - Yes - - Authenticates a registered application. - - * - Client Secret - - Yes - - The client secret to authenticate a registered application. - - * - Identity Platform Endpoint - - Yes - - A host with an optional port. - - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. - - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. + You can use :v6.0:`Google Cloud Services ` to manage your keys. - .. _kmip-compass-encryption: + Specify the following fields: - KMIP - ~~~~ + .. list-table:: + :header-rows: 1 + :widths: 30 30 70 - You can use :v6.0:`KMIP ` - to manage your keys. + * - Field + - Required + - Description + + * - Service Account Email + - Yes + - The service account email to authenticate. + + * - Private Key + - Yes + - A base64-encoded private key. + + * - Endpoint + - No + - A host with an optional port. + + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. + + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. + + + .. _azure-compass-encryption: + + Azure + ~~~~~ + + You can use :v6.0:`Azure Key Vault ` + to manage your keys. + + Specify the following fields: + + .. list-table:: + :header-rows: 1 + :widths: 30 30 70 + + * - Field + - Required + - Description + + * - Tenant Id + - Yes + - Identifies the organization for the account. + + * - Client Id + - Yes + - Authenticates a registered application. + + * - Client Secret + - Yes + - The client secret to authenticate a registered application. + + * - Identity Platform Endpoint + - Yes + - A host with an optional port. + + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. + + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 - - * - Field - - Required - - Description - - * - Endpoint - - Yes - - The endpoint consists of a hostname and port separated by a colon. - - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. - - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. - - .. step:: (Optional) Specify an EncryptedFieldsMap - - Add an optional client-side EncryptedFieldsMap for enhanced security. + .. _kmip-compass-encryption: - For more information, see :v6.0:`Fields for Encryption `. + KMIP + ~~~~ + + You can use :v6.0:`KMIP ` + to manage your keys. + + .. list-table:: + :header-rows: 1 + :widths: 30 30 70 + + * - Field + - Required + - Description + + * - Endpoint + - Yes + - The endpoint consists of a hostname and port separated by a colon. + + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. + + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. + + .. step:: (Optional) Specify an EncryptedFieldsMap + + Add an optional client-side EncryptedFieldsMap for enhanced security. + + For more information, see :v6.0:`Fields for Encryption `. .. step:: Click Connect. diff --git a/source/connect/advanced-connection-options/tls-ssl-connection.txt b/source/connect/advanced-connection-options/tls-ssl-connection.txt index f2899952d..a164f4e84 100644 --- a/source/connect/advanced-connection-options/tls-ssl-connection.txt +++ b/source/connect/advanced-connection-options/tls-ssl-connection.txt @@ -63,10 +63,8 @@ Procedure - The ``Off`` option initiates a connection :guilabel:`without` TLS / SSL. - .. note:: - - It is recommended that users enable TLS / SSL to avoid security - vulnerabilities. + It is recommended that users enable TLS / SSL to avoid security + vulnerabilities. .. _additional-tls: diff --git a/source/includes/extended-json-table.rst b/source/includes/extended-json-table.rst index a176f74fa..0dcc5cbb3 100644 --- a/source/includes/extended-json-table.rst +++ b/source/includes/extended-json-table.rst @@ -24,10 +24,8 @@ - A string format that emphasizes readability and interoperability at the expense of type preservation. That is, conversion from relaxed format to BSON can lose type information. - - .. warning:: - This format is not recommended for data integrity. + :red:`WARNING:` This format is not recommended for data integrity. - .. code-block:: javascript diff --git a/source/includes/steps-create-index.yaml b/source/includes/steps-create-index.yaml index 8e7fff0d7..5e92752cb 100644 --- a/source/includes/steps-create-index.yaml +++ b/source/includes/steps-create-index.yaml @@ -80,14 +80,14 @@ content: | - Index only the documents which match the specified filter expression. - .. example:: + For Example: - The following partial filter expression only indexes - documents where the ``timezone`` field exists: + The following partial filter expression only indexes + documents where the ``timezone`` field exists: - .. code-block:: js + .. code-block:: js - { "timezone": { "$exists": true } } + { "timezone": { "$exists": true } } - :manual:`Partial Indexes ` @@ -99,19 +99,19 @@ content: | |compass-short| to use all fields in the document (excluding ``_id``). - .. example:: + For Example: - Consider the following wildcard projection document: + Consider the following wildcard projection document: - .. code-block:: javascript + .. code-block:: javascript - { - "product_attributes.elements" : 1, - "product_attributes.resistance" : 1 - } + { + "product_attributes.elements" : 1, + "product_attributes.resistance" : 1 + } - If your index field name is ``$**``, your index only - includes the values of the fields in that projection. + If your index field name is ``$**``, your index only + includes the values of the fields in that projection. - :ref:`compass-wildcard-index` diff --git a/source/includes/steps-export-filter.yaml b/source/includes/steps-export-filter.yaml index 535d85b89..a2a20fe56 100644 --- a/source/includes/steps-export-filter.yaml +++ b/source/includes/steps-export-filter.yaml @@ -76,9 +76,7 @@ content: | the expense of type preservation. That is, conversion from relaxed format to BSON can lose type information. - .. warning:: - - This format is not recommended for data integrity. + :red:`WARNING:` This format is not recommended for data integrity. * - Canonical Extended JSON - A string format that emphasizes type preservation at the expense of diff --git a/source/includes/steps-export.yaml b/source/includes/steps-export.yaml index c46cada4f..16b3d4e47 100644 --- a/source/includes/steps-export.yaml +++ b/source/includes/steps-export.yaml @@ -43,9 +43,7 @@ content: | the expense of type preservation. That is, conversion from relaxed format to BSON can lose type information. - .. warning:: - - This format is not recommended for data integrity. + :red:`WARNING:` This format is not recommended for data integrity. * - Canonical Extended JSON - A string format that emphasizes type preservation at the expense of From 6309468066474e9407afcc3e7d2908814ab979cb Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Fri, 20 Sep 2024 14:51:49 -0400 Subject: [PATCH 2/8] cap issue --- source/includes/steps-create-index.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/includes/steps-create-index.yaml b/source/includes/steps-create-index.yaml index 5e92752cb..042dfc4c2 100644 --- a/source/includes/steps-create-index.yaml +++ b/source/includes/steps-create-index.yaml @@ -80,7 +80,7 @@ content: | - Index only the documents which match the specified filter expression. - For Example: + For example: The following partial filter expression only indexes documents where the ``timezone`` field exists: @@ -99,7 +99,7 @@ content: | |compass-short| to use all fields in the document (excluding ``_id``). - For Example: + For example: Consider the following wildcard projection document: From 3032e27913d73eb33eec8a4a83f86832bb22864b Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Mon, 23 Sep 2024 12:02:27 -0400 Subject: [PATCH 3/8] changes and testing new headers --- .../aggregation-pipeline-builder-settings.txt | 4 ++-- .../advanced-connection-options/in-use-encryption.txt | 7 +++++-- .../advanced-connection-options/tls-ssl-connection.txt | 3 +-- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt b/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt index 61efccbe1..4e7438e71 100644 --- a/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt +++ b/source/agg-pipeline-builder/aggregation-pipeline-builder-settings.txt @@ -44,8 +44,8 @@ the upper right of the pipeline builder to open the :guilabel:`Settings` panel. :pipeline:`$bucket`, and :pipeline:`$bucketAuto` pipeline stages. Lower limits improve pipeline run time but might result in missing documents. - This setting is only applied to document previews. It is not applied - when the pipeline is run. + This setting is only applied to document previews. It is not applied + when the pipeline is run. - 100000 Learn More diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index dd715c032..27044e80b 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -61,6 +61,11 @@ Procedure - :ref:`KMIP ` + .. step:: Click Connect. + + KMS Provider Links + ****************** + .. _local-kms: Local KMS @@ -262,5 +267,3 @@ Procedure Add an optional client-side EncryptedFieldsMap for enhanced security. For more information, see :v6.0:`Fields for Encryption `. - - .. step:: Click Connect. diff --git a/source/connect/advanced-connection-options/tls-ssl-connection.txt b/source/connect/advanced-connection-options/tls-ssl-connection.txt index a164f4e84..9cf75bc84 100644 --- a/source/connect/advanced-connection-options/tls-ssl-connection.txt +++ b/source/connect/advanced-connection-options/tls-ssl-connection.txt @@ -63,8 +63,7 @@ Procedure - The ``Off`` option initiates a connection :guilabel:`without` TLS / SSL. - It is recommended that users enable TLS / SSL to avoid security - vulnerabilities. + Enable TLS / SSL to avoid security vulnerabilities. .. _additional-tls: From e3892261f21788c3b3ce1a5108b521e2b4d2664b Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Mon, 23 Sep 2024 14:38:44 -0400 Subject: [PATCH 4/8] testing new table structure --- .../in-use-encryption.txt | 310 +++++++++--------- 1 file changed, 155 insertions(+), 155 deletions(-) diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index 27044e80b..e7dc40560 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -63,204 +63,204 @@ Procedure .. step:: Click Connect. - KMS Provider Links - ****************** +KMS Provider Links +****************** - .. _local-kms: +.. _local-kms: - Local KMS - ~~~~~~~~~ +Local KMS +~~~~~~~~~ - You can locally manage your key as a KMS using the - :v6.0:`Local KMS ` - option. +You can locally manage your key as a KMS using the +:v6.0:`Local KMS ` +option. - Click :guilabel:`Generate Random Key` to generate a 96-byte long - base64-encoded string. You need this key to access encrypted and - decrypted data. +Click :guilabel:`Generate Random Key` to generate a 96-byte long +base64-encoded string. You need this key to access encrypted and +ecrypted data. - .. warning:: +.. warning:: - |compass-short| does not save KMS credentials by default. Copy - and save the key in an external location. + |compass-short| does not save KMS credentials by default. Copy + and save the key in an external location. - .. _aws-compass-encryption: +.. _aws-compass-encryption: - AWS - ~~~ +AWS +~~~ - You can use :v6.0:`AWS ` - to manage your keys. +You can use :v6.0:`AWS ` +to manage your keys. - Specify the following fields: +Specify the following fields: - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 +.. list-table:: + :header-rows: 1 + :widths: 30 30 70 - * - Field - - Required - - Description + * - Field + - Required + - Description - * - Access Key Id - - Yes - - Value of your AWS access key Id. + * - Access Key Id + - Yes + - Value of your AWS access key Id. - * - Secret Access Key - - Yes - - Value of your AWS secret key. + * - Secret Access Key + - Yes + - Value of your AWS secret key. - * - Session Token - - No - - Value of your AWS session token. + * - Session Token + - No + - Value of your AWS session token. - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. - .. _gcp-compass-encryption: +.. _gcp-compass-encryption: - GCP - ~~~ +GCP +~~~ - You can use :v6.0:`Google Cloud Services ` to manage your keys. +You can use :v6.0:`Google Cloud Services ` to manage your keys. - Specify the following fields: +Specify the following fields: - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 +.. list-table:: + :header-rows: 1 + :widths: 30 30 70 - * - Field - - Required - - Description + * - Field + - Required + - Description - * - Service Account Email - - Yes - - The service account email to authenticate. + * - Service Account Email + - Yes + - The service account email to authenticate. - * - Private Key - - Yes - - A base64-encoded private key. + * - Private Key + - Yes + - A base64-encoded private key. - * - Endpoint - - No - - A host with an optional port. + * - Endpoint + - No + - A host with an optional port. - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. - .. _azure-compass-encryption: +.. _azure-compass-encryption: - Azure - ~~~~~ +Azure +~~~~~ - You can use :v6.0:`Azure Key Vault ` - to manage your keys. +You can use :v6.0:`Azure Key Vault ` +to manage your keys. - Specify the following fields: +Specify the following fields: - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 +.. list-table:: + :header-rows: 1 + :widths: 30 30 70 - * - Field - - Required - - Description + * - Field + - Required + - Description - * - Tenant Id - - Yes - - Identifies the organization for the account. + * - Tenant Id + - Yes + - Identifies the organization for the account. - * - Client Id - - Yes - - Authenticates a registered application. + * - Client Id + - Yes + - Authenticates a registered application. - * - Client Secret - - Yes - - The client secret to authenticate a registered application. + * - Client Secret + - Yes + - The client secret to authenticate a registered application. - * - Identity Platform Endpoint - - Yes - - A host with an optional port. + * - Identity Platform Endpoint + - Yes + - A host with an optional port. - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. - - .. _kmip-compass-encryption: - - KMIP - ~~~~ - - You can use :v6.0:`KMIP ` - to manage your keys. - - .. list-table:: - :header-rows: 1 - :widths: 30 30 70 - - * - Field - - Required - - Description - - * - Endpoint - - Yes - - The endpoint consists of a hostname and port separated by a colon. - - * - Certificate Authority - - No - - One or more certificate files from trusted Certificate - Authorities to validate the certificate provided by the deployment. - - * - Client Certificate and Key - - No - - Specifies the location of a local .pem file that contains - either the client's TLS/SSL X.509 certificate or the client's TLS/SSL - certificate and key. - - * - Client Key Password - - No - - If the *Client Private Key* is protected with a password, - you must provide the password. + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. + +.. _kmip-compass-encryption: + +KMIP +~~~~ + +You can use :v6.0:`KMIP ` +to manage your keys. + +.. list-table:: + :header-rows: 1 + :widths: 30 30 70 + + * - Field + - Required + - Description + + * - Endpoint + - Yes + - The endpoint consists of a hostname and port separated by a colon. + + * - Certificate Authority + - No + - One or more certificate files from trusted Certificate + Authorities to validate the certificate provided by the deployment. + + * - Client Certificate and Key + - No + - Specifies the location of a local .pem file that contains + either the client's TLS/SSL X.509 certificate or the client's TLS/SSL + certificate and key. + + * - Client Key Password + - No + - If the *Client Private Key* is protected with a password, + you must provide the password. .. step:: (Optional) Specify an EncryptedFieldsMap From 07681657bc8d9c70e1a9c66c997e5dbf74185c8a Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Mon, 23 Sep 2024 14:46:14 -0400 Subject: [PATCH 5/8] fixing another error --- .../advanced-connection-options/in-use-encryption.txt | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index e7dc40560..5aa0038aa 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -262,8 +262,7 @@ to manage your keys. - If the *Client Private Key* is protected with a password, you must provide the password. - .. step:: (Optional) Specify an EncryptedFieldsMap +(Optional) Specify an EncryptedFieldsMap: - Add an optional client-side EncryptedFieldsMap for enhanced security. - - For more information, see :v6.0:`Fields for Encryption `. +Add an optional client-side EncryptedFieldsMap for enhanced security. +For more information, see :v6.0:`Fields for Encryption `. From 16c4fd32bd430f897c676339c176d312884a0cee Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Mon, 23 Sep 2024 14:51:56 -0400 Subject: [PATCH 6/8] adding headings --- .../advanced-connection-options/in-use-encryption.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index 5aa0038aa..7e9e37a61 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -87,7 +87,7 @@ ecrypted data. .. _aws-compass-encryption: AWS -~~~ +*** You can use :v6.0:`AWS ` to manage your keys. @@ -133,7 +133,7 @@ Specify the following fields: .. _gcp-compass-encryption: GCP -~~~ +*** You can use :v6.0:`Google Cloud Services ` to manage your keys. @@ -179,7 +179,7 @@ Specify the following fields: .. _azure-compass-encryption: Azure -~~~~~ +***** You can use :v6.0:`Azure Key Vault ` to manage your keys. @@ -229,7 +229,7 @@ Specify the following fields: .. _kmip-compass-encryption: KMIP -~~~~ +**** You can use :v6.0:`KMIP ` to manage your keys. @@ -263,6 +263,7 @@ to manage your keys. you must provide the password. (Optional) Specify an EncryptedFieldsMap: +========================================= Add an optional client-side EncryptedFieldsMap for enhanced security. For more information, see :v6.0:`Fields for Encryption `. From 85ef4c11ae7180dec2b7674e489dd1109dc866b0 Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Mon, 23 Sep 2024 14:57:58 -0400 Subject: [PATCH 7/8] last rendering error --- .../connect/advanced-connection-options/in-use-encryption.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index 7e9e37a61..2b2ec9c94 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -263,7 +263,7 @@ to manage your keys. you must provide the password. (Optional) Specify an EncryptedFieldsMap: -========================================= +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Add an optional client-side EncryptedFieldsMap for enhanced security. For more information, see :v6.0:`Fields for Encryption `. From d39ace06e5d624ba219a08e0da7d6d02fc8d0722 Mon Sep 17 00:00:00 2001 From: Grace Miller Date: Wed, 25 Sep 2024 14:12:01 -0400 Subject: [PATCH 8/8] small changes --- .../advanced-connection-options/in-use-encryption.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/source/connect/advanced-connection-options/in-use-encryption.txt b/source/connect/advanced-connection-options/in-use-encryption.txt index 2b2ec9c94..6dd01290d 100644 --- a/source/connect/advanced-connection-options/in-use-encryption.txt +++ b/source/connect/advanced-connection-options/in-use-encryption.txt @@ -63,8 +63,8 @@ Procedure .. step:: Click Connect. -KMS Provider Links -****************** +KMS Providers +************* .. _local-kms: @@ -262,8 +262,8 @@ to manage your keys. - If the *Client Private Key* is protected with a password, you must provide the password. -(Optional) Specify an EncryptedFieldsMap: -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +(Optional) ``Specify an EncryptedFieldsMap``: +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Add an optional client-side EncryptedFieldsMap for enhanced security. +Add an optional client-side ``EncryptedFieldsMap`` for enhanced security. For more information, see :v6.0:`Fields for Encryption `.