Skip to content

Commit 3a8ec96

Browse files
karanpopatkaranpopat
committed
Fix docs
1 parent 5e2705f commit 3a8ec96

File tree

14 files changed

+119
-91
lines changed

14 files changed

+119
-91
lines changed

docs/concepts/activities/index.md

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,7 @@ infrastructure, including:
2222
- Records of permission grants, activations, deactivations and revocations.
2323

2424
<div className="example"> Guardrails creates a <code>Bucket created</code> activity when it detects that a new S3 Bucket has been created.
25-
This activity includes the bucket name, the creation time, and the person who created it, as well as detailed log information.
26-
</div>
25+
This activity includes the bucket name, the creation time, and the person who created it, as well as detailed log information.</div>
2726

2827
Guardrails maintains a history of all activities that you can search and filter,
2928
providing an audit trail of everything that occurs in your environment. Guardrails
@@ -44,7 +43,7 @@ Activities may be filtered and queried using the
4443

4544
## Activity Types
4645

47-
| Item | Action | Activity Type | Description |
46+
| Item | Action | Activity Type | Description |
4847
| ---------------- | ------- | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
4948
| Action | Notify | `action_notify` | When a Guardrails action invokes a `notify` command during a run. |
5049
| Control | Notify | `control_notify` | When a Guardrails control invokes a `notify` command during a run. |

docs/concepts/guardrails/active.md

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -49,18 +49,20 @@ take if the resource is not active. The basic form is:
4949
```
5050

5151
<div className="example">
52-
<pre>{` # AWS > S3 > Bucket Active
53-
- Skip
54-
- Check: Active
55-
- Enforce: Delete with 1 day warning
56-
- Enforce: Delete with 3 days warning
57-
- Enforce: Delete with 7 days warning
58-
- Enforce: Delete with 14 days warning
59-
- Enforce: Delete with 30 days warning
60-
- Enforce: Delete with 60 days warning
61-
- Enforce: Delete with 90 days warning
62-
- Enforce: Delete with 180 days warning
63-
- Enforce: Delete with 365 days warning`}</pre>
52+
<pre>
53+
# AWS > S3 > Bucket Active
54+
- Skip
55+
- Check: Active
56+
- Enforce: Delete with 1 day warning
57+
- Enforce: Delete with 3 days warning
58+
- Enforce: Delete with 7 days warning
59+
- Enforce: Delete with 14 days warning
60+
- Enforce: Delete with 30 days warning
61+
- Enforce: Delete with 60 days warning
62+
- Enforce: Delete with 90 days warning
63+
- Enforce: Delete with 180 days warning
64+
- Enforce: Delete with 365 days warning
65+
</pre>
6466
</div>
6567

6668
The alarm lifecycle is as follows:

docs/concepts/guardrails/cmdb.md

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,9 @@ sidebar_label: CMDB
1010
The CMDB control is responsible for populating and updating all the attributes
1111
for that resource type in the Guardrails CMDB.
1212

13-
<div className="example"> The Resource Type <code>AWS > SQS > Queue</code> defines a
14-
Control <code>AWS > SQS > Queue > CMDB</code> with a target Resource Type of <code>AWS > SQS > Queue</code>.
13+
<div className="example">
14+
The Resource Type <code>AWS > SQS > Queue</code> defines a
15+
Control <code>AWS > SQS > Queue > CMDB</code> with a target Resource Type of <code>AWS > SQS > Queue</code>.
1516
</div>
1617

1718
### Policies to control CMDB
@@ -20,13 +21,15 @@ CMDB controls have an associated policy that allows them to be enforced or
2021
skipped. Note, however, that if CMDB is set to `Skip` for a resource, then it
2122
will not exist in the CMDB, and _no controls that target it will run_.
2223

23-
<div className="example"> The <code>AWS > S3 > Bucket > CMDB</code> policy may be set to `Skip` or `Enforce: Enabled`
24+
<div className="example">
25+
The <code>AWS > S3 > Bucket > CMDB</code> policy may be set to `Skip` or `Enforce: Enabled`
2426
</div>
2527

2628
CMDB controls also use the `Region` policy associated with the resource. If
2729
region is not in `Regions` policy, the CMDB control should delete the resource
2830
from the CMDB (since we don’t want to capture any resources in that region, we
2931
should also cleanup).
3032

31-
<div className="example"> The <code>AWS > S3 > Bucket > CMDB</code> will add/modify a resource in the CMDB if the resource is in region specified in <code>AWS > S3 > Bucket > Regions</code>, and delete it from the CMDB if it is not.
33+
<div className="example">
34+
The <code>AWS > S3 > Bucket > CMDB</code> will add/modify a resource in the CMDB if the resource is in region specified in <code>AWS > S3 > Bucket > Regions</code>, and delete it from the CMDB if it is not.
3235
</div>

docs/concepts/guardrails/discovery.md

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,21 +19,24 @@ the Guardrails CMDB.
1919
Once discovered, the resource is then responsible for tracking changes to itself
2020
through the CMDB control.
2121

22-
<div className="example"> The Resource Type <code>AWS > SQS > Queue</code> defines a
22+
<div className="example">
23+
The Resource Type <code>AWS > SQS > Queue</code> defines a
2324
Control <code>AWS > SQS > Queue > Discovery</code> with a target Resource Type of <code>AWS > Region</code>.
2425
</div>
2526

2627
### Policies to control Discovery
2728

2829
Discovery controls are enforced or skipped based on the associated CMDB policy.
2930

30-
<div className="example"> The <code>AWS > S3 > Bucket > Discovery</code> control relies on the value of the <code>AWS > S3 > Bucket > CMDB</code> policy for its configuration. <code>AWS > S3 > Bucket > CMDB</code> may be set to `Skip` or `Enforce: Enabled`
31+
<div className="example">
32+
The <code>AWS > S3 > Bucket > Discovery</code> control relies on the value of the <code>AWS > S3 > Bucket > CMDB</code> policy for its configuration. <code>AWS > S3 > Bucket > CMDB</code> may be set to `Skip` or `Enforce: Enabled`
3133
</div>
3234

3335
Discovery controls also use the `Region` policy associated with the resource. If
3436
region is not in `Regions` policy, the CMDB control should delete the resource
3537
from the CMDB (since we don’t want to capture any resources in that region, we
3638
should also cleanup).
3739

38-
<div className="example"> The <code>AWS > S3 > Bucket > Discovery</code> control will search for S3 buckets in a the regions specified in <code>AWS > S3 > Bucket > Regions</code>, and will add any buckets it finds to the CMDB as <code>AWS > S3 > Bucket</code> resources.
40+
<div className="example">
41+
The <code>AWS > S3 > Bucket > Discovery</code> control will search for S3 buckets in a the regions specified in <code>AWS > S3 > Bucket > Regions</code>, and will add any buckets it finds to the CMDB as <code>AWS > S3 > Bucket</code> resources.
3942
</div>

docs/concepts/iam/authentication/index.md

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17,13 +17,13 @@ permissions model.
1717

1818
Guardrails currently allows user/group access from 3 different sources:
1919

20-
| Source | Description |
21-
| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
22-
| Guardrails Local Directory | Guardrails provides support for basic user and group management in an internal directory. Guardrails local directories are typically used for bootstrapping and break-glass access. An installation of Guardrails will contain an initial internal directory, with a break-glass/admin user. This user can then be used to create further break-glass users, or add and manage additional directories. |
20+
| Source | Description |
21+
| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
22+
| Guardrails Local Directory | Guardrails provides support for basic user and group management in an internal directory. Guardrails local directories are typically used for bootstrapping and break-glass access. An installation of Guardrails will contain an initial internal directory, with a break-glass/admin user. This user can then be used to create further break-glass users, or add and manage additional directories. |
2323
| Turbot.com Directory | While named similarly, the Turbot.com directory is the connection of the user profile that exists on turbot.com and workspaces. A Turbot.com directory can be created in a workspace, and when attempting to log in via this directory, the user will get redirected to guardrails.turbot.com and back to the workspace! A profile is created upon the first login and administrators can assign permissions once the user has done so. |
24-
| Google | Guardrails integrates with Google domains via a client ID/secret pair, allowing users within that domain to log into Guardrails. Group management can be done from within the Google Admin console. |
25-
| SAML | We have integrations with Identity Providers (IDPs) such as Okta, Ping, ADFS and in-house SAML solutions.<br/><br/>SAML is a popular choice, particularly with customers wishing to access Cloud Providers such as AWS, but without needing to provide direct access back to their on-site directory (e.g. Active Directory).<br/><br/>Guardrails also supports the sourcing of user groups in the SAML assertion |
26-
| LDAP/ LDAPS | Guardrails can use a LDAP/ LDAPS directory to sync groups and users and map them to existing profiles. |
24+
| Google | Guardrails integrates with Google domains via a client ID/secret pair, allowing users within that domain to log into Guardrails. Group management can be done from within the Google Admin console. |
25+
| SAML | We have integrations with Identity Providers (IDPs) such as Okta, Ping, ADFS and in-house SAML solutions.<br/><br/>SAML is a popular choice, particularly with customers wishing to access Cloud Providers such as AWS, but without needing to provide direct access back to their on-site directory (e.g. Active Directory).<br/><br/>Guardrails also supports the sourcing of user groups in the SAML assertion |
26+
| LDAP/ LDAPS | Guardrails can use a LDAP/ LDAPS directory to sync groups and users and map them to existing profiles. |
2727

2828
To setup a new directory or if there are questions regarding LDAP group sync,
2929
head on over to our [Directories guide](guides/configuring-guardrails/directories).
@@ -54,7 +54,8 @@ Guardrails, that same user may require a different identity in all of the provid
5454
that Guardrails will interact with ( AWS, Azure, GCP, etc.). These mappings can be
5555
controlled using policies that target the profile.
5656

57-
<div className="example"> Login name mappings for the Guardrails Profile
57+
<div className="example">
58+
Login name mappings for the Guardrails Profile
5859
<code>Turbot > Google @ acme.com > John Doe</code> to login to AWS, Azure, and GCP
5960
are set via the policies <code>Azure > IAM > Login Names</code>,
6061
<code> GCP > IAM > Login Names</code>, and <code>AWS > IAM > Login User Names</code>

0 commit comments

Comments
 (0)