PR feedback updates: switch to more active voice, consistent ordering…

… of keys
hashicorp · Jul 13, 2023 · 8f15e11 · 8f15e11
1 parent c0398cd
commit 8f15e11
Showing 1 changed file with 61 additions and 32 deletions.
diff --git a/website/content/docs/connect/config-entries/jwt-provider.mdx b/website/content/docs/connect/config-entries/jwt-provider.mdx
@@ -29,6 +29,8 @@ The following list outlines field hierarchy, language-specific data types, and r
     - [`CacheDuration`](#jsonwebkeyset-remote-cacheduration): string | `5m`
     - [`FetchAsynchronously`](#jsonwebkeyset-remote-fetchasynchronously): boolean | `false`
     - [`JWKSCluster`](#jsonwebkeyset-remote-jwkscluster): map
+      - [`DiscoveryType`](#jsonwebkeyset-remote-jwkscluster-discoverytype): string | `STRICT_DNS`
+      - [`ConnectTimeout`](#jsonwebkeyset-remote-jwkscluster-connecttimeout): string | `5s`
       - [`TLSCertificates`](#jsonwebkeyset-remote-jwkscluster-tlscertificates): map
         - [`CaCertificateProviderInstance`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance): map
           - [`InstanceName`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance): string | `default`
@@ -38,8 +40,6 @@ The following list outlines field hierarchy, language-specific data types, and r
           - [`EnvironmentVariable`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
           - [`InlineString`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
           - [`InlineBytes`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
-      - [`DiscoveryType`](#jsonwebkeyset-remote-jwkscluster-discoverytype): string | `STRICT_DNS`
-      - [`ConnectTimeout`](#jsonwebkeyset-remote-jwkscluster-connecttimeout): string | `5s`
     - [`RetryPolicy`](#jsonwebkeyset-remote-retrypolicy): map
       - [`NumRetries`](#jsonwebkeyset-remote-retrypolicy-numretries): integer | `0`
       - [`RetryPolicyBackoff`](#jsonwebkeyset-remote-retrypolicy-retry-policy-backoff): map
@@ -88,6 +88,8 @@ The following list outlines field hierarchy, language-specific data types, and r
           - [`baseInterval`](#spec-jsonwebkeyset-remote-retrypolicy-retry-policy-backoff): string
           - [`maxInterval`](#spec-jsonwebkeyset-remote-retrypolicy-retry-policy-backoff): string
       - [`jwksCluster`](#spec-jsonwebkeyset-remote-jwkscluster): map
+        - [`discoveryType`](#spec-jsonwebkeyset-remote-jwkscluster-discoverytype): string | `STRICT_DNS`
+        - [`connectTimeout`](#spec-jsonwebkeyset-remote-jwkscluster-connecttimeout): string | `5s`
         - [`tlsCertificates`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates): map
           - [`caCertificateProviderInstance`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance): map
             - [`instanceName`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance): string | `default`
@@ -97,8 +99,6 @@ The following list outlines field hierarchy, language-specific data types, and r
             - [`environmentVariable`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
             - [`inlineString`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
             - [`inlineBytes`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca): string
-        - [`discoveryType`](#spec-jsonwebkeyset-remote-jwkscluster-discoverytype): string | `STRICT_DNS`
-        - [`connectTimeout`](#spec-jsonwebkeyset-remote-jwkscluster-connecttimeout): string | `5s`
   - [`audiences`](#spec-audiences): list of strings
   - [`locations`](#spec-locations): list of maps
     - [`header`](#spec-locations-header): map
@@ -518,41 +518,48 @@ Specifies a jittered exponential backoff strategy. When this field is empty, Env
 
 ### `JSONWebKeySet{}.Remote{}.JWKSCluster`
 
-Defines how the specified Remote JWKS URI is to be fetched.
+Defines how Envoy fetches the remote JSON Web Key Set URI.
 
 #### Values
 
 - Default: None
 - Data type: Map that can contain the following parameters:
 
-  - [`TLSCertificates`](#jsonwebkeyset-remote-jwkscluster-tlscertificates)
   - [`DiscoveryType`](#jsonwebkeyset-remote-jwkscluster-discoverytype)
   - [`ConnectTimeout`](#jsonwebkeyset-remote-jwkscluster-connecttimeout)
+  - [`TLSCertificates`](#jsonwebkeyset-remote-jwkscluster-tlscertificates)
 
-### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.ConnectTimeout`
 
-Specifies the timeout for new network connections to hosts in the cluster.
+### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.DiscoveryType`
+
+Specifies the service discovery type to use for resolving the cluster.
+You can specify the following discovery types:
+- `STRICT_DNS` 
+- `STATIC` 
+- `LOGICAL_DNS` 
+- `EDS` 
+- `ORIGINAL_DST`
 
 #### Values
 
-- Default: `5s`
+- Default: STRICT_DNS
 - Data type: String
 
-### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.DiscoveryType`
+### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.ConnectTimeout`
 
-Specifies the service discovery type to use for resolving the cluster.
-The discovery type options are: STRICT_DNS, STATIC, LOGICAL_DNS, EDS and ORIGINAL_DST.
+Specifies the duration of time new network connections attempt to connect to hosts in the cluster before they timeout.
 
 #### Values
 
-- Default: STRICT_DNS
+- Default: `5s`
 - Data type: String
 
 ### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.TLSCertificates`
 
-Specifies the data containing certificate authority certificates to use in
-verifying a presented peer certificate. If not specified and a peer certificate is presented
-it will not be verified. You cannot specify [`TLSCertificates{}.CaCertificateProviderInstance`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance) and [`TLSCertificates{}.TrustedCA`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca) in the same map.
+Specifies the data containing certificate authority certificates to use for verifying a presented peer certificate.
+Envoy does not verify certificates that peers present if this field is not configured.
+
+You cannot specify [`TLSCertificates{}.CaCertificateProviderInstance`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance) and [`TLSCertificates{}.TrustedCA`](#jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca) in the same map.
 
 #### Values
 
@@ -574,14 +581,21 @@ Speficies the certificate provider instance for fetching TLS certificates.
 | Parameter | Description                                        | Data type | Default value |
 | :-------- | :------------------------------------------------- | :-------- | :------------ |
 | `InstanceName`| Refers to the certificate provider instance name. | String | `default` |
-| `CertificateName` | certificate instances or types. For example, "ROOTCA" to specify a root-certificate. | String | None |
+| `CertificateName` | Specifies the certificate instances or types. For example, use `ROOTCA` to specify a root-certificate. | String | None |
 
 ### `JSONWebKeySet{}.Remote{}.JWKSCluster{}.TLSCertificates{}.TrustedCA`
 
-Specifies TLS certificate data containing certificate authority certificates. Exactly one of Filename, EnvironmentVariable, InlineString or InlineBytes must be specified.
+Specifies TLS certificate data containing certificate authority certificates. Specify exactly one of the following data holders:
+- `Filename` 
+- `EnvironmentVariable` 
+- `InlineString` 
+- `InlineBytes`
 
 #### Values
 
+- Default: None
+- Data type: Map containing one of the following parameters:
+
 | Parameter | Description                                        | Data type | Default value |
 | :-------- | :------------------------------------------------- | :-------- | :------------ |
 | `Filename`| Local filesystem data source.                      | String    | None          |
@@ -949,41 +963,49 @@ Specifies a jittered exponential backoff strategy. When this field is empty, Env
 
 ### `spec.jsonWebKeySet.remote.jwksCluster`
 
-Defines how the specified Remote JWKS URI is to be fetched.
+Defines how Envoy fetches the remote JSON Web Key Set URI.
 
 #### Values
 
 - Default: None
 - Data type: Map that can contain the following parameters:
 
-  - [`tlsCertificates`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates)
   - [`discoveryType`](#spec-jsonwebkeyset-remote-jwkscluster-discoverytype)
   - [`connectTimeout`](#spec-jsonwebkeyset-remote-jwkscluster-connecttimeout)
+  - [`tlsCertificates`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates)
 
-### `spec.jsonWebKeySet.remote.jwksCluster.connectTimeout`
+### `spec.jsonWebKeySet.remote.jwksCluster.discoveryType`
 
-Specifies the timeout for new network connections to hosts in the cluster.
+Specifies the service discovery type to use for resolving the cluster.
+You can specify the following discovery types: 
+- `STRICT_DNS` 
+- `STATIC` 
+- `LOGICAL_DNS` 
+- `EDS` 
+- `ORIGINAL_DST`
+
+String values must be a valid [Cluster DiscoveryType](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#envoy-v3-api-enum-config-cluster-v3-cluster-discoverytype).
 
 #### Values
 
-- Default: `5s`
+- Default: STRICT_DNS
 - Data type: String
 
-### `spec.jsonWebKeySet.remote.jwksCluster.discoveryType`
+### `spec.jsonWebKeySet.remote.jwksCluster.connectTimeout`
 
-Specifies the service discovery type to use for resolving the cluster.
-The discovery type options are: STRICT_DNS, STATIC, LOGICAL_DNS, EDS and ORIGINAL_DST.
+Specifies the timeout for new network connections to hosts in the cluster.
 
 #### Values
 
-- Default: STRICT_DNS
+- Default: `5s`
 - Data type: String
 
 ### `spec.jsonWebKeySet.remote.jwksCluster.tlsCertificates`
 
-Specifies the data containing certificate authority certificates to use in
-verifying a presented peer certificate. If not specified and a peer certificate is presented
-it will not be verified. You cannot specify [`spec.tlsCertificates.caCertificateProviderInstance`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance) and [`spec.tlsCertificates.trustedCA`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca) in the same map.
+Specifies the data containing certificate authority certificates to use for verifying a presented peer certificate.
+Envoy does not verify certificates that peers present if this field is not configured.
+
+You cannot specify [`spec.tlsCertificates.caCertificateProviderInstance`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-cacertificateproviderinstance) and [`spec.tlsCertificates.trustedCA`](#spec-jsonwebkeyset-remote-jwkscluster-tlscertificates-trustedca) in the same map.
 
 #### Values
 
@@ -1005,14 +1027,21 @@ Speficies the certificate provider instance for fetching TLS certificates.
 | Parameter | Description                                        | Data type | Default value |
 | :-------- | :------------------------------------------------- | :-------- | :------------ |
 | `instanceName`| Refers to the certificate provider instance name. | String | `default` |
-| `certificateName` | certificate instances or types. For example, "ROOTCA" to specify a root-certificate. | String | None |
+| `certificateName` | Specifies the certificate instances or types. For example, use `ROOTCA` to specify a root-certificate. | String | None |
 
 ### `spec.jsonWebKeySet.remote.jwksCluster.tlsCertificates.trustedCA`
 
-Specifies TLS certificate data containing certificate authority certificates. Exactly one of Filename, EnvironmentVariable, InlineString or InlineBytes must be specified.
+Specifies TLS certificate data containing certificate authority certificates. Specify exactly one of the following data holders:
+- `Filename` 
+- `EnvironmentVariable` 
+- `InlineString` 
+- `InlineBytes`
 
 #### Values
 
+- Default: None
+- Data type: Map containing one of the following parameters:
+
 | Parameter | Description                                        | Data type | Default value |
 | :-------- | :------------------------------------------------- | :-------- | :------------ |
 | `filename`| Local filesystem data source.                      | String    | None          |