Merge pull request #4637 from EnterpriseDB/release/2023-08-16

Release: 2023- 08-16

advocacy_docs/partner_docs/CohesityDataProtectforPostgreSQL/04-ConfiguringCohesityDataProtectforPostgreSQL.mdx

@@ -52,7 +52,8 @@ Implementing Cohesity DataProtect for PostgreSQL with EDB Postgres Advanced Serv
 - In the **App Authentication** section, enter the admin username and password for the user who has admin privileges on your database to perform a backup.
 
 
-!!! Note Instead of password-based authentication, if you want to use kerberos authentication, then leave the username and password fields blank.
+!!!note
+Instead of password-based authentication, if you want to use kerberos authentication, then leave the username and password fields blank.
 !!!
 
    ![Cohesity Universal Data Adapter Information](Images/CohesityUniversalDataAdapterInformation.png)
@@ -74,6 +75,10 @@ Implementing Cohesity DataProtect for PostgreSQL with EDB Postgres Advanced Serv
 
 ### Configuring EDB Postgres Advanced Server
 
+!!!note
+When you run your first backup on the database, Cohesity will set up a file called postgresql.auto.conf with their archive command and they will set archive_mode=on in postgresql.conf and restart the database if you have not already set archive_mode=on. 
+!!!
+
 Set up WAL archiving on the EDB Postgres Advanced Server server by using the steps below. WAL archiving prepares Postgresql/EDB Postgres Advanced Server database servers for backup/recovery operations and is a precondition for any backup/recovery tool to work with the database server.
 
 1.	Create a writeable `<archivedir>` directory at your desired location.
@@ -87,10 +92,8 @@ Set up WAL archiving on the EDB Postgres Advanced Server server by using the ste
     archive_command = test ! -f <archivedir>/%f && cp %p <archivedir>/%f
     ```
 
-!!! Note Replace `<archivedir>` in the `archive_command` parameter with the location of the directory created in Step 1.
-!!!
-
-3.	Restart the PostgreSQL server.
+   !!!note
+   Replace `<archivedir>` in the `archive_command` parameter with the location of the directory created in Step 1.
+   !!!
 
-!!! Note When you run your first backup on the database, Cohesity will set archive_mode=on in postgresql.conf and restart the database if you have not already set archive_mode=on. 
-!!!
+3.	Restart the PostgreSQL server.

advocacy_docs/partner_docs/HashicorpVault/02-PartnerInformation.mdx

@@ -1,12 +1,12 @@
 ---
-title: 'Partner Information'
+title: 'Partner information'
 description: 'Details of the partner'
 
 ---
 |       |   |
 | ----------- | ----------- |
-| **Partner Name**      |    Hashicorp    |
-| **Web Site**      |   https://www.hashicorp.com/   |
-| **Partner Product**   |   Vault     |
+| **Partner name**      |    Hashicorp    |
+| **Website**      |   https://www.hashicorp.com/   |
+| **Partner product**   |   Vault     |
 | **Version**   |  Vault v1.12.6+ent, v1.13.2+ent     |
-| **Product Description**      |  Hashicorp Vault is an identity-based secrets and encryption management system. Used in conjunction with EDB Postgres Advanced Server or EDB Postgres Extended Server, it allows users to control access to encryption keys and certificates, as well as perform key management.   |
+| **Product description**      |  Hashicorp Vault is an identity-based secrets and encryption management system. Used with EDB Postgres Advanced Server or EDB Postgres Extended Server, it allows you to control access to encryption keys and certificates and perform key management.   |

advocacy_docs/partner_docs/HashicorpVault/03-SolutionSummary.mdx

@@ -1,10 +1,10 @@
 ---
-title: 'Solution Summary'
+title: 'Solution summary'
 description: 'Explanation of the solution and its purpose'
 ---
 
-Hashicorp Vault is an identity-based secrets and encryption management system. Used in conjunction with EDB Postgres Advanced Server versions 15.2 and above or EDB Postgres Extended Server versions 15.2 and above, it allows users to control access to encryption keys and certificates, as well as perform key management. Using Hashicorp Vault’s KMIP secrets engine allows Vault to act as a KMIP server provider and handle the lifecycle of KMIP managed objects.
+Hashicorp Vault is an identity-based secrets and encryption management system. Used with EDB Postgres Advanced Server versions 15.2 and later or EDB Postgres Extended Server versions 15.2 and later, it allows you to control access to encryption keys and certificates and perform key management. Using Hashicorp Vault’s KMIP secrets engine allows Vault to act as a KMIP server provider and handle the lifecycle of KMIP-managed objects.
 
-Hashicorp Vault’s KMIP secrets engine manages its own listener to service any KMIP requests that operate on KMIP managed objects. The KMIP secrets engine determines the set of KMIP operations that the clients can perform based on roles that are assigned.
+Hashicorp Vault’s KMIP secrets engine manages its own listener to service any KMIP requests that operate on KMIP-managed objects. The KMIP secrets engine determines the set of KMIP operations that the clients can perform based on roles they are assigned.
 
 ![Hashicorp Vault Architecture](Images/HashicorpVaultSolutionSummaryImage.png)

advocacy_docs/partner_docs/HashicorpVault/04-ConfiguringHashicorpVault.mdx

@@ -1,41 +1,45 @@
 ---
-title: 'Configuration'
-description: 'Walkthrough on configuring the integration'
+title: 'Configuring'
+description: 'Walkthrough of configuring the integration'
 ---
 
-Implementing Hashicorp Vault with EDB Postgres Advanced Server version 15.2 and above and EDB Postgres Extended Server version 15.2 and above requires the following components:
-!!! Note
-    The EDB Postgres Advanced Server version 15.2 and above and EDB Postgres Extended Server version 15.2 and above, products will be referred to as EDB Postgres distribution.  The specific distribution type will be dependent upon customer need or preference.
+Implementing Hashicorp Vault with EDB Postgres Advanced Server version 15.2 and later and EDB Postgres Extended Server version 15.2 and later requires the following components:
 
 - EDB Postgres Distribution (15.2 or later)
 - Hashicorp Vault Enterprise version 1.13.2+ent or 1.12.6+ent
-- [Pykmip](https://pypi.org/project/PyKMIP/#files)
+- [PyKMIP](https://pypi.org/project/PyKMIP/#files)
 - Python 
 
+!!! Note
+    We refer to EDB Postgres Advanced Server version 15.2 and later and EDB Postgres Extended Server version 15.2 and later products as EDB Postgres distribution. The specific distribution type depends on your needs and preferences.
+
 ## Prerequisites
 
-- A running EDB Postgres distribution with Python and pykmip installed
+- A running EDB Postgres distribution with Python and PyKMIP installed
 - Hashicorp Vault Enterprise edition with enterprise licensing installed and deployed per your VM environment
 
-## Check/Install Python on Server
+## Check/install Python on server
+
+Many Unix-compatible operating systems, such as macOS and some Linux distributions, have Python installed by default, as it's included in a base installation.
 
-Many Unix-compatible operating systems such as macOS and some Linux distributions have Python installed by default as it is included in a base installation.
+To check your version of Python on your machine, or to see if it's installed, enter `python3`. The Python version is returned. You can also enter `ps -ef |grep python` to return a Python running process.
 
-To check your version of Python on your machine, or to see if it is installed, simply type `python3` and it will return the version.  You can also type `ps -ef |grep python` to return a python running process.
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# python
 Python 3.8.10 (default, May 26 2023, 14:05:08) 
 [GCC 9.4.0] on linux
 Type "help", "copyright", "credits" or "license" for more information.
 ```
-If you run a check and find that your system does not have Python installed, you can follow the docs and download it from [Python.org](https://www.python.org/downloads/).  Simply select your specific OS and download and install on your system.
+
+If you run a check and find that your system doesn't have Python installed, you can download it from [Python.org](https://www.python.org/downloads/). Select your OS and download and install it on your system.
 
 ## Install Pykmip 
-Once you have your EDB Repository installed on your server, you can then install the Pykmip utility that is needed.
+Once your EDB Repository is installed on your server, you can then install the PyKMIP utility.
+
+- As root user, issue the `install python3-pykmip` command. This example uses a RHEL8 server, so the command is `dnf install python3-pymkip`.
 
-- As  `root` user issue the `install python3-pykmip` command, for our example we have a RHEL8 server so it would be `dnf install python3-pymkip`.
+The output looks something like:
 
-The output should look something like:
 ```bash
 [root@ip-172-31-7-145 ec2-user]# dnf install python3-pykmip
 Updating Subscription Management repositories.
@@ -88,46 +92,51 @@ Installed:
 Complete!
 ```
 
-## Configure Hashicorp Vault KMIP Secrets Engine
+## Configure Hashicorp Vault KMIP secrets engine
 
 !!! Note
-    You have to set your environment variable with Hashicorp Vault before you can configure the Hashicorp Vault server using the API IP address and port. If you receive this error message “Get "https://127.0.0.1:8200/v1/sys/seal-status": http: server gave HTTP response to HTTPS client” you need to issue this in your command line export VAULT_ADDR="http://127.0.0.1:8200".
+    You have to set your environment variable with Hashicorp Vault before you can configure the Hashicorp Vault server using the API IP address and port. If you receive the error message, “Get "https://127.0.0.1:8200/v1/sys/seal-status": http: server gave HTTP response to HTTPS client,” enter this command at your command line: `export VAULT_ADDR="http://127.0.0.1:8200"`.
 
-1. After your Hashicorp Vault configuration is installed and deployed per the guidelines in the [Hashicorp documentation](https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-install), you will then need to enable the KMIP capabilities.
+After your Hashicorp Vault configuration is installed and deployed per the guidelines in the [Hashicorp documentation](https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-install), you then need to enable the KMIP capabilities.
 
-2. Assume root user.
+1. Assume root user.
+
+1. As the root user, enter `vault secrets enable kmip`:
 
-3. When you are the root user, type `vault secrets enable kmip`.
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault secrets enable kmip
 Success! Enabled the kmip secrets engine at: kmip/
 ```
 
-4. You will then need to configure the Hashicorp Vault secrets engine with the desired kmip listener address.
+  You then need to configure the Hashicorp Vault secrets engine with the desired KMIP listener address.
+
+5. Enter `vault write kmip/config listen_addrs=0.0.0.0:5696`:
 
-5. Enter `vault write kmip/config listen_addrs=0.0.0.0:5696`.
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault write kmip/config listen_addrs=0.0.0.0:5696
 Success! Data written to: kmip/config
 ```
 
-6. Enter `vault write -f kmip/scope/*scope_name*` to create the scope that will be used to define the allowed operations a role can perform.
+6. To create the scope for defining allowed operations a role can perform, enter `vault write -f kmip/scope/<scope_name>`:
+
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault write -f kmip/scope/edb
 Success! Data written to: kmip/scope/edb
 ```
 
 !!! Note
-    To view your scopes you have created you can enter `vault list kmip/scope`.
+    To view the scopes you created, enter `vault list kmip/scope`.
+
 
+7. To define the role for the scope, enter `vault write kmip/scope/*scope_name*/role/<role_name> operation_all=true`. In this example, the role of admin is for the scope `edb`:
 
-7. Enter `vault write kmip/scope/*scope_name*/role/*role_name* operation_all=true` to define the role for the scope.  In our example the role of `admin` is for the scope `edb`. 
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault write kmip/scope/edb/role/admin operation_all=true
 Success! Data written to: kmip/scope/edb/role/admin
 ```
 
-8. You can read your scope and role with this command `vault read kmip/scope/*scope_name*/role/*role_name*`
+8. You can read your scope and role with the command `vault read kmip/scope/*scope_name*/role/<role_name>`:
+
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault read kmip/scope/edb/role/admin
 Key                    Value
@@ -138,30 +147,33 @@ tls_client_key_type    n/a
 tls_client_ttl         0s
 ```
 
-## Generate Client Certificates
+## Generate client certificates
 
-After a scope and role have been created you will need to generate client certificates that will be used within your pykmip.conf file for key management.  These certificates can be used to establish communication with Hashicorp Vault’s KMIP Server.
+After you create a scope and a role, you need to generate client certificates to use in your `pykmip.conf` file for key management. You can use these certificates to establish communication with Hashicorp Vault’s KMIP server.
 
-1. Generate the client certificate, this will provide the CA Chain, the private key and the certificate.
+1. Generate the client certificate, which provides the CA chain, the private key, and the certificate.
 
-2. Enter `vault write -f -field=certificate \ kmip/scope/*scope_name*/role/*role_name*/credential/generate > *certificate_name*.pem`.
+2. Enter `vault write -f -field=certificate \ kmip/scope/<scope_name>/role/<role_name>/credential/generate > <certificate_name>.pem`.
 
-In our example we used role: `edb`, scope: `admin` and certificate name: `kmip-cert.pem`.
+This example uses the user edb, the scope `admin`, and the certificate name `kmip-cert.pem`:
 
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# vault write -f -field=certificate \ kmip/scope/edb/role/admin/credential/generate > kmip-cert.pem
 ```
 
-3. To view your certificates type `cat *certificate_name*.pem*` and this will return the certificates from Hashicorp Vault.
+3. To view your certificates, enter `cat <certificate_name>.pem`, which returns the certificates from Hashicorp Vault.
+
 ```bash
 root@ip-172-31-46-134:/home/ubuntu# cat kmip-cert.pem 
 ```
 
-4. You will need to separate the individual certificates into `.pem` files so they can be used in your pykmip.conf file.
+4. You need to separate the individual certificates into `.pem` files so they can be used in your `pykmip.conf` file.
+
 !!! Note
-    Make sure to include ----BEGIN ------ and ----END ------ in the .pem certificate files.
+    Make sure to include `----BEGIN ------` and `----END ------` in the `.pem` certificate files.
+
+5. Create a `key.pem` file that contains the private key in the certificate chain:
 
-5. Create a `key.pem` file contains the private key in the certificate chain.
 ```bash
 ubuntu@ip-172-31-46-134:/tmp$ cat key.pem 
 -----BEGIN EC PRIVATE KEY-----
@@ -171,7 +183,8 @@ wmmW4klCuDzRdSBvtdcA5LguWrSBimKXDw==
 -----END EC PRIVATE KEY-----
 ```
 
-6. Create a `cert.pem` file contains the first certificate in the certificate chain.
+6. Create a `cert.pem` file that contains the first certificate in the certificate chain:
+
 ```bash
 ubuntu@ip-172-31-46-134:/tmp$ cat cert.pem 
 -----BEGIN CERTIFICATE-----
@@ -188,7 +201,8 @@ Xlg2U8LToGCBEvf1quZU7T8ZQkbQCA==
 -----END CERTIFICATE-----
 ```
 
-7. Create a `ca.pem` file contains the last two certificates in the certificate chain.
+7. Create a `ca.pem` file that contains the last two certificates in the certificate chain:
+
 ```bash
 ubuntu@ip-172-31-46-134:/tmp$ cat ca.pem 
 -----BEGIN CERTIFICATE-----
@@ -216,4 +230,4 @@ IgIhAMb3y3xRXwddt2ejaow1GytysRz4LoxC3B5dLn1LoCpI
 -----END CERTIFICATE-----
 ```
 
-Now that you have all of the required certificates you are ready to use Hashicorp Vault Secrets Engine with your EDB Postgres distribution with TDE.
+Once you have all of the required certificates, you're ready to use the Hashicorp Vault secrets engine with your EDB Postgres distribution with TDE.