Merge branch 'master' of github.com:docker/docs-private into repo-events-log-682

_data/toc.yaml

@@ -1564,12 +1564,12 @@ manuals:
           title: Add SANs to cluster certificates
         - path: /ee/ucp/admin/configure/collect-cluster-metrics/
           title: Collect UCP cluster metrics with Prometheus
-        - path: /ee/ucp/admin/configure/configure-rbac-kube/
+        - path: /ee/ucp/authorization/configure-rbac-kube/
-          title: Configure Kubernetes Role-Based Access Control
+          title: Configure native Kubernetes role-based access control
-        - path: /ee/ucp/admin/configure/enable-saml-authentication/
-          title: Enable SAML authentication
         - path: /ee/ucp/admin/configure/create-audit-logs/
           title: Create UCP audit logs
+        - path: /ee/ucp/admin/configure/enable-saml-authentication/
+          title: Enable SAML authentication
         - path: /ee/ucp/admin/configure/external-auth/
           title: Integrate with LDAP
         - path: /ee/ucp/admin/configure/external-auth/enable-ldap-config-file/

ee/dtr/admin/configure/garbage-collection.md

@@ -31,7 +31,7 @@ during garbage collection.
 In your browser, navigate to `https://<dtr-url>` and log in with your credentials. Select **System** on the left navigation pane, and then click
 the **Garbage collection** tab to schedule garbage collection.
 
-![](../../images/garbage-collection-0.png){: .with-border}
+![](../../images/garbage-collection-0.png){: .img-fluid .with-border}
 
 Select for how long the garbage collection job should run:
 * Until done: Run the job until all unused image layers are deleted.
@@ -39,7 +39,7 @@ Select for how long the garbage collection job should run:
 at a time.
 * Never: Never delete unused image layers.
 
-If you select *Until done* or *For x minutes*, you can specify a recurring schedule in UTC (Coordinated Universal Time) with the following options:
+If you select ***Until done*** or ***For x minutes***, you can specify a recurring schedule in UTC (Coordinated Universal Time) with the following options:
 * Custom cron schedule - (Hour, Day of Month, Month, Weekday)
 * Daily at midnight UTC
 * Every Saturday at 1am UTC

ee/dtr/user/tag-pruning.md

@@ -47,7 +47,12 @@ DTR allows you to set your pruning triggers based on the following image attribu
 | License         | Whether the image uses an intellectual property license and is one of or not one of your specified words | License name = `docker` | 
 | Last updated at | Whether the last image update was before your specified number of hours, days, weeks, or months. For details on valid time units, see [Go's ParseDuration function](https://golang.org/pkg/time/#ParseDuration). |  Last updated at: Hours = `12` |
 
-Specify one or more image attributes to add to your pruning criteria, then choose **Prune future tags** to apply your selection to future tags or **Prune all tags** to evaluate existing tags on your repository. Upon selection, you will see a confirmation message and will be redirected to your newly updated **Pruning** tab. 
+Specify one or more image attributes to add to your pruning criteria, then choose:
+
+- **Prune future tags** to save the policy and apply your selection to future tags. Only matching tags after the policy addition will be pruned during garbage collection.
+- **Prune all tags** to save the policy, and evaluate both existing and future tags on your repository. 
+
+Upon selection, you will see a confirmation message and will be redirected to your newly updated **Pruning** tab. 
 
 ![](../images/tag-pruning-2.png){: .with-border}
 

ee/ucp/admin/configure/configure-rbac-kube.md

@@ -1,6 +1,6 @@
 ---
-title: Enable Kubernetes RBAC
+title: Configure native Kubernetes role-based access control
-description: Learn how to configure role-based access control for Kubernetes
+description: Learn how to configure native role-based access control for Kubernetes
 keywords: Kubernetes, ucp, RBAC
 redirect_from:
 - /ee/ucp/authorization/migrate-kubernetes-roles/

ee/ucp/admin/configure/create-audit-logs.md

@@ -41,24 +41,31 @@ You can use audit logs to help with the following use cases:
 1. Download the UCP Client bundle [Download client bundle from the command line](https://success.docker.com/article/download-client-bundle-from-the-cli).
 
 2.  Retrieve JSON for current audit log configuration.
+
     ```
     export DOCKER_CERT_PATH=~/ucp-bundle-dir/
     curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -X GET https://ucp-domain/api/ucp/config/logging > auditlog.json
     ```
-3. Modify the auditLevel field to metadata or request.
-```
-vi auditlog.json
 
-{"logLevel":"INFO","auditLevel":"metadata","supportDumpIncludeAuditLogs":false}
+3. Open auditlog.json to modify the 'auditlevel' field to `metadata` or `request`.
+
     ```
+    {
+    	"logLevel": "INFO",
+    	"auditLevel": "metadata",
+    	"supportDumpIncludeAuditLogs": false
+    }
+    ```
+
 4. Send the JSON request for the auditlog config with the same API path but with the `PUT` method.
+
     ```
     curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -H "Content-Type: application/json" -X PUT --data $(cat auditlog.json) https://ucp-domain/api/ucp/config/logging
     ```
 
 5. Create any workload or RBAC grants in Kubernetes and generate a support dump to check the contents of ucp-controller.log file for audit log entries.
 
-6. Optionally, configure the Docker Engine driver to logstash and collect and query audit logs within ELK stack after deploying ELK. https://success.docker.com/article/elasticsearch-logstash-kibana-logging
+6. Optionally, configure the Docker Engine driver to logstash and collect and query audit logs within ELK stack after deploying ELK. (https://success.docker.com/article/elasticsearch-logstash-kibana-logging)
 
 ## API endpoints ignored