Refine cloud resources landing page and add Crossplane example

- Added usage doc for cloud resources orchestrated by Crossplane
- Refine cloud resources landing page and database usages

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>
Co-authored-by: Jianbo Sun <jianbo.sjb@alibaba-inc.com>

fix link issues

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

update cloud resources

Signed-off-by: Jianbo Sun <jianbo.sjb@alibaba-inc.com>

docs/end-user/components/cloud-services/cloud-resource-scenarios.md

@@ -0,0 +1,18 @@
+---
+title: Overview
+description: This section introduces some scenarios of cloud resources management
+---
+
+Here're the scenarios KubeVela already supported by Using Terraform.
+
+## Provision ECS
+
+- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
+
+## Provision and use databases
+
+- [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services).
+- [Secure your Database Connection](./secure-your-database-connection).
+- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database).
+- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).
+

docs/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md

@@ -2,7 +2,7 @@
 title: Provision an RDS instance with more than one database
 ---
 
-In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
+In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
 only one database will be created in an RDS instance. This tutorial will show you how to create more than one database in an RDS instance.
 
 In the [reference doc for Alibaba Cloud RDS](./terraform/alibaba-rds), set `database_name` if you want to create one database.

docs/end-user/components/cloud-services/provision-and-consume-cloud-services.md

@@ -1,141 +0,0 @@
----
-title: Provision and Binding Cloud Resources
----
-
-Cloud-oriented development is now becoming the norm, there is an urgent need to integrate cloud resources from different
-sources and types. Whether it is the most basic object storage, cloud database, or load balancing, it is all faced with
-the challenges of hybrid cloud, multi-cloud and other complex environments. KubeVela is perfect to satisfy the needs.
-
-KubeVela efficiently and securely integrates different types of cloud resources through resource binding capabilities in
-cloud resource Components and Traits. At present, you can directly use the default components of those cloud resources below.
-At the same time, more new cloud resources will gradually become the default option under the support of the community in the future.
-You can use cloud resources of various manufacturers in a standardized and unified way.
-
-This tutorial will talk about how to provision and consume Cloud Resources by Terraform.
-
-> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
-
-## Terraform
-
-All supported Terraform cloud resources can be seen in the [list](./cloud-resources-list). You can also filter them by command by `vela components --label type=terraform`.
-
-### Provision cloud resources
-
-Use the following Application to provision an OSS bucket:
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: provision-cloud-resource-sample
-spec:
-  components:
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with private acl, with connection information stored in a secreted named `oss-conn`.
-description, whether it's compulsory, and default value.
-
-Apply the above application, then check the status:
-
-```shell
-$ vela ls
-APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
-provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
-```
-
-After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console or by [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
-command.
-
-```shell
-$ ossutil ls oss://
-CreationTime                                 Region    StorageClass    BucketName
-2021-09-11 12:56:17 +0800 CST        oss-cn-beijing        Standard    oss://vela-website-0911
-```
-
-### Bind cloud resources
-
-Let's deploy
-the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
-below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: webapp
-spec:
-  components:
-    - name: express-server
-      type: webservice
-      properties:
-        image: zzxwill/flask-web-application:v0.3.1-crossplane
-        port: 80
-      traits:
-        - type: service-binding
-          properties:
-            envMappings:
-              # environments refer to db-conn secret
-              DB_PASSWORD:
-                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
-              endpoint:
-                secret: db-conn
-                key: DB_PUBLIC_HOS                                # 2) If the env name is different from secret key, secret key has to be set.
-              username:
-                secret: db-conn
-                key: DB_USER
-              # environments refer to oss-conn secret
-              BUCKET_NAME:
-                secret: oss-conn
-
-    - name: sample-db
-      type: alibaba-rds
-      properties:
-        instance_name: sample-db
-        account_name: oamtest
-        password: U34rfwefwefffaked
-        writeConnectionSecretToRef:
-          name: db-conn
-
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
-`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
-[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
-
-Deploy and verify the application.
-
-```shell
-$ vela ls
-APP   	COMPONENT     	TYPE       	TRAITS         	PHASE         	HEALTHY  	STATUS	CREATED-TIME
-webapp	express-server	webservice 	service-binding	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-├─    	sample-db     	alibaba-rds	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-└─    	sample-oss    	alibaba-oss	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-```
-
-```shell
-$ vela port-forward webapp
-Forwarding from 127.0.0.1:8080 -> 80
-Forwarding from [::1]:8080 -> 80
-
-Forward successfully! Opening browser ...
-```
-
-![](../../../resources/crossplane-visit-application-v3.jpg)
-
-## Next
-
-- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database)

docs/end-user/components/cloud-services/provision-and-consume-database.md

@@ -0,0 +1,82 @@
+---
+title: Provision and Binding Database
+---
+
+This tutorial will talk about how to provision and consume Alibaba Cloud RDS (and OSS) by Terraform.
+
+> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
+
+Let's deploy the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
+below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: webapp
+spec:
+  components:
+    - name: express-server
+      type: webservice
+      properties:
+        image: zzxwill/flask-web-application:v0.3.1-crossplane
+        port: 80
+      traits:
+        - type: service-binding
+          properties:
+            envMappings:
+              # environments refer to db-conn secret
+              DB_PASSWORD:
+                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
+              endpoint:
+                secret: db-conn
+                key: DB_PUBLIC_HOS                                # 2) If the env name is different from secret key, secret key has to be set.
+              username:
+                secret: db-conn
+                key: DB_USER
+              # environments refer to oss-conn secret
+              BUCKET_NAME:
+                secret: oss-conn
+
+    - name: sample-db
+      type: alibaba-rds
+      properties:
+        instance_name: sample-db
+        account_name: oamtest
+        password: U34rfwefwefffaked
+        writeConnectionSecretToRef:
+          name: db-conn
+
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
+`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
+[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
+
+Deploy and verify the application.
+
+```shell
+$ vela ls
+APP   	COMPONENT     	TYPE       	TRAITS         	PHASE         	HEALTHY  	STATUS	CREATED-TIME
+webapp	express-server	webservice 	service-binding	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+├─    	sample-db     	alibaba-rds	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+└─    	sample-oss    	alibaba-oss	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+```
+
+```shell
+$ vela port-forward webapp
+Forwarding from 127.0.0.1:8080 -> 80
+Forwarding from [::1]:8080 -> 80
+
+Forward successfully! Opening browser ...
+```
+
+![](../../../resources/crossplane-visit-application-v3.jpg)
+

docs/end-user/components/cloud-services/provision-and-initiate-database.md

@@ -111,7 +111,3 @@ Handling connection for 4000
 
 ![](https://kubevela-assets.oss-cn-beijing.aliyuncs.com/gifs/db-import-sql-sample-favorite-links.gif)
 
-## Next
-
-- [Secure your Database Connection](./secure-your-database-connection)
-- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database)

docs/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md

@@ -0,0 +1,72 @@
+---
+title: Crossplane
+---
+
+The guide [Deploy Cloud Services](../../../tutorials/consume-cloud-services) shows how to provision cloud resources by Terraform in
+CLI and VelaUX. This tutorial will talk about how to provision Cloud Resources by [Crossplane](https://crossplane.io/).
+
+Let's take cloud provider AWS as an example.
+
+## Enable addon `crossplane-aws`
+
+```shell
+$ vela addon enable crossplane-aws
+```
+
+## Authenticate AWS Provider for Crossplane
+
+Apply the application below. You can get AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+## Provision cloud resources
+
+Let's provision a S3 bucket. Please apply the application below.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: s3-poc
+spec:
+  components:
+    - name: dev
+      type: crossplane-aws-s3
+      properties:
+        name: kubevela-test-0714
+        acl: private
+        locationConstraint: us-east-1
+```
+
+After the application gets `running`, you can check the bucket by AWS [cli](https://aws.amazon.com/cli/?nc1=h_ls) or console.
+
+```shell
+$ vela ls
+APP   	COMPONENT	TYPE  	             TRAITS	PHASE  	HEALTHY	STATUS	CREATED-TIME
+s3-poc	dev      	crossplane-aws-s3	      	running	healthy	      	2022-06-16 15:37:15 +0800 CST
+
+$ aws s3 ls
+2022-06-16 15:37:17 kubevela-test-0714
+```
+
+## More
+
+All Crossplane cloud resources are defined as [ComponentDefinitions](../../../getting-started/definition) and are about
+to be delivered in Crossplane provider addons, like [crossplane-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws).
+If your requirements are not met by the addons, you can define your own component type per the instructions on 
+[how to define customized component](../../../platform-engineers/components/custom-component).

docs/end-user/components/cloud-services/secure-your-database-connection.md

@@ -2,7 +2,7 @@
 title: Secure your Database Connection
 ---
 
-In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
+In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
 a database's public host `DB_PUBLIC_HOS` is used to connect by business component. It's necessary when you want to have
 a try, create a PoC, or use the database outside a cloud provider. But it's not secure for production use of database.
 
@@ -50,6 +50,3 @@ spec:
           name: db-conn
 ```
 
-## Run application
-
-Continue samples in [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

docs/platform-engineers/addon/terraform.md

@@ -4,7 +4,7 @@ title: Extend Terraform Addon
 
 [Terraform Controller](https://github.com/kubevela/terraform-controller) is the core controller to provision and manage
 cloud resources for KubeVela. It has supported [some cloud providers](https://github.com/oam-dev/terraform-controller#supported-cloud-providers), including AWS, Azure, GCP, Alibaba Cloud,
-Tencent Cloud, etc. But only [a few](https://kubevela.io/docs/tutorials/consume-cloud-services#enabling-cloud-vendor-addons) has been supported as Terraform Addons in KubeVela.
+Tencent Cloud, etc. But only [a few](../../tutorials/consume-cloud-services#enabling-a-cloud-provider-addon) has been supported as Terraform Addons in KubeVela.
 
 This guide will show you how to extend a Terraform Addon to support your cloud provider.
 

docs/platform-engineers/components/component-terraform.md

@@ -2,9 +2,9 @@
 title: Extend Cloud Resources
 ---
 
-To enable end users to [provision and consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services),
+To enable end users to [provision and consume cloud resources](../../tutorials/consume-cloud-services),
 platform engineers need to prepare ComponentDefinitions for cloud resources if end users' requirements are beyond the
-[built-in capabilities](../../end-user/components/cloud-services/provision-and-consume-cloud-services#supported-cloud-resource-list).
+[built-in capabilities](../../tutorials/consume-cloud-services#supported-cloud-resource-list).
 
 Here is the guide to create Terraform typed ComponentDefinitions of cloud resources for cloud providers Alibaba Cloud, AWS and Azure.
 
@@ -191,7 +191,7 @@ spec:
 
 Generally, the values in the properties are aligned with the `variables` defined in the terraform module, the terraform controller will help run `terraform init`, `terraform plan` automatically and finally use the parameters defined in the properties of application component to run `terraform apply`.
 
-You can refer to scenario docs such as [Provision cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services#provision-cloud-resources) for more real use cases.
+You can refer to scenario docs such as [Provision cloud resources](../../tutorials/consume-cloud-services#provision-cloud-resources) for more real use cases.
 
 ## Generate documentation
 

docs/reference/addons/crossplane.md

@@ -0,0 +1,52 @@
+---
+title: Cloud Resources orchestrated by Crossplane
+---
+
+
+## Crossplane addon
+
+```shell
+$ vela addon enable crossplane
+```
+
+## Enable a Crossplane Provider addon
+
+KubeVela can support following cloud providers by enabling the Crossplane provider addons.
+
+```shell
+$ vela addon list | grep crossplane-
+crossplane-aws            	KubeVela	Kubernetes Crossplane Controller for AWS                                                              	[0.0.1]                      	enabled (1.0.0)                     	enabled (1.0.1)
+```
+
+To enable one of them, use the following command:
+
+```shell
+$ vela addon enable crossplane-xxx
+```
+
+You can also disable, upgrade, check status of an addon by command `vela addon`.
+
+## Authenticate Crossplane Provider
+
+Apply the application below. Let's use aws in this example, you can get `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` per [aws secret docs](https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/).
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+### Provision cloud resources
+
+After a Crossplane provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

docs/reference/addons/terraform.md

@@ -106,4 +106,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
 
 ### Provision cloud resources
 
-After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services).
+After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

docs/tutorials/consume-cloud-services.md

@@ -1,87 +1,116 @@
 ---
 title: Deploy Cloud Services
-description: This section introduces the delivery of services provided by cloud vendors through KubeVela and orchestrating your services in the Kubernetes cluster.
 ---
 
-Integrating cloud service is the most frequent need in our daily development, varying from the Object storage, Cloud
-database to LoadBalancer, Cache, or search engine. Faster to load them save more time, meanwhile, to orchestrate
-different resources from multi-cloud is quite a pain point.
+KubeVela efficiently and securely integrates different types of cloud resources in hybrid/multi-cloud environments.
 
-In this section, we introduce an example to show you how to deploy cloud services.
+You can use the integrated cloud resources as out-of-box components or integrate by Terraform or Crossplane easily.
+With the help of KubeVela, you can use cloud resources from various providers in a unified way.
 
-## Before starting
+This tutorial will mainly focus on talking about how to provision cloud resources by [Terraform](https://github.com/kubevela/terraform-controller).
+If you'd like to know more about cloud resources from [Crossplane](https://crossplane.io/), please refer to [this guide](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane).
 
-- Has a cloud vendor account with proper access to your target cloud resources
+## Provision Cloud Resources
 
-- Ensure your account has a sufficient balance
+### Prerequisites
 
-- Connect to a Kubernetes cluster on this cloud vendor for hosting your cloud services
+* Enable Terraform addon and authenticate the target cloud provider per the [instruction](../reference/addons/terraform).
 
-## Enabling a cloud provider addon
+Let's take Alibaba Cloud as an example.
 
-First, visit [VelaUX (KubeVela Dashboard)](../install#2-install-velaux), switch to the tab `Addon`, and click up addon
-`terraform-xxx`. `xxx` stands for the cloud provider name. We support the following Addons:
+### Familiar with cloud resources specification
 
-- terraform-alibaba
-- terraform-aws
-- terraform-azure
-- terraform-tencent  
-- terraform-gcp  
-- terraform-baidu  
+All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list). You can also filter them by
+command `vela components --label type=terraform`.
 
-We can provision cloud resources in Alibaba Cloud, AWS, Azure, Tencent Cloud, Google Cloud Platform and Baidu Cloud respectively.
+You can use any of the following ways to check the specification of one cloud resource.
 
-Choose the specific version and enable an addon.
+- Using command `vela show <component type name>` .
+
+```console
+$ vela show alibaba-oss
+### Properties
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+|            NAME            |                               DESCRIPTION                               |                           TYPE                            | REQUIRED | DEFAULT |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+| acl                        | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string                                                    | false    |         |
+| bucket                     | OSS bucket name                                                         | string                                                    | false    |         |
+| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to       | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false    |         |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+
+...snip...
+```
+
+You can also add flag `--web` to view the usage by a local browser.
+
+- Reading [official docs](../end-user/components/cloud-services/cloud-resources-list).
+
+For example, you can check the specification for Alibaba OSS at [here](../end-user/components/cloud-services/terraform/alibaba-oss). 
+
+For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
+
+- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
+  - `name`, specifies the name of the secret.
+  - `namespace`, specifies the namespace of the secret.
+- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
+  - `name`, specifies the name of the provider.
+- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
+- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
+
+### Provision by Creating Application
+
+Use the following Application to provision an OSS bucket:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: provision-cloud-resource-sample
+spec:
+  components:
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with `private` acl, with connection
+information stored in a secreted named `oss-conn`.
+
+Apply the above application, then check the status:
+
+```shell
+$ vela ls
+APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
+provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
+```
+
+After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console.
+
+## Provision with UI Console
+
+Provision cloud resources from UI Console can be more appropriate.
+
+### Before starting
+
+- Enable [VelaUX](../reference/addons/velaux) addon.
+
+- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
 
 ![addon-alibaba](../resources/addon-alibaba.jpg)
 
-## Authenticating the cloud provider
+### Creating your cloud service
 
-Click the tab `Platform`, and then `Integrations`. Choose `Terraform Controller Provider` to authenticate a cloud provider.
-Follow the instructions on all the properties to authenticate the provider for each cloud provider.
+The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
 
-For example, for Alibaba Cloud, you need to set the following properties:
+Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
 
-> Notice: KubeVela encrypts all the keys, hence no need to worry about its safety.
+Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
 
-![](../resources/provider-alibaba.jpg)
-
-Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
-
-The creating process of cloud services pulls configuration from GitHub. If your control plane
-cluster that runs KubeVela is very hard to connect to GitHub, please open up the `GithubBlocked` option in `terraform`
-addon.
-
-All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list).
-
-## Creating your cloud service
-
-First [create an application](../how-to/dashboard/application/create-application). Please choose the type of your cloud service,
-which has a prefix of `aws-`, `azure`, `alibaba-` or `tencent-`.
-
-For different vendors, these parameters update accordingly. 
-
-For example, `aws-s3` has the following parameters:
-
-![](../resources/aws-s3-parameters.png)
-
-`azure-database-mariadb` has the following parameters:
-
-![](../resources/azure-database-mariadb-parameters.png)
-
-`alibaba-rds` has the following parameters:
-
-![](../resources/alibaba-rds-parameters.png)
-
-All cloud resources have some common parameters.
-
-- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
-- ProviderRef: The Provider which is referenced by a cloud service
-- Region: Region is cloud provider's region. It will override `providerRef`.
-
-Set the above parameters according to your needs to complete creating the application, and then [deploy the application](../how-to/dashboard/application/deploy-application).
-
-## Viewing cloud resource creation status
+### Viewing cloud resource creation status
 
 - Check the cloud instance list
 
@@ -98,9 +127,7 @@ because the cloud service instance generation takes a certain amount of time, an
 You can visit the instance in the console of the cloud provider. For example, you can check the name or console to visit it.
 ![](../resources/application-console-link.png)
 
-For example, you can check Alibaba Cloud RDS instance in [https://console.aliyun.com](https://console.aliyun.com).
-
-![](../resources/alibaba-cloud-rds-console.png)
+It will redirect to the UI Console of the provider, in our example, resources from Alibaba Cloud will go to [https://console.aliyun.com](https://console.aliyun.com).
 
 - Check details and status of the cloud instance
 
@@ -122,3 +149,7 @@ In the last section `Component Status`, the health status and the message of the
 - The cloud service is always ProvisioningAndChecking and has no name
 
 > The creation of cloud services generally takes a certain amount of time. Please wait or enter the cloud vendor console to view the creation progress.
+
+## More
+
+For more usages of cloud resources, like how to provision and consume cloud resources, please refer to [Scenarios of Cloud Resources Management](./../end-user/components/cloud-services/cloud-resource-scenarios).

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/cloud-resource-scenarios.md

@@ -0,0 +1,16 @@
+---
+title: 概览
+description: 该部分介绍云资源管理的一些场景
+---
+
+## Provision ECS
+
+- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
+
+## 部署和使用数据库
+
+- [创建和使用云资源](../../../tutorials/consume-cloud-services)
+- [安全访问数据库](./secure-your-database-connection)
+- [RDS 实例创建多数据库](./provision-an-RDS-instance-with-more-than-one-database)
+- [数据库创建和初始化](./provision-and-initiate-database)
+

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md

@@ -2,7 +2,7 @@
 title: RDS 实例创建多数据库
 ---
 
-指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)里，在一个
+指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)里，在一个
 RDS 实例中，只创建了一个数据库。本教程将告诉你如何在一个 RDS 实例中创建多个数据库。
 
 在[阿里云 RDS 参考文档](./terraform/alibaba-rds)中，如果你想创建一个数据库，请设置`database_name`。 如果你想创建多个数据库，

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-and-consume-database.md

@@ -1,60 +1,11 @@
 ---
-title:  创建和使用云资源
+title:  创建和使用数据库
 ---
 
-在面向云开发逐渐成为范式的这个时代，我们希望集成来源不同、类型不同云资源的需求非常迫切。不管是最基本的对象存储、云数据库，还是更多的负载均衡等等，
-也面临着混合云、多云等复杂环境所带来的挑战，而 KubeVela 都可以很好满足你的需要。
-
-KubeVela 通过云资源组件（Component）和运维特征（Trait）里的资源绑定功能，高效安全地完成不同类型云资源的集成工作。目前你可以直接调用下面这些云资源默认组件。
-同时在未来，更多新的云资源也会在社区的支撑下逐渐成为默认选项，让你标准化统一地去使用各种厂商的云资源。
+本教程将介绍如何通过 Terraform 部署阿里云 RDS (和 OSS)。
 
 > ⚠️ 请确认管理员已经安装了 [云资源插件](../../../reference/addons/terraform)。
 
-## Terraform
-
-KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](./cloud-resources-list)，你也可以通过命令 `vela components --label type=terraform` 查看。
-
-### 部署云资源
-
-我们以 OSS bucket 为例展示如何部署云资源。
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: provision-cloud-resource-sample
-spec:
-  components:
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-`alibaba-oss` 类型的组件的 properties 在上面文档有清晰的描述，包括每一个 property 的名字、类型、描述、是否必填和默认值。
-
-部署应用程序并检查应用程序的状态。
-
-```shell
-$ vela ls
-APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
-provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
-```
-
-当应用程序处于 `running` 和 `healthy`状态。我们可以在阿里云控制台或通过 [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
-检查OSS bucket 是否被创建。
-
-```shell
-$ ossutil ls oss://
-CreationTime                                 Region    StorageClass    BucketName
-2021-09-11 12:56:17 +0800 CST        oss-cn-beijing        Standard    oss://vela-website-0911
-```
-
-### 消费云资源
-
 下面我们以阿里云关系型数据库（RDS）的例子，作为示例进行讲解。
 
 首先请直接复制一个编写好的应用部署计划，在命令行中执行：

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md

@@ -0,0 +1,71 @@
+---
+title: 通过 Crossplane 部署云资源
+---
+
+教程 [部署云服务](../../../tutorials/consume-cloud-services)展示了如何通过 Terraform 在 CLI 和 VelaUX 上部署云服务。
+本教程将讨论如何通过 [Crossplane](https://crossplane.io/) 部署云资源。
+
+让我们以云供应商AWS为例。
+
+## 启用插件 `crossplane-aws`
+
+```shell
+$ vela addon enable crossplane-aws
+```
+
+## 认证 Crossplane AWS Provider
+
+提交下面的应用，你可以根据 https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/ 获得 AWS_ACCESS_KEY_ID 和 AWS_SECRET_ACCESS_KEY。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+## 部署云资源
+
+我们来配置一个 S3 bucket。请提交下面的应用。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: s3-poc
+spec:
+  components:
+    - name: dev
+      type: crossplane-aws-s3
+      properties:
+        name: kubevela-test-0714
+        acl: private
+        locationConstraint: us-east-1
+```
+
+在应用程序变成 `running` 后，你可以通过 AWS [命令行](https://aws.amazon.com/cli/?nc1=h_ls) 或控制台访问该 bucket。
+
+```shell
+$ vela ls
+APP   	COMPONENT	TYPE  	             TRAITS	PHASE  	HEALTHY	STATUS	CREATED-TIME
+s3-poc	dev      	crossplane-aws-s3	      	running	healthy	      	2022-06-16 15:37:15 +0800 CST
+
+$ aws s3 ls
+2022-06-16 15:37:17 kubevela-test-0714
+```
+
+## 更多
+
+所有的 Crossplane 云资源都被定义为[ComponentDefinitions](../../../getting-started/definition)，并且即将在 Crossplane provider
+插件中交付，如 [crossplan-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws)。
+如果已有的插件不满足你的需求，你可以根据以下说明定义自己的组件类型 [how to define customized component](../../../platform-engineers/components/custom-component)。

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/secure-your-database-connection.md

@@ -2,7 +2,7 @@
 title: 安全访问数据库
 ---
 
-在指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)，业务组件
+在指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)，业务组件
 使用数据库的公网连接 `DB_PUBLIC_HOS` 来访问数据库。当你想试用，创建 PoC，或在云提供商集群之外使用数据库时，这是必要的。但是，对于数据库的生产使用来说，它是不安全的。
 
 本教程将讨论如何安全访问你的数据库。
@@ -51,4 +51,4 @@ spec:
 
 ## 执行应用
 
-你可以使用[创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。
+你可以使用[创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。

i18n/zh/docusaurus-plugin-content-docs/current/platform-engineers/components/component-terraform.md

@@ -6,7 +6,7 @@ title:  扩展云资源
 Terraform 是目前业内支持云资源最广泛也最受欢迎的组件，KubeVela 对 Terraform 进行了额外的支持，使得用户可以通过 Kubernetes CRD 的方式配合
 Terraform 使用任意的云资源。
 
-为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)，当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-cloud-services)，
+为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)，当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-database)，
 管理员需要要为云资源准备 ComponentDefinitions。
 
 以下是为云供应商阿里云、AWS 和 Azure 创建 Terraform 类型的云资源 ComponentDefinitions 的指南。
@@ -167,7 +167,7 @@ $ vela show alibaba-eip
 +-----------+-----------------------------------------------------------------------------+--------+----------+---------+
 ```
 
-如果表格能正常出来，ComponentDefinition 应该就可以工作了。更进一步，你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)创建一个实际的 EIP 来验证。
+如果表格能正常出来，ComponentDefinition 应该就可以工作了。更进一步，你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-database)创建一个实际的 EIP 来验证。
 
 ## 生成文档
 

i18n/zh/docusaurus-plugin-content-docs/current/reference/addons/terraform.md

@@ -100,4 +100,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
 
 ### 部署云资源
 
-在 Terraform provider 授权后，您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)。
+在 Terraform provider 授权后，您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)。

i18n/zh/docusaurus-plugin-content-docs/current/tutorials/consume-cloud-services.md

@@ -1,100 +1,125 @@
 ---
-title: 云服务
-description: 本文介绍通过 KubeVela 交付云厂商提供的服务，并能够与 Kubernetes 集群中的业务打通。
+title:  创建和使用云资源
 ---
 
-集成云服务是实际开发中最频繁的使用需求之一。从基础的对象存储、云数据库到负载均衡、云缓存，再到基于业务的搜索引擎等等，快速的接入云服务并便捷的使用它们可以大大降低开发成本。与此同时，由于可供选择的云服务厂商非常多，多云交付已成为未来必然形态，如何管理好接入混合云环境时各类资源之间的关系，也成为必须解决的最大挑战。
+KubeVela 可以帮助开发者集成、编排不同类型的云资源，涵盖混合多云环境，让你用统一地方式去使用不同厂商的云资源。
 
-在本文中，我们介绍一个例子，向你展示如何部署云服务。
+本教程将主要集中在通过 Terraform 插件创建云资源，KubeVela 也支持使用 [Crossplane](https://crossplane.io/)，你可以参考[这个教程](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane)。
 
-## 开始之前
+## 通过 Vela CLI 创建云资源
 
-- 拥有一个能适当权限访问你的目标云资源的云供应商账户
+请平台工程师启用云资源 Terraform 插件并授权目标云服务商的认证信息。
+我们将使用阿里云作为示例。
 
-- 确保云账号具有足够的费用。
+### 熟悉云资源的使用参数
 
-- 对接一个处在同一个云上的 Kubernetes 集群，用以验证云服务的正常开通与使用。
+KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)，你也可以通过命令 `vela components --label type=terraform` 查看。
 
-## 开启对应云服务商的插件
+你可以使用一下任意方式来检查云资源的使用参数：
 
-首先，访问[VelaUX (KubeVela Dashboard)](../install#3-安装-VelaUX)，切换到 "Addon" 标签，并点击 addon
-`terraform-xxx`。`xxx`代表云提供商的名称。我们支持以下的插件：
+- 通过命令 `vela show <component type name>`。
 
-- terraform-alibaba
-- terraform-aws
-- terraform-azure
-- terraform-tencent  
-- terraform-gcp  
-- terraform-baidu  
+```console
+$ vela show alibaba-oss
+### Properties
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+|            NAME            |                               DESCRIPTION                               |                           TYPE                            | REQUIRED | DEFAULT |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+| acl                        | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string                                                    | false    |         |
+| bucket                     | OSS bucket name                                                         | string                                                    | false    |         |
+| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to       | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false    |         |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
 
-我们可以分别在阿里云、AWS、Azure、腾讯云、Google Cloud Platform和百度云配置云资源。
+...snip...
+```
 
-选择对应的插件版本并启用该插件。
+你也可以使用 `--web` 参数来在本地浏览器中查看使用说明。
+
+- 阅读 [官网文档](http://kubevela.net/docs/end-user/components/cloud-services/cloud-resources-list).
+
+比如，你可以在[这里](http://kubevela.net/docs/end-user/components/cloud-services/terraform/alibaba-oss)查看阿里云 OSS 的使用参数。
+
+
+For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
+
+- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
+  - `name`, specifies the name of the secret.
+  - `namespace`, specifies the namespace of the secret.
+- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
+  - `name`, specifies the name of the provider.
+- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
+- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
+
+
+### 部署云资源
+
+我们以 OSS bucket 为例展示如何部署云资源。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: provision-cloud-resource-sample
+spec:
+  components:
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+`alibaba-oss` 类型的组件的参数在上面文档有清晰的描述，包括每一个 property 的名字、类型、描述、是否必填和默认值。
+
+部署应用程序并检查应用程序的状态。
+
+```shell
+$ vela ls
+APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
+provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
+```
+
+当应用程序处于 `running` 和 `healthy`状态。你也可以在阿里云控制台查看。
+
+## 通过 UI 控制台查看
+
+除了命令行以外，使用 UI 控制台也可以很方便的创建云资源。
+
+### 开始之前
+
+- Enable [VelaUX](../reference/addons/velaux) addon.
+
+- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
 
 ![addon-alibaba](../resources/addon-alibaba.jpg)
 
-## 认证云服务商的插件
+### Creating your cloud service
 
-点击菜单 `Platform` 后再点击 `集成配置`，选择 `Terraform Controller Provider` 来认证一个云服务商的插件。
+The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
 
-按照每个云提供商的插件的所有属性上的说明来设置插件并启用它。
+Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
 
-例如，对于阿里巴巴云，你需要设置以下属性：
-> 注意。KubeVela对所有的密钥进行了加密，因此不必担心它的安全问题。
+Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
 
-![](../resources/provider-alibaba.jpg)
-
-然后填写你的ALICLOUD_ACCESS_KEY，ALICLOUD_REGION，和ALICLOUD_SECRET_KEY来启用它。
-
-云服务的创建过程会从GitHub中提取配置。如果你的控制平面 运行KubeVela的集群很难连接到GitHub，请在`terraform`插件中打开`GithubBlocked`选项。
-
-KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)。
-
-## 创建你的云服务
-
-首先[创建一个应用程序](../how-to/dashboard/application/create-application)。请选择你的云服务的类型。
-其前缀为`aws-`、`azure`、`alibaba-`或 `tencent-`。
-
-对于不同的供应商，这些参数会相应更新。
-
-例如，`aws-s3` 有以下参数。
-
-![](../resources/aws-s3-parameters.png)
-
-`azure-database-mariadb` 有以下参数。
-
-![](../resources/azure-database-mariadb-parameters.png)
-
-`alibaba-rds` 有以下参数。
-
-![](../resources/alibaba-rds-parameters.png)
-
-所有的云资源都有一些共同的参数。
-
-- DeleteResource：当应用程序被删除时，是否要删除相应的云服务
-- ProviderRef：被云服务引用的提供者。
-- Region：Region是云提供商的区域。它将覆盖`providerRef`。
-
-根据你的需要设置上述参数，完成应用程序的创建，然后[部署应用程序](../how-to/dashboard/application/deploy-application)。
-
-## 查看云资源创建状态
+### Viewing cloud resource creation status
 
 - 查看云实例列表
 
-与其他应用程序一样，云服务应用程序也需要切换到相应的环境页面来查看实例信息。 默认情况下，一个环境中有多个目标，云服务会生成相应数量的实例。
+与其他应用程序一样，云服务应用程序也需要切换到相应的环境页面来查看实例信息。默认情况下，一个环境中有多个目标，云服务会生成相应数量的实例。
 
-![rds-inststances](../resources/rds-instances.jpg)
+![rds-instances](../resources/rds-instances.jpg)
 
 在实例列表中，会显示实例名称、状态、资源类型和位置。在开始时，名称是空的。 因为云服务实例的生成需要一定的时间，当实例正常生成后，名称会出现。
 
 - 在云提供商的控制台中查看云资源
 
 您可以在云提供商的控制台中访问该实例。例如，您可以检查名称或控制台来访问它。
+
 ![](../resources/application-console-link.png)
 
-例如，你可以在[https://console.aliyun.com](https://console.aliyun.com)中查看阿里巴巴云RDS实例。
-
-![](../resources/alibaba-cloud-rds-console.png)
+创建出的云资源也会自动跳转到云资源的官方网站控制台，例如，这里的云资源会自动跳转到阿里云官网的 RDS 实例控制台。
 
 - 检查云实例的细节和状态
 
@@ -114,3 +139,7 @@ KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/c
 - 云服务一直处在 ProvisioningAndChecking 状态，且无名称。
 
 > 云服务的创建一般需要一定时间，请等候或者进入云厂商控制台查看创建进度。
+
+# 更多
+
+更多云资源使用方法，比如如何使用和消费云资源，请参见[云资源管理场景](../end-user/components/cloud-services/cloud-resource-scenarios)。

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/cloud-resource-scenarios.md

@@ -0,0 +1,16 @@
+---
+title: 概览
+description: 该部分介绍云资源管理的一些场景
+---
+
+## Provision ECS
+
+- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
+
+## 部署和使用数据库
+
+- [创建和使用云资源](../../../tutorials/consume-cloud-services)
+- [安全访问数据库](./secure-your-database-connection)
+- [RDS 实例创建多数据库](./provision-an-RDS-instance-with-more-than-one-database)
+- [数据库创建和初始化](./provision-and-initiate-database)
+

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md

@@ -2,7 +2,7 @@
 title: RDS 实例创建多数据库
 ---
 
-指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)里，在一个
+指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)里，在一个
 RDS 实例中，只创建了一个数据库。本教程将告诉你如何在一个 RDS 实例中创建多个数据库。
 
 在[阿里云 RDS 参考文档](./terraform/alibaba-rds)中，如果你想创建一个数据库，请设置`database_name`。 如果你想创建多个数据库，

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-database.md

@@ -1,60 +1,11 @@
 ---
-title:  创建和使用云资源
+title:  创建和使用数据库
 ---
 
-在面向云开发逐渐成为范式的这个时代，我们希望集成来源不同、类型不同云资源的需求非常迫切。不管是最基本的对象存储、云数据库，还是更多的负载均衡等等，
-也面临着混合云、多云等复杂环境所带来的挑战，而 KubeVela 都可以很好满足你的需要。
-
-KubeVela 通过云资源组件（Component）和运维特征（Trait）里的资源绑定功能，高效安全地完成不同类型云资源的集成工作。目前你可以直接调用下面这些云资源默认组件。
-同时在未来，更多新的云资源也会在社区的支撑下逐渐成为默认选项，让你标准化统一地去使用各种厂商的云资源。
+本教程将介绍如何通过 Terraform 部署阿里云 RDS (和 OSS)。
 
 > ⚠️ 请确认管理员已经安装了 [云资源插件](../../../reference/addons/terraform)。
 
-## Terraform
-
-KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](./cloud-resources-list)，你也可以通过命令 `vela components --label type=terraform` 查看。
-
-### 部署云资源
-
-我们以 OSS bucket 为例展示如何部署云资源。
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: provision-cloud-resource-sample
-spec:
-  components:
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-`alibaba-oss` 类型的组件的 properties 在上面文档有清晰的描述，包括每一个 property 的名字、类型、描述、是否必填和默认值。
-
-部署应用程序并检查应用程序的状态。
-
-```shell
-$ vela ls
-APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
-provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
-```
-
-当应用程序处于 `running` 和 `healthy`状态。我们可以在阿里云控制台或通过 [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
-检查OSS bucket 是否被创建。
-
-```shell
-$ ossutil ls oss://
-CreationTime                                 Region    StorageClass    BucketName
-2021-09-11 12:56:17 +0800 CST        oss-cn-beijing        Standard    oss://vela-website-0911
-```
-
-### 消费云资源
-
 下面我们以阿里云关系型数据库（RDS）的例子，作为示例进行讲解。
 
 首先请直接复制一个编写好的应用部署计划，在命令行中执行：

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md

@@ -0,0 +1,71 @@
+---
+title: 通过 Crossplane 部署云资源
+---
+
+教程 [部署云服务](../../../tutorials/consume-cloud-services)展示了如何通过 Terraform 在 CLI 和 VelaUX 上部署云服务。
+本教程将讨论如何通过 [Crossplane](https://crossplane.io/) 部署云资源。
+
+让我们以云供应商AWS为例。
+
+## 启用插件 `crossplane-aws`
+
+```shell
+$ vela addon enable crossplane-aws
+```
+
+## 认证 Crossplane AWS Provider
+
+提交下面的应用，你可以根据 https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/ 获得 AWS_ACCESS_KEY_ID 和 AWS_SECRET_ACCESS_KEY。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+## 部署云资源
+
+我们来配置一个 S3 bucket。请提交下面的应用。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: s3-poc
+spec:
+  components:
+    - name: dev
+      type: crossplane-aws-s3
+      properties:
+        name: kubevela-test-0714
+        acl: private
+        locationConstraint: us-east-1
+```
+
+在应用程序变成 `running` 后，你可以通过 AWS [命令行](https://aws.amazon.com/cli/?nc1=h_ls) 或控制台访问该 bucket。
+
+```shell
+$ vela ls
+APP   	COMPONENT	TYPE  	             TRAITS	PHASE  	HEALTHY	STATUS	CREATED-TIME
+s3-poc	dev      	crossplane-aws-s3	      	running	healthy	      	2022-06-16 15:37:15 +0800 CST
+
+$ aws s3 ls
+2022-06-16 15:37:17 kubevela-test-0714
+```
+
+## 更多
+
+所有的 Crossplane 云资源都被定义为[ComponentDefinitions](../../../getting-started/definition)，并且即将在 Crossplane provider
+插件中交付，如 [crossplan-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws)。
+如果已有的插件不满足你的需求，你可以根据以下说明定义自己的组件类型 [how to define customized component](../../../platform-engineers/components/custom-component)。

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/secure-your-database-connection.md

@@ -2,7 +2,7 @@
 title: 安全访问数据库
 ---
 
-在指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)，业务组件
+在指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)，业务组件
 使用数据库的公网连接 `DB_PUBLIC_HOS` 来访问数据库。当你想试用，创建 PoC，或在云提供商集群之外使用数据库时，这是必要的。但是，对于数据库的生产使用来说，它是不安全的。
 
 本教程将讨论如何安全访问你的数据库。
@@ -51,4 +51,4 @@ spec:
 
 ## 执行应用
 
-你可以使用[创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。
+你可以使用[创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/platform-engineers/components/component-terraform.md

@@ -6,7 +6,7 @@ title:  扩展云资源
 Terraform 是目前业内支持云资源最广泛也最受欢迎的组件，KubeVela 对 Terraform 进行了额外的支持，使得用户可以通过 Kubernetes CRD 的方式配合
 Terraform 使用任意的云资源。
 
-为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)，当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-cloud-services)，
+为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)，当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-database)，
 管理员需要要为云资源准备 ComponentDefinitions。
 
 以下是为云供应商阿里云、AWS 和 Azure 创建 Terraform 类型的云资源 ComponentDefinitions 的指南。
@@ -167,7 +167,7 @@ $ vela show alibaba-eip
 +-----------+-----------------------------------------------------------------------------+--------+----------+---------+
 ```
 
-如果表格能正常出来，ComponentDefinition 应该就可以工作了。更进一步，你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)创建一个实际的 EIP 来验证。
+如果表格能正常出来，ComponentDefinition 应该就可以工作了。更进一步，你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-database)创建一个实际的 EIP 来验证。
 
 ## 生成文档
 

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/reference/addons/terraform.md

@@ -100,4 +100,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
 
 ### 部署云资源
 
-在 Terraform provider 授权后，您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)。
+在 Terraform provider 授权后，您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)。

i18n/zh/docusaurus-plugin-content-docs/version-v1.4/tutorials/consume-cloud-services.md

@@ -1,100 +1,125 @@
 ---
-title: 云服务
-description: 本文介绍通过 KubeVela 交付云厂商提供的服务，并能够与 Kubernetes 集群中的业务打通。
+title:  创建和使用云资源
 ---
 
-集成云服务是实际开发中最频繁的使用需求之一。从基础的对象存储、云数据库到负载均衡、云缓存，再到基于业务的搜索引擎等等，快速的接入云服务并便捷的使用它们可以大大降低开发成本。与此同时，由于可供选择的云服务厂商非常多，多云交付已成为未来必然形态，如何管理好接入混合云环境时各类资源之间的关系，也成为必须解决的最大挑战。
+KubeVela 可以帮助开发者集成、编排不同类型的云资源，涵盖混合多云环境，让你用统一地方式去使用不同厂商的云资源。
 
-在本文中，我们介绍一个例子，向你展示如何部署云服务。
+本教程将主要集中在通过 Terraform 插件创建云资源，KubeVela 也支持使用 [Crossplane](https://crossplane.io/)，你可以参考[这个教程](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane)。
 
-## 开始之前
+## 通过 Vela CLI 创建云资源
 
-- 拥有一个能适当权限访问你的目标云资源的云供应商账户
+请平台工程师启用云资源 Terraform 插件并授权目标云服务商的认证信息。
+我们将使用阿里云作为示例。
 
-- 确保云账号具有足够的费用。
+### 熟悉云资源的使用参数
 
-- 对接一个处在同一个云上的 Kubernetes 集群，用以验证云服务的正常开通与使用。
+KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)，你也可以通过命令 `vela components --label type=terraform` 查看。
 
-## 开启对应云服务商的插件
+你可以使用一下任意方式来检查云资源的使用参数：
 
-首先，访问[VelaUX (KubeVela Dashboard)](../install#3-安装-VelaUX)，切换到 "Addon" 标签，并点击 addon
-`terraform-xxx`。`xxx`代表云提供商的名称。我们支持以下的插件：
+- 通过命令 `vela show <component type name>`。
 
-- terraform-alibaba
-- terraform-aws
-- terraform-azure
-- terraform-tencent  
-- terraform-gcp  
-- terraform-baidu  
+```console
+$ vela show alibaba-oss
+### Properties
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+|            NAME            |                               DESCRIPTION                               |                           TYPE                            | REQUIRED | DEFAULT |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+| acl                        | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string                                                    | false    |         |
+| bucket                     | OSS bucket name                                                         | string                                                    | false    |         |
+| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to       | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false    |         |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
 
-我们可以分别在阿里云、AWS、Azure、腾讯云、Google Cloud Platform和百度云配置云资源。
+...snip...
+```
 
-选择对应的插件版本并启用该插件。
+你也可以使用 `--web` 参数来在本地浏览器中查看使用说明。
+
+- 阅读 [官网文档](http://kubevela.net/docs/end-user/components/cloud-services/cloud-resources-list).
+
+比如，你可以在[这里](http://kubevela.net/docs/end-user/components/cloud-services/terraform/alibaba-oss)查看阿里云 OSS 的使用参数。
+
+
+For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
+
+- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
+  - `name`, specifies the name of the secret.
+  - `namespace`, specifies the namespace of the secret.
+- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
+  - `name`, specifies the name of the provider.
+- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
+- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
+
+
+### 部署云资源
+
+我们以 OSS bucket 为例展示如何部署云资源。
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: provision-cloud-resource-sample
+spec:
+  components:
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+`alibaba-oss` 类型的组件的参数在上面文档有清晰的描述，包括每一个 property 的名字、类型、描述、是否必填和默认值。
+
+部署应用程序并检查应用程序的状态。
+
+```shell
+$ vela ls
+APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
+provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
+```
+
+当应用程序处于 `running` 和 `healthy`状态。你也可以在阿里云控制台查看。
+
+## 通过 UI 控制台查看
+
+除了命令行以外，使用 UI 控制台也可以很方便的创建云资源。
+
+### 开始之前
+
+- Enable [VelaUX](../reference/addons/velaux) addon.
+
+- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
 
 ![addon-alibaba](../resources/addon-alibaba.jpg)
 
-## 认证云服务商的插件
+### Creating your cloud service
 
-点击菜单 `Platform` 后再点击 `集成配置`，选择 `Terraform Controller Provider` 来认证一个云服务商的插件。
+The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
 
-按照每个云提供商的插件的所有属性上的说明来设置插件并启用它。
+Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
 
-例如，对于阿里巴巴云，你需要设置以下属性：
-> 注意。KubeVela对所有的密钥进行了加密，因此不必担心它的安全问题。
+Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
 
-![](../resources/provider-alibaba.jpg)
-
-然后填写你的ALICLOUD_ACCESS_KEY，ALICLOUD_REGION，和ALICLOUD_SECRET_KEY来启用它。
-
-云服务的创建过程会从GitHub中提取配置。如果你的控制平面 运行KubeVela的集群很难连接到GitHub，请在`terraform`插件中打开`GithubBlocked`选项。
-
-KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)。
-
-## 创建你的云服务
-
-首先[创建一个应用程序](../how-to/dashboard/application/create-application)。请选择你的云服务的类型。
-其前缀为`aws-`、`azure`、`alibaba-`或 `tencent-`。
-
-对于不同的供应商，这些参数会相应更新。
-
-例如，`aws-s3` 有以下参数。
-
-![](../resources/aws-s3-parameters.png)
-
-`azure-database-mariadb` 有以下参数。
-
-![](../resources/azure-database-mariadb-parameters.png)
-
-`alibaba-rds` 有以下参数。
-
-![](../resources/alibaba-rds-parameters.png)
-
-所有的云资源都有一些共同的参数。
-
-- DeleteResource：当应用程序被删除时，是否要删除相应的云服务
-- ProviderRef：被云服务引用的提供者。
-- Region：Region是云提供商的区域。它将覆盖`providerRef`。
-
-根据你的需要设置上述参数，完成应用程序的创建，然后[部署应用程序](../how-to/dashboard/application/deploy-application)。
-
-## 查看云资源创建状态
+### Viewing cloud resource creation status
 
 - 查看云实例列表
 
-与其他应用程序一样，云服务应用程序也需要切换到相应的环境页面来查看实例信息。 默认情况下，一个环境中有多个目标，云服务会生成相应数量的实例。
+与其他应用程序一样，云服务应用程序也需要切换到相应的环境页面来查看实例信息。默认情况下，一个环境中有多个目标，云服务会生成相应数量的实例。
 
-![rds-inststances](../resources/rds-instances.jpg)
+![rds-instances](../resources/rds-instances.jpg)
 
 在实例列表中，会显示实例名称、状态、资源类型和位置。在开始时，名称是空的。 因为云服务实例的生成需要一定的时间，当实例正常生成后，名称会出现。
 
 - 在云提供商的控制台中查看云资源
 
 您可以在云提供商的控制台中访问该实例。例如，您可以检查名称或控制台来访问它。
+
 ![](../resources/application-console-link.png)
 
-例如，你可以在[https://console.aliyun.com](https://console.aliyun.com)中查看阿里巴巴云RDS实例。
-
-![](../resources/alibaba-cloud-rds-console.png)
+创建出的云资源也会自动跳转到云资源的官方网站控制台，例如，这里的云资源会自动跳转到阿里云官网的 RDS 实例控制台。
 
 - 检查云实例的细节和状态
 
@@ -114,3 +139,7 @@ KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/c
 - 云服务一直处在 ProvisioningAndChecking 状态，且无名称。
 
 > 云服务的创建一般需要一定时间，请等候或者进入云厂商控制台查看创建进度。
+
+# 更多
+
+更多云资源使用方法，比如如何使用和消费云资源，请参见[云资源管理场景](../end-user/components/cloud-services/cloud-resource-scenarios)。

sidebars.js

@@ -52,13 +52,18 @@ module.exports = {
           items: [
             'tutorials/consume-cloud-services',
             {
-              'Manage Database': [
-                'end-user/components/cloud-services/provision-and-consume-cloud-services',
+              type: 'category',
+              label: 'Terraform',
+              collapsed: false,
+              items: [
+                'end-user/components/cloud-services/cloud-resource-scenarios',
+                'end-user/components/cloud-services/provision-and-consume-database',
                 'end-user/components/cloud-services/provision-and-initiate-database',
                 'end-user/components/cloud-services/secure-your-database-connection',
-                'end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database',
+                'end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database'
               ],
             },
+            "end-user/components/cloud-services/provision-cloud-resources-by-crossplane",
           ],
         },
         {
@@ -249,7 +254,12 @@ module.exports = {
             'reference/addons/velaux',
             'reference/addons/rollout',
             'reference/addons/fluxcd',
-            'reference/addons/terraform',
+            {
+              "Cloud Resources": [
+                'reference/addons/terraform',
+                'reference/addons/crossplane',
+              ]
+            },
             'reference/addons/ai',
             'reference/addons/traefik',
             'reference/addons/cert-manager',

versioned_docs/version-v1.4/end-user/components/cloud-services/cloud-resource-scenarios.md

@@ -0,0 +1,18 @@
+---
+title: Overview
+description: This section introduces some scenarios of cloud resources management
+---
+
+Here're the scenarios KubeVela already supported by Using Terraform.
+
+## Provision ECS
+
+- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
+
+## Provision and use databases
+
+- [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services).
+- [Secure your Database Connection](./secure-your-database-connection).
+- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database).
+- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).
+

versioned_docs/version-v1.4/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md

@@ -2,7 +2,7 @@
 title: Provision an RDS instance with more than one database
 ---
 
-In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
+In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
 only one database will be created in an RDS instance. This tutorial will show you how to create more than one database in an RDS instance.
 
 In the [reference doc for Alibaba Cloud RDS](./terraform/alibaba-rds), set `database_name` if you want to create one database.

versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-cloud-services.md

@@ -1,141 +0,0 @@
----
-title: Provision and Binding Cloud Resources
----
-
-Cloud-oriented development is now becoming the norm, there is an urgent need to integrate cloud resources from different
-sources and types. Whether it is the most basic object storage, cloud database, or load balancing, it is all faced with
-the challenges of hybrid cloud, multi-cloud and other complex environments. KubeVela is perfect to satisfy the needs.
-
-KubeVela efficiently and securely integrates different types of cloud resources through resource binding capabilities in
-cloud resource Components and Traits. At present, you can directly use the default components of those cloud resources below.
-At the same time, more new cloud resources will gradually become the default option under the support of the community in the future.
-You can use cloud resources of various manufacturers in a standardized and unified way.
-
-This tutorial will talk about how to provision and consume Cloud Resources by Terraform.
-
-> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
-
-## Terraform
-
-All supported Terraform cloud resources can be seen in the [list](./cloud-resources-list). You can also filter them by command by `vela components --label type=terraform`.
-
-### Provision cloud resources
-
-Use the following Application to provision an OSS bucket:
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: provision-cloud-resource-sample
-spec:
-  components:
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with private acl, with connection information stored in a secreted named `oss-conn`.
-description, whether it's compulsory, and default value.
-
-Apply the above application, then check the status:
-
-```shell
-$ vela ls
-APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
-provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
-```
-
-After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console or by [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
-command.
-
-```shell
-$ ossutil ls oss://
-CreationTime                                 Region    StorageClass    BucketName
-2021-09-11 12:56:17 +0800 CST        oss-cn-beijing        Standard    oss://vela-website-0911
-```
-
-### Bind cloud resources
-
-Let's deploy
-the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
-below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
-
-```yaml
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  name: webapp
-spec:
-  components:
-    - name: express-server
-      type: webservice
-      properties:
-        image: zzxwill/flask-web-application:v0.3.1-crossplane
-        port: 80
-      traits:
-        - type: service-binding
-          properties:
-            envMappings:
-              # environments refer to db-conn secret
-              DB_PASSWORD:
-                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
-              endpoint:
-                secret: db-conn
-                key: DB_PUBLIC_HOS                                # 2) If the env name is different from secret key, secret key has to be set.
-              username:
-                secret: db-conn
-                key: DB_USER
-              # environments refer to oss-conn secret
-              BUCKET_NAME:
-                secret: oss-conn
-
-    - name: sample-db
-      type: alibaba-rds
-      properties:
-        instance_name: sample-db
-        account_name: oamtest
-        password: U34rfwefwefffaked
-        writeConnectionSecretToRef:
-          name: db-conn
-
-    - name: sample-oss
-      type: alibaba-oss
-      properties:
-        bucket: vela-website-0911
-        acl: private
-        writeConnectionSecretToRef:
-          name: oss-conn
-```
-
-The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
-`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
-[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
-
-Deploy and verify the application.
-
-```shell
-$ vela ls
-APP   	COMPONENT     	TYPE       	TRAITS         	PHASE         	HEALTHY  	STATUS	CREATED-TIME
-webapp	express-server	webservice 	service-binding	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-├─    	sample-db     	alibaba-rds	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-└─    	sample-oss    	alibaba-oss	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
-```
-
-```shell
-$ vela port-forward webapp
-Forwarding from 127.0.0.1:8080 -> 80
-Forwarding from [::1]:8080 -> 80
-
-Forward successfully! Opening browser ...
-```
-
-![](../../../resources/crossplane-visit-application-v3.jpg)
-
-## Next
-
-- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database)

versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-database.md

@@ -0,0 +1,82 @@
+---
+title: Provision and Binding Database
+---
+
+This tutorial will talk about how to provision and consume Alibaba Cloud RDS (and OSS) by Terraform.
+
+> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
+
+Let's deploy the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
+below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: webapp
+spec:
+  components:
+    - name: express-server
+      type: webservice
+      properties:
+        image: zzxwill/flask-web-application:v0.3.1-crossplane
+        port: 80
+      traits:
+        - type: service-binding
+          properties:
+            envMappings:
+              # environments refer to db-conn secret
+              DB_PASSWORD:
+                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
+              endpoint:
+                secret: db-conn
+                key: DB_PUBLIC_HOS                                # 2) If the env name is different from secret key, secret key has to be set.
+              username:
+                secret: db-conn
+                key: DB_USER
+              # environments refer to oss-conn secret
+              BUCKET_NAME:
+                secret: oss-conn
+
+    - name: sample-db
+      type: alibaba-rds
+      properties:
+        instance_name: sample-db
+        account_name: oamtest
+        password: U34rfwefwefffaked
+        writeConnectionSecretToRef:
+          name: db-conn
+
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
+`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
+[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
+
+Deploy and verify the application.
+
+```shell
+$ vela ls
+APP   	COMPONENT     	TYPE       	TRAITS         	PHASE         	HEALTHY  	STATUS	CREATED-TIME
+webapp	express-server	webservice 	service-binding	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+├─    	sample-db     	alibaba-rds	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+└─    	sample-oss    	alibaba-oss	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+```
+
+```shell
+$ vela port-forward webapp
+Forwarding from 127.0.0.1:8080 -> 80
+Forwarding from [::1]:8080 -> 80
+
+Forward successfully! Opening browser ...
+```
+
+![](../../../resources/crossplane-visit-application-v3.jpg)
+

versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-initiate-database.md

@@ -111,7 +111,3 @@ Handling connection for 4000
 
 ![](https://kubevela-assets.oss-cn-beijing.aliyuncs.com/gifs/db-import-sql-sample-favorite-links.gif)
 
-## Next
-
-- [Secure your Database Connection](./secure-your-database-connection)
-- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database)

versioned_docs/version-v1.4/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md

@@ -0,0 +1,72 @@
+---
+title: Crossplane
+---
+
+The guide [Deploy Cloud Services](../../../tutorials/consume-cloud-services) shows how to provision cloud resources by Terraform in
+CLI and VelaUX. This tutorial will talk about how to provision Cloud Resources by [Crossplane](https://crossplane.io/).
+
+Let's take cloud provider AWS as an example.
+
+## Enable addon `crossplane-aws`
+
+```shell
+$ vela addon enable crossplane-aws
+```
+
+## Authenticate AWS Provider for Crossplane
+
+Apply the application below. You can get AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+## Provision cloud resources
+
+Let's provision a S3 bucket. Please apply the application below.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: s3-poc
+spec:
+  components:
+    - name: dev
+      type: crossplane-aws-s3
+      properties:
+        name: kubevela-test-0714
+        acl: private
+        locationConstraint: us-east-1
+```
+
+After the application gets `running`, you can check the bucket by AWS [cli](https://aws.amazon.com/cli/?nc1=h_ls) or console.
+
+```shell
+$ vela ls
+APP   	COMPONENT	TYPE  	             TRAITS	PHASE  	HEALTHY	STATUS	CREATED-TIME
+s3-poc	dev      	crossplane-aws-s3	      	running	healthy	      	2022-06-16 15:37:15 +0800 CST
+
+$ aws s3 ls
+2022-06-16 15:37:17 kubevela-test-0714
+```
+
+## More
+
+All Crossplane cloud resources are defined as [ComponentDefinitions](../../../getting-started/definition) and are about
+to be delivered in Crossplane provider addons, like [crossplane-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws).
+If your requirements are not met by the addons, you can define your own component type per the instructions on 
+[how to define customized component](../../../platform-engineers/components/custom-component).

versioned_docs/version-v1.4/end-user/components/cloud-services/secure-your-database-connection.md

@@ -2,7 +2,7 @@
 title: Secure your Database Connection
 ---
 
-In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
+In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
 a database's public host `DB_PUBLIC_HOS` is used to connect by business component. It's necessary when you want to have
 a try, create a PoC, or use the database outside a cloud provider. But it's not secure for production use of database.
 
@@ -50,6 +50,3 @@ spec:
           name: db-conn
 ```
 
-## Run application
-
-Continue samples in [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

versioned_docs/version-v1.4/platform-engineers/addon/terraform.md

@@ -4,7 +4,7 @@ title: Extend Terraform Addon
 
 [Terraform Controller](https://github.com/kubevela/terraform-controller) is the core controller to provision and manage
 cloud resources for KubeVela. It has supported [some cloud providers](https://github.com/oam-dev/terraform-controller#supported-cloud-providers), including AWS, Azure, GCP, Alibaba Cloud,
-Tencent Cloud, etc. But only [a few](https://kubevela.io/docs/tutorials/consume-cloud-services#enabling-cloud-vendor-addons) has been supported as Terraform Addons in KubeVela.
+Tencent Cloud, etc. But only [a few](../../tutorials/consume-cloud-services#enabling-a-cloud-provider-addon) has been supported as Terraform Addons in KubeVela.
 
 This guide will show you how to extend a Terraform Addon to support your cloud provider.
 

versioned_docs/version-v1.4/platform-engineers/components/component-terraform.md

@@ -2,9 +2,9 @@
 title: Extend Cloud Resources
 ---
 
-To enable end users to [provision and consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services),
+To enable end users to [provision and consume cloud resources](../../tutorials/consume-cloud-services),
 platform engineers need to prepare ComponentDefinitions for cloud resources if end users' requirements are beyond the
-[built-in capabilities](../../end-user/components/cloud-services/provision-and-consume-cloud-services#supported-cloud-resource-list).
+[built-in capabilities](../../tutorials/consume-cloud-services#supported-cloud-resource-list).
 
 Here is the guide to create Terraform typed ComponentDefinitions of cloud resources for cloud providers Alibaba Cloud, AWS and Azure.
 
@@ -191,7 +191,7 @@ spec:
 
 Generally, the values in the properties are aligned with the `variables` defined in the terraform module, the terraform controller will help run `terraform init`, `terraform plan` automatically and finally use the parameters defined in the properties of application component to run `terraform apply`.
 
-You can refer to scenario docs such as [Provision cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services#provision-cloud-resources) for more real use cases.
+You can refer to scenario docs such as [Provision cloud resources](../../tutorials/consume-cloud-services#provision-cloud-resources) for more real use cases.
 
 ## Generate documentation
 

versioned_docs/version-v1.4/reference/addons/crossplane.md

@@ -0,0 +1,52 @@
+---
+title: Cloud Resources orchestrated by Crossplane
+---
+
+
+## Crossplane addon
+
+```shell
+$ vela addon enable crossplane
+```
+
+## Enable a Crossplane Provider addon
+
+KubeVela can support following cloud providers by enabling the Crossplane provider addons.
+
+```shell
+$ vela addon list | grep crossplane-
+crossplane-aws            	KubeVela	Kubernetes Crossplane Controller for AWS                                                              	[0.0.1]                      	enabled (1.0.0)                     	enabled (1.0.1)
+```
+
+To enable one of them, use the following command:
+
+```shell
+$ vela addon enable crossplane-xxx
+```
+
+You can also disable, upgrade, check status of an addon by command `vela addon`.
+
+## Authenticate Crossplane Provider
+
+Apply the application below. Let's use aws in this example, you can get `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` per [aws secret docs](https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/).
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: aws
+  namespace: vela-system
+spec:
+  components:
+    - name: aws
+      type: crossplane-aws
+      properties:
+        name: aws
+        AWS_ACCESS_KEY_ID: xxx
+        AWS_SECRET_ACCESS_KEY: yyy
+
+```
+
+### Provision cloud resources
+
+After a Crossplane provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

versioned_docs/version-v1.4/reference/addons/terraform.md

@@ -106,4 +106,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
 
 ### Provision cloud resources
 
-After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services).
+After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

versioned_docs/version-v1.4/tutorials/consume-cloud-services.md

@@ -1,87 +1,116 @@
 ---
 title: Deploy Cloud Services
-description: This section introduces the delivery of services provided by cloud vendors through KubeVela and orchestrating your services in the Kubernetes cluster.
 ---
 
-Integrating cloud service is the most frequent need in our daily development, varying from the Object storage, Cloud
-database to LoadBalancer, Cache, or search engine. Faster to load them save more time, meanwhile, to orchestrate
-different resources from multi-cloud is quite a pain point.
+KubeVela efficiently and securely integrates different types of cloud resources in hybrid/multi-cloud environments.
 
-In this section, we introduce an example to show you how to deploy cloud services.
+You can use the integrated cloud resources as out-of-box components or integrate by Terraform or Crossplane easily.
+With the help of KubeVela, you can use cloud resources from various providers in a unified way.
 
-## Before starting
+This tutorial will mainly focus on talking about how to provision cloud resources by [Terraform](https://github.com/kubevela/terraform-controller).
+If you'd like to know more about cloud resources from [Crossplane](https://crossplane.io/), please refer to [this guide](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane).
 
-- Has a cloud vendor account with proper access to your target cloud resources
+## Provision Cloud Resources
 
-- Ensure your account has a sufficient balance
+### Prerequisites
 
-- Connect to a Kubernetes cluster on this cloud vendor for hosting your cloud services
+* Enable Terraform addon and authenticate the target cloud provider per the [instruction](../reference/addons/terraform).
 
-## Enabling a cloud provider addon
+Let's take Alibaba Cloud as an example.
 
-First, visit [VelaUX (KubeVela Dashboard)](../install#2-install-velaux), switch to the tab `Addon`, and click up addon
-`terraform-xxx`. `xxx` stands for the cloud provider name. We support the following Addons:
+### Familiar with cloud resources specification
 
-- terraform-alibaba
-- terraform-aws
-- terraform-azure
-- terraform-tencent  
-- terraform-gcp  
-- terraform-baidu  
+All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list). You can also filter them by
+command `vela components --label type=terraform`.
 
-We can provision cloud resources in Alibaba Cloud, AWS, Azure, Tencent Cloud, Google Cloud Platform and Baidu Cloud respectively.
+You can use any of the following ways to check the specification of one cloud resource.
 
-Choose the specific version and enable an addon.
+- Using command `vela show <component type name>` .
+
+```console
+$ vela show alibaba-oss
+### Properties
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+|            NAME            |                               DESCRIPTION                               |                           TYPE                            | REQUIRED | DEFAULT |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+| acl                        | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string                                                    | false    |         |
+| bucket                     | OSS bucket name                                                         | string                                                    | false    |         |
+| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to       | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false    |         |
++----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
+
+...snip...
+```
+
+You can also add flag `--web` to view the usage by a local browser.
+
+- Reading [official docs](../end-user/components/cloud-services/cloud-resources-list).
+
+For example, you can check the specification for Alibaba OSS at [here](../end-user/components/cloud-services/terraform/alibaba-oss). 
+
+For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
+
+- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
+  - `name`, specifies the name of the secret.
+  - `namespace`, specifies the namespace of the secret.
+- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
+  - `name`, specifies the name of the provider.
+- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
+- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
+
+### Provision by Creating Application
+
+Use the following Application to provision an OSS bucket:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: provision-cloud-resource-sample
+spec:
+  components:
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website-0911
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with `private` acl, with connection
+information stored in a secreted named `oss-conn`.
+
+Apply the above application, then check the status:
+
+```shell
+$ vela ls
+APP                            	COMPONENT 	TYPE       	TRAITS	PHASE  	HEALTHY	STATUS                                       	CREATED-TIME
+provision-cloud-resource-sample	sample-oss	alibaba-oss	      	running	healthy	Cloud resources are deployed and ready to use	2021-09-11 12:55:57 +0800 CST
+```
+
+After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console.
+
+## Provision with UI Console
+
+Provision cloud resources from UI Console can be more appropriate.
+
+### Before starting
+
+- Enable [VelaUX](../reference/addons/velaux) addon.
+
+- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
 
 ![addon-alibaba](../resources/addon-alibaba.jpg)
 
-## Authenticating the cloud provider
+### Creating your cloud service
 
-Click the tab `Platform`, and then `Integrations`. Choose `Terraform Controller Provider` to authenticate a cloud provider.
-Follow the instructions on all the properties to authenticate the provider for each cloud provider.
+The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
 
-For example, for Alibaba Cloud, you need to set the following properties:
+Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
 
-> Notice: KubeVela encrypts all the keys, hence no need to worry about its safety.
+Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
 
-![](../resources/provider-alibaba.jpg)
-
-Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
-
-The creating process of cloud services pulls configuration from GitHub. If your control plane
-cluster that runs KubeVela is very hard to connect to GitHub, please open up the `GithubBlocked` option in `terraform`
-addon.
-
-All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list).
-
-## Creating your cloud service
-
-First [create an application](../how-to/dashboard/application/create-application). Please choose the type of your cloud service,
-which has a prefix of `aws-`, `azure`, `alibaba-` or `tencent-`.
-
-For different vendors, these parameters update accordingly. 
-
-For example, `aws-s3` has the following parameters:
-
-![](../resources/aws-s3-parameters.png)
-
-`azure-database-mariadb` has the following parameters:
-
-![](../resources/azure-database-mariadb-parameters.png)
-
-`alibaba-rds` has the following parameters:
-
-![](../resources/alibaba-rds-parameters.png)
-
-All cloud resources have some common parameters.
-
-- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
-- ProviderRef: The Provider which is referenced by a cloud service
-- Region: Region is cloud provider's region. It will override `providerRef`.
-
-Set the above parameters according to your needs to complete creating the application, and then [deploy the application](../how-to/dashboard/application/deploy-application).
-
-## Viewing cloud resource creation status
+### Viewing cloud resource creation status
 
 - Check the cloud instance list
 
@@ -98,9 +127,7 @@ because the cloud service instance generation takes a certain amount of time, an
 You can visit the instance in the console of the cloud provider. For example, you can check the name or console to visit it.
 ![](../resources/application-console-link.png)
 
-For example, you can check Alibaba Cloud RDS instance in [https://console.aliyun.com](https://console.aliyun.com).
-
-![](../resources/alibaba-cloud-rds-console.png)
+It will redirect to the UI Console of the provider, in our example, resources from Alibaba Cloud will go to [https://console.aliyun.com](https://console.aliyun.com).
 
 - Check details and status of the cloud instance
 
@@ -122,3 +149,7 @@ In the last section `Component Status`, the health status and the message of the
 - The cloud service is always ProvisioningAndChecking and has no name
 
 > The creation of cloud services generally takes a certain amount of time. Please wait or enter the cloud vendor console to view the creation progress.
+
+## More
+
+For more usages of cloud resources, like how to provision and consume cloud resources, please refer to [Scenarios of Cloud Resources Management](./../end-user/components/cloud-services/cloud-resource-scenarios).

versioned_sidebars/version-v1.4-sidebars.json

@@ -54,13 +54,18 @@
           "items": [
             "tutorials/consume-cloud-services",
             {
-              "Manage Database": [
-                "end-user/components/cloud-services/provision-and-consume-cloud-services",
+              "type": "category",
+              "label": "Terraform",
+              "collapsed": false,
+              "items": [
+                "end-user/components/cloud-services/cloud-resource-scenarios",
+                "end-user/components/cloud-services/provision-and-consume-database",
                 "end-user/components/cloud-services/provision-and-initiate-database",
                 "end-user/components/cloud-services/secure-your-database-connection",
                 "end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database"
               ]
-            }
+            },
+            "end-user/components/cloud-services/provision-cloud-resources-by-crossplane"
           ]
         },
         {
@@ -257,7 +262,12 @@
             "reference/addons/velaux",
             "reference/addons/rollout",
             "reference/addons/fluxcd",
-            "reference/addons/terraform",
+            {
+              "Cloud Resources": [
+                "reference/addons/terraform",
+                "reference/addons/crossplane"
+              ]
+            },
             "reference/addons/ai",
             "reference/addons/traefik",
             "reference/addons/cert-manager",