Merge branch 'main' into bug-fixes

guide/content/_index.md

@@ -1,13 +1,13 @@
 ---
 weight: 1
-title: Trend Micro - AWS Built In module
-description: Trend Micro - AWS Built In module
+title: Trend Micro AWS Built-In module
+description: Trend Micro AWS Built-In module
 ---
 
-# Trend - AWS Built In module
+# Trend Micro AWS Built-In module
 
-The purpose of this document is to walk you through the process of deploying Trend Micro - AWS Built In module. This document is intended for Customers who are using the `cfn-abi-trend-cloudone` AWS Built In program(ABI) and in process of building an ABI project.
+This document walks you through the process of deploying the Trend Micro AWS Built-In (ABI) module to the AWS Cloud. It's intended for customers who are using the `cfn-abi-trend-cloudone` ABI and building an ABI project.
 
-The AWS Built-in program is a differentiation program that validates Partner solutions which have automated their solution integrations with relevant AWS foundational services like identity, management, security and operations.  This program helps customers find and deploy a validated Partner solution that addresses specific customer use cases while providing deep visibility and control of AWS native service integration.
+The AWS Built-In program validates solutions that are integrated with relevant AWS foundational services such as identity, management, security, and operations. This program helps customers find and deploy a validated solution that addresses specific customer use cases while providing visibility and control of AWS native service integrations.
 
-Choose [Overview](/overview/index.html) to get started.
+**Next:** [Overview](/overview/index.html)

guide/content/additional-resources.md

@@ -1,32 +1,32 @@
 ---
 weight: 11
-title: Additional Resources
-description: Additional Resources
+title: Additional resources
+description: Additional resources
 ---
 
 ## Partner documentation
 
-* CloudTrail Integration: <https://cloudone.trendmicro.com/docs/cloud-account-management/cloudtrail/>
-* SSM Integration: <https://cloudone.trendmicro.com/docs/workload-security/aws-systems-manager/>
-* SecurityHub Integration: <https://cloudone.trendmicro.com/docs/integrations/security-hub/>
+* AWS CloudTrail integration: <https://cloudone.trendmicro.com/docs/cloud-account-management/cloudtrail/>
+* Integrate with AWS Systems Manager Distributor: <https://cloudone.trendmicro.com/docs/workload-security/aws-systems-manager/>
+* Security Hub: <https://cloudone.trendmicro.com/docs/integrations/security-hub/>
 
-## AWS Services
+## AWS services
 
-* CloudTrail: <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html>
-* SSM: <https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html>
-* SecurityHub: <https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html>
+* What Is AWS CloudTrail?: <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html>
+* What is AWS Systems Manager?: <https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html>
+* What is AWS Security Hub?: <https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html>
 
-## Frequently asked questions (FAQs)
+## FAQs
 
 {{% notice info %}}
-The FAQ is pretty much empty right now, but will be updated as Questions from customers come in after release.
+The FAQ is empty right now but will be updated as questions from customers come in after release.
 {{% /notice %}}
 
-Please see the [FAQs](/faqs/index.html) page.
+Refer to the [FAQs](/faqs/index.html) page.
 
 ## Other documentation
 
 * [AWS Security Reference Architecture (AWS SRA)](https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/welcome.html)
 * [Code repository for AWS SRA examples](https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/code-repo.html)
 
-**Next:** Choose [Troubleshooting](/troubleshooting/index.html).
+**Next:** [Troubleshooting](/troubleshooting/index.html)

guide/content/architecture.md

@@ -1,31 +1,31 @@
 ---
 weight: 5
 title: Architecture
-description: Solution architecture.
+description: Solution architecture
 ---
 
 Deploying this ABI package with default parameters builds the following architectures.
 
-##### CloudTrail Integration Architecture Diagram
+##### AWS CloudTrail integration architecture diagram
 
-![CloudTrail Integration Architecture Diagram](/images/cloudtrail-architecture.png)
+![AWS CloudTrail integration architecture diagram](/images/cloudtrail-architecture.png)
 
 As shown in the diagram, this integration sets up the following:
 
 * In the log archive account:
-  * Amazon CloudWatch Events rules to detect new PUTs in the Organizational CloudTrail S3 Bucket and trigger a AWS Lambda function
-  * This function forwards the new CloudTrail events to Trend Vision One
+  * Amazon CloudWatch events rules to detect new PUTs in the organizational CloudTrail S3 bucket and trigger an AWS Lambda function.
+  * The Lambda function forwards the new CloudTrail events to Trend Vision One.
 
-##### SSM Integration Architecture Diagram
+##### SSM integration architecture diagram
 
-![SSM Integration Architecture Diagram](/images/ssm-architecture.jpg)
+![SSM integration architecture diagram](/images/ssm-architecture.jpg)
 
-* In each AWS Organizational OU's accounts:
-  * Four System Manager Parameters are created in each AWS Region.
-  * On defined CRON Job, AWS Systems Manager Workload Security Agent Association Package will be trigger for '*' Instances managed by SSM.
-  * This SSM Association package will deploy Workload Security Agent on unmanaged Instances
+* In each AWS Organizations account:
+  * Four system-manager parameters are created in each AWS Region.
+  * For a defined CRON job, the AWS Systems Manager workload security agent association package triggers for '*' instances managed by SSM.
+  * The SSM association package deploys workload security agent for unmanaged instances.
 
-##### SecurityHub Integration Architecture Diagram
+##### AWS Security Hub integration architecture diagram
 
 To do.
 
@@ -49,4 +49,4 @@ As shown in the diagram, this integration sets up the following:
 
 -->
 
-**Next:** Choose [Deployment Options](/deployment-options/index.html) to get started.
+**Next:** [Deployment Options](/deployment-options/index.html)

guide/content/cleanup-instructions.md

@@ -1,9 +1,9 @@
 ---
 weight: 99
-title: Cleanup Instructions
-description: Instructions to cleanup the resources created by the ABI package
+title: Cleanup instructions
+description: Instructions to clean up the resources created by the ABI package
 ---
 
-## Cleanup Instructions
+## Cleanup instructions
 
-For cleanup, please delete the "parent" CloudFormation stack. No other actions are necessary.
+Delete the parent CloudFormation stack. No other actions are necessary.

guide/content/costandlicenses.md

@@ -1,23 +1,23 @@
 ---
 weight: 4
-title: Cost and licenses
-description: Cost of the solution and licenses required.
+title: Costs and licenses
+description: Costs and required licenses
 ---
 
-## Trend Micro Licensing Costs
+## Trend Micro licensing costs
 
-Please check current licensing pricing directly at the [Trend Cloud One](https://aws.amazon.com/marketplace/pp/prodview-g232pyu6l55l4) and [Trend Vision One](https://aws.amazon.com/marketplace/pp/prodview-jktqkevcm3zbc) AWS Marketplace pages.
+For current pricing, refer to [Trend Cloud One](https://aws.amazon.com/marketplace/pp/prodview-g232pyu6l55l4) and [Trend Enterprise Security Solutions](https://aws.amazon.com/marketplace/pp/prodview-jktqkevcm3zbc) on AWS Marketplace.
 
-## AWS Services Cost
+## AWS service costs
 
 * Secrets Manager:
-  * 1 secret
-  * The storage cost is $0.40 per secret per month and API interactions cost is $0.05 per 10,000 API calls.
+  * One secret.
+  * Storage is $0.40 per secret per month, and API interactions are $0.05 per 10,000 API calls.
 
 * SSM Parameter Store:
-  * 4 Parameters using standard throughput.
+  * Four parameters using standard throughput.
   * No additional charge for storage and standard throughput.
 
-* Note: Other costs might occur and neither Trend Micro or AWS can be responsible for them.
+* Note: You are responsible for the cost of the AWS services and any third-party licenses used while running this solution.
 
-**Next:** Choose [Architecture](/architecture/index.html) to get started.
+**Next:** [Architecture](/architecture/index.html)

guide/content/deployment-options.md

@@ -1,15 +1,15 @@
 ---
 weight: 6
-title: Deployment Options
+title: Deployment options
 description: 
 ---
 
 #### Deployment options supported by this ABI package
 
-Following are the deployment options supported by this ABI package:
+The ABI package supports the following options:
 
-* Launch the [CloudFormation Template in the Management Account](/launch-using-cloudformation/index.html).
+* Launch the [CloudFormation template in the management account](/launch-using-cloudformation/index.html).
 * Launch using [Customizations for Control Tower (CfCT)](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) is not yet supported by this module.
 
 
-**Next:** Choose [Pre Deployment Steps](/pre-deployment-steps/index.html) to get started.
+**Next:** [Predeployment steps](/pre-deployment-steps/index.html)

guide/content/deployment-steps.md

@@ -4,54 +4,56 @@ title: Deployment steps
 description: Deployment steps
 ---
 
-## Launch the CloudFormation Template in the Management Account
+## Launch the CloudFormation template in the management account
 
-1. Download the cloudformation template from source: https://aws-abi-pilot.s3.us-east-1.amazonaws.com/cfn-abi-trend-cloudone/main/templates/main.template.yaml
-2. Launch CloudFormation template in your AWS Control Tower home region.
+1. Download the CloudFormation template from https://aws-abi-pilot.s3.us-east-1.amazonaws.com/cfn-abi-trend-cloudone/main/templates/main.template.yaml
+2. Launch the CloudFormation template in your AWS Control Tower home Region.
     * Stack name: `template-trend-micro-enable-integrations`
-    * List Parameters with [call out default values and update below example as needed]
-      * Mandatory Parameters
-        * **CloudOneApiKey**: Your Cloud One API Key. You can learn more about it [here](https://cloudone.trendmicro.com/docs/identity-and-account-management/c1-api-key/)
-        * **OrganizationId**: Your AWS Organization Id. You can learn how to find yours following [this](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_details.html) AWS documentation.
-      * Parameters to select which modules of this ABI you'd like to deploy:
+    * List parameters with [call out default values and update below example as needed]
+      * Mandatory parameters
+        * **CloudOneApiKey**: Your Cloud One API Key. For more information, refer to [Manage API keys](https://cloudone.trendmicro.com/docs/identity-and-account-management/c1-api-key/)
+        * **OrganizationId**: Your AWS Organization ID. For more information, refer to [Viewing details about your organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_details.html).
+      * Parameters for the ABI module:
         * **DeployCloudTrailIntegration**: `true`
         * **DeploySSMIntegration**: `true`
         * **DeploySecurityHubIntegration**: `true`
-      * Parameters related to the CloudTrail Integration:
-        * **VisionOneAuthenticationToken**: Vision One Authentication Token. You can learn more about it [here](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one-olh/administrative-setti/user-accounts/obtaining-api-keys-f_001.aspx)
-        * **VisionOneRegion**: Vision One Region. ou can learn more about it [here](https://automation.trendmicro.com/xdr/Guides/Regional-Domains)
-        * **ExistingOrganizationalCloudtrailBucketName**: Bucket name of an existing Organizational CloudTrail. You can learn more about it [here](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html)
-      * Parameters related to the SSM Integration:
+      * Parameters related to the CloudTrail integration:
+        * **VisionOneAuthenticationToken**: Vision One authentication token. For more information, refer to [Obtaining API Keys for Third-Party Apps](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one-olh/administrative-setti/user-accounts/obtaining-api-keys-f_001.aspx).
+        * **VisionOneRegion**: Vision One Region. For more information, refer to [Regional Domains](https://automation.trendmicro.com/xdr/Guides/Regional-Domains).
+        * **ExistingOrganizationalCloudtrailBucketName**: Bucket name of an existing organizational CloudTrail. For more information, refer to [Creating a trail for an organization](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html).
+      * Parameters related to the SSM integration:
         * **CronJob**: `cron(15 10 * * ? *)`
         * **AccountAdminStatus**: `SELF`
-      * Parameters related to the SecurityHub Integration:
-        * **EnableSecurityHub**: `false`, unless you don't have Security Hub enabled. `true` would enable Security Hub in the Audit Account
+      * Parameters related to the Security Hub integration:
+        * **EnableSecurityHub**: Set to `false` unless you don't have Security Hub enabled. Set to `true` to enable Security Hub in the audit account.
 
-3. Choose both the **Capabilities** and select **Submit** to launch the stack.
+3. Choose both the **Capabilities** and then **Submit** to launch the stack.
 
     [] I acknowledge that AWS CloudFormation might create IAM resources with custom names.
 
     [] I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND
 
-Wait for the CloudFormation status to change to `CREATE_COMPLETE` state.
+Wait for the CloudFormation status to change to `CREATE_COMPLETE`.
 
 ## Launch using Customizations for Control Tower (CfCT)
 
 {{% notice warning %}}
-Deploying using Customizations for Control Tower (CfCT) is not yet supported for this ABI Module.
+Deploying Customizations for Control Tower (CfCT) is not yet supported for this ABI module.
 {{% /notice %}}
 
-[Customizations for AWS Control Tower](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices. You can easily add customizations to your AWS Control Tower landing zone using an AWS CloudFormation template and service control policies (SCPs). You can deploy the custom template and policies to individual accounts and organizational units (OUs) within your organization. It also integrates with AWS Control Tower lifecycle events to ensure that resource deployments stay in sync with your landing zone. For example, when a new account is created using the AWS Control Tower account factory, Customizations for AWS Control Tower ensures that all resources attached to the account's OUs will be automatically deployed.
+[CfCT](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) combines AWS Control Tower and other highly available, trusted AWS services to help customers more quickly set up a secure, multiaccount AWS environment according to AWS best practices. You can add customizations to your AWS Control Tower landing zone using an AWS CloudFormation template and service control policies (SCPs). You can deploy the custom template and policies to individual accounts and organizational units within your organization.
 
-The templates provided as part of the ABI packages are deployable using Customizations for Control Tower. Please check below for additional details.
+CfCT also integrates with AWS Control Tower lifecycle events to help ensure that resource deployments stay in sync with your landing zone. For example, when a new account is created using the AWS Control Tower account factory, CfCt helps to ensure that all resources attached to the account's organizational unit are automatically deployed.
 
-### Pre-requisites
+The templates provided as part of the ABI packages are deployable using CfCT. For more information, refer to [Prerequisites](/prerequisites.html).
 
-1. The CfCT solution, do not have ability to launch resources on the Management account. Hence, you need to create the role with required permissions in the Management account.
+### Prerequisites
+
+1. For CfCT to launch resources from the management account, you must create a role with necessary permissions in that account.
 
 ### How it works
 
-To deploy this integration page using CfCT solution, add the following blurb to the `manifest.yaml` file from your CfCT solution and update the account/ou names as needed.
+To deploy this integration page using CfCT, add the following blurb to the `manifest.yaml` file, and update the accounts and organizational units as needed.
 
 ```
 resources:
@@ -66,21 +68,21 @@ resources:
       - parameter_key: pSRAStagingS3KeyPrefix
         parameter_value: cfn-abi-aws-reference-guide
       - parameter_key: CloudOneApiKey
-        parameter_value: Your Cloud One API Key. You can learn more about it [here](https://cloudone.trendmicro.com/docs/identity-and-account-management/c1-api-key/)
+        parameter_value: Your Cloud One API key. For more information, refer to [Manage API keys](https://cloudone.trendmicro.com/docs/identity-and-account-management/c1-api-key/).
       - parameter_key: OrganizationId
-        parameter_value: Your AWS Organization Id. You can learn how to find yours following [this](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_details.html) AWS documentation.
+        parameter_value: Your AWS Organization ID. For more information, refer to [Viewing details about your organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_details.html).
       - parameter_key: DeployCloudTrailIntegration
         parameter_value: true
       - parameter_key: DeploySSMIntegration
         parameter_value: true
       - parameter_key: DeploySecurityHubIntegration
         parameter_value: true
       - parameter_key: VisionOneAuthenticationToken
-        parameter_value: Vision One Authentication Token. You can learn more about it [here](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one-olh/administrative-setti/user-accounts/obtaining-api-keys-f_001.aspx)
+        parameter_value: Vision One authentication token. For more information, refer to [Obtaining API Keys for Third-Party Apps](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one-olh/administrative-setti/user-accounts/obtaining-api-keys-f_001.aspx).
       - parameter_key: VisionOneRegion
-        parameter_value: Vision One Region. ou can learn more about it [here](https://automation.trendmicro.com/xdr/Guides/Regional-Domains)
+        parameter_value: Vision One Region. For more information, refer to [Regional Domains](https://automation.trendmicro.com/xdr/Guides/Regional-Domains).
       - parameter_key: ExistingOrganizationalCloudtrailBucketName
-        parameter_value: Bucket name of an existing Organizational CloudTrail. You can learn more about it [here](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html)
+        parameter_value: Bucket name of an existing Organizational CloudTrail. For more information, refer to [Creating a trail for an organization](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html).
       - parameter_key: CronJob
         parameter_value: cron(15 10 * * ? *)
       - parameter_key: AccountAdminStatus
@@ -92,4 +94,4 @@ resources:
         - [[MANAGEMENT-AWS-ACCOUNT-ID]]
 ```
 
-**Next:** Choose [Postdeployment Options](/post-deployment-steps/index.html) to get started.
+**Next:** [Postdeployment options](/post-deployment-steps/index.html)