Periodic Update

alivest · alivest · commit 738201ce3f76 · 2020-03-08T02:03:33.000Z
diff --git a/doc-source/security-iam.md b/doc-source/security-iam.md
@@ -75,7 +75,7 @@ Resource\-based policies are JSON policy documents that you attach to a resource
 
 ### Access Control Lists \(ACLs\)<a name="security_iam_access-manage-acl"></a>
 
-Access control policies \(ACLs\) control which principals \(account members, users, or roles\) have permissions to access a resource\. ACLs are similar to resource\-based policies, although they are the only policy type that does not use the JSON policy document format\. Amazon S3, AWS WAF, and Amazon VPC are examples of services that support ACLs\. To learn more about ACLs, see [Access Control List \(ACL\) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon Simple Storage Service Developer Guide*\.
+Access control lists \(ACLs\) are a type of policy that controls which principals \(account members, users, or roles\) have permissions to access a resource\. ACLs are similar to resource\-based policies, although they do not use the JSON policy document format\. Amazon S3, AWS WAF, and Amazon VPC are examples of services that support ACLs\. To learn more about ACLs, see [Access Control List \(ACL\) Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) in the *Amazon Simple Storage Service Developer Guide*\.
 
 ### Other Policy Types<a name="security_iam_access-manage-other-policies"></a>
 
diff --git a/doc-source/security.md b/doc-source/security.md
@@ -1,6 +1,6 @@
 # Security in AWS X\-Ray<a name="security"></a>
 
-## <a name="w15aac14b3"></a>
+## <a name="w16aac14b3"></a>
 
 Cloud security at AWS is the highest priority\. As an AWS customer, you benefit from a data center and network architecture that is built to meet the requirements of the most security\-sensitive organizations\.
 
diff --git a/doc-source/xray-console-analytics.md b/doc-source/xray-console-analytics.md
@@ -17,7 +17,7 @@ The X\-Ray Analytics console uses the following key features for grouping, filte
 
 | Feature | Description | 
 | --- | --- | 
-|  **Groups**  |  The initial selected group is `Default`\. To change the retrieved group, select a different group from the menu to the right of the main filter expression search bar\. To learn more about groups see, [Using Filter Expressions with Groups](https://docs.aws.amazon.com/xray/latest/devguide//xray-console-filters.html#groups)\.  | 
+|  **Groups**  |  The initial selected group is `Default`\. To change the retrieved group, select a different group from the menu to the right of the main filter expression search bar\. To learn more about groups see, [Using Filter Expressions with Groups](https://docs.aws.amazon.com/xray/latest/devguide/xray-console-filters.html#groups)\.  | 
 |  **Retrieved traces**  |  By default, the Analytics console generates graphs based on all traces in the selected group\. Retrieved traces represent all traces in your working set\. You can find the trace count in this tile\. Filter expressions you apply to the main search bar refine and update the retrieved traces\.  | 
 |  **Show in charts/Hide from charts**  |  A toggle to compare the active group against the retrieved traces\. To compare the data related to the group against any active filters, choose **Show in charts**\. To remove this view from the charts, choose **Hide from charts**\.  | 
 |  **Filtered trace set A**  |  Through interactions with the graphs and tables, apply filters to create the criteria for trace set A\. As the filters are applied, the number of applicable traces and the percentage of traces from the total that are retrieved are calculated within this tile\. Filters populate as tags within the trace set A tile and can also be removed from the tile\.  | 
diff --git a/doc-source/xray-console-encryption.md b/doc-source/xray-console-encryption.md
@@ -1,8 +1,17 @@
 # Data Protection in AWS X\-Ray<a name="xray-console-encryption"></a>
 
-AWS X\-Ray always encrypts traces and related data at rest\. If you need to audit and disable encryption keys for compliance or internal requirements, you can configure X\-Ray to use an AWS Key Management Service \(AWS KMS\) customer master key \(CMK\) to encrypt data\.
+AWS X\-Ray always encrypts traces and related data at rest\. When you need to audit and disable encryption keys for compliance or internal requirements, you can configure X\-Ray to use an AWS Key Management Service \(AWS KMS\) customer master key \(CMK\) to encrypt data\.
 
-X\-Ray provides an AWS managed CMK named `aws/xray`\. Use this key if you just want to [audit key usage in AWS CloudTrail](https://docs.aws.amazon.com/kms/latest/developerguide/logging-using-cloudtrail.html) and don't need to manage the key itself\. If you need to manage access to the key or configure key rotation, you can [create a customer managed CMK](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html)\.
+X\-Ray provides an AWS managed CMK named `aws/xray`\. Use this key when you just want to [audit key usage in AWS CloudTrail](https://docs.aws.amazon.com/kms/latest/developerguide/logging-using-cloudtrail.html) and don't need to manage the key itself\. When you need to manage access to the key or configure key rotation, you can [create a customer managed CMK](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html)\.
+
+When you change encryption settings, X\-Ray spends some time generating and propagating data keys\. While the new key is being processed, X\-Ray may encrypt data with a combination of the new and old settings\. Existing data is not re\-encrypted when you change encryption settings\.
+
+**Note**  
+AWS KMS charges when X\-Ray uses a CMK to encrypt or decrypt trace data\.  
+**Default encryption** – Free\.
+**AWS managed CMK** – Pay for key use\.
+**Customer managed CMK** – Pay for key storage and use\.
+See [AWS Key Management Service Pricing](https://aws.amazon.com/kms/pricing/) for details\.
 
 You must have user\-level access to a customer managed CMK to configure X\-Ray to use it, and to then view encrypted traces\. See [User Permissions for Encryption](security_iam_service-with-iam.md#xray-permissions-encryption) for more information\.
 
@@ -23,15 +32,6 @@ X\-Ray does not support asymmetric CMKs\.
 
 1. Choose **Apply**\.
 
-When you change encryption settings, X\-Ray spends some time generating and propagating data keys\. While the new key is being processed, X\-Ray may encrypt data with a combination of the new and old settings\. Existing data is not re\-encrypted when you change encryption settings\.
-
-**Note**  
-AWS KMS charges when X\-Ray uses a CMK to encrypt or decrypt trace data\.  
-**Default encryption** – Free\.
-**AWS managed CMK** – Pay for key use\.
-**Customer managed CMK** – Pay for key storage and use\.
-See [AWS Key Management Service Pricing](https://aws.amazon.com/kms/pricing/) for details\.
-
 If X\-Ray is unable to access your encryption key, it stops storing data\. This can happen if your user loses access to the CMK, or if you disable a key that's currently in use\. When this happens, X\-Ray shows a notification in the navigation bar\.
 
 To configure encryption settings with the X\-Ray API, see [Configuring  Sampling, Groups, and Encryption Settings with the AWS X\-Ray API](xray-api-configuration.md)\.
diff --git a/doc-source/xray-sdk-nodejs-sqlclients.md b/doc-source/xray-sdk-nodejs-sqlclients.md
@@ -19,22 +19,23 @@ Instrument SQL database queries by wrapping your SQL client in the corresponding
 
 When you use an instrumented client to make SQL queries, the X\-Ray SDK for Node\.js records information about the connection and query in a subsegment\.
 
-## Including Additional Data in SQL Subsegments
+## Including Additional Data in SQL Subsegments<a name="xray-sdk-nodejs-sqlclients-additional"></a>
 
-You can add additional information to subsegments generated for SQL queries as long as it's mapped to a whitelisted SQL field. For example, to record the sanitized SQL query string in a subsegment, you can add it directly to the subsegment's SQL object.
+You can add additional information to subsegments generated for SQL queries, as long as it's mapped to a whitelisted SQL field\. For example, to record the sanitized SQL query string in a subsegment, you can add it directly to the subsegment's SQL object\.
+
+**Example Assign SQL to Sugsegment**  
 
 ```
-const queryString = 'SELECT * FROM MyTable';
+    const queryString = 'SELECT * FROM MyTable';
 connection.query(queryString, ...);
 
 // Retrieve the most recently created subsegment
 const subs = AWSXRay.getSegment().subsegments;
 
-if (subs && subs.length > 0) {
+if (subs & & subs.length > 0) {
   var sqlSub = subs[subs.length - 1];
   sqlSub.sql.sanitized_query = queryString;
 }
-
 ```
 
-For a full list of whitelisted SQL fields, see [SQL Queries](https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html#api-segmentdocuments-sql).
+For a full list of whitelisted SQL fields, see [SQL Queries](https://docs.aws.amazon.com/xray/latest/devguide/xray-api-segmentdocuments.html#api-segmentdocuments-sql) in the *AWS X\-Ray Developer Guide*\.
diff --git a/doc-source/xray-sdk-python-serverless.md b/doc-source/xray-sdk-python-serverless.md
@@ -14,7 +14,7 @@ This tutorial develops an example serverless application that is deployed to Lam
 
 ## Prerequisites<a name="xray-sdk-python-serverless-prereqs"></a>
 + [Zappa](https://github.com/Miserlou/Zappa)
-+ [Python](https://docs.aws.amazon.com/xray/latest/devguide//xray-sdk-python.html) – Version 2\.7 or 3\.6\.
++ [Python](https://docs.aws.amazon.com/xray/latest/devguide/xray-sdk-python.html) – Version 2\.7 or 3\.6\.
 + [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) – Verify that your AWS CLI is configured with the account and AWS Region in which you will deploy your application\. 
 + [Pip](https://pypi.org/project/pip/)
 + [Virtualenv](https://virtualenv.pypa.io/en/latest/)
@@ -167,7 +167,7 @@ In this step you will interact with the API Gateway console to enable X\-Ray tra
 
 ## Step 4: View the Created Trace<a name="xray-sdk-python-serverless-trace"></a>
 
-In this step you will interact with the X\-Ray console to view the trace created by the example application\. For a more detailed walkthrough on trace analysis, see [Viewing the Service Map](https://docs.aws.amazon.com/xray/latest/devguide//xray-console.html#xray-console-servicemap)\.
+In this step you will interact with the X\-Ray console to view the trace created by the example application\. For a more detailed walkthrough on trace analysis, see [Viewing the Service Map](https://docs.aws.amazon.com/xray/latest/devguide/xray-console.html#xray-console-servicemap)\.
 
 1. Sign in to the AWS Management Console and open the X\-Ray console at [https://console\.aws\.amazon\.com/xray/home](https://console.aws.amazon.com/xray/home)\.
 
diff --git a/doc-source/xray-services-appmesh.md b/doc-source/xray-services-appmesh.md
@@ -1,6 +1,6 @@
 # Amazon EC2 and AWS App Mesh<a name="xray-services-appmesh"></a>
 
-AWS X\-Ray integrates with [AWS App Mesh](https://docs.aws.amazon.com//app-mesh/latest/userguide/what-is-app-mesh.html) to manage Envoy proxies for microservices\. App Mesh provides a version of Envoy that you can configure to send trace data to the X\-Ray daemon running in a container of the same task or pod\. X\-Ray supports tracing with the following App Mesh compatible services: 
+AWS X\-Ray integrates with [AWS App Mesh](https://docs.aws.amazon.com/app-mesh/latest/userguide/what-is-app-mesh.html) to manage Envoy proxies for microservices\. App Mesh provides a version of Envoy that you can configure to send trace data to the X\-Ray daemon running in a container of the same task or pod\. X\-Ray supports tracing with the following App Mesh compatible services: 
 + Amazon Elastic Container Service \(Amazon ECS\)
 + Amazon Elastic Kubernetes Service \(Amazon EKS\)
 + Amazon Elastic Compute Cloud \(Amazon EC2\)
@@ -9,7 +9,7 @@ Use the following instructions to learn how to enable X\-Ray tracing through App
 
 ![\[Image NOT FOUND\]](http://docs.aws.amazon.com/xray/latest/devguide/images/appmesh-traceContents.png)
 
-To configure the Envoy proxy to send data to X\-Ray, set the `ENABLE_ENVOY_XRAY_TRACING` [environment variable](https://docs.aws.amazon.com//app-mesh/latest/userguide/envoy.html#envoy-config) in its container definition\.
+To configure the Envoy proxy to send data to X\-Ray, set the `ENABLE_ENVOY_XRAY_TRACING` [environment variable](https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html#envoy-config) in its container definition\.
 
 **Example Envoy Container Definition for Amazon ECS**  
 
diff --git a/doc-source/xray-services-sqs.md b/doc-source/xray-services-sqs.md
@@ -10,7 +10,7 @@ Amazon SQS supports the following tracing header instrumentation:
 
 When running on Amazon EC2, Amazon SQS supports processing one message at a time\. This applies when running on an on\-premises host, and when using container services, such as AWS Fargate, Amazon ECS, or AWS App Mesh\. 
 
-The trace header is excluded from both Amazon SQS message size and message attribute limits\. Enabling X\-Ray tracing will not exceed your Amazon SQS limits\. To learn more about AWS limits, see [Amazon SQS Limits](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-limits.html)\.
+The trace header is excluded from both Amazon SQS message size and message attribute quoatas\. Enabling X\-Ray tracing will not exceed your Amazon SQS quotas\. To learn more about AWS quotas, see [Amazon SQS Quotas](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-limits.html)\.
 
 ## Send the HTTP Trace Header<a name="xray-services-sqs-sending"></a>
 
