Reconfigure Policy

content/en/docs/getting-started/integration/policy-controllers/_index.md

@@ -3,22 +3,34 @@ title: Policy
 weight: 1
 ---
 
-The [Policy API]({{< ref "docs/getting-started/integration/policy-controllers/policy" >}}) on the hub delivers the policies defined in `spec.policy-templates` to the managed
-clusters via the [policy framework controllers]({{< ref "docs/getting-started/integration/policy-controllers/policy-framework" >}}). Once on the managed
-cluster, these _Policy Templates_ are acted upon by the associated controller on the managed cluster. The policy
-framework supports delivering the _Policy Template_ kinds listed.
+The Policy Add-on enables auditing and enforcement of configuration across clusters managed by OCM, enhancing security,
+easing maintenance burdens, and increasing consistency across the clusters for your compliance and reliability
+requirements.
 
+View the following sections to learn more about the Policy Add-on:
 
-## [Configuration policy]({{< ref "docs/getting-started/integration/policy-controllers/configuration-policy" >}})
+- ### [Policy framework]({{< ref "docs/getting-started/integration/policy-controllers/policy-framework" >}})
 
-  The `ConfigurationPolicy` is provided by OCM and defines Kubernetes manifests to compare with objects that currently
-  exist on the cluster. The action that the `ConfigurationPolicy` will take is determined by its `complianceType`.
-  Compliance types include `musthave`, `mustnothave`, and `mustonlyhave`. `musthave` means the object should have the
-  listed keys and values as a subset of the larger object. `mustnothave` means an object matching the listed keys and
-  values should not exist. `mustonlyhave` ensures objects only exist with the keys and values exactly as defined.
+  Learn about the architecture of the Policy Add-on that delivers policies defined on the hub cluster to the managed
+  clusters and how to install and enable the add-on for your OCM clusters.
 
-## [Open Policy Agent Gatekeeper]({{< ref "docs/getting-started/integration/policy-controllers/gatekeeper" >}})
+- ### [Policy API concepts]({{< ref "docs/getting-started/integration/policy-controllers/policy" >}})
 
-  Gatekeeper is a validating webhook with auditing capabilities that can enforce custom resource definition-based
-  policies that are run with the Open Policy Agent (OPA). Gatekeeper `ConstraintTemplates` and constraints can be
-  provided in an OCM `Policy` to sync to managed clusters that have Gatekeeper installed on them.
+  Learn about the APIs that the Policy Add-on uses and how the APIs are related to one another to deliver policies to
+  the clusters managed by OCM.
+
+- ### Supported managed cluster policy engines
+
+  - #### [Configuration policy]({{< ref "docs/getting-started/integration/policy-controllers/configuration-policy" >}})
+
+    The `ConfigurationPolicy` is provided by OCM and defines Kubernetes manifests to compare with objects that currently
+    exist on the cluster. The action that the `ConfigurationPolicy` will take is determined by its `complianceType`.
+    Compliance types include `musthave`, `mustnothave`, and `mustonlyhave`. `musthave` means the object should have the
+    listed keys and values as a subset of the larger object. `mustnothave` means an object matching the listed keys and
+    values should not exist. `mustonlyhave` ensures objects only exist with the keys and values exactly as defined.
+
+  - #### [Open Policy Agent Gatekeeper]({{< ref "docs/getting-started/integration/policy-controllers/gatekeeper" >}})
+
+    Gatekeeper is a validating webhook with auditing capabilities that can enforce custom resource definition-based
+    policies that are run with the Open Policy Agent (OPA). Gatekeeper `ConstraintTemplates` and constraints can be
+    provided in an OCM `Policy` to sync to managed clusters that have Gatekeeper installed on them.

content/en/docs/getting-started/integration/policy-controllers/configuration-policy.md

@@ -7,7 +7,9 @@ hide_summary: true
 The `ConfigurationPolicy` defines Kubernetes manifests to compare with objects that currently exist on the cluster. The
 Configuration policy controller is provided by Open Cluster Management and runs on managed clusters.
 
-
+View the [Policy API concepts]({{< ref
+"docs/getting-started/integration/policy-controllers/policy#managed-cluster-policy-controllers" >}}) page to learn more
+about the `ConfigurationPolicy` API.
 
 ## Prerequisites
 

content/en/docs/getting-started/integration/policy-controllers/gatekeeper.md

@@ -9,8 +9,6 @@ that can enforce custom resource definition-based policies that are run with the
 constraints can be used to evaluate Kubernetes resource compliance. You can leverage OPA as the policy engine, and use
 Rego as the policy language.
 
-
-
 ## Installing Gatekeeper
 
 See the [Gatekeeper documentation](https://open-policy-agent.github.io/gatekeeper/website/docs/install) to install the

content/en/docs/getting-started/integration/policy-controllers/policy-framework.md

@@ -1,15 +1,14 @@
 ---
 title: Policy framework
-weight: 2
+weight: 1
+hide_summary: true
 aliases:
   - /getting-started/integration/policy-framework/
 ---
 
 The policy framework provides governance capabilities to OCM managed Kubernetes clusters. Policies provide visibility
 and drive remediation for various security and configuration aspects to help IT administrators meet their requirements.
 
-
-
 ## API Concepts
 
 View the [Policy API]({{< ref "docs/getting-started/integration/policy-controllers/policy" >}}) page for additional details about the Policy API managed by the Policy Framework

content/en/docs/getting-started/integration/policy-controllers/policy.md

@@ -1,24 +1,17 @@
 ---
-title: Policy
-weight: 1
+title: Policy API concepts
+weight: 2
+hide_summary: true
 aliases:
   - /concepts/policy/
   - /docs/concepts/policy/
 ---
 
-
-
 ## Overview
 
-Note: this is also covered in the
-[Open Cluster Management - Configuring Your Kubernetes Fleet With the Policy Addon](https://www.youtube.com/watch?v=ZZH654t5YpI)
-video.
-
-[![Open Cluster Management - Configuring Your Kubernetes Fleet With the Policy Addon](https://img.youtube.com/vi/ZZH654t5YpI/0.jpg)](https://www.youtube.com/watch?v=ZZH654t5YpI)
-
 The policy framework has the following API concepts:
 
-- [_Policy Templates_](#managed-cluster-policy-controllers) are the policies that perform a desired check or action. For
+- [_Policy Templates_](#managed-cluster-policy-controllers) are the policies that perform a desired check or action on a managed cluster. For
   example,
   [ConfigurationPolicy](  {{< ref "docs/getting-started/integration/policy-controllers#install-the-configuration-policy-controller" >}})
   objects are embedded in `Policy` objects under the `policy-templates` array.
@@ -30,9 +23,10 @@ The policy framework has the following API concepts:
   [Placement]({{< ref "docs/concepts/content-placement/placement" >}}).
 - A [`PlacementBinding`](#placementbinding) binds a [Placement]({{< ref "docs/concepts/content-placement/placement" >}}) to a `Policy` or `PolicySet`.
 
-The second half of the
-[KubeCon NA 2022 - OCM Multicluster App & Config Management](/kubecon-na-2022-ocm-multicluster-app-and-config-management.pdf)
-also covers an overview of the Policy addon.
+**Additional resources:**
+- View the following resources to learn more about the Policy Addon:
+  - Video: [Open Cluster Management - Configuring Your Kubernetes Fleet With the Policy Addon](https://www.youtube.com/watch?v=ZZH654t5YpI)
+  - Slides: [KubeCon NA 2022 - OCM Multicluster App & Config Management](/kubecon-na-2022-ocm-multicluster-app-and-config-management.pdf)
 
 ## Policy