Documentation changes based on feedback in DES-7199

Author: Nidhi251289

content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md

@@ -743,7 +743,8 @@ For more information about collecting metrics in Mendix on Kubernetes, see [Moni
 
 ### Customize Service Account {#customize-service-account}
 
-The Mendix environment can be configured to use a specific Kubernetes ServiceAccount instead of the default ServiceAccount.
+The Mendix environment can be configured to use a specific Kubernetes ServiceAccount instead of the default ServiceAccount. 
+In order to ensure that every environment uses a unique account, hence the k8s service account needs to have the same name as the Mendix App environment name (environment id). This will ensure that one service account cant be used for multiple environments.
 
 To achieve this, you need to add the annotation `privatecloud.mendix.com/environment-account: true` (for security reasons, any account matching an environment name but without this annotation cannot be attached to environments).
 

content/en/docs/deployment/private-cloud/private-cloud-cluster/private-cloud-storage-plans.md

@@ -1887,7 +1887,7 @@ To configure the required settings for an RDS database, do the following steps:
 2. Enable [IAM authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.DBAccounts.html#UsingWithRDS.IAMDBAuth.DBAccounts.PostgreSQL) and grant `rds_iam` role to `database-username` role by using the below `psql` commandline to run the following jump pod commands (replacing `<database-username>` with the username specified in `database-username` and `<database-host>` with the database host):
 
     ```sql
-    kubectl run postgrestools docker.io/bitnami/postgresql:14 -ti --restart=Never --rm=true -- /bin/sh
+    kubectl run postgrestools docker.io/library/postgresql:14 -ti --restart=Never --rm=true -- /bin/sh
     export PGDATABASE=postgres
     export PGUSER=<database-username>
     export PGHOST=<database-host>

content/en/docs/deployment/private-cloud/private-cloud-data-transfer.md

@@ -7,7 +7,7 @@ weight: 60
 ---
 ## Introduction
 
-{{% alert color="warning" %}}This tool is provided as-is, and no additional features or enhancements will be implemented in the future. {{% /alert %}}
+{{% alert color="warning" %}}This tool is provided as-is, and no additional features or enhancements will be implemented in the future. Our recommendation for migrating data is reaching out to Expert Services or using [MendixOnAzure](/developerportal/deploy/mendix-on-azure/backups/).{{% /alert %}}
 
 The Mendix on Kubernetes data migration tool allows you to:
 
@@ -161,7 +161,7 @@ spec:
   terminationGracePeriodSeconds: 0
   containers:
   - name: pgtools
-    image: docker.io/bitnami/postgresql:12
+    image: docker.io/library/postgresql:12
     command: ["sleep", "infinity"]
     lifecycle:
       preStop:
@@ -223,7 +223,7 @@ If you need to export or import data from an environment that uses AWS IRSA auth
 4. Add the `eks.amazonaws.com/role-arn` annotation to the `mendix-backup-restore` service account and set it to the role ARN value from the previous step.
 
 This configuration creates a pod which includes `pgtools` (PostgreSQL tools such as `pg_dump` and `pg_restore`), and a Service Account that can get the database credentials from an environment.
-If your database is using another PostgreSQL version (for example, PostgreSQL 13), change the `image: docker.io/bitnami/postgresql:12` to match the target PostgreSQL version (for example, `docker.io/bitnami/postgresql:13`).
+If your database is using another PostgreSQL version (for example, PostgreSQL 13), change the `image: docker.io/library/postgresql:12` to match the target PostgreSQL version (for example, `docker.io/library/postgresql:13`).
 
 {{% alert color="warning" %}}
 Before importing a backup file into an environment, the environment should be stopped (scaled down to 0 replicas).

content/en/docs/deployment/private-cloud/private-cloud-deploy.md

@@ -599,6 +599,7 @@ If you change the data type and value in the .mpr file, the changes are visible
 
 On the Network tab, you add client certificates (in the PKCS12 format) or certificate authorities (in the PEM format) for outgoing connections. These will be used when your application initiates SSL/TLS connections. This works in the same way as the Network tab for deployments to Mendix Cloud. For more details on these, see the [Network Tab](/developerportal/deploy/environments-details/#network-tab) section of *Environment Details*.
 
+For security reasons, root CAs can only be enabled in custom [TLS section](/developerportal/deploy/standard-operator/#custom-tls) in mxpc-cli. The root CAs need to be configured before creating an environment. 
 {{< figure src="/attachments/deployment/private-cloud/private-cloud-deploy/network-tab.png" class="no-border" >}}
 
 ### Runtime Tab {#runtime-tab}

content/en/docs/deployment/private-cloud/secret-store-credentials.md

@@ -513,7 +513,7 @@ After completing the prerequisites, follow these steps to switch from password-b
 2. Enable [IAM authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.DBAccounts.html#UsingWithRDS.IAMDBAuth.DBAccounts.PostgreSQL) and grant `rds_iam` role to `database-username` role by using the below `psql` commandline to run the following jump pod commands (replacing `<database-username>` with the username specified in `database-username` and `<database-host>` with the database host):
 
    ```sql
-   kubectl run postgrestools docker.io/bitnami/postgresql:14 -ti --restart=Never --rm=true -- /bin/sh
+   kubectl run postgrestools docker.io/library/postgresql:14 -ti --restart=Never --rm=true -- /bin/sh
    export PGDATABASE=postgres
    export PGUSER=<database-username>
    export PGHOST=<database-host>