get rid of details topic

docs/platform/infra/cloud/aws/lambda/aws-integration-faq.mdx

@@ -6,6 +6,10 @@ description: This document covers how the Mondoo AWS integration works. It inclu
 sidebar_position: 3
 ---
 
+## What does Mondoo scan?
+
+-Mondoo analyzes the configuration of the account settings. It discovers resources (EC2 instances, S3 buckets, RDS instances, etc) across all regions and assesses their configuration according to which [policies have been enabled](/platform/security/posture/pac/).
+
 ## How does the serverless Mondoo AWS integration work?
 
 With the serverless approach to integrating with AWS, Mondoo never has credentials to your AWS account.
@@ -16,6 +20,12 @@ We install a Lambda function in your AWS account via the CloudFormation template
 
 The resources created in your AWS account are used to run and schedule configuration and EC2 instance scans. Those resources are low-cost, limited to a Lambda function, SNS topic, SQS Queues, some IAM roles, EventBridge rules, and SSM parameters. If using the EBS volume scanning feature, an Autoscaling Group and launch template will also be created.
 
+## How can I see what resources Mondoo has created in my AWS account?
+
+All resources created by the Mondoo AWS Integration have the `Created By: Mondoo` tag. The IAM role attached to the Lambda function lets the integration delete EC2 resources only if they have the `Created By: Mondoo` tag.
+
+For information about AWS tags, read [Tagging your AWS resources](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) in the AWS documentation.
+
 ## How does the serverless integration communicate from my AWS account to Mondoo Platform?
 
 On CloudFormation stack creation, a short-lived token is exchanged for Mondoo credentials. Those credentials are stored in the SSM Parameter store and used by the Lambda function and SSM instances in the AWS account to communicate with Mondoo Platform over HTTPS.
@@ -32,40 +42,16 @@ Scan report results only.
 
 ## What information will Mondoo store about my AWS resources?
 
-Mondoo Platform stores the latest report for all scanned assets in the AWS account (the reports viewable under **Inventory**) as well as the total counts of various resources in the AWS account, displayed on the Integration detail page.
+Mondoo Platform stores the latest report for all scanned assets in the AWS account as well as the total counts of various resources in the AWS account.
 
 ## Is the communication channel between Mondoo and my AWS account secure?
 
-Yes, Mondoo communicates with your AWS account using [AWS EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cross-account.html). The Eventbus policy and rule are created as part of the CloudFormation stack.
+Yes. Mondoo communicates with your AWS account using [AWS EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cross-account.html). The Eventbus policy and rule are created as part of the CloudFormation stack.
 
 ## What permissions will the resources created by Mondoo request?
 
 [This JSON file](https://s3.amazonaws.com/mondoo.us-east-1/mondoo-serverless-v2.json) informs the Mondoo AWS integration and contains all the required permissions.
 
-## What specific resources will the Mondoo integration create in my AWS account?
-
-During install (CloudFormation):
-
-The Mondoo AWS CloudFormation stack creates these resources:
-
-- Lambda function
-- SNS topic/subscription (tells Mondoo about CloudFormation stack status)
-- EventBridge rule (lets Mondoo AWS talk to your AWS)
-- IAM roles/policies (for the Lambda function, the ASG instances, and the EventBridge bus)
-- SQS queue (for queueing scan jobs)
-
-All resources are tagged with:
-
-```
-Created By: Mondoo
-Mondoo Integration Mrn: <mrn-value>
-```
-
-Created by the Lambda function:
-
-- SSM parameters (to store the env configuration and credentials to communicate with Mondoo Platform)
-- EventBridge rules (to track aws events and set up cron events)
-- Launch configuration template & autoscaling group (only if using ebs volume scanning)
 
 ## How do I update to the latest Lambda version?
 
@@ -77,9 +63,9 @@ Every time the Lambda function updates, it first reads the SHA-256 of each file
 
 ## What happens if I delete the CloudFormation stack?
 
-When the CloudFormation stack is deleted, the Lambda function receives a notification and immediately deletes all AWS resources created by Mondoo. Mondoo Platform UI will display the integration as deleted. No data will be lost in Mondoo Platform. A CloudFormation stack can be deleted and recreated multiple times.
+When the CloudFormation stack is deleted, the Lambda function receives a notification and immediately deletes all AWS resources created by Mondoo. Mondoo displays the integration status as deleted. No data is lost in Mondoo Platform. A CloudFormation stack can be deleted and recreated multiple times.
 
-## How much will operating the serverless Mondoo AWS integration cost?
+## How much does operating the serverless Mondoo AWS integration cost?
 
 Most of the costs associated with the serverless Mondoo AWS integration fall into the AWS Free Tier category. Over the course of a month, an example AWS integration incurred this resource usage:
 
@@ -107,12 +93,6 @@ The AWS CloudFormation JSON and Lambda zip are available as part of the Mondoo S
 - [Nested Stack CloudFormation](https://s3.amazonaws.com/mondoo.us-east-1/mondoo-lambda-cf.json) (applies only to single-account installations)
 - [Lambda Zip](https://s3.amazonaws.com/mondoo-dev.us-east-1/mondoo-lambda.zip)
 
-### AWS tags
-
-All resources created by the Mondoo AWS Integration have the `Created By: Mondoo` tag. The IAM role attached to the Lambda function lets the integration delete EC2 resources only if they have the `Created By: Mondoo` tag.
-
-For information about AWS tags, read [Tagging your AWS resources](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) in the AWS documentation.
-
 ## Learn more
 
 - [AWS Integration Troubleshooting](/docs/platform/infra/cloud/aws/lambda/aws-integration-troubleshooting/)

docs/platform/infra/cloud/aws/lambda/aws-integration-troubleshooting.mdx

@@ -6,7 +6,7 @@ image: /img/featured_img/mondoo-aws.jpg
 description: This document covers how to debug and troubleshoot problems that may come up with the AWS Integration.
 ---
 
-Troubleshoot problems that may come up deploying, running, and updating the serverless Mondoo AWS integration.
+Troubleshoot problems deploying, running, and updating the serverless Mondoo AWS integration.
 
 :::tip
 
@@ -133,9 +133,7 @@ You can manually force an update to the AWS Lambda from within the Mondoo Consol
 
 3. Select **Force Lambda Update**.
 
-## VPC
-
-### Lambda VPC access
+## Lambda VPC access
 
 The [AWSLambdaVPCAccessExecutionRole](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html#permissions-executionrole-features) is already attached to the Mondoo Lambda Role in order to discover assets, and run policies against those assets.
 

docs/platform/security/posture/pac.mdx

@@ -12,20 +12,23 @@ But documents don't evaluate your environments. The work to verify that your inf
 
 _Policy as code_ lets you automate compliance using security benchmarks and best practices. The code serves two purposes: It documents the security guidelines and it tests your systems to ensure they follow those guidelines.
 
-Each Mondoo policy is a codified collection of _checks_, assertions that test for certain configurations. Each check can be true or false, and has an impact score that determines its importance within the policy. For example, the _Linux Security_ policy might include checks that ensure the asset:
+Each Mondoo policy is a codified collection of _checks_, assertions that test for certain configurations. Each check can be true or false, and has an impact score that determines its importance within the policy.
 
-- Doesn't accept ICMP redirects
+   For example, the _Linux Security_ policy might include checks that ensure the asset:
 
-- Has prelink disabled
+   - Doesn't accept ICMP redirects
 
-- Has reverse path filtering enabled
+   - Has prelink disabled
 
-... and dozens more.
+   - Has reverse path filtering enabled
 
-To learn more about policy as code, read [About Policies](/cnspec/cnspec-policies/). To learn more about checks, read [Checks](/cnspec/cnspec-policies/write/simple/#checks).
+   ... and dozens more.
 
-You choose whether to enable the _Linux Security_ policy. If it's enabled, then when Mondoo scans Linux-based assets, it evaluates them based on the checks defined in that policy (as well as any other applicable policies you enable).
+   You choose whether to enable the _Linux Security_ policy. If it's enabled, then when Mondoo scans Linux-based assets, it evaluates them based on the checks defined in that policy (as well as any other applicable policies you enable).
 
 Mondoo has hundreds of policies for dozens of different types of platforms. You choose which policies you want to use as a basis to assess the security of your infrastructure. To learn how, read [Manage Policies](/platform/security/posture/policies/).
 
+To learn more about policy as code, read [About Policies](/cnspec/cnspec-policies/). To learn more about checks, read [Checks](/cnspec/cnspec-policies/write/simple/#checks).
+
+
 ---