damienwebdev
diff --git a/‎.gitignore
Lines changed: 3 additions & 2 deletions b/‎.gitignore
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/_data/mde.yml
Lines changed: 11 additions & 0 deletions b/‎src/_data/mde.yml
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/_data/toc/cloud-guide.yml
Lines changed: 1 addition & 1 deletion b/‎src/_data/toc/cloud-guide.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/_data/toc/configuration-guide.yml
Lines changed: 4 additions & 0 deletions b/‎src/_data/toc/configuration-guide.yml
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/_data/toc/release-notes.yml
Lines changed: 3 additions & 0 deletions b/‎src/_data/toc/release-notes.yml
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/_includes/cloud/enable-ssh.md
Lines changed: 25 additions & 14 deletions b/‎src/_includes/cloud/enable-ssh.md
Lines changed: 25 additions & 14 deletions
diff --git a/‎src/assets/i/flag.svg
Lines changed: 6 additions & 0 deletions b/‎src/assets/i/flag.svg
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/cloud/before/before-workspace-ssh.md
Lines changed: 38 additions & 0 deletions b/‎src/cloud/before/before-workspace-ssh.md
Lines changed: 38 additions & 0 deletions
diff --git a/‎src/cloud/cdn/cloud-fastly.md
Lines changed: 1 addition & 0 deletions b/‎src/cloud/cdn/cloud-fastly.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/cloud/cdn/fastly-vcl-whitelist.md
Lines changed: 2 additions & 2 deletions b/‎src/cloud/cdn/fastly-vcl-whitelist.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/cloud/cdn/fastly-waf-service.md
Lines changed: 2 additions & 0 deletions b/‎src/cloud/cdn/fastly-waf-service.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/cloud/project/privatelink-service.md
Lines changed: 20 additions & 1 deletion b/‎src/cloud/project/privatelink-service.md
Lines changed: 20 additions & 1 deletion
@@ -1,8 +1,9 @@
-# OS generated files #
-######################
+# OS and IDE generated files #
+##############################
 /*.db
 .DS_Store
 .vscode
+.history
 
 # Config and output files #
 ###########################
 
@@ -10,6 +10,17 @@ extensions:
   -
     name: Amazon Sales Channel
     versions:
+      -
+        name: 4.2.0
+        support:
+          2.3.0: compatible
+          2.3.1: compatible
+          2.3.2: compatible
+          2.3.3: compatible
+          2.3.4: compatible
+          2.3.5-p1: compatible
+          2.4.0: supported
+
       -
         name: 4.1.0
         support:
 
@@ -90,7 +90,7 @@ pages:
           url: /cloud/project/user-admin.html
           versionless: true
 
-        - label: Enable MFA enforcement for SSH
+        - label: Enable MFA for SSH
           url: /cloud/project/project-enable-mfa-enforcement.html
           versionless: true
 
 
@@ -21,6 +21,10 @@ pages:
         - label: Two-Factor Authentication
           url: /security/two-factor-authentication.html
 
+        - label: Security.txt
+          url: /security/security-txt.html
+          exclude_versions: ["2.3"]
+
         - label: X-Frame-Options header
           url: /config-guide/secy/secy-xframe.html
 
 
@@ -13,6 +13,9 @@ pages:
         - label: Magento Commerce 2.4.0 Release Notes
           url: /release-notes/release-notes-2-4-0-commerce.html
 
+        - label: Magento B2B Release Notes
+          url: /release-notes/b2b-release-notes.html
+
 
     - label: 2.3 Release Notes
       include_versions: ["2.3"]
 
@@ -1,15 +1,17 @@
-You must create an SSH key pair on every machine and workspace you and your team expect to work with and access {{site.data.var.ece}} and GitHub branches. The SSH keys connect you to GitHub to manage branches and push code without having to constantly supply your username and password. You can add multiple SSH keys to GitHub per each workspace you use.
+You must create an SSH key pair on every machine and workspace that requires access to {{site.data.var.ece}} project source code and environments. The SSH keys allow you to connect to GitHub to manage source code and to connect to cloud servers without having to constantly supply your username and password.
+
+You can add multiple SSH keys for each system or workspace that you use.
 
 The SSH keys require the following:
 
-*  Set up SSH keys as the [Magento file system owner]({{ site.baseurl }}/cloud/before/before-workspace-file-sys-owner.html).
-*  Create the keys using the email address used for the GitHub account.
+-  Set up SSH keys as the [Magento file system owner]({{ site.baseurl }}/cloud/before/before-workspace-file-sys-owner.html).
+-  Create the keys using the GitHub account email address.
 
 For more information on SSH keys, see the following:
 
-*  [Connecting to GitHub with SSH](https://help.github.com/articles/connecting-to-github-with-ssh/)
-*  [Manually generating your SSH key in Windows](https://docs.joyent.com/public-cloud/getting-started/ssh-keys/generating-an-ssh-key-manually/manually-generating-your-ssh-key-in-windows)
-*  [ssh-keygen man page](http://linux.die.net/man/1/ssh-keygen)
+-  [Connecting to GitHub with SSH](https://help.github.com/articles/connecting-to-github-with-ssh/)
+-  [Manually generating your SSH key in Windows](https://docs.joyent.com/public-cloud/getting-started/ssh-keys/generating-an-ssh-key-manually/manually-generating-your-ssh-key-in-windows)
+-  [ssh-keygen man page](http://linux.die.net/man/1/ssh-keygen)
 
 ## Locate an existing SSH key pair {#existing}
 
@@ -33,8 +35,8 @@ If you do not have SSH keys, you need to generate the keys for adding to your Ma
 
 If you already have SSH keys, continue to:
 
-*  [Add a public SSH key to your Magento account](#ssh-add-to-account) section
-*  [Add your SSH key to your GitHub account](https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/)
+-  [Add a public SSH key to your Magento account](#ssh-add-to-account) section
+-  [Add your SSH key to your GitHub account](https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/)
 
 ## Create a new SSH key pair {#ssh-create-new-key-pair}
 
@@ -72,6 +74,9 @@ To create an SSH key pair:
        IdentityFile ~/.ssh/id_rsa
    ```
 
+   {:.bs-callout-info}
+   You can specify multiple SSH keys by adding multiple `IdentityFile` entries to your configuration.
+
    For Windows:
 
    ```shell
@@ -112,14 +117,15 @@ After adding the SSH keys, test the SSH connection to GitHub:
 
 You can add SSH keys to your account in any of the following ways:
 
-*  Using the [{{site.data.var.ece}} CLI](#add-key-cli)
-*  Using the [{{site.data.var.ece}} Web Interface](#add-key-web)
+-  Using the [{{site.data.var.ece}} CLI](#add-key-cli)
+-  Using the [{{site.data.var.ece}} Web Interface](#add-key-web)
 
 ### Add a key using the CLI {#add-key-cli}
 
+{:.procedure}
 To add an SSH key using the CLI:
 
-1. Open a terminal application on your local.
+1. Open a terminal application on your local workstation.
 1. If you haven't done so already, log in (or switch to) the [Magento file system owner]({{ site.baseurl }}/cloud/before/before-workspace-file-sys-owner.html) to the server on which your SSH keys are located.
 
 1. Log in to your project:
@@ -134,13 +140,14 @@ To add an SSH key using the CLI:
    magento-cloud ssh-key:add ~/.ssh/id_rsa.pub
    ```
 
-#### Add a key using the Project Web Interface {#add-key-web}
+### Add a key using the Project Web Interface {#add-key-web}
 
 You will select and add your SSH public key to each environment in your account.
 
-*  Starter: Add to Master (Production) and any environments you create by branching from Master
-*  Pro: Add to Master Integration environment. After your Staging and Production environments are provisioned, you can add the SSH keys to those environments.
+-  Starter: Add to Master (Production) and any environments you create by branching from Master
+-  Pro: Add the key to Staging, Production, and Integration environments
 
+{:.procedure}
 To add an SSH key using the Project Web Interface:
 
 1. Copy your SSH public key to the clipboard.
@@ -173,3 +180,7 @@ git config --global user.email <your e-mail address>
 ```
 
 For more information, see [First-Time Git Setup](https://git-scm.com/book/en/v2/Getting-Started-First-Time-Git-Setup#_first_time)
+
+## SSH access with MFA
+
+{{ site.data.var.ece }} projects that have multi-factor authentication (MFA) enabled require all {{ site.data.var.ece }} accounts with SSH access to have two-factor authentication and to complete additional steps when using SSH to connect to GitHub or to project environments. See [Enable MFA for SSH access]({{ site.baseurl}}/cloud/project/project-enable-mfa-enforcement.html).
@@ -6,6 +6,8 @@ redirect_from:
 functional_areas:
   - Cloud
   - Setup
+  - Security
+  - Config
 ---
 
 {:.ref-header}
@@ -22,6 +24,42 @@ When initially setting up your local environment, you need to add the SSH keys t
 
 {% include cloud/enable-ssh.md %}
 
+### Unable to access projects without MFA
+
+If you authenticate to a project with multi-factor authentication (MFA) enabled, you might receive the following error when connecting to other projects that do not require MFA:
+
+   ```bash
+   ssh [email protected]
+   [email protected]: Permission denied (publickey).
+   ```
+
+During the SSH certificate generation, the Magento Cloud CLI adds an additional SSH key to your local environment. That key will be used by default if your local SSH configuration does not include the SSH key for project access.
+
+{:.procedure}
+To add your SSH key to the local configuration:
+
+1. Create the `config` file if it does not exists.
+
+    ```bash
+    touch ~/.ssh/config
+    ```
+
+1. Add an `IdentityFile` configuration.
+
+    ```yaml
+   Host *
+     IdentityFile ~/.ssh/id_rsa
+    ```
+
+   {:.bs-callout-info}
+   You can specify multiple SSH keys by adding multiple `IdentityFile` entries to your configuration.
+
+1. Reload your SSH configuration to apply the changes.
+
+    ```bash
+    source ~/.ssh/config
+    ```
+
 {:.ref-header}
 Next step
 
 
@@ -4,6 +4,7 @@ title: Fastly
 functional_areas:
   - Cloud
   - Setup
+  - Security
 ---
 
 Fastly provides the following services to optimize and secure content delivery operations for your {{ site.data.var.ece }} projects. These services are included with your {{ site.data.var.ece }} subscription at no additional cost.
 
@@ -6,10 +6,10 @@ redirect_from:
 functional_areas:
   - Cloud
   - Setup
+  - Security
 ---
 
-
-You can use the a Fastly Edge ACL list in combination with custom VCL code snippet to filter incoming requests and allow access by IP address. The ACL list specifies the IP addresses to allow.
+You can use a Fastly Edge ACL list in combination with a custom VCL code snippet to filter incoming requests and allow access by IP address. The ACL list specifies the IP addresses to allow.
 
 Create an allow list to limit access to your Staging environment so that only requests from specified IP addresses for internal developers and approved external services are permitted. You can also create an allow list to secure access to the Magento Admin UI on Staging and Production environments.
 
 
@@ -4,6 +4,8 @@ title: Web Application Firewall (WAF)
 functional_areas:
   - Cloud
   - Install
+  - Security
+  - Compliance
 ---
 
 Powered by Fastly, the web application firewall (WAF) service for {{ site.data.var.ece }} detects, logs, and blocks malicious request traffic before it can damage your sites or network. The WAF service is available on production environments only.
 
@@ -153,6 +153,25 @@ To test the connection to the VPC endpoint service:
    ```
    {:.no-copy}
 
+1. Run the following command to to ensure the service is listening on VM:
+
+   ```bash
+   netstat -na |grep <port>
+   ```
+
+1. Run the following command to check the packages flow:
+
+   ```bash
+   tcpdump -i <ethernet interface> -tt -nn port <destination port> and host <source host>
+   ```
+
+   Check the following internal settings to ensure that the configuration is valid:
+
+   -  Endpoint and endpoint services settings
+   -  NLB settings
+   -  The target groups in NLB and verify they are healthy
+   -  The netcat/curl endpoint URL from each VM ( listed above)
+
    See the following articles for help troubleshooting connection issues:
 
    -  [AWS: Troubleshooting endpoint service connections][]
@@ -172,7 +191,7 @@ Submit a Magento Support ticket to change an existing PrivateLink configuration.
 
 The customer VPC must have the following resources available to support bidirectional PrivateLink connections:
 
--  A Network Load Balancer
+-  A Network Load Balancer (NLB)
 -  An endpoint service configuration that enables access to an application or service from the customer VPC
 -  An [interface endpoint][] (AWS) or [private endpoint][] (Azure) that allows Magento to connect to endpoint services hosted in your VPC