Update docs

content/en/user-guide/aws/dynamodb/index.md

@@ -13,6 +13,8 @@ DynamoDB provides a fast and scalable key-value datastore with support for repli
 LocalStack allows you to use the DynamoDB APIs in your local environment to manage key-value and document data models.
 The supported APIs are available on our [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_dynamodb/), which provides information on the extent of DynamoDB's integration with LocalStack.
 
+DynamoDB emulation is powered by [DynamoDB Local](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DynamoDBLocal.html).
+
 ## Getting started
 
 This guide is designed for users new to DynamoDB and assumes basic knowledge of the AWS CLI and our [`awslocal`](https://github.com/localstack/awscli-local) wrapper script.

content/en/user-guide/aws/ec2/index.md

@@ -196,7 +196,7 @@ Any execution of this data is recorded in the `/var/log/cloud-init-output.log` f
 
 You can also set up an SSH connection to the locally emulated EC2 instance using the instance IP address.
 
-This section assumes that you have created or imported an SSH key pair named `my-key` (see [instructions above]({{< relref "#create-a-key-pair" >}})).
+This section assumes that you have created or imported an SSH key pair named `my-key`.
 When running the EC2 instance, make sure to pass the `--key-name` parameter to the command:
 
 {{< command >}}
@@ -211,7 +211,7 @@ $ ssh -p 12862 -i key.pem [email protected]
 {{< /command >}}
 
 {{< callout "tip" >}}
-If the `ssh` command throws an error like "Identity file not accessible" or "bad permissions", then please make sure that the key file has a restrictive `0400` permission as illustrated [here]({{< relref "ec2#create-a-key-pair" >}}).
+If the `ssh` command throws an error like "Identity file not accessible" or "bad permissions", make sure that the key file has a restrictive `0400` permission as illustrated above.
 {{< /callout >}}
 
 ## VM Managers
@@ -251,8 +251,8 @@ While the records of resources will be persisted, the instances or AMIs themselv
 
 ### AMIs
 
-LocalStack utilizes a specific naming scheme to recognize and manage associated containers and images.
 Docker base images which are tagged with the scheme `localstack-ec2/<AmiName>:<AmiId>` are recognized as Amazon Machine Images (AMIs).
+These can be used to launch EC2 instances which are in fact Docker containers.
 
 You can mark any Docker base image as AMI using the below command:
 
@@ -267,28 +267,27 @@ At startup, LocalStack downloads the following AMIs that can be used to launch D
 - Amazon Linux 2023 `ami-024f768332f0`
 
 {{< callout "note" >}}
-The auto download of Docker images to be used as AMIs can be disabled using the `EC2_DOWNLOAD_DEFAULT_IMAGES=0` configuration variable.
+The auto download of Docker images for default AMIs can be disabled using the `EC2_DOWNLOAD_DEFAULT_IMAGES=0` configuration variable.
 {{< /callout >}}
 
 All LocalStack-managed Docker AMIs bear the resource tag `ec2_vm_manager:docker`.
-These AMIs can be listed using:
+These can be listed using:
 
 {{< command >}}
 $ awslocal ec2 describe-images --filters Name=tag:ec2_vm_manager,Values=docker
 {{< /command >}}
 
 {{< callout "note" >}}
-If an AMI does have the `ec2_vm_manager:docker` tag, it means that it is mocked.
+If an AMI does not have the `ec2_vm_manager:docker` tag, it means that it is mocked.
 Attempting to launch Dockerized instances using these AMIs will result in an `InvalidAMIID.NotFound` error.
 See [Mock VM manager](#mock-vm-manager).
 {{< /callout >}}
 
-AWS does not provide an API to download AMIs.
-This prevents the use stock AWS AMIs on LocalStack.
-However, in certain cases it may be possible to tweak your AMI build process to target Docker images.
+AWS does not provide an API to download AMIs which prevents the use of real AWS AMIs on LocalStack.
+However, in certain cases it may be possible to tweak your workflow to make it work with Localstack.
 
-For example, suppose you use [Packer](https://packer.io/) to customise the Amazon Linux AMI on AWS.
-You can instead make Packer use the [Docker builder](https://developer.hashicorp.com/packer/integrations/hashicorp/docker/latest/components/builder/docker) instead of the Amazon builder and add the customisations on top of the Amazon Linux [Docker base image](https://hub.docker.com/_/amazonlinux/).
+For example, you can use [Packer](https://packer.io/) to customise the Amazon Linux AMI on AWS.
+Packer can be made to use the [Docker builder](https://developer.hashicorp.com/packer/integrations/hashicorp/docker/latest/components/builder/docker) instead of the Amazon builder and add the customisations on top of the Amazon Linux [Docker base image](https://hub.docker.com/_/amazonlinux/).
 The final image then can be used by LocalStack EC2 as illustrated above.
 
 ### Instances
@@ -321,26 +320,27 @@ These addresses are also printed in the logs while the instance is being initial
 When instances are launched, LocalStack attempts to start SSH server `/usr/sbin/sshd` in the Docker base image.
 If not found, it installs and starts the [Dropbear](https://github.com/mkj/dropbear) SSH server.
 
-To be able to access the instance at additional ports from the host system, you can modify the default security group and incorporate the needed ingress ports.
+To be able to access the instance at additional ports from the host system, you can modify the default security group and include the required ingress ports.
 
 {{< callout "note" >}}
 Security group ingress rules are applied only during the creation of the Dockerized instance.
 Modifying a security group will not open any ports for a running instance.
 {{< /callout >}}
 
 The system supports up to 32 ingress ports.
-This constraint is in place to prevent the host from exhausting available ports.
+This constraint is in place to prevent exhausting free ports on the host.
 
 {{< command >}}
 $ awslocal ec2 authorize-security-group-ingress \
   --group-id default \
   --protocol tcp \
   --port 8080
-$ awslocal ec2 describe-security-groups \
-  --group-names default
+{{< /command >}}
+{{< command >}}
+$ awslocal ec2 describe-security-groups --group-names default
 {{< /command >}}
 
-The port mapping details are provided in the logs during the instance initialization process.
+The port mapping details are provided in the logs when the instance starts up.
 
 ```bash
 2022-12-20T19:43:44.544  INFO  Instance i-1d6327abf04e31be6 port mappings (container -> host): {'8080/tcp': 51747, '22/tcp': 55705}
@@ -507,9 +507,7 @@ Underlying virtual machines and volumes are not persisted, only their mock respr
 ### AMIs
 
 All qcow2 images with cloud-init support can be used as AMIs.
-
-LocalStack does not come preloaded with any AMIs.
-You can find the download links for images of popular OSs below:
+You can find the download links for images of popular OSs below.
 
 {{< tabpane text=true >}}
 
@@ -545,6 +543,8 @@ An evaluation version of Windows Server 2012 R2 is provided by [Cloudbase Soluti
 
 {{< /tabpane >}}
 
+LocalStack does not come preloaded with any AMIs.
+
 Compatible qcow2 images must be placed at the default Libvirt storage pool at `/var/lib/libvirt/images` on the host machine.
 Images must be named with the prefix `ami-` followed by at least 8 hexadecimal characters without an extension, e.g. `ami-1234abcd`.
 You may need run the following command to make sure the image is registered with Libvirt:
@@ -554,6 +554,8 @@ $ virsh pool-refresh default
 <disable-copy>
 Pool default refreshed
 </disable-copy>
+{{< /command >}}
+{{< command >}}
 $ virsh vol-list --pool default
 <disable-copy>
  Name                                    Path

content/en/user-guide/aws/fis/index.md

@@ -28,7 +28,7 @@ FIS defines the following elements:
 1. Duration of the disruption.
 
 Together this is termed as an Experiment.
-After the designated time, FIS restores systems to their original state and/or ceases introducing faults.
+After the designated time, running experiments restore systems to their original state and cease introducing faults.
 
 {{< callout "note" >}}
 FIS experiment emulation is part of LocalStack Enterprise.
@@ -37,10 +37,9 @@ If you'd like to try it out, please [contact us](https://www.localstack.cloud/de
 
 FIS actions can be categorized into two main types:
 
-1. Single-time events — For example, the `aws:ec2:stop-instances` FIS action, which sends a [`StopInstances`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html) API to specific EC2 instances.
+1. One-time events: For example, the `aws:ec2:stop-instances` FIS action, which sends a [`StopInstances`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html) API to specific EC2 instances.
 Some of these events can automatically be undone after a defined time, such as sending a [`StartInstances`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartInstances.html) command to the affected instances.
-1. Inducing API errors in response to a specified percentage of API calls.
-For instance, using `aws:fis:inject-api-unavailable-error` to introduce an HTTP 503 error.
+1. Probabilistic API errors: For instance, using `aws:fis:inject-api-unavailable-error` to introduce an HTTP 503 error.
 
 ## Getting started
 
@@ -233,9 +232,7 @@ LocalStack FIS currently supports the following actions:
 - **`aws:rds:reboot-db-instances`**: Runs EC2 RebootInstances on the target EC2 instances.
 - **`aws:ssm:send-command`**: Runs the Systems Manager SendCommand on the target EC2 instances.
 
-{{< callout "note" >}}
 If you would like support for more FIS actions, please make a feature request on [GitHub](https://github.com/localstack/localstack/issues/new/choose).
-{{< /callout >}}
 
 ## Current Limitations
 

content/en/user-guide/aws/iot/index.md

@@ -10,32 +10,35 @@ aliases:
 
 ## Introduction
 
-AWS IoT provides cloud services to manage IoT fleet and integrate them with other AWS services
+AWS IoT provides cloud services to manage IoT devices and integrate them with other AWS services.
 
-LocalStack Pro supports IoT Core, IoT Data, IoT Analytics and related APIs as well as an in-built MQTT broker.
+LocalStack Pro supports IoT Core, IoT Data, IoT Analytics.
 Common operations for creating and updating things, groups, policies, certificates and other entities are implemented with full CloudFormation support.
 The supported APIs are available on our [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_iot/).
 
+LocalStack ships a [Message Queuing Telemetry Transport (MQTT)](https://mqtt.org/) broker powered by [Eclipse Mosquitto](https://mosquitto.org/) which supports both pure MQTT and MQTT-over-WSS (WebSockets Secure) protocols.
+
 ## Getting Started
 
 This guide is for users that are new to IoT and assumes a basic knowledge of the AWS CLI and LocalStack [`awslocal`](https://github.com/localstack/awscli-local) wrapper.
 
 Start LocalStack using your preferred method.
 
-LocalStack ships an Message Queuing Telemetry Transport (MQTT) broker powered by [Mosquitto](https://mosquitto.org/) which supports both pure MQTT and MQTT-over-WSS (WebSockets Secure) protocols.
 To retrieve the MQTT endpoint, use the [`DescribeEndpoint`](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEndpoint.html) operation.
 
 {{< command >}}
 $ awslocal iot describe-endpoint
+<disable-copy>
 {
     "endpointAddress": "000000000000.iot.eu-central-1.localhost.localstack.cloud:4510"
 }
+</disable-copy>
 {{< / command >}}
 
 {{< callout "tip" >}}
 LocalStack lazy-loads services by default.
 The MQTT broker may not be automatically available on a fresh launch of LocalStack.
-You should make a `DescribeEndpoint` call to ensure the broker is running and identify the port.
+You can make a `DescribeEndpoint` call to start the broker and identify the port.
 {{< /callout >}}
 
 This endpoint can then be used with any MQTT client to publish and subscribe to topics.
@@ -50,7 +53,7 @@ $ mqtt subscribe \
         --topic climate
 {{< /command >}}
 
-In another terminal, publish a message to this topic.
+In a separate terminal session, publish a message to this topic.
 
 {{< command >}}
 $ mqtt publish \
@@ -60,16 +63,16 @@ $ mqtt publish \
         -m "temperature=30°C;humidity=60%"
 {{< /command >}}
 
-This message will be pushed to all subscribers of this topic, including the one in the first terminal.
+This message will be pushed to all subscribers of this topic, including the one in the first terminal session.
 
 ## Authentication
 
 LocalStack IoT maintains its own root certificate authority which is regenerated at every run.
 The root CA certificate can be retrieved from <http://localhost.localstack.cloud:4566/_aws/iot/LocalStackIoTRootCA.pem>.
 
-{{< callout >}}
+{{< callout "tip" >}}
 AWS provides its root CA certificate at <https://www.amazontrust.com/repository/AmazonRootCA1.pem>.
-For more information, see [this](https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs).
+[This section](https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs) contains information about CA certificates.
 {{< /callout >}}
 
 When connecting to the endpoints, you will need to provide this root CA certificate for authentication.
@@ -191,10 +194,3 @@ The following actions are supported:
 - [Firehose](https://docs.aws.amazon.com/iot/latest/developerguide/kinesis-firehose-rule-action.html)
 - [DynamoDBv2](https://docs.aws.amazon.com/iot/latest/developerguide/dynamodb-v2-rule-action.html)
 - [HTTP](https://docs.aws.amazon.com/iot/latest/developerguide/https-rule-action.html) (URL confirmation and substitution templating is not implemented)
-
-## Current Limitations
-
-LocalStack MQTT broker does not support multi-account/multi-region namespacing.
-Internally, the MQTT messages are not routed to the appropriate account ID/region even though the endpoint URL may suggest otherwise.
-All messages will be routed to the `000000000000` account and the `us-east-1` region.
-This prevents features such as topic rules from working properly when not using the this account ID or region.

content/en/user-guide/aws/kinesis/index.md

@@ -14,6 +14,8 @@ It is used for applications that require real-time processing and deriving insig
 LocalStack allows you to use the Kinesis Data Streams APIs in your local environment from setting up data streams and configuring data processing to building real-time applications.
 The supported APIs are available on our [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_kinesis/).
 
+Emulation for Kinesis is powered by [Kinesis Mock](https://github.com/etspaceman/kinesis-mock).
+
 ## Getting started
 
 This guide is designed for users new to Kinesis Data Streams and assumes basic knowledge of the AWS CLI and our [`awslocal`](https://github.com/localstack/awscli-local) wrapper script.
@@ -205,4 +207,4 @@ The following code snippets and sample applications provide practical examples o
 ## Limitations
 
 In multi-account setups, each AWS account launches a separate instance of Kinesis Mock, which is very resource intensive when a large number of AWS accounts are used.
-An [open Kinesis Mock issue](https://github.com/etspaceman/kinesis-mock/issues/377) is being used to keep track of this feature.
+[This Kinesis Mock issue](https://github.com/etspaceman/kinesis-mock/issues/377) is being used to keep track of this feature.

content/en/user-guide/aws/mwaa/index.md

@@ -8,15 +8,15 @@ tags: ["Pro image"]
 
 ## Introduction
 
-Managed Workflows for Apache Airflow (MWAA) is a fully managed service by AWS that simplifies the deployment, management, and scaling of Apache Airflow workflows in the cloud.
+Managed Workflows for Apache Airflow (MWAA) is a fully managed service by AWS that simplifies the deployment, management, and scaling of [Apache Airflow](https://airflow.apache.org/) workflows in the cloud.
 MWAA leverages the familiar Airflow features and integrations while integrating with S3, Glue, Redshift, Lambda, and other AWS services to build data pipelines and orchestrate data processing workflows in the cloud.
 
 LocalStack allows you to use the MWAA APIs in your local environment to allow the setup and operation of data pipelines.
-The supported APIs are available on our [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_mwaa/), which provides information on the extent of MWAA's integration with LocalStack.
+The supported APIs are available on the [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_mwaa/).
 
 ## Getting started
 
-This guide is designed for users new to Managed Workflows for Apache Airflow and assumes basic knowledge of the AWS CLI and our [`awslocal`](https://github.com/localstack/awscli-local) wrapper script.
+This guide is designed for users new to MWAA and assumes basic knowledge of the AWS CLI and our [`awslocal`](https://github.com/localstack/awscli-local) wrapper script.
 
 Start your LocalStack container using your preferred method.
 We will demonstrate how to create an Airflow environment and access the Airflow UI.
@@ -153,3 +153,7 @@ The Resource Browser allows you to perform the following actions:
 - **View Environment**: View details of an existing MWAA environment by clicking on the environment name.
 - **Edit Environment**: Edit an existing MWAA environment by clicking on the **Edit** button after clicking on the environment name.
 - **Delete Environment**: Select the environment name and click on the **Actions** button followed by **Remove Selected** button.
+
+## Current Limitations
+
+- LocalStack MWAA does not support [startup scripts](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html)

content/en/user-guide/aws/ram/index.md

@@ -8,7 +8,7 @@ Resource Access Manager (RAM) helps resources to be shared across AWS accounts,
 
 On AWS, RAM is an abstraction on top of AWS Identity and Access Management (IAM) which can manage resource-based policies to supported resource types.
 
-LocalStack supports RAM in the Pro edition.
+RAM is available in LocalStack Pro.
 The supported API operations can be found on the [API coverage page](https://docs.localstack.cloud/references/coverage/coverage_ram/).
 
 ## Getting started