hashicorp
diff --git a/‎website/content/docs/connect/config-entries/proxy-defaults.mdx‎
Lines changed: 19 additions & 19 deletions b/‎website/content/docs/connect/config-entries/proxy-defaults.mdx‎
Lines changed: 19 additions & 19 deletions
diff --git a/‎website/content/docs/connect/config-entries/service-defaults.mdx‎
Lines changed: 2 additions & 2 deletions b/‎website/content/docs/connect/config-entries/service-defaults.mdx‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎website/content/docs/connect/proxies/deploy-service-mesh-proxies.mdx‎
Lines changed: 8 additions & 6 deletions b/‎website/content/docs/connect/proxies/deploy-service-mesh-proxies.mdx‎
Lines changed: 8 additions & 6 deletions
@@ -330,7 +330,7 @@ Specifies an arbitrary map of configuration values used by service mesh proxies.
 #### Values
 
 - Default: None
-- Data type: Map of 
+- Data type: Map
 
 ### `EnvoyExtensions`
 
@@ -339,7 +339,7 @@ Specifies a list of extensions that modify Envoy proxy configurations. Refer to
 #### Values
 
 - Default: None
-- Data type: Map of containing the following fields:
+- Data type: List of maps containing the following fields:
    - `Name`
    - `Required`
    - `Arguments`
@@ -371,7 +371,7 @@ Specifies a mode for how proxies direct inbound and outbound traffic. You can sp
 
 ### `TransparentProxy`
 
-Contains configurations for proxies that are running in transparent proxy mode. Refer to [Transparent proxy mode](/consul/docs/k8s/connect/transparent-proxy) for additional information. 
+Contains configurations for proxies that are running in transparent proxy mode. This mode enables permissive mTLS for Consul so that you can use your Kubernetes cluster's DNS service instead of Consul DNS. Refer to [Transparent proxy mode](/consul/docs/k8s/connect/transparent-proxy) for additional information. 
 
 #### Values
 
@@ -384,8 +384,8 @@ The following table describes how to configure values in the `TransparentProxy`
 
 | Parameter | Description | Data type | Default |
 | ---       | ---         | ---       | ---     |
-| `OutboundListenerPort` | Specifies the port that the proxy listens on for outbound traffic. Outbound application traffic must be  captured and redirected to this port. | Integer | `15001` |
-| `DialedDirectly` | Determines whether other proxies in transparent mode can directly dial this proxy instance's IP address. Proxies in transparent mode commonly dial upstreams at the [`virtual`](/consul/docs/services/configuration/services-configuration-reference#tagged_addresses-virtual) tagged address, which load balances across instances. Dialing individual instances can be helpful when sending requests to stateful services, such as database clusters with a leader. | Boolean | `false` |
+| `OutboundListenerPort` | Specifies the port that the proxy listens on for outbound traffic. Outbound application traffic must be captured and redirected to this port. | Integer | `15001` |
+| `DialedDirectly` | Determines whether other proxies in transparent mode can directly dial this proxy instance's IP address. Proxies in transparent mode commonly dial upstreams at the [`virtual` tagged address](/consul/docs/services/configuration/services-configuration-reference#tagged_addresses-virtual), which load balances across instances. Dialing individual instances can be helpful when sending requests to stateful services, such as database clusters with a leader. | Boolean | `false` |
 
 ### `MutualTLSMode`
 
@@ -431,14 +431,14 @@ Example use-cases include exposing the `/metrics` endpoint to a monitoring syste
 
 ### `Expose{}.Checks`
 
-Exposes all HTTP and gRPC checks registered with the agent when set to `true`. Envoy exposes listeners for the checks and only accepts connections originating from localhost or Consul's [`advertise_addr`](/consul/docs/agent/config/config-files#advertise). The ports for the listeners are dynamically allocated from the agent's [`expose_min_port`](/consul/docs/agent/config/config-files#expose_min_port) and [`expose_max_port`](/consul/docs/agent/config/config-files#expose_max_port) configurations.
+Exposes all HTTP and gRPC checks registered with the agent when set to `true`. Envoy exposes listeners for the checks and only accepts connections originating from localhost or the [Consul agent's `advertise_addr`](/consul/docs/agent/config/config-files#advertise). The ports for the listeners are dynamically allocated from the [agent's `expose_min_port`](/consul/docs/agent/config/config-files#expose_min_port) and [`expose_max_port`](/consul/docs/agent/config/config-files#expose_max_port) configurations.
 
-We recommend enabling the `Checks` configuration when a Consul client cannot reach registered services over localhost, such as when Consul agents run in their own pods in Kubernetes.
+We recommend enabling the `Checks` configuration when a Consul client cannot reach registered services over localhost.
 
 #### Values
 
 - Default: `false`
-- Data type: boolean
+- Data type: Boolean
 
 ### `Expose{}.Paths[]`
 
@@ -447,7 +447,7 @@ Specifies a list of configuration maps that define paths to expose through Envoy
 #### Values
 
 - Default: None
-- Data type: List of maps. 
+- Data type: List of maps 
 
 The following table describes the parameters for each map you can define in the list:
 
@@ -571,7 +571,7 @@ Specifies a list of extensions that modify Envoy proxy configurations. Refer to
 #### Values
 
 - Default: None
-- Data type: Map of containing the following fields:
+- Data type: List of maps of containing the following fields:
    - `name`
    - `required`
    - `arguments`
@@ -603,7 +603,7 @@ Specifies a mode for how proxies direct inbound and outbound traffic. You can sp
 
 ### `spec.transparentProxy`
 
-Contains configurations for proxies that are running in transparent proxy mode. Refer to [Transparent proxy mode](/consul/docs/k8s/connect/transparent-proxy) for additional information. 
+Contains configurations for proxies that are running in transparent proxy mode. This mode enables permissive mTLS for Consul so that you can use your Kubernetes cluster's DNS service instead of Consul DNS. Refer to [Transparent proxy mode](/consul/docs/k8s/connect/transparent-proxy) for additional information. 
 
 #### Values
 
@@ -616,8 +616,8 @@ The following table describes how to configure values in the `TransparentProxy`
 
 | Parameter | Description | Data type | Default |
 | ---       | ---         | ---       | ---     |
-| `outboundListenerPort` | Specifies the port that the proxy listens on for outbound traffic. Outbound application traffic must be  captured and redirected to this port. | Integer | `15001` |
-| `dialedDirectly` | Determines whether other proxies in transparent mode can directly dial this proxy instance's IP address. Proxies in transparent mode commonly dial upstreams at the [`virtual`](/consul/docs/services/configuration/services-configuration-reference#tagged_addresses-virtual) tagged address, which load balances across instances. Dialing individual instances can be helpful when sending requests to stateful services, such as database clusters with a leader. | Boolean | `false` |
+| `outboundListenerPort` | Specifies the port that the proxy listens on for outbound traffic. Outbound application traffic must be captured and redirected to this port. | Integer | `15001` |
+| `dialedDirectly` | Determines whether other proxies in transparent mode can directly dial this proxy instance's IP address. Proxies in transparent mode commonly dial upstreams at the [`virtual` tagged address](/consul/docs/services/configuration/services-configuration-reference#tagged_addresses-virtual), which load balances across instances. Dialing individual instances can be helpful when sending requests to stateful services, such as database clusters with a leader. | Boolean | `false` |
 
 ### `spec.mutualTLSMode`
 
@@ -663,14 +663,14 @@ Example use-cases include exposing the `/metrics` endpoint to a monitoring syste
 
 ### `spec.expose{}.checks`
 
-Exposes all HTTP and gRPC checks registered with the agent when set to `true`. Envoy exposes listeners for the checks and only accepts connections originating from localhost or Consul's [`advertise_addr`](/consul/docs/agent/config/config-files#advertise). The ports for the listeners are dynamically allocated from the agent's [`expose_min_port`](/consul/docs/agent/config/config-files#expose_min_port) and [`expose_max_port`](/consul/docs/agent/config/config-files#expose_max_port) configurations.
+Exposes all HTTP and gRPC checks registered with the agent when set to `true`. Envoy exposes listeners for the checks and only accepts connections originating from localhost or the [Consul agent's `advertise_addr`](/consul/docs/agent/config/config-files#advertise). The ports for the listeners are dynamically allocated from the [agent's `expose_min_port`](/consul/docs/agent/config/config-files#expose_min_port) and [`expose_max_port`](/consul/docs/agent/config/config-files#expose_max_port) configurations.
 
 We recommend enabling the `Checks` configuration when a Consul client cannot reach registered services over localhost, such as when Consul agents run in their own pods in Kubernetes.
 
 #### Values
 
 - Default: `false`
-- Data type: boolean
+- Data type: Boolean
 
 ### `spec.expose{}.paths[]`
 
@@ -752,7 +752,7 @@ Config {
 
 #### Consul Enterprise
 
-For Consul Enterprise, you can only create the configuration entry in the `default` namespace. The namepace configuration applies to proxies in all namespaces.
+When using multiple namespaces with Consul Enterprise, the only configuration entry that affects proxy defaults is the one in the `default` namespace. This configuration applies to proxies in all namespaces.
 
 ```hcl
 Kind      = "proxy-defaults"
@@ -780,7 +780,7 @@ spec:
 
 #### Consul Enterprise
 
-For Consul Enterprise, you can only create the configuration entry in the `default` namespace. The namepace configuration applies to proxies in all namespaces.
+When using multiple namespaces with Consul Enterprise, the only configuration entry that affects proxy defaults is the one in the `default` namespace. This configuration applies to proxies in all namespaces.
 
 ```yaml
 apiVersion: consul.hashicorp.com/v1alpha1
@@ -810,7 +810,7 @@ spec:
 ```
 #### Consul Enterprise
 
-For Consul Enterprise, you can only create the configuration entry in the `default` namespace. The namepace configuration applies to proxies in all namespaces.
+When using multiple namespaces with Consul Enterprise, the only configuration entry that affects proxy defaults is the one in the `default` namespace. This configuration applies to proxies in all namespaces.
 
 ```json
 {
@@ -877,7 +877,7 @@ spec:
 
 ### Access Logs
 
-The following example enables access logs for all proxies. efer to [access logs](/consul/docs/connect/observability/access-logs) for more detailed examples.
+The following example enables access logs for all proxies. Refer to [access logs](/consul/docs/connect/observability/access-logs) for more detailed examples.
 
 <Tabs>
 <Tab heading="HCL" group="hcl">
 
@@ -778,7 +778,7 @@ Specifies the TLS server name indication (SNI) when federating with an external
 
 ### `Expose`
 
-Specifies default configurations for exposing HTTP paths through Envoy. Exposing paths through Envoy enables services to listen on localhost only. Applications that are not Consul service mesh-enabled can still contact an HTTP endpoint. Refer to [Expose Paths Configuration Reference](/consul/docs/proxies/proxy-config-reference#expose-paths-configuration-reference) for additional information and example configurations.
+Specifies default configurations for exposing HTTP paths through Envoy. Exposing paths through Envoy enables services to listen on `localhost` only. Applications that are not Consul service mesh-enabled can still contact an HTTP endpoint. Refer to [Expose Paths Configuration Reference](/consul/docs/proxies/proxy-config-reference#expose-paths-configuration-reference) for additional information and example configurations.
 
 - Default: none
 - Data type: map
@@ -1198,7 +1198,7 @@ Specifies the TLS server name indication (SNI) when federating with an external
 
 ### `spec.expose`
 
-Specifies default configurations for exposing HTTP paths through Envoy. Exposing paths through Envoy enables services to listen on localhost only. Applications that are not Consul service mesh-enabled can still contact an HTTP endpoint. Refer to [Expose Paths Configuration Reference](/consul/docs/connect/proxies/proxy-config-reference#expose-paths-configuration-reference) for additional information and example configurations.
+Specifies default configurations for exposing HTTP paths through Envoy. Exposing paths through Envoy enables services to listen on `localhost` only. Applications that are not Consul service mesh-enabled can still contact an HTTP endpoint. Refer to [Expose Paths Configuration Reference](/consul/docs/connect/proxies/proxy-config-reference#expose-paths-configuration-reference) for additional information and example configurations.
 
 #### Values
 
 
@@ -7,7 +7,9 @@ description: >-
 
 # Deploy service mesh proxies services
 
-This topic describes how to create, register, and start service mesh proxies in Consul. Refer to [Service mesh proxies overview](/consul/docs/connect/proxies) for additional information about how proxies enable Consul functionalities. For information about deployed sidecar proxies, refer to [Deploy sidecar proxy services](/consul/docs/connect/proxies/deploy-sidecar-services).
+This topic describes how to create, register, and start service mesh proxies in Consul. Refer to [Service mesh proxies overview](/consul/docs/connect/proxies) for additional information about how proxies enable Consul functionalities. 
+
+For information about deploying proxies as sidecars for service instances, refer to [Deploy sidecar proxy services](/consul/docs/connect/proxies/deploy-sidecar-services).
 
 ## Overview
 
@@ -16,21 +18,21 @@ Complete the following steps to deploy a service mesh proxy:
 1. It is not required, but you can create a proxy defaults configuration entry that contains global passthrough settings for all Envoy proxies. 
 1. Create a service definition file and specify the proxy configurations in the `proxy` block.
 1. Register the service using the API or CLI.
-1. Start the proxy service. 
+1. Start the proxy service. Proxies appear in the list of services registered to Consul, but they must be started before they begin to route traffic in your service mesh.
 
 ## Requirements
 
-If [ACLs](/consul/docs/security/acl) are enabled and you want to configure global Envoy settings in the [proxy defaults configuration entry](/consul/docs/connect/config-entries/proxy-defaults), you must present a token with `operator:write` permissions. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for additional information.
+If ACLs are enabled and you want to configure global Envoy settings using the [proxy defaults configuration entry](/consul/docs/connect/config-entries/proxy-defaults), you must present a token with `operator:write` permissions. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for additional information.
 
 ## Configure global Envoy passthrough settings
 
-If you want to define global passthrough settings for all Envoy proxies, create a proxy defaults configuration entry and specify default settings, such as access log configuration. [Service defaults configuration entries](/consul/docs/connect/config-entries/service-defaults) override proxy defaults and individual service configurations override both configuration entries.
+If you want to define global passthrough settings for all Envoy proxies, create a proxy defaults configuration entry and specify default settings, such as access log configuration. Note that [service defaults configuration entries](/consul/docs/connect/config-entries/service-defaults) override proxy defaults and individual service configurations override both configuration entries.
 
 1. Create a proxy defaults configuration entry and specify the following parameters:
    - `Kind`: Must be set to `proxy-defaults`
    - `Name`: Must be set to `global`
 1. Configure any additional settings you want to apply to all proxies. Refer to [Proxy defaults configuration entry reference](/consul/docs/connect/config-entries/proxy-defaults) for details about all settings available in the configuraiton entry. 
-1. Apply the configuration by either calling the [`/config` API endpoint](/consul/api-docs/config) or running the [`consul config write` CLI command](/consul/commands/config/write). The following example writes a proxy defaults configuration entry from a local HCL file using the CLI:
+1. Apply the configuration by either calling the [`/config` HTTP API endpoint](/consul/api-docs/config) or running the [`consul config write` CLI command](/consul/commands/config/write). The following example writes a proxy defaults configuration entry from a local HCL file using the CLI:
 
 ```shell-session
 $ consul config write proxy-defaults.hcl
@@ -48,7 +50,7 @@ Create a service definition file and configure the following fields to define a
 
 Refer to the [Service mesh proxy configuration reference](/consul/docs/connect/proxies/proxy-config-reference) for example configurations.
 
- ## Register the service 
+## Register the service 
 
 Provide the service definition to the Consul agent to register your proxy service. You can use the same methods for registering proxy services as you do for registering application services: