Fix sort order for at-rest API encryption providers

List "identity" first, then other providers alphabetically.
2023-04-21 09:37:14 +01:00 · 2023-04-21 09:37:14 +01:00 · fac97a1947
parent e3720c7fd3
commit fac97a1947
1 changed files with 14 additions and 11 deletions
--- a/content/en/docs/tasks/administer-cluster/encrypt-data.md
+++ b/content/en/docs/tasks/administer-cluster/encrypt-data.md
@ -154,7 +154,8 @@ The following table describes each available provider:
  <th>Key length</th>
  </tr>
 </thead>
-<tbody>
+<tbody id="encryption-providers-identity">
+  <!-- list identity first, even when the remaining rows are sorted alphabetically -->
  <tr>
  <th rowspan="2" scope="row"><tt>identity</tt></th>
  <td><strong>None</strong></td>
@ -166,6 +167,8 @@ The following table describes each available provider:
  <td colspan="4">Resources written as-is without encryption. When set as the first provider, the resource will be decrypted as new values are written. Existing encrypted resources are <strong>not</strong> automatically overwritten with the plaintext data.
   The <tt>identity</tt> provider is the default if you do not specify otherwise.</td>
  </tr>
+</tbody>
+<tbody id="encryption-providers-that-encrypt">
  <tr>
  <th rowspan="2" scope="row"><tt>aescbc</tt></th>
  <td>AES-CBC with <a href="https://datatracker.ietf.org/doc/html/rfc2315">PKCS#7</a> padding</td>
@ -187,16 +190,6 @@ The following table describes each available provider:
  <td colspan="4">Not recommended for use except when an automated key rotation scheme is implemented. Key material accessible from control plane host.</td>
  </tr>
  <tr>
-  <th rowspan="2" scope="row"><tt>secretbox</tt></th>
-  <td>XSalsa20 and Poly1305</td>
-  <td>Strong</td>
-  <td>Faster</td>
-  <td>32-byte</td>
-  </tr>
-  <tr>
-  <td colspan="4">Uses relatively new encryption technologies that may not be considered acceptable in environments that require high levels of review. Key material accessible from control plane host.</td>
-  </tr>
-  <tr>
  <th rowspan="2" scope="row"><tt>kms</tt> v1</th>
  <td>Uses envelope encryption scheme with DEK per resource.</td>
  <td>Strongest</td>
@ -234,6 +227,16 @@ The following table describes each available provider:
    Read how to <a href="/docs/tasks/administer-cluster/kms-provider#configuring-the-kms-provider-kms-v2">configure the KMS V2 provider</a>.
    </td>
  </tr>
+  <tr>
+  <th rowspan="2" scope="row"><tt>secretbox</tt></th>
+  <td>XSalsa20 and Poly1305</td>
+  <td>Strong</td>
+  <td>Faster</td>
+  <td>32-byte</td>
+  </tr>
+  <tr>
+  <td colspan="4">Uses relatively new encryption technologies that may not be considered acceptable in environments that require high levels of review. Key material accessible from control plane host.</td>
+  </tr>
 </tbody>
 </table>