(DOCSP-46857) Updates more images from design (#108)

* (DOCSP-46857) Updates more images from design

* (DOCSP-46857) Updates more diagrams from design and moves the encryption section, updates shared descriptions

Author: sarahsimpers

source/data-encryption.txt

@@ -195,3 +195,71 @@ Consider the following data classification levels as a starting point:
   encryption with customer key management for additional security.
 
   Examples: Revenue information, Payroll, Security Risks
+
+Examples
+--------
+
+.. include:: /includes/complete-examples.rst
+
+The following examples configure encryption with customer key management
+using |service| :ref:`tools for automation <arch-center-automation>`.
+
+Before you configure encryption with customer key management, you must
+create your organizations, projects, and {+clusters+}. To learn more,
+see :ref:`arch-center-create-hierarchy-example`. 
+
+Configure Encryption with Customer Key Management
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. tabs::
+
+   .. tab:: Dev and Test Environments
+      :tabid: devtest
+
+      For your development and testing environments, consider skipping encryption 
+      with customer key management to save costs, unless you're in a highly-regulated industry
+      or storing sensitive data. To learn more, see :ref:`arch-center-recommendations`.
+
+   .. tab:: Staging and Prod Environments
+      :tabid: stagingprod
+
+      For your staging and production environments environments, we
+      recommend that you enable encryption with customer key management when you provision your {+clusters+}.
+      To learn more, see :ref:`arch-center-recommendations`.
+
+To enable encryption with customer key management with Terraform, 
+create the following resources. Change the IDs and names to use your values:
+
+.. tabs::
+   
+   .. tab:: AWS
+      :tabid: aws
+
+      .. tip:: 
+
+         For a complete configuration example, see
+         :github:`Atlas Terraform Provider Example <mongodb/terraform-provider-mongodbatlas/blob/master/examples/mongodbatlas_encryption_at_rest/aws/atlas-cluster>`.
+
+         Alternatively, to simplify the configuration process, you can use the
+         `encryption at rest Terraform module <https://registry.terraform.io/modules/terraform-mongodbatlas-modules/encryption-at-rest/mongodbatlas/latest>`__.
+
+      .. include:: /includes/examples/tf-example-aws-kms.rst
+   
+   .. tab:: Azure
+      :tabid: azure
+
+      .. tip:: 
+
+         For a complete configuration example, see
+         :github:`Atlas Terraform Provider Example <mongodb/terraform-provider-mongodbatlas/tree/master/examples/mongodbatlas_encryption_at_rest/azure>`.
+
+      .. include:: /includes/examples/tf-example-azure-key-vault.rst
+   
+   .. tab:: GCP
+      :tabid: gcp
+
+      .. include:: /includes/examples/tf-example-gcp-kms.rst
+
+For more configuration options and info about this example, 
+see `Terraform documentation 
+<https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/encryption_at_rest>`__.

source/hierarchy.txt

@@ -130,11 +130,6 @@ projects and {+clusters+}:
      - The back end for your application that is live for your
        end users.
 
-Encryption with Customer Key Management
-```````````````````````````````````````
-
-.. include:: /includes/encryption-with-cmk-recommendations.rst
-
 Local {+service+} Deployments
 `````````````````````````````
 
@@ -143,7 +138,7 @@ For your dev and test environments, you can also develop {+service+}
 to work locally from their machine and cut down on costs for
 development and test environments. To learn more, see 
 :atlascli:`Create a Local {+service+} Deployment
-<atlas-cli-deploy-local>`.
+</atlas-cli-deploy-local>`.
 
 Org and Project Hierarchies
 ````````````````````````````
@@ -159,7 +154,8 @@ If you will easily hit the 250 project limit per organization, we
 recommend creating one organization per environment, such as one each
 for lower and upper environments, or one each for dev, test, staging,
 and production. This setup has the benefit of additional isolation. You can also 
-increase the limits. To learn more, see :atlas:`<atlas-limits>`.
+increase the limits. To learn more, see 
+:atlas:`{+service+} Service Limits </reference/atlas-limits>`.
 
 .. _project-hierarchy-1:
 
@@ -169,7 +165,7 @@ Recommended Hierarchy
 Consider the following hierarchy, which creates fewer |service| organizations, if you have common teams and permissions across the 
 {+BU+} and less than the raiseable limit of 250 projects per organization. 
 
-.. figure:: /includes/images/paying-org-hierarchy.png
+.. figure:: /includes/images/paying-org-hierarchy.svg
    :alt: An image showing a paying organization with other organizations nested beneath it.
    :align: center
    :lightbox:
@@ -189,7 +185,7 @@ buy credits themselves through the cloud provider marketplace or
 directly with their own contract. There is no paying organization in
 this hierarchy.
 
-.. figure:: /includes/images/no-paying-org-hierarchy.png
+.. figure:: /includes/images/no-paying-org-hierarchy.svg
    :alt: An image showing multiple organizations without a paying organization above them.
    :align: center
    :lightbox:
@@ -203,7 +199,7 @@ To maintain isolation between environments, we recommend that you deploy
 {+cluster+}s that belong to the same application and are administered 
 by the same team in the same project, as shown in the following diagram:
 
-.. figure:: /includes/images/deployment-hierarchy.png
+.. figure:: /includes/images/deployment-hierarchy.svg
    :alt: An image showing one deployment per project in each organization.
    :align: center
    :lightbox:
@@ -224,7 +220,7 @@ You should use this hierarchy only if both of the following are true:
   {+clusters+} should belong to the same application and be administered 
   by the same team in the same project.
 
-.. figure:: /includes/images/alt-deployment-by-environment.png
+.. figure:: /includes/images/alt-deployment-by-environment.svg
    :alt: An image showing deployments grouped by environment.
    :align: center
    :lightbox:
@@ -545,65 +541,6 @@ These examples also apply other recommended configurations, including:
       see |service-terraform| and the `MongoDB Terraform Blog Post
       <https://www.mongodb.com/developer/products/atlas/deploy-mongodb-atlas-terraform-aws/>`__.
 
-      Configure Encryption with Customer Key Management
-      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-      .. tabs::
-
-         .. tab:: Dev and Test Environments
-            :tabid: devtest
-
-            For your development and testing environments, consider skipping encryption 
-            with customer key management to save costs, unless you're in a highly-regulated industry
-            or storing sensitive data. To learn more, see :ref:`arch-center-recommendations`.
-
-         .. tab:: Staging and Prod Environments
-            :tabid: stagingprod
-
-            For your staging and production environments environments, we
-            recommend that you enable encryption with customer key management when you provision your {+clusters+}.
-            To learn more, see :ref:`arch-center-recommendations`.
-
-      To enable encryption with customer key management with Terraform, 
-      create the following resources. Change the IDs and names to use your values:
-
-      .. tabs::
-         
-         .. tab:: AWS
-            :tabid: aws
-
-            .. tip:: 
-
-               For a complete configuration example, see
-               :github:`Atlas Terraform Provider Example <mongodb/terraform-provider-mongodbatlas/blob/master/examples/mongodbatlas_encryption_at_rest/aws/atlas-cluster>`.
-
-               Alternatively, to simplify the configuration process, you can use the
-               `encryption at rest Terraform module <https://registry.terraform.io/modules/terraform-mongodbatlas-modules/encryption-at-rest/mongodbatlas/latest>`__.
-
-            .. include:: /includes/examples/tf-example-aws-kms.rst
-         
-         .. tab:: Azure
-            :tabid: azure
-
-            .. tip:: 
-
-               For a complete configuration example, see
-               :github:`Atlas Terraform Provider Example <mongodb/terraform-provider-mongodbatlas/tree/master/examples/mongodbatlas_encryption_at_rest/azure>`.
-
-            .. include:: /includes/examples/tf-example-azure-key-vault.rst
-         
-         .. tab:: GCP
-            :tabid: gcp
-
-            .. include:: /includes/examples/tf-example-gcp-kms.rst
-      
-      For more configuration options and info about this example, 
-      see `Terraform documentation 
-      <https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/encryption_at_rest>`__.
-
-      Create the Projects and Deployments
-      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
       After you create the files, navigate to each application and environment pair's directory and run the following
       command to initialize Terraform: