[CASB] CDS UI updates + AWS CDE (#18162)

Co-authored-by: Jun Lee <[email protected]>
Co-authored-by: Claire Waters <[email protected]>

Author: 3 people

public/_redirects

@@ -1790,6 +1790,7 @@
 /cloudflare-one/connections/connect-apps/install-and-setup/deployment-guides/* /cloudflare-one/connections/connect-networks/deploy-tunnels/deployment-guides/:splat 301
 /cloudflare-one/connections/connect-networks/deployment-guides/* /cloudflare-one/connections/connect-networks/deploy-tunnels/deployment-guides/:splat 301
 /cloudflare-one/analytics/logs/* /cloudflare-one/insights/logs/:splat 301
+/cloudflare-one/applications/scan-apps/* /cloudflare-one/applications/casb/:splat 301
 /cloudflare-one/connections/connect-apps/use_cases/* /cloudflare-one/connections/connect-networks/use-cases/:splat 301
 /cloudflare-one/connections/connect-apps/* /cloudflare-one/connections/connect-networks/:splat 301
 /cloudflare-one/connections/connect-devices/warp/exclude-traffic/* /cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/:splat 301

src/content/changelogs/casb.yaml

@@ -1,7 +1,7 @@
 ---
 link: "/cloudflare-one/changelog/casb/"
 productName: CASB
-productLink: "/cloudflare-one/applications/scan-apps/"
+productLink: "/cloudflare-one/applications/casb/"
 productArea: Cloudflare One
 productAreaLink: /cloudflare-one/changelog/
 entries:
@@ -12,7 +12,7 @@ entries:
   - publish_date: "2024-05-23"
     title: Data-at-rest DLP for Box and Dropbox
     description: |-
-      You can now scan your [Box](/cloudflare-one/applications/scan-apps/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/scan-apps/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
+      You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
   - publish_date: "2024-04-16"
     title: Export CASB findings to CSV
     description: |-

src/content/changelogs/dlp.yaml

@@ -20,7 +20,7 @@ entries:
   - publish_date: "2024-05-23"
     title: Data-at-rest DLP for Box and Dropbox
     description: |-
-      You can now scan your [Box](/cloudflare-one/applications/scan-apps/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/scan-apps/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
+      You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
   - publish_date: "2024-04-16"
     title: Optical character recognition
     description: |-

src/content/docs/cloudflare-one/applications/scan-apps/casb-dlp.mdx renamed to src/content/docs/cloudflare-one/applications/casb/casb-dlp.mdx

@@ -3,21 +3,15 @@ pcx_content_type: concept
 title: Scan for sensitive data
 sidebar:
   order: 3
-
 ---
 
-import { Render } from "~/components"
+import { Render } from "~/components";
 
 :::note
-
-
 Requires Cloudflare CASB and Cloudflare DLP.
-
-
 :::
 
-You can use [Cloudflare Data Loss Prevention (DLP)](/cloudflare-one/policies/data-loss-prevention/) to discover if files stored in your SaaS application contain sensitive data.
-To perform DLP scans in a SaaS app, first configure a DLP profile with the data patterns you want to detect, then enable those profiles in a CASB integration.
+You can use [Cloudflare Data Loss Prevention (DLP)](/cloudflare-one/policies/data-loss-prevention/) to discover if files stored in a SaaS application contains sensitive data. To perform DLP scans in a SaaS app, first configure a [DLP profile](#configure-a-dlp-profile) with the data patterns you want to detect, then [add the profile](#enable-dlp-scans-in-casb) to a CASB integration.
 
 ## Supported integrations
 
@@ -61,17 +55,17 @@ CASB will scan every publicly accessible file in the integration for text that m
 
 If you enable a DLP profile from the **Manage integrations** page, CASB will only scan publicly accessible files that have had a modification event since enabling the DLP profile. Modification events include changes to the following attributes:
 
-* Contents of the file
-* Name of the file
-* Visibility of the file (only if changed to publicly accessible)
-* Owner of the file
-* Location of the file (for example, moved to a different folder)
+- Contents of the file
+- Name of the file
+- Visibility of the file (only if changed to publicly accessible)
+- Owner of the file
+- Location of the file (for example, moved to a different folder)
 
 In order to scan historical data, you must enable the DLP profile during the [integration setup flow](#add-a-new-integration).
 
 ## Limitations
 
-DLP will only scan:
+DLP in CASB will only scan:
 
-* [Text-based files](/cloudflare-one/policies/data-loss-prevention/#supported-file-types) such as documents, spreadsheets, and PDFs. Images are not supported.
-* Files ≤ 100 MB.
+- [Text-based files](/cloudflare-one/policies/data-loss-prevention/#supported-file-types) such as documents, spreadsheets, and PDFs. Images are not supported.
+- Files less than or equal 100 MB in size.

src/content/docs/cloudflare-one/applications/scan-apps/casb-integrations/atlassian-confluence.mdx renamed to src/content/docs/cloudflare-one/applications/casb/casb-integrations/atlassian-confluence.mdx

@@ -11,10 +11,6 @@ import { Render } from "~/components";
 	params={{ one: "Amazon Web Services (AWS) S3", two: "AWS account" }}
 />
 
-:::note
-The CASB integration for AWS S3 only supports posture-related findings.
-:::
-
 ## Integration prerequisites
 
 - An AWS account using AWS S3 (Simple Storage Service)
@@ -30,6 +26,41 @@ For the AWS S3 integration to function, Cloudflare CASB requires the following a
 
 These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission scope, refer to the [AWS S3 Permissions documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-policy-actions.html).
 
+## Compute account
+
+You can connect an AWS compute account to your CASB integration to perform [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/) scans within your S3 bucket and avoid data egress. CASB will scan any objects that exist in the bucket at the time of configuration.
+
+### Add a compute account
+
+To connect a compute account to your AWS integration:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**.
+2. Find and select your AWS integration.
+3. Select **Open connection instructions**.
+4. Follow the instructions provided to connect a new compute account.
+5. Select **Refresh**.
+
+You can only connect one computer account to an integration. To remove a compute account, select **Manage compute accounts**.
+
+### Configure compute account scanning
+
+Once your AWS compute account has successfully connected to your CASB integration, you can configure where and how to scan for sensitive data:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**.
+2. Find and select your AWS integration.
+3. Select **Create new configuration**.
+4. In **Resources**, choose the buckets you want to scan. Select **Continue**.
+5. Choose the file types, sampling percentage, and [DLP profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/) to scan for.
+6. (Optional) Configure additional settings, such as the limit of API calls over time for CASB to adhere to.
+7. Select **Continue**.
+8. Review the details of the scan, then select **Start scan**.
+
+CASB will take up to an hour to begin scanning. To view the scan results, go to **CASB** > **Content** > **Cloud**.
+
+To manage your resources, go to **CASB** > **Integrations**, then find and select your AWS integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings.
+
+For more information, refer to [Content findings](/cloudflare-one/applications/casb/manage-findings/#content-findings).
+
 ## Security findings
 
 <Render