tigera · ctauchen · May 13, 2026 · May 12, 2026 · May 13, 2026
@@ -1,5 +1,5 @@
 ---
-description: Creating Jira Issues for you scan results.
+description: Create Jira issues from Calico Cloud Image Assurance scan results so security teams can assign and track vulnerability remediation work outside the web console.
 ---
 
 import IconUser from '/img/icons/user-icon.svg';

@@ -1,5 +1,5 @@
 ---
-description: Reduce noise in your Image Assurance scan results by excluding vulnerabilities.
+description: Exclude false-positive or low-priority vulnerabilities from Calico Cloud Image Assurance scan results to cut noise and focus on findings that need remediation.
 ---
 
 import UploadIcon from '/img/icons/upload-icon.svg';

@@ -1,5 +1,5 @@
 ---
-description: Detect and block vulnerable images from container workloads.
+description: Calico Cloud Image Assurance detects vulnerabilities in container images and blocks risky workloads with admission control across cluster, registry, and pipeline scanners.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Block vulnerable containers from being deployed into your cluster using the Admission Controller.
+description: Install the Calico Cloud Image Assurance admission controller to block vulnerable images from deploying to a cluster based on CVSS thresholds and exception lists.
 ---
 
 # Create policy to block vulnerable images from your cluster

@@ -1,5 +1,5 @@
 ---
-description: Detect vulnerabilities in a Kubernetes cluster.
+description: Scan every image running in a Kubernetes cluster with the Calico Cloud Image Assurance cluster scanner to catch CVEs in deployed and third-party images.
 ---
 
 # Scan images in a Kubernetes cluster

@@ -1,5 +1,5 @@
 ---
-description: Scan images and workloads for vulnerabilities.
+description: Reference for the Calico Cloud Image Assurance scanners, which detect container image vulnerabilities across build pipelines, registries, and running clusters.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Choose a method to scan images for vulnerabilities.
+description: Compare the Calico Cloud Image Assurance scanner options and pick the right combination of cluster, registry, and pipeline scanning for your environment.
 ---
 
 # Choose an image scanning method

@@ -1,5 +1,5 @@
 ---
-description: Scan images in your build pipeline using Image Assurance.
+description: Integrate the Calico Cloud Image Assurance CLI scanner into a CI build pipeline to catch container image vulnerabilities before images reach a registry.
 ---
 
 # Integrate the scanner into your build pipeline

@@ -1,5 +1,5 @@
 ---
-description: Scan images in container registries.
+description: Run the Calico Cloud Image Assurance registry scanner against container registries to catch CVEs in stored images that never pass through a build pipeline.
 ---
 
 # Scan images in container registries

@@ -1,5 +1,5 @@
 ---
-description: Get alerts on vulnerabilities.
+description: Configure Calico Cloud Image Assurance alerts on high-severity vulnerabilities so security teams are notified and can route remediation to the right owners.
 ---
 
 # Set up alerts on vulnerabilities

@@ -1,5 +1,5 @@
 ---
-description: Understand scan results in the web console.
+description: Interpret scanned and running image results in the Calico Cloud Image Assurance dashboard, including filters, dismissals, and per-image vulnerability detail.
 ---
 
 # View scanned and running images

@@ -1,5 +1,5 @@
 ---
-description: Learn egress access controls using domains and IP addresses.
+description: Step-by-step tutorial for restricting application egress in Calico Cloud using network sets, domain wildcards, and global network sets with network policy.
 ---
 
 # Secure egress access from workloads to destinations outside the cluster

@@ -1,5 +1,5 @@
 ---
-description: Learn how to secure ingress and egress access to/from applications and microservices.
+description: Index of Calico Cloud tutorials that secure ingress and egress access for applications and microservices using network policy, network sets, and DNS rules.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Create policy to secure ingress access to your microservice or application.
+description: Step-by-step tutorial for writing Calico Cloud network policies that grant ingress access to a microservice from internal clients, services, and load balancers.
 ---
 
 # Secure ingress access to a microservice or application

@@ -1,5 +1,5 @@
 ---
-description: Learn about visibility and troubleshooting features in the web console.
+description: Index of Calico Cloud feature tutorials covering the web console tour, Service Graph, network sets, projects, and the Mylo AI assistant.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Mylo is an AI-powered assistant in Calico Cloud that helps you troubleshoot connectivity, analyze traffic, and get network policy recommendations using natural language.
+description: Step-by-step tutorial for the Mylo AI assistant in Calico Cloud, an in-console agent that troubleshoots connectivity, analyzes traffic, and recommends policy.
 ---
 
 import Screenshot from '/src/___new___/components/Screenshot';

@@ -1,5 +1,5 @@
 ---
-description: Learn the power of network sets and why you should create them.
+description: Step-by-step tutorial for using network sets and global network sets in Calico Cloud to model external endpoints and reuse IP and domain lists in policy.
 ---
 
 # Understanding network sets

@@ -1,5 +1,5 @@
 ---
-description: About projects
+description: Step-by-step tutorial for creating Calico Cloud projects to group managed clusters by team, geography, or environment and scope observability to that grouping.
 ---
 
 import Screenshot from '/src/___new___/components/Screenshot';

@@ -1,5 +1,5 @@
 ---
-description: Learn the basics of using Service Graph.
+description: Step-by-step tutorial for the Calico Cloud Service Graph that visualizes pod, service, and namespace communication across a managed cluster.
 ---
 
 # Service Graph tutorial

@@ -1,5 +1,5 @@
 ---
-description: A quick tour of the Calico Cloud user interface.
+description: Step-by-step tutorial for the Calico Cloud web console interface, walking the left navbar from dashboards to policy, observability, threat defense, and image scanning.
 ---
 
 # Web console tutorial

@@ -1,5 +1,5 @@
 ---
-description: Implement a global default deny policy in the default tier to block unwanted traffic.
+description: Step-by-step tutorial for staging and rolling out a global default-deny policy in Calico Cloud so unwanted ingress and egress is blocked across the cluster.
 ---
 
 # Global default deny policy

@@ -1,5 +1,5 @@
 ---
-description: Implement global egress access controls.
+description: Step-by-step tutorial for building cluster-wide egress access controls in Calico Cloud using global network sets, domains, and team-scoped policy.
 ---
 
 # Global egress access controls

@@ -1,5 +1,5 @@
 ---
-description: Implement common enterprise security controls for security and platform tiers.
+description: Index of Calico Cloud tutorials that build enterprise security controls including namespace isolation, global egress, default deny, and platform-tier policy.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Learn how to isolate namespaces for ingress traffic.
+description: Step-by-step tutorial for isolating namespaces in Calico Cloud using global network policies with Pass rules in a security tier across business units and environments.
 ---
 
 # Namespace isolation and access controls

@@ -1,5 +1,5 @@
 ---
-description: Implement ingress and egress access controls for platform applications.
+description: Step-by-step tutorial for securing platform-tier applications in Calico Cloud with ingress and egress controls for storage, secrets, and monitoring workloads.
 ---
 
 # Platform application access controls

@@ -1,4 +1,5 @@
 ---
+description: Index of step-by-step tutorials for Calico Cloud features, ingress and egress policy, enterprise tier controls, and Kubernetes networking fundamentals.
 title: Tutorials
 hide_table_of_contents: true
 ---

@@ -1,5 +1,5 @@
 ---
-description: Kubernetes tutorials and demos
+description: Index of Calico Cloud tutorials and demos covering Kubernetes network policy syntax, basic and advanced policy patterns, and the stars policy visualizer.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: An interactive demo that visually shows how applying Kubernetes policy allows and denies connections.
+description: Step-by-step tutorial for running the stars demo in Calico Cloud to visualize how Kubernetes network policy allows and denies frontend, backend, and client traffic.
 ---
 
 # Kubernetes policy, demo

@@ -1,5 +1,5 @@
 ---
-description: Learn Kubernetes policy syntax, rules, and features for controlling network traffic.
+description: Step-by-step tutorial for learning Kubernetes network policy concepts with Calico Cloud, covering ingress, egress, selectors, and policy enforcement.
 ---
 
 # Get started with Kubernetes network policy

@@ -1,5 +1,5 @@
 ---
-description: Learn how to create more advanced Kubernetes network policies (namespace, allow and deny all ingress and egress).
+description: Step-by-step tutorial for writing advanced Kubernetes network policies in Calico Cloud, including namespace-scoped rules and default deny for ingress and egress.
 ---
 
 # Kubernetes policy, advanced tutorial

@@ -1,5 +1,5 @@
 ---
-description: Learn how to use basic Kubernetes network policy to securely restrict traffic to/from pods.
+description: Step-by-step tutorial for writing a basic Kubernetes network policy in Calico Cloud to restrict pod-to-pod traffic using namespaces, labels, and selectors.
 ---
 
 # Kubernetes policy, basic tutorial

@@ -1,5 +1,5 @@
 ---
-description: Learn why you should restrict egress traffic and how to do it.
+description: Reference primer for the Calico Cloud tutorials covering Kubernetes egress, NAT outgoing, egress gateways, and why restricting outbound pod traffic matters.
 ---
 
 # Kubernetes egress

@@ -1,5 +1,5 @@
 ---
-description: Learn the different ingress implementations and how ingress and policy interact.
+description: Reference primer for the Calico Cloud tutorials covering Kubernetes ingress implementations and how ingress controllers interact with network policy.
 ---
 
 # Kubernetes ingress

@@ -1,5 +1,5 @@
 ---
-description: Learn network behaviors of the Kubernetes network model.
+description: Reference primer for the Calico Cloud tutorials covering the Kubernetes network model and how pods, services, and namespaces communicate.
 ---
 
 # Kubernetes network model

@@ -1,5 +1,5 @@
 ---
-description: Learn the three main service types and how to use them.
+description: Reference primer for the Calico Cloud tutorials covering the three Kubernetes service types and how services interact with network policy.
 ---
 
 # Kubernetes services

@@ -1,5 +1,5 @@
 ---
-description: Learn the basics of Kubernetes and Calico Cloud network policy
+description: Reference primer for the Calico Cloud tutorials covering the basics of Kubernetes and Calico network policy and when to choose each policy API.
 ---
 
 # What is network policy?

@@ -1,5 +1,5 @@
 ---
-description: Learn about networking layers, packets, IP addressing, and routing.
+description: Reference primer for the Calico Cloud tutorials covering networking layers, packet anatomy, MTU, IP routing, overlays, DNS, and NAT.
 ---
 
 # Networking overview

@@ -1,5 +1,5 @@
 ---
-description: Learn the basics of Kubernetes networking and Calico Cloud networking.
+description: Index of Calico Cloud training primers that introduce Kubernetes networking fundamentals, services, ingress, egress, and network policy for beginners.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Create and assign custom roles to give specific, cluster-specific permission to your users.
+description: Create and assign Calico Cloud custom roles to grant cluster-scoped, tier-scoped, or namespace-scoped permissions instead of broad predefined global roles.
 ---
 
 import IconUser from '/img/icons/user-icon.svg';

@@ -1,5 +1,5 @@
 ---
-description: Create custom roles for Entra&nbsp;ID groups.
+description: Assign Calico Cloud roles to a Microsoft Entra ID security group so role-based access is managed through identity-provider group membership.
 title: Assign roles to Entra ID groups
 ---
 

@@ -1,4 +1,5 @@
 ---
+description: Reference index for Calico Cloud user management, custom roles, identity-provider group bindings, and predefined web console permissions.
 title: Manage users and user permissions for the web console.
 hide_table_of_contents: true
 ---

@@ -1,5 +1,5 @@
 ---
-description: Authenticate and authorize users.
+description: Reference for the Calico Cloud predefined user roles and authentication options, including Owner, Admin, Security, Viewer, and Google social login.
 ---
 
 # Set up users

@@ -1,5 +1,5 @@
 ---
-description: Creating Jira Issues for you scan results.
+description: Create Jira issues from Calico Cloud Image Assurance scan results so security teams can assign and track vulnerability remediation work outside the web console.
 ---
 
 import IconUser from '/img/icons/user-icon.svg';

@@ -1,5 +1,5 @@
 ---
-description: Reduce noise in your Image Assurance scan results by excluding vulnerabilities.
+description: Exclude false-positive or low-priority vulnerabilities from Calico Cloud Image Assurance scan results to cut noise and focus on findings that need remediation.
 ---
 
 import UploadIcon from '/img/icons/upload-icon.svg';

@@ -1,5 +1,5 @@
 ---
-description: Detect and block vulnerable images from container workloads.
+description: Calico Cloud Image Assurance detects vulnerabilities in container images and blocks risky workloads with admission control across cluster, registry, and pipeline scanners.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Block vulnerable containers from being deployed into your cluster using the Admission Controller.
+description: Install the Calico Cloud Image Assurance admission controller to block vulnerable images from deploying to a cluster based on CVSS thresholds and exception lists.
 ---
 
 # Create policy to block vulnerable images from your cluster

@@ -1,5 +1,5 @@
 ---
-description: Detect vulnerabilities in a Kubernetes cluster.
+description: Scan every image running in a Kubernetes cluster with the Calico Cloud Image Assurance cluster scanner to catch CVEs in deployed and third-party images.
 ---
 
 # Scan images in a Kubernetes cluster

@@ -1,5 +1,5 @@
 ---
-description: Scan images and workloads for vulnerabilities.
+description: Reference for the Calico Cloud Image Assurance scanners, which detect container image vulnerabilities across build pipelines, registries, and running clusters.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Choose a method to scan images for vulnerabilities.
+description: Compare the Calico Cloud Image Assurance scanner options and pick the right combination of cluster, registry, and pipeline scanning for your environment.
 ---
 
 # Choose an image scanning method

@@ -1,5 +1,5 @@
 ---
-description: Scan images in your build pipeline using Image Assurance.
+description: Integrate the Calico Cloud Image Assurance CLI scanner into a CI build pipeline to catch container image vulnerabilities before images reach a registry.
 ---
 
 # Integrate the scanner into your build pipeline

@@ -1,5 +1,5 @@
 ---
-description: Scan images in container registries.
+description: Run the Calico Cloud Image Assurance registry scanner against container registries to catch CVEs in stored images that never pass through a build pipeline.
 ---
 
 # Scan images in container registries

@@ -1,5 +1,5 @@
 ---
-description: Get alerts on vulnerabilities.
+description: Configure Calico Cloud Image Assurance alerts on high-severity vulnerabilities so security teams are notified and can route remediation to the right owners.
 ---
 
 # Set up alerts on vulnerabilities

@@ -1,5 +1,5 @@
 ---
-description: Understand scan results in the web console.
+description: Interpret scanned and running image results in the Calico Cloud Image Assurance dashboard, including filters, dismissals, and per-image vulnerability detail.
 ---
 
 # View scanned and running images

@@ -1,5 +1,5 @@
 ---
-description: Learn egress access controls using domains and IP addresses.
+description: Step-by-step tutorial for restricting application egress in Calico Cloud using network sets, domain wildcards, and global network sets with network policy.
 ---
 
 # Secure egress access from workloads to destinations outside the cluster

@@ -1,5 +1,5 @@
 ---
-description: Learn how to secure ingress and egress access to/from applications and microservices.
+description: Index of Calico Cloud tutorials that secure ingress and egress access for applications and microservices using network policy, network sets, and DNS rules.
 hide_table_of_contents: true
 ---
 

@@ -1,5 +1,5 @@
 ---
-description: Create policy to secure ingress access to your microservice or application.
+description: Step-by-step tutorial for writing Calico Cloud network policies that grant ingress access to a microservice from internal clients, services, and load balancers.
 ---
 
 # Secure ingress access to a microservice or application

@@ -1,5 +1,5 @@
 ---
-description: Learn about visibility and troubleshooting features in the web console.
+description: Index of Calico Cloud feature tutorials covering the web console tour, Service Graph, network sets, projects, and the Mylo AI assistant.
 hide_table_of_contents: true
 ---