Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-05-19 21:10:39 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-05-19 21:10:39 +0300
commit: e4fc62c0af80cfaaa907aea83ae4012e06a1f9e4 (patch)
tree: 77758b2c2b0ae196be08358f6081a37518ec4317 /doc/user
parent: a6508d0028191c42620414994b2fe4ce62467a73 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index c2d06e0a22c..341723a0abb 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -351,16 +351,17 @@ You can customize the deployment namespace in a few ways:
 When you customize the namespace, existing environments remain linked to their current
 namespaces until you [clear the cluster cache](#clearing-the-cluster-cache).
 
-WARNING:
+#### Protecting credentials
+
 By default, anyone who can create a deployment job can access any CI/CD variable in
 an environment's deployment job. This includes `KUBECONFIG`, which gives access to
 any secret available to the associated service account in your cluster.
 To keep your production credentials safe, consider using
 [protected environments](../../../ci/environments/protected_environments.md),
-combined with either
+combined with *one* of the following:
 
-- a GitLab-managed cluster and namespace per environment,
-- *or*, an environment-scoped cluster per protected environment. The same cluster
+- A GitLab-managed cluster and namespace per environment.
+- An environment-scoped cluster per protected environment. The same cluster
   can be added multiple times with multiple restricted service accounts.
 
 ### Integrations
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-05-19 21:10:39 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-05-19 21:10:39 +0300
commit	e4fc62c0af80cfaaa907aea83ae4012e06a1f9e4 (patch)
tree	77758b2c2b0ae196be08358f6081a37518ec4317 /doc/user
parent	a6508d0028191c42620414994b2fe4ce62467a73 (diff)