updated links to intentions content

website/content/api-docs/api-structure.mdx

@@ -116,7 +116,7 @@ header `X-Consul-Default-ACL-Policy` set to either "allow" or "deny" which
 mirrors the current value of the agent's
 [`acl.default_policy`](/consul/docs/agent/config/config-files#acl_default_policy) option.
 
-This is also the default [intention](/consul/docs/connect/intentions) enforcement
+This is also the default [intention](/consul/docs/connect/intentions/intentions) enforcement
 action if no intention matches.
 
 This is returned even if ACLs are disabled.

website/content/api-docs/connect/intentions.mdx

@@ -9,7 +9,7 @@ description: |-
 # Intentions - Connect HTTP API
 
 The `/connect/intentions` endpoint provide tools for managing
-[intentions](/consul/docs/connect/intentions).
+[intentions](/consul/docs/connect/intentions/intentions).
 
 -> **1.9.0 and later:** Reading and writing intentions has been
 migrated to the
@@ -48,8 +48,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -154,8 +154,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -251,8 +251,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -305,8 +305,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -377,8 +377,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -440,8 +440,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -527,8 +527,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -582,8 +582,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -638,8 +638,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>
@@ -698,8 +698,8 @@ The table below shows this endpoint's support for
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/connect/envoy.mdx

@@ -56,7 +56,7 @@ Usage: `consul connect envoy [options] [-- pass-through options]`
   ACL token from `-token` or the environment and so should be handled as a secret.
   This token grants the identity of any service it has `service:write` permission
   for and so can be used to access any upstream service that that service is
-  allowed to access by [Connect intentions](/consul/docs/connect/intentions).
+  allowed to access by [service mesh intentions](/consul/docs/connect/intentions/intentions).
 
 - `-envoy-version` - The version of envoy that is being started. Default is
   `1.23.1`. This is required so that the correct configuration can be generated.

website/content/commands/connect/index.mdx

@@ -10,7 +10,7 @@ description: >-
 Command: `consul connect`
 
 The `connect` command is used to interact with Consul
-[Connect](/consul/docs/connect/intentions) subsystems. It exposes commands for
+[service mesh](/consul/docs/connect) subsystems. It exposes commands for
 running the built-in mTLS proxy and viewing/updating the Certificate Authority
 (CA) configuration. This command is available in Consul 1.2 and later.
 

website/content/commands/intention/check.mdx

@@ -36,8 +36,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/intention/create.mdx

@@ -30,8 +30,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/intention/delete.mdx

@@ -24,8 +24,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/intention/get.mdx

@@ -29,8 +29,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/intention/index.mdx

@@ -10,14 +10,13 @@ description: >-
 Command: `consul intention`
 
 The `intention` command is used to interact with Connect
-[intentions](/consul/docs/connect/intentions). It exposes commands for
+[intentions](/consul/docs/connect/intentions/intentions). It exposes commands for
 creating, updating, reading, deleting, checking, and managing intentions.
 This command is available in Consul 1.2 and later.
 
-Intentions are managed primarily via
-[`service-intentions`](/consul/docs/connect/config-entries/service-intentions) config
-entries after Consul 1.9. Intentions may also be managed via the [HTTP
-API](/consul/api-docs/connect/intentions).
+Use the 
+[`service-intentions`](/consul/docs/connect/config-entries/service-intentions) configuration entry or the [HTTP
+API](/consul/api-docs/connect/intentions) to manage intentions.
 
 ~> **Deprecated** - This command is deprecated in Consul 1.9.0 in favor of
 using the [config entry CLI command](/consul/commands/config/write). To create an

website/content/commands/intention/list.mdx

@@ -24,8 +24,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/commands/intention/match.mdx

@@ -29,8 +29,8 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
 <p>
   <sup>1</sup> Intention ACL rules are specified as part of a{' '}
   <code>service</code> rule. See{' '}
-  <a href="/consul/docs/connect/intentions#intention-management-permissions">
-    Intention Management Permissions
+  <a href="/consul/docs/connect/intentions/intention-usage#acl-requirements">
+    ACL requirements for intentions
   </a>{' '}
   for more details.
 </p>

website/content/docs/connect/cluster-peering/index.mdx

@@ -25,7 +25,7 @@ Cluster peering leverages several components of Consul's architecture to enforce
 - A _peering token_ contains an embedded secret that securely establishes communication when shared symetrically between datacenters. Sharing this token enables each datacenter's server agents to recognize requests from authorized peers, similar to how the [gossip encryption key secures agent LAN gossip](/consul/docs/security/encryption#gossip-encryption).
 - A _mesh gateway_ encrypts outgoing traffic, decrypts incoming traffic, and directs traffic to healthy services. Consul's service mesh features must be enabled in order to use mesh gateways. Mesh gateways support the specific admin partitions they are deployed on. Refer to [Mesh gateways](/consul/docs/connect/gateways/mesh-gateway) for more information.
 - An _exported service_ communicates with downstreams deployed in other admin partitions. They are explicitly defined in an [`exported-services` configuration entry](/consul/docs/connect/config-entries/exported-services).
-- A _service intention_ secures [service-to-service communication in a service mesh](/consul/docs/connect/intentions). Intentions enable identity-based access between services by exchanging TLS certificates, which the service's sidecar proxy verifies upon each request.
+- A _service intention_ secures [service-to-service communication in a service mesh](/consul/docs/connect/intentions/intentions). Intentions enable identity-based access between services by exchanging TLS certificates, which the service's sidecar proxy verifies upon each request.
 
 ### Compared with WAN federation
 

website/content/docs/connect/config-entries/index.mdx

@@ -27,7 +27,7 @@ The following configuration entries are supported:
   defaults for all the instances of a given service
 
 - [Service Intentions](/consul/docs/connect/config-entries/service-intentions) - defines
-  the [intentions](/consul/docs/connect/intentions) for a destination service
+  the [intentions](/consul/docs/connect/intentions/intentions) for a destination service
 
 - [Service Resolver](/consul/docs/connect/config-entries/service-resolver) - matches
   service instances with a specific Connect upstream discovery requests

website/content/docs/connect/config-entries/service-defaults.mdx

@@ -459,7 +459,7 @@ Specifies the default protocol for the service. In service mesh use cases, the `
 - [observability](/consul/docs/connect/observability)
 - [service splitter configuration entry](/consul/docs/connect/config-entries/service-splitter) 
 - [service router configuration entry](/consul/docs/connect/config-entries/service-router) 
-- [L7 intentions](/consul/docs/connect/intentions)
+- [L7 intentions](/consul/docs/connect/intentions/intentions)
 
 You can set the global protocol for proxies in the [`proxy-defaults`](/consul/docs/connect/config-entries/proxy-defaults#default-protocol) configuration entry, but the protocol specified in the `service-defaults` configuration entry overrides the `proxy-defaults` configuration.    
 
@@ -831,7 +831,7 @@ Specifies the default protocol for the service. In service service mesh use case
 - [observability](/consul/docs/connect/observability)
 - [`service-splitter` configuration entry](/consul/docs/connect/config-entries/service-splitter) 
 - [`service-router` configuration entry](/consul/docs/connect/config-entries/service-router) 
-- [L7 intentions](/consul/docs/connect/intentions)
+- [L7 intentions](/consul/docs/connect/intentions/intentions)
 
 You can set the global protocol for proxies in the [`ProxyDefaults` configuration entry](/consul/docs/connect/config-entries/proxy-defaults#default-protocol), but the protocol specified in the `ServiceDefaults` configuration entry overrides the `ProxyDefaults` configuration.    
 

website/content/docs/connect/connect-internals.mdx

@@ -39,7 +39,7 @@ The destination service verifies the client certificate against the [public CA
 bundle](/consul/api-docs/connect/ca#list-ca-root-certificates). After verifying the
 certificate, the next step depends upon the configured application protocol of
 the destination service. TCP (L4) services must authorize incoming _connections_
-against the configured set of Consul [intentions](/consul/docs/connect/intentions),
+against the configured set of Consul [intentions](/consul/docs/connect/intentions/intentions),
 whereas HTTP (L7) services must authorize incoming _requests_ against those same
 intentions. If the intention check responds successfully, the
 connection/request is established. Otherwise the connection/request is
@@ -98,7 +98,7 @@ A sidecar proxy's [upstream configuration](/consul/docs/connect/registration/ser
 may specify an alternative datacenter or a prepared query that can address services
 in multiple datacenters (such as the [geo failover](/consul/tutorials/developer-discovery/automate-geo-failover) pattern).
 
-[Intentions](/consul/docs/connect/intentions) verify connections between services by
+[Intentions](/consul/docs/connect/intentions/intentions) verify connections between services by
 source and destination name seamlessly across datacenters.
 
 Connections can be made via gateways to enable communicating across network

website/content/docs/connect/dev.mdx

@@ -15,7 +15,7 @@ for this task on any machine with access to a Consul agent (local or remote).
 
 Restricting access to services only via Connect ensures that the only way to
 connect to a service is through valid authorization of the
-[intentions](/consul/docs/connect/intentions). This can extend to developers
+[intentions](/consul/docs/connect/intentions/intentions). This can extend to developers
 and operators, too.
 
 ## Connecting to Connect-only Services

website/content/docs/connect/index.mdx

@@ -5,7 +5,7 @@ description: >-
   Consul’s service mesh makes application and microservice networking secure and observable with identity-based authentication, mutual TLS (mTLS) encryption, and explicit service-to-service authorization enforced by sidecar proxies. Learn how Consul’s service mesh works and get started on VMs or Kubernetes.
 ---
 
-# Consul Service Mesh
+# Consul service mesh
 
 Consul Service Mesh provides service-to-service connection authorization and
 encryption using mutual Transport Layer Security (TLS). Consul Connect is used interchangeably
@@ -25,30 +25,30 @@ Review the video below to learn more about Consul Connect from HashiCorp's co-fo
   height="315"
 ></iframe>
 
-## Application Security
+## Application security
 
-Connect enables secure deployment best-practices with automatic
+Consul service mesh enables secure deployment best-practices with automatic
 service-to-service encryption, and identity-based authorization.
-Connect uses the registered service identity (rather than IP addresses) to
-enforce access control with [intentions](/consul/docs/connect/intentions). This
-makes it easier to reason about access control and enables services to be
-rescheduled by orchestrators including Kubernetes and Nomad. Intention
-enforcement is network agnostic, so Connect works with physical networks, cloud
+Consul uses the registered service identity, rather than IP addresses, to
+enforce access control with [intentions](/consul/docs/connect/intentions/intentions). This
+makes it easier to control access and enables services to be
+rescheduled by orchestrators, including Kubernetes and Nomad. Intention
+enforcement is network agnostic, so Consul service mesh works with physical networks, cloud
 networks, software-defined networks, cross-cloud, and more.
 
 ## Observability
 
-One of the key benefits of Consul Connect is the uniform and consistent view it can
+One of the key benefits of Consul service mesh is the uniform and consistent view it can
 provide of all the services on your network, irrespective of their different
-programming languages and frameworks. When you configure Consul Connect to use
-sidecar proxies, those proxies "see" all service-to-service traffic and can
-collect data about it. Consul Connect can configure Envoy proxies to collect
+programming languages and frameworks. When you configure Consul service mesh to use
+sidecar proxies, those proxies see all service-to-service traffic and can
+collect data about it. Consul service mesh can configure Envoy proxies to collect
 layer 7 metrics and export them to tools like Prometheus. Correctly instrumented
 applications can also send open tracing data through Envoy.
 
-## Getting Started With Consul Service Mesh
+## Getting started with Consul service mesh
 
-There are several ways to try Connect in different environments.
+Complete the following tutorials try Consul service mesh in different environments:
 
 - The [Getting Started with Consul Service Mesh collection](/consul/tutorials/kubernetes-deploy/service-mesh?utm_source=docs)
   walks you through installing Consul as service mesh for Kubernetes using the Helm

website/content/docs/connect/intentions/intentions-legacy.mdx

@@ -8,8 +8,7 @@ description: >-
 # Intentions in Legacy Mode
 
 ~> **1.8.x and earlier:** This document only applies in Consul versions 1.8.x
-and before. If you are using version 1.9.0 or later please use the updated
-documentation [here](/consul/docs/connect/intentions).
+and before. If you are using version 1.9.0 or later, refer to the [current intentions documentation](/consul/docs/connect/intentions).
 
 Intentions define access control for services via Connect and are used
 to control which services may establish connections. Intentions can be

website/content/docs/connect/proxies/envoy.mdx

@@ -92,7 +92,7 @@ responsibility for correctly configuring Envoy and ensuring version support etc.
 
 ## Intention Enforcement
 
-[Intentions](/consul/docs/connect/intentions) are enforced using Envoy's RBAC filters. Depending on the
+[Intentions](/consul/docs/connect/intentions/intentions) are enforced using Envoy's RBAC filters. Depending on the
 configured [protocol](/consul/docs/connect/config-entries/service-defaults#protocol) of the proxied service, intentions are either enforced
 per-connection (L4) using a network filter, or per-request (L7) using an HTTP
 filter.