From e4fc62c0af80cfaaa907aea83ae4012e06a1f9e4 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 19 May 2021 18:10:39 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 doc/user/project/clusters/index.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'doc/user/project')

diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index c2d06e0a22c..341723a0abb 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -351,16 +351,17 @@ You can customize the deployment namespace in a few ways:
 When you customize the namespace, existing environments remain linked to their current
 namespaces until you [clear the cluster cache](#clearing-the-cluster-cache).
 
-WARNING:
+#### Protecting credentials
+
 By default, anyone who can create a deployment job can access any CI/CD variable in
 an environment's deployment job. This includes `KUBECONFIG`, which gives access to
 any secret available to the associated service account in your cluster.
 To keep your production credentials safe, consider using
 [protected environments](../../../ci/environments/protected_environments.md),
-combined with either
+combined with *one* of the following:
 
-- a GitLab-managed cluster and namespace per environment,
-- *or*, an environment-scoped cluster per protected environment. The same cluster
+- A GitLab-managed cluster and namespace per environment.
+- An environment-scoped cluster per protected environment. The same cluster
   can be added multiple times with multiple restricted service accounts.
 
 ### Integrations
-- 
cgit v1.2.1