Click -> Select (#180)

Use more inclusive wording here

Signed-off-by: Tim Smith <[email protected]>

core/mondoo-aws-security.mql.yaml

@@ -870,12 +870,12 @@ queries:
 
       1. Sign in to the AWS Management Console and navigate to IAM dashboard at https://console.aws.amazon.com/iam/.
       2. In the left navigation panel, choose **Users**.
-      3. Click on the IAM user name that you want to examine.
+      3. Select the IAM user name that you want to examine.
       4. On the IAM user configuration page, select **Security Credentials** tab.
       5. In the Access Keys section, choose one access key that is less than 90 days old. This should be the only active key used by this IAM user to access AWS resources programmatically. Test your application(s) to make sure that the chosen access key is working.
-      6. In the same Access Keys section, identify your non-operational access keys (other than the chosen one) and deactivate it by clicking the Make Inactive link.
+      6. In the same Access Keys section, identify your non-operational access keys (other than the chosen one) and deactivate it by selecting the Make Inactive link.
 
-      If you receive the Change Key Status confirmation box, click Deactivate to switch off the selected key.
+      If you receive the Change Key Status confirmation box, select **Deactivate** to switch off the selected key.
 
       Repeat steps no. 3 - 7 for each IAM user in your AWS account.
 

core/mondoo-azure-security.mql.yaml

@@ -453,12 +453,12 @@ queries:
         1. Log into the Azure Console at https://portal.azure.com/.
         2. Go to **Virtual machines**.
         2. For each virtual machine, go to **Settings**
-        3. Click on **Disks**.
-        4. Click the **X** to detach the disk from the VM.
+        3. Select **Disks**.
+        4. Select the **X** to detach the disk from the VM.
         5. Search for **Disks** and locate any unattached disk.
-        6. Click the disk, then select **Encryption**.
+        6. Select the disk, then select **Encryption**.
         7. Change your encryption type, then select the encryption set.
-        8. Click **Save**.
+        8. Select **Save**.
         9. Go back to the VM and re-attach the disk.
 
         ###Azure CLI 
@@ -713,7 +713,7 @@ queries:
         2. Navigate to **Storage Accounts**.
         3. Navigate to **BLOB SERVICE**.
         4. Select **Containers**.
-        5. Select a container and click **Access policy**. 
+        5. Select a container and select **Access policy**. 
         6. Set **Public Access Level** to **Private**. 
         7. Repeat For each Container. 
 
@@ -1112,7 +1112,7 @@ queries:
         To update using the Microsoft Azure portal:
         1. Log in to the Microsoft Azure portal at https://portal.azure.com 
         2. Navigate to **App Services**.
-        3. Click on each App, under "setting" click on "identity"
+        3. Select each App, under "setting" select on "identity"
         4. Under the "System assigned" pane, set "Status" to "On" 
     query: |
       azure.web.apps { 

core/mondoo-gcp-security.mql.yaml

@@ -152,12 +152,12 @@ queries:
         2. Select the Organization and Project where the instance you want to update is running.
         3. Navigate to **Compute Engine**.
         4. Select the compute instance that you want to update.
-        5. If the instance is not stopped, click **Stop**. Wait for the instance to stop.
-        6. Click **Edit**.
+        5. If the instance is not stopped, select **Stop**. Wait for the instance to stop.
+        6. Select **Edit**.
         7. Scroll down to the Service Account section.
         8. Select a different service account.
-        9. Click **Save**.
-        10. Click **START**.
+        9. Select **Save**.
+        10. Select **START**.
 
         ###gcloud cli
 
@@ -255,12 +255,12 @@ queries:
         2. Select the Organization and Project where the instance you want to update is running.
         3. Navigate to **Compute Engine**.
         4. Select the compute instance that you want to update.
-        5. If the instance is not stopped, click **Stop**. Wait for the instance to stop.
-        6. Click **Edit**.
+        5. If the instance is not stopped, select **Stop**. Wait for the instance to stop.
+        6. Select **Edit**.
         7. Scroll down to the Service Account section.
         8. Select a different service account or ensure Allow full access to all Cloud APIs is not selected.
-        9. Click **Save**.
-        10. Click **START**.
+        9. Select **Save**.
+        10. Select **START**.
 
         ###gcloud cli 
 
@@ -359,9 +359,9 @@ queries:
         2. Select the organization/project where the instance(s) you want to update are running.
         3. Navigate to **Compute Engine**.
         4. Select the instance you want to update.
-        5. Click **EDIT** in the toolbar.
-        6. Under the **Security and access** section, click the **Block project-wide SSH keys** option. 
-        7. Click **SAVE**.
+        5. Select **EDIT** in the toolbar.
+        6. Under the **Security and access** section, select the **Block project-wide SSH keys** option. 
+        7. Select **SAVE**.
 
         Repeat these steps for each impacted Instance.
 
@@ -454,17 +454,17 @@ queries:
         To configure OS Login for a project via Google Cloud Console:
 
         1. In the Google Cloud console, go to the **Metadata** page.
-        2. Click **EDIT**.
+        2. Select **EDIT**.
         3. Add a metadata entry, setting the key to `enable-oslogin` and the value to `TRUE`.
-        4. Click **SAVE** to apply the changes.
+        4. Select **SAVE** to apply the changes.
 
         To configure OS Login for an existing instance:
 
         1. In the Google Cloud console, go to the **Compute Engine**.
-        2. Click the name of the instance that you want to enable OS Login on.
-        3. On the instance details page, click **EDIT**.
+        2. Select the name of the instance that you want to enable OS Login on.
+        3. On the instance details page, select **EDIT**.
         4. Under **Custom metadata**, add a metadata entry, setting the key to `enable-oslogin` and the value to `TRUE`.
-        5. Click **SAVE**.
+        5. Select **SAVE**.
 
         ###gcloud cli 
 
@@ -551,10 +551,10 @@ queries:
 
         ###Google Cloud Console
         1. In the Google Cloud console, go to the **Cloud Storage Bucket** page.
-        2. For the bucket you want to enforce public access prevention on, click the more actions menu. 
+        2. For the bucket you want to enforce public access prevention on, select the more actions menu. 
         3. Select **Edit access** from the drop-down menu.
-        4. In the Public access card, click **Prevent public access** to enforce public access prevention.
-        5. Click **Confirm**.
+        4. In the Public access card, select **Prevent public access** to enforce public access prevention.
+        5. Select **Confirm**.
 
         ###gcloud cli
 
@@ -633,11 +633,11 @@ queries:
         ###Google Cloud Console
         
         1. In the Google Cloud console, go to the **Cloud Storage Buckets** page.
-        2. In the list of buckets, click on the name of the desired bucket.
+        2. In the list of buckets, select the name of the desired bucket.
         3. Select the **Permissions** tab near the top of the page.
-        4. In the text box named **Access Control**, click the **Switch to** link. Note that the text box disappears 90 days after you enable uniform bucket-level access.
+        4. In the text box named **Access Control**, select the **Switch to** link. Note that the text box disappears 90 days after you enable uniform bucket-level access.
         5. In the pop-up menu that appears, select **Fine-grained**.
-        6. Click **Save**.
+        6. Select **Save**.
 
         ###gcloud cli
 

core/mondoo-macos-security.mql.yaml

@@ -962,9 +962,9 @@ queries:
         _Graphical Method:_
 
         1. Open /System/Library/CoreServices/Applications/Directory Utility
-        2. Click the lock icon to unlock the service
-        3. Click Edit
-        4. Click Disable Root User
+        2. Select the lock icon to unlock the service
+        3. Select **Edit**
+        4. Select **Disable Root User**
 
         _Terminal Method:_
 

extra/mondoo-google-workspace-security.mql.yaml

@@ -18,7 +18,7 @@ policies:
 
         1. Create/Select a GCP project
         2. Navigate to the [Google API Console](https://console.cloud.google.com/apis/dashboard). 
-        3. Click "Enable APIs and Services" and enable the following APIs:
+        3. Select "Enable APIs and Services" and enable the following APIs:
           - Admin SDK API 
           - Cloud Identity API 
           - Google Calendar API
@@ -27,7 +27,7 @@ policies:
           - Google People API
         4. Create a service account for [Google Workspace](https://support.google.com/a/answer/7378726?product_name=UnuFlow&hl=en&visit_id=638041387835615758-4147680582&rd=1&src=supportwidget0&hl=en)
         5. Create credentials for the service account and download the json file
-        6. Enter the following scopes in Security -> Access and data controls -> API controls, and click on  [Domain-wide Delegation](https://developers.google.com/workspace/guides/create-credentials#delegate_domain-wide_authority_to_your_service_account) 
+        6. Enter the following scopes in Security -> Access and data controls -> API controls, and select [Domain-wide Delegation](https://developers.google.com/workspace/guides/create-credentials#delegate_domain-wide_authority_to_your_service_account) 
 
           - https://www.googleapis.com/auth/admin.chrome.printers.readonly
           - https://www.googleapis.com/auth/admin.directory.customer.readonly

extra/mondoo-slack-security.mql.yaml

@@ -19,16 +19,16 @@ policies:
         To run this query pack, you will need access to the Slack API. To get a token, you need to create an App for the Slack workspace 
         and assign the appropriate permissions:
 
-        1. Sign in to [the Slack website](https://api.slack.com/apps/), and view "Your Apps"
-        2. Click "Create New App"
-        3. Select "From scratch"
-        4. Enter an "App Name" e.g. cnquery and select the workspace, then click "Create App"
-        5. In the section "Add features & functionality" click on "Permissions"
-        6. Scroll to "Scopes" and then "User Token Scopes"
+        1. Sign in to [the Slack website](https://api.slack.com/apps/), and view **Your Apps**
+        2. Select **Create New App**
+        3. Select **From scratch**
+        4. Enter an "App Name" e.g. cnquery and select the workspace, then select **Create App**
+        5. In the section **Add features & functionality** select **Permissions**
+        6. Scroll to **Scopes** and then **User Token Scopes**
  
           Note: Bots are very limited in their access; therefore we need to set the user scopes
 
-        7. Add the required permissions to "User Token Scopes"
+        7. Add the required permissions to **User Token Scopes**
 
           | OAuth Scope  |
           | ---- | 
@@ -40,8 +40,8 @@ policies:
           | [usergroups:read](https://api.slack.com/scopes/usergroups:read) | 
           | [users:read](https://api.slack.com/scopes/users:read) |
 
-        8. Scroll up to "OAuth Tokens for Your Workspace" and click "Install to Workspace"
-        9. Copy the provided "User OAuth Token", it will look like `xoxp-1234567890123-1234567890123-1234567890123-12345cea5ae0d3bed30dca43cb34c2d1`
+        8. Scroll up to **OAuth Tokens for Your Workspace** and select **Install to Workspace**
+        9. Copy the provided **User OAuth Token**, it will look like `xoxp-1234567890123-1234567890123-1234567890123-12345cea5ae0d3bed30dca43cb34c2d1`
 
         ### Run policy