chore(docs): update documentdb to reference amazon documentdb

plugins/deploy-on-aws/skills/deploy/references/cost-estimation.md

@@ -17,7 +17,7 @@ Use the **awspricing** MCP server to get accurate cost estimates before generati
 | Aurora PostgreSQL | `AmazonRDS`         | Filter: `databaseEngine` = "Aurora PostgreSQL" |
 | Aurora MySQL      | `AmazonRDS`         | Filter: `databaseEngine` = "Aurora MySQL"      |
 | RDS PostgreSQL    | `AmazonRDS`         | Filter: `databaseEngine` = "PostgreSQL"        |
-| DocumentDB        | `AmazonDocDB`       | MongoDB-compatible managed database            |
+| Amazon DocumentDB | `AmazonDocDB`       | MongoDB-compatible managed database            |
 | ALB               | `AWSELB`            | Application Load Balancer                      |
 | S3                | `AmazonS3`          | Storage and requests                           |
 | CloudFront        | `AmazonCloudFront`  | CDN distribution                               |
@@ -54,9 +54,9 @@ Aurora Serverless v2 charges per ACU-hour (Aurora Capacity Unit).
 
 - ~$180-360/month depending on load
 
-## DocumentDB Serverless Pricing
+## Amazon DocumentDB Serverless Pricing
 
-DocumentDB Serverless charges per DCU-hour (DocumentDB Capacity Unit),
+Amazon DocumentDB Serverless charges per DCU-hour (DocumentDB Capacity Unit),
 storage (GB-month), and I/O (standard config only).
 
 - Minimum: 0.5 DCU
@@ -77,7 +77,7 @@ storage (GB-month), and I/O (standard config only).
 - Dev: ~$70-100/month
 - Production: ~$200-400/month
 
-**Small web app (Fargate + DocumentDB Serverless + ALB):**
+**Small web app (Fargate + Amazon DocumentDB Serverless + ALB):**
 
 - Dev: ~$70-155/month
 - Production: ~$200-450/month

plugins/deploy-on-aws/skills/deploy/references/defaults.md

@@ -30,28 +30,28 @@ Use `amplify_docs` topic in awsknowledge MCP for framework-specific guidance
 
 ## Database
 
-| Data Pattern         | Default (Dev)          | Default (Prod)         | Override Trigger                       |
-| -------------------- | ---------------------- | ---------------------- | -------------------------------------- |
-| PostgreSQL           | Aurora Serverless v2   | Aurora Serverless v2   | "simple RDS" → RDS                     |
-| MySQL                | Aurora Serverless v2   | Aurora Serverless v2   | "simple RDS" → RDS                     |
-| DocumentDB / MongoDB | DocumentDB Serverless  | DocumentDB Serverless  | "provisioned" → DocumentDB provisioned |
-| NoSQL / Key-Value    | DynamoDB               | DynamoDB               | -                                      |
-| Redis / Caching      | ElastiCache Serverless | ElastiCache Serverless | -                                      |
-| Full-text search     | OpenSearch Serverless  | OpenSearch Serverless  | -                                      |
+| Data Pattern       | Default (Dev)                | Default (Prod)               | Override Trigger                              |
+| ------------------ | ---------------------------- | ---------------------------- | --------------------------------------------- |
+| PostgreSQL         | Aurora Serverless v2         | Aurora Serverless v2         | "simple RDS" → RDS                            |
+| MySQL              | Aurora Serverless v2         | Aurora Serverless v2         | "simple RDS" → RDS                            |
+| Document / MongoDB | Amazon DocumentDB Serverless | Amazon DocumentDB Serverless | "provisioned" → Amazon DocumentDB provisioned |
+| NoSQL / Key-Value  | DynamoDB                     | DynamoDB                     | -                                             |
+| Redis / Caching    | ElastiCache Serverless       | ElastiCache Serverless       | -                                             |
+| Full-text search   | OpenSearch Serverless        | OpenSearch Serverless        | -                                             |
 
 ### Why Aurora Serverless v2
 
 Scales to near-zero in dev (0.5 ACU minimum), scales up automatically for production.
 Single choice works for both environments. Only use provisioned RDS if user has
 specific cost constraints or compliance requirements.
 
-### Why DocumentDB Serverless for MongoDB
+### Why Amazon DocumentDB Serverless for MongoDB
 
-DocumentDB Serverless is the on-demand, auto-scaling configuration of Amazon DocumentDB.
+Amazon DocumentDB Serverless is the on-demand, auto-scaling configuration of Amazon DocumentDB.
 It dynamically adjusts capacity based on application demand so you only pay for what you
 use. Ideal for dev/test, variable workloads, and new applications where capacity needs
 are unknown. Compatible with MongoDB 3.6, 4.0, 5.0 and 8.0 APIs.
-Use provisioned DocumentDB only when you have predictable, steady-state workloads
+Use provisioned Amazon DocumentDB only when you have predictable, steady-state workloads
 or specific compliance requirements that need fixed instance sizing.
 
 ## Storage

plugins/deploy-on-aws/skills/deploy/references/security.md

@@ -21,15 +21,15 @@ Apply these patterns automatically when generating IaC:
 
 ## Encryption
 
-| Component       | Default (Dev)               | Default (Prod)             | Override Trigger |
-| --------------- | --------------------------- | -------------------------- | ---------------- |
-| S3 buckets      | SSE-S3 (AES-256)            | SSE-KMS (customer-managed) | "no encryption"  |
-| RDS/Aurora      | Encrypted (AWS-managed key) | Encrypted (CMK)            | -                |
-| DocumentDB      | Encrypted (AWS-managed key) | Encrypted (CMK)            | -                |
-| EBS volumes     | Encrypted                   | Encrypted                  | -                |
-| ALB             | TLS 1.2+ only               | TLS 1.2+ only              | -                |
-| Secrets Manager | AWS-managed key             | CMK                        | -                |
-| CloudFront      | TLS 1.2+                    | TLS 1.2+                   | -                |
+| Component         | Default (Dev)               | Default (Prod)             | Override Trigger |
+| ----------------- | --------------------------- | -------------------------- | ---------------- |
+| S3 buckets        | SSE-S3 (AES-256)            | SSE-KMS (customer-managed) | "no encryption"  |
+| RDS/Aurora        | Encrypted (AWS-managed key) | Encrypted (CMK)            | -                |
+| Amazon DocumentDB | Encrypted (AWS-managed key) | Encrypted (CMK)            | -                |
+| EBS volumes       | Encrypted                   | Encrypted                  | -                |
+| ALB               | TLS 1.2+ only               | TLS 1.2+ only              | -                |
+| Secrets Manager   | AWS-managed key             | CMK                        | -                |
+| CloudFront        | TLS 1.2+                    | TLS 1.2+                   | -                |
 
 ### Why SSE-S3 for dev, SSE-KMS for prod
 
@@ -56,13 +56,13 @@ When serving static content via CloudFront:
 
 ## VPC Placement
 
-| Component     | Default (Dev)                    | Default (Prod)                   |
-| ------------- | -------------------------------- | -------------------------------- |
-| Fargate tasks | Private subnet + NAT Gateway     | Private subnet + NAT Gateway     |
-| ALB           | Public subnet                    | Public subnet                    |
-| RDS/Aurora    | Private subnet (no public IP)    | Private subnet (no public IP)    |
-| DocumentDB    | Private subnet (no public IP)    | Private subnet (no public IP)    |
-| Lambda        | VPC-attached if DB access needed | VPC-attached if DB access needed |
+| Component         | Default (Dev)                    | Default (Prod)                   |
+| ----------------- | -------------------------------- | -------------------------------- |
+| Fargate tasks     | Private subnet + NAT Gateway     | Private subnet + NAT Gateway     |
+| ALB               | Public subnet                    | Public subnet                    |
+| RDS/Aurora        | Private subnet (no public IP)    | Private subnet (no public IP)    |
+| Amazon DocumentDB | Private subnet (no public IP)    | Private subnet (no public IP)    |
+| Lambda            | VPC-attached if DB access needed | VPC-attached if DB access needed |
 
 ### Why private subnets for compute
 
@@ -93,13 +93,13 @@ Consult `awsiac` MCP for IAM policy patterns by service.
 
 ## Security Groups
 
-| Component    | Default Inbound              | Default Outbound   |
-| ------------ | ---------------------------- | ------------------ |
-| ALB          | 443 from 0.0.0.0/0           | Fargate SG only    |
-| Fargate      | ALB SG only (on app port)    | 443 (HTTPS), DB SG |
-| RDS/Aurora   | Fargate SG only (on DB port) | None               |
-| DocumentDB   | Fargate SG only (port 27017) | None               |
-| Lambda (VPC) | None                         | 443, DB SG         |
+| Component         | Default Inbound              | Default Outbound   |
+| ----------------- | ---------------------------- | ------------------ |
+| ALB               | 443 from 0.0.0.0/0           | Fargate SG only    |
+| Fargate           | ALB SG only (on app port)    | 443 (HTTPS), DB SG |
+| RDS/Aurora        | Fargate SG only (on DB port) | None               |
+| Amazon DocumentDB | Fargate SG only (port 27017) | None               |
+| Lambda (VPC)      | None                         | 443, DB SG         |
 
 ### Why deny-by-default
 
@@ -156,15 +156,15 @@ Before deployment, run available checks:
 
 ## Logging & Monitoring
 
-| Component       | Default (Dev)          | Default (Prod)             |
-| --------------- | ---------------------- | -------------------------- |
-| CloudTrail      | Account-level (shared) | Account-level (shared)     |
-| VPC Flow Logs   | Disabled               | Enabled (S3 destination)   |
-| ALB Access Logs | Disabled               | Enabled (S3 destination)   |
-| Container logs  | CloudWatch Logs        | CloudWatch Logs            |
-| RDS/Aurora logs | Error log only         | Error + slow query + audit |
-| DocumentDB logs | Profiler (slow ops)    | Profiler + audit           |
-| S3 Access Logs  | Disabled               | Enabled                    |
+| Component              | Default (Dev)          | Default (Prod)             |
+| ---------------------- | ---------------------- | -------------------------- |
+| CloudTrail             | Account-level (shared) | Account-level (shared)     |
+| VPC Flow Logs          | Disabled               | Enabled (S3 destination)   |
+| ALB Access Logs        | Disabled               | Enabled (S3 destination)   |
+| Container logs         | CloudWatch Logs        | CloudWatch Logs            |
+| RDS/Aurora logs        | Error log only         | Error + slow query + audit |
+| Amazon DocumentDB logs | Profiler (slow ops)    | Profiler + audit           |
+| S3 Access Logs         | Disabled               | Enabled                    |
 
 ### Why minimal logging in dev
 
@@ -180,7 +180,7 @@ When user requests "production" or "prod", additionally enable:
 - [ ] ALB Access Logs
 - [ ] S3 Access Logs
 - [ ] RDS Performance Insights
-- [ ] DocumentDB profiler + audit logs exported to CloudWatch Logs
+- [ ] Amazon DocumentDB profiler + audit logs exported to CloudWatch Logs
 - [ ] AWS WAF on ALB (if public-facing web app)
 - [ ] GuardDuty (recommend, don't auto-enable)
 - [ ] Run `checkov` or `cfn-nag` before deployment