feat(comp/console): resource based auth (#2366)

* feat(comp/console): resource based auth * docs(console): add content for RBA in console * feat(comp/console): rba example * style(formatting): technical review * docs(comp/console): update screenshots --------- Co-authored-by: Ben Sheppard <[email protected]> Co-authored-by: Christina Ausley <[email protected]> Co-authored-by: christinaausley <[email protected]>
camunda · Sep 14, 2023 · faa996f · faa996f
1 parent 121e40b
commit faa996f
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 1 deletion.
diff --git a/docs/components/console/manage-clusters/img/cluster-settings.png b/docs/components/console/manage-clusters/img/cluster-settings.png
diff --git a/docs/components/console/manage-clusters/settings.md b/docs/components/console/manage-clusters/settings.md
@@ -0,0 +1,13 @@
+---
+id: settings
+title: Settings
+description: "Set up resource-based authorizations to authorize access and assign permissions to process and decision definitions."
+---
+
+Set up resource-based authorizations to authorize access and assign permissions to process and decision definitions. You can enable resource-based authorizations on a per-cluster basis. It's possible to disable the feature at any time.
+
+![Cluster settings](./img/cluster-settings.png)
+
+:::tip
+To learn more about creating resource-based authorizations, see [here](../manage-organization/manage-users.md#resource-based-authorizations)
+:::
diff --git a/...s/console/manage-organization/img/user-details-authorized-resources-example.png b/...s/console/manage-organization/img/user-details-authorized-resources-example.png
diff --git a/...omponents/console/manage-organization/img/user-details-authorized-resources.png b/...omponents/console/manage-organization/img/user-details-authorized-resources.png
diff --git a/docs/components/console/manage-organization/manage-users.md b/docs/components/console/manage-organization/manage-users.md
@@ -34,9 +34,26 @@ Users are invited to a Camunda 8 organization via their email address, which mus
 
 People who do not yet have a Camunda 8 account can also be invited to an organization. To access the organization, however, the invited individual must first create a Camunda 8 account by following the instructions in the invitation email.
 
+## Resource-based authorizations
+
+Resource authorizations allow you to control the level of access a user has to a particular resource in the system. To create, update, or delete the resource authorizations
+assigned to a user, click on the respective row of the users table.
+
+### Creation
+
+To initiate the creation flow, click **Create resource authorization**.
+
+![User Details](./img/user-details-authorized-resources.png)
+
+### Updating and deleting
+
+To update an existing authorization, click on the **pencil icon** of the relevant row. To delete an existing authorization, click the **trash can** icon.
+
+![Authorized Resources](./img/user-details-authorized-resources-example.png)
+
 ## Limitations
 
-Depending on the plan to be used, the number of users that can be part of an organization varies. If an organization is on a Professional plan, the number of users can be updated via the **Billing** page. There, under **General Users**, the number can be increased or decreased.
+Depending on the plan to be used, the number of users that can be part of an organization varies. If an organization is on a Professional Plan, the number of users can be updated via the **Billing** page. There, under **General Users**, the number can be increased or decreased.
 
 ## Restrictions
 

diff --git a/sidebars.js b/sidebars.js
@@ -126,6 +126,7 @@ module.exports = {
             "components/console/manage-clusters/manage-alerts",
             "components/console/manage-clusters/manage-ip-whitelists",
             "components/console/manage-clusters/manage-secrets",
+            "components/console/manage-clusters/settings",
           ],
         },
         {