DOC-2123: Update Console ACL UI references for new atomic-ACL design#568
Open
DOC-2123: Update Console ACL UI references for new atomic-ACL design#568
Conversation
Refresh Cloud-only Console references ahead of Console's new Security page. ACL/RBAC behavior single-sourced from the docs repo flows in automatically via tag::single-source[]; this commit covers the pages that are not single-sourced. - create-dedicated-cloud-cluster.adoc: rewrite the user/ACL walkthrough to match the new atomic ACL form (Principal, Resource type, Pattern type, Resource name, Operation, Permission, Host) instead of the old "click the user, add permissions" flow. - serverless.adoc: split the single "Security page" reference into Security > Users / Security > ACLs / Security > Roles. - cloud-authentication.adoc: same split for the impersonation permissions guidance (lines 128, 135). Inline // TODO DOC-2123 comments mark form labels that need final confirmation from Jan/Martin once the new Security page ships. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for rp-cloud ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Contributor
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
📝 WalkthroughWalkthroughThe pull request updates documentation across three files to reflect changes in the Redpanda Cloud Security UI. Navigation paths are made more specific by directing users to discrete Security subpages—Security > Users for user creation, Security > ACLs for ACL configuration, and Security > Roles for role assignment—rather than referencing a generic Security page. Additionally, ACL setup instructions are rewritten to include explicit field-by-field configuration steps. A TODO marker is added to validate ACL form label names upon release of the new Security page. Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@modules/get-started/pages/cluster-types/create-dedicated-cloud-cluster.adoc`:
- Line 61: Remove the placeholder TODO marker "// TODO DOC-2123" and replace it
with the final, verified ACL field labels (or remove the comment entirely) once
you confirm the exact UI wording; specifically update the ACL labels to match
the UI values for Resource Type, Pattern Type, Resource Name, Operation,
Permission, and Host in the create-dedicated-cloud-cluster.adoc content, and
ensure no TODO markers remain before merge.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c92a7210-48b6-414c-9426-ee14325b4e06
📒 Files selected for processing (3)
modules/get-started/pages/cluster-types/create-dedicated-cloud-cluster.adocmodules/get-started/pages/cluster-types/serverless.adocmodules/security/pages/cloud-authentication.adoc
| ``` | ||
|
|
||
| . Click the name of your user, and add the following permissions to the ACL (access control list): | ||
| // TODO DOC-2123: confirm final ACL form labels (Resource Type, Pattern Type, Resource Name, Operation, Permission, Host) once the new Security page ships. |
Contributor
There was a problem hiding this comment.
Resolve TODO before merge to avoid label drift in GA docs.
Leaving // TODO DOC-2123 here means ACL field labels may ship unverified; this conflicts with the PR’s stated merge condition to resolve all TODO markers.
Based on learnings: “In Redpanda Cloud documentation, field names and labels should match exactly what appears in the UI, even if the terminology might seem technically inconsistent.”
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@modules/get-started/pages/cluster-types/create-dedicated-cloud-cluster.adoc`
at line 61, Remove the placeholder TODO marker "// TODO DOC-2123" and replace it
with the final, verified ACL field labels (or remove the comment entirely) once
you confirm the exact UI wording; specifically update the ACL labels to match
the UI values for Resource Type, Pattern Type, Resource Name, Operation,
Permission, and Host in the create-dedicated-cloud-cluster.adoc content, and
ensure no TODO markers remain before merge.
7 tasks
Announce Console's redesigned Security page (atomic ACL list, role detail pages with inherited ACLs, user detail pages, regex filter) in the cloud-docs What's New. The blurb sits behind the same merge gate as the rest of the PR so it only goes live with Console GA. Inline TODO for Jan/Martin to confirm whether the customer-facing "editing an ACL no longer causes a permission gap" benefit can be stated publicly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…alone Previous commits referenced a standalone Security > ACLs page that does not exist in the shipped Console build (per Jan's recorded demo). The new layout has three tabs only — Users, Roles, Permissions — and ACLs are managed from a principal's detail page. - create-dedicated-cloud-cluster.adoc: rewrite the user/ACL walkthrough to follow the real flow: create the user, click "Go to user details" from the success dialog, then "+ Add ACL" under the user's ACLs section. Field labels match the Add ACL modal (Resource Type, Pattern Type, Resource Name, Operation, Permission, Host). - serverless.adoc, cloud-authentication.adoc: drop the "Security > ACLs" path; route users through Users/Roles detail pages instead. - whats-new-cloud.adoc: rewrite the May 2026 entry to describe the three-tab layout (Users / Roles / Permissions), per-principal ACL management on the detail page, and the three available actions (+ Add ACL, Allow all operations, Delete selected for bulk delete). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The third Security page tab is Permissions — a unified cluster-wide view of every principal's ACLs (direct + inherited), with role inheritance visualized as "VIA ROLE: <role-name>" groupings when you expand a row. Add this and the deny-spot indicator to the What's New blurb. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Preview-only playbook change so the cloud-docs Netlify preview pulls single-sourced acl.adoc / rbac-dp.adoc / gbac-dp.adoc content from docs PR #1689 instead of docs main. This lets reviewers see the single-sourced rewrites in cloud-docs context before either PR merges. REVERT (set documentation main branch back to first position) before merge. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Replace 2 em dashes with parentheses and split sentences. - Tighten passive "ACLs are managed per principal" lead-in. - Align "Allow all operations" caveat phrasing with acl.adoc. - Reword regex example "for example" comma comma into a cleaner semicolon construction. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Refresh Cloud-only Console references ahead of Console's redesigned Security page. The shipped layout (per Jan's recorded demo) is Users / Roles / Permissions — three tabs, no standalone ACLs page. ACLs are managed per principal from the user or role detail page. ACL/RBAC procedural content single-sourced from the docs repo flows in automatically via
tag::single-source[]; this PR covers only the Cloud pages that are not single-sourced. Companion PR: redpanda-data/docs#1689.create-dedicated-cloud-cluster.adoc: rewrite the user/ACL walkthrough to follow the real flow — create the user, click Go to user details from the success dialog, then+ Add ACLunder the user's ACLs section. Field labels match the Add ACL modal (Resource Type, Pattern Type, Resource Name, Operation, Permission, Host).serverless.adoc,cloud-authentication.adoc: drop the wrong "Security > ACLs" path; route users through Users/Roles detail pages instead.whats-new-cloud.adoc: add a May 2026 entry describing the three-tab layout, per-principal ACL management, and the three actions on a principal's ACLs section (+ Add ACL,Allow all operations,Delete selectedfor bulk delete).Inline
// TODO DOC-2123comment flags one customer-benefit phrasing for Jan/Martin to confirm.Context
See the docs-repo PR description for the full open-questions list to Jan/Martin.
Preview pages
acl.adocrewrite (Manage ACLs section)rbac-*partialsgbac-*partialsTest plan
npm run build && npm run servepasses locallysecurity/authorization/// TODO DOC-2123comment before mergelocal-antora-playbook.yml— set theredpanda-data/documentationbranches back to[main, v/*, shared, site-search](currently points atDOC-2123-console-acl-ui-refreshfor cross-PR preview)🤖 Generated with Claude Code