diff --git a/docs-data/property-overrides.json b/docs-data/property-overrides.json index 370f4ce092..a13c840587 100644 --- a/docs-data/property-overrides.json +++ b/docs-data/property-overrides.json @@ -499,7 +499,7 @@ "cloud_topics_enabled": { "description": "Enable Cloud Topics for the cluster. Cloud Topics are optimized for high-throughput, cost-sensitive workloads that can tolerate higher latencies compared to standard Kafka topics.", "related_topics": [ - "xref:develop:manage-topics/cloud-topics.adoc[Cloud Topics]" + "self-managed-only: xref:develop:manage-topics/cloud-topics.adoc[Cloud Topics]" ], "config_scope": "cluster" }, @@ -1092,16 +1092,16 @@ "config_scope": "topic" }, "initial_retention_local_target_bytes_default": { - "description": "Initial local retention size target for partitions of topics with xref:manage:tiered-storage.adoc[Tiered Storage] enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica set.", + "description": "Initial local retention size target for partitions of topics with Tiered Storage enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica set.", "related_topics": [ - "xref:manage:tiered-storage.adoc[Tiered Storage]" + "self-managed-only: xref:manage:tiered-storage.adoc[Tiered Storage]" ], "config_scope": "cluster" }, "initial_retention_local_target_ms_default": { - "description": "Initial local retention time target for partitions of topics with xref:manage:tiered-storage.adoc[Tiered Storage] enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica is set.", + "description": "Initial local retention time target for partitions of topics with Tiered Storage enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to the learner when joining the partition replica set.", "related_topics": [ - "xref:manage:tiered-storage.adoc[Tiered Storage]" + "self-managed-only: xref:manage:tiered-storage.adoc[Tiered Storage]" ], "config_scope": "cluster" }, diff --git a/modules/manage/pages/kubernetes/security/authorization/k-group-controller.adoc b/modules/manage/pages/kubernetes/security/authorization/k-group-controller.adoc index 1c21d6cbcd..5a336af40b 100644 --- a/modules/manage/pages/kubernetes/security/authorization/k-group-controller.adoc +++ b/modules/manage/pages/kubernetes/security/authorization/k-group-controller.adoc @@ -40,8 +40,8 @@ This is useful when: You must have the following: * *Kubectl*: Ensure you have the https://kubernetes.io/docs/tasks/tools/#kubectl[kubectl^] command-line tool installed and configured to communicate with your cluster. -* *Redpanda Operator*: Ensure you have at least version 25.3 of the xref:deploy:kubernetes/k-production-deployment.adoc[Redpanda Operator]. -* *Redpanda cluster with OIDC enabled*: Ensure you have a Redpanda cluster deployed with xref:manage:security/authentication/oidc/index.adoc[OIDC authentication] configured. Group-based access control (GBAC) is an enterprise feature that requires OIDC. +* *Redpanda Operator*: Ensure you have at least version 25.3 of the xref:deploy:redpanda/kubernetes/k-production-deployment.adoc[Redpanda Operator]. +* *Redpanda cluster with OIDC enabled*: Ensure you have a Redpanda cluster deployed with xref:manage:security/authorization/gbac.adoc[OIDC authentication] configured. Group-based access control (GBAC) is an enterprise feature that requires OIDC. * *Redpanda v26.1+*: The cluster must be running Redpanda v26.1 or later, which supports the v2 Security API required for group principals. == Create a Group resource diff --git a/modules/manage/pages/security/authorization/acl.adoc b/modules/manage/pages/security/authorization/acl.adoc index 35fec7a6f3..4ea377c8c5 100644 --- a/modules/manage/pages/security/authorization/acl.adoc +++ b/modules/manage/pages/security/authorization/acl.adoc @@ -4,6 +4,9 @@ // tag::single-source[] :description: Learn how to use ACLs to configure fine-grained access to Redpanda resources. +ifdef::env-cloud[:gbac-doc: security:authorization/gbac.adoc] +ifndef::env-cloud[:gbac-doc: manage:security/authorization/gbac.adoc] + Access control lists (ACLs) provide a way to configure fine-grained access to Redpanda resources. ACLs are permission rules that determine which actions users or roles can perform on Redpanda resources. Redpanda stores ACLs internally, replicated with glossterm:Raft[] to provide the same consensus guarantees as your data. ifndef::env-cloud[] @@ -91,13 +94,7 @@ ACL commands work on a multiplicative basis. If you specify two principals and t [[principals]] === Principals -All ACLs require a principal. A principal is composed of two parts: the type, and the name. Redpanda supports the types "User", "RedpandaRole", and "Group". When you create user "bar", Redpanda expects you to add ACLs for "User:bar". To grant permissions to an OIDC group, use the `Group:` prefix (for example, `Group:engineering`). -ifndef::env-cloud[] -See xref:manage:security/authorization/gbac.adoc[]. -endif::[] -ifdef::env-cloud[] -See xref:security:authorization/gbac.adoc[]. -endif::[] +All ACLs require a principal. A principal is composed of two parts: the type, and the name. Redpanda supports the types "User", "RedpandaRole", and "Group". When you create user "bar", Redpanda expects you to add ACLs for "User:bar". To grant permissions to an OIDC group, use the `Group:` prefix (for example, `Group:engineering`). See xref:{gbac-doc}[]. The `--allow-principal` and `--deny-principal` flags add this prefix for you, if necessary. diff --git a/modules/reference/partials/properties/cluster-properties.adoc b/modules/reference/partials/properties/cluster-properties.adoc index f2d8c5c636..a3ca43602a 100644 --- a/modules/reference/partials/properties/cluster-properties.adoc +++ b/modules/reference/partials/properties/cluster-properties.adoc @@ -1185,8 +1185,10 @@ ifndef::env-cloud[] | User endif::[] +ifndef::env-cloud[] | Related topics |xref:develop:manage-topics/cloud-topics.adoc[Cloud Topics] +endif::[] |=== @@ -4990,9 +4992,11 @@ endif::[] | Related topics | +ifndef::env-cloud[] * xref:manage:tiered-storage.adoc[Tiered Storage] * xref:develop:manage-topics/cloud-topics.adoc[Manage Cloud Topics] +endif::[] |=== @@ -9166,7 +9170,12 @@ endif::[] === initial_retention_local_target_bytes_default +ifndef::env-cloud[] Initial local retention size target for partitions of topics with xref:manage:tiered-storage.adoc[Tiered Storage] enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica set. +endif::[] +ifdef::env-cloud[] +Initial local retention size target for partitions of topics with Tiered Storage enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica set. +endif::[] [cols="1s,2a"] |=== @@ -9202,15 +9211,22 @@ ifndef::env-cloud[] | User endif::[] +ifndef::env-cloud[] | Related topics |xref:manage:tiered-storage.adoc[Tiered Storage] +endif::[] |=== === initial_retention_local_target_ms_default +ifndef::env-cloud[] Initial local retention time target for partitions of topics with xref:manage:tiered-storage.adoc[Tiered Storage] enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica is set. +endif::[] +ifdef::env-cloud[] +Initial local retention time target for partitions of topics with Tiered Storage enabled. If no initial local target retention is configured, then all locally-retained data will be delivered to learner when joining the partition replica is set. +endif::[] [cols="1s,2a"] |=== @@ -9249,8 +9265,10 @@ ifndef::env-cloud[] | User endif::[] +ifndef::env-cloud[] | Related topics |xref:manage:tiered-storage.adoc[Tiered Storage] +endif::[] |===