From 3bdd364b58960173b7cd81b55e57893cf96ad751 Mon Sep 17 00:00:00 2001 From: Cyril Petel Date: Thu, 24 Oct 2024 11:47:30 +0200 Subject: [PATCH 1/4] adding new permission sets --- .../iam/reference-content/permission-sets.mdx | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx index e602197404..ce7c414ac8 100644 --- a/identity-and-access-management/iam/reference-content/permission-sets.mdx +++ b/identity-and-access-management/iam/reference-content/permission-sets.mdx @@ -52,6 +52,7 @@ Below is a list of the permission sets available at Scaleway. | KubernetesReadOnly | List and read access to Kubernetes | | KubernetesFullAccess | Full access to create, read, list, edit and delete Kubernetes | | KubernetesExternalNodeRegister | Attach external nodes to a Kosmos cluster | +| KubernetesSystemMastersGroupAccess | Gives the Kubernetes system:masters role to perform any action on the cluster | | DediboxReadOnly | List and read access to Dedibox | | DediboxFullAccess | Full access to create, read, list, edit and delete Dedibox | | ContainersReadOnly | List and read access to Containers | @@ -80,6 +81,14 @@ Below is a list of the permission sets available at Scaleway. | PrivateNetworksFullAccess | Full access to create, read, list, edit and delete Private Networks | | VPCGatewayReadOnly | List and read access to Public Gateways | | VPCGatewayFullAccess | Full access to create, read, list, edit and delete Public Gateways | +| VPCFullAccess | Full access to VPC | +| VPCReadOnly | Read access to VPC | +| AutoscalingFullAccess | Full access to autoscaling | +| AutoscalingReadOnly | Read access to autoscaling | +| EdgeServicesFullAccess | Full access to edge services | +| EdgeServicesReadOnly | Read access to edge services | +| IPAMFullAccess | Full access to IPAM | +| IPAMReadOnly | Read access to IPAM | | LoadBalancersReadOnly | List and read access to Load Balancer | | LoadBalancersFullAccess | Full access to create, read, list, edit and delete Load Balancer | | DomainsDNSReadOnly | List and read access to Domains and DNS | @@ -96,6 +105,10 @@ Below is a list of the permission sets available at Scaleway. | TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails | | TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration | | TransactionalEmailEmailFullAccess | Full access to e-mails in Transactional Email. Does not include permissions for domain configuration | +| TransactionalEmailWebhookFullAccess | Full access to webhooks in transactional email | +| TransactionalEmailWebhookReadOnly | Read access to webhooks in transactional email | +| TransactionalEmailProjectSettingsFullAccess | Full access to project settings in transactional email | +| TransactionalEmailProjectSettingsReadOnly | Read access to project settings in transactional email | | WebHostingReadOnly | List and read access to Web Hosting | | WebHostingFullAccess | Full access to create, read, list, edit and delete Web Hosting | | SecretManagerReadOnly | List and read secrets' metadata (name, tags, creation date, etc.). Does not include permissions for data (versions) accessing or editing | @@ -106,5 +119,10 @@ Below is a list of the permission sets available at Scaleway. | SecretManagerSecretWrite | Permission to edit the metadata (name, tags, description, etc.) of secrets and their versions in Secret Manager. Does not include permission to create secrets and versions | | BlockStorageReadOnly | List and read access to Block Storage | | BlockStorageFullAccess | Full access to create, read, list, edit and delete in Block Storage | +| QaaSFullAccess | Full access to Quantum as a Service | +| QaaSReadOnly | Read access to Quantum as a Service | + + Some additional Permission sets may appear on your Scaleway Console if you are enrolled in Beta products or features. + From a345db1e8a19a93c5c7caa97b82b7df582dc9914 Mon Sep 17 00:00:00 2001 From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com> Date: Thu, 24 Oct 2024 11:54:22 +0200 Subject: [PATCH 2/4] fix(iam): edit date --- .../iam/reference-content/permission-sets.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx index ce7c414ac8..14035aa42f 100644 --- a/identity-and-access-management/iam/reference-content/permission-sets.mdx +++ b/identity-and-access-management/iam/reference-content/permission-sets.mdx @@ -6,7 +6,7 @@ content: h1: Permission sets paragraph: Explore how to define and manage permission sets for user access control. dates: - validation: 2024-04-01 + validation: 2024-10-23 --- Permissions sets and their scope make up [IAM rules](/identity-and-access-management/iam/concepts/#rule), which define the access rights that a principal (user, group or application) should have. They consist of sets of one or multiple [permissions](/identity-and-access-management/iam/concepts/#permission). From 254ad616fdad42eb4a506fd9375599df1afa4a36 Mon Sep 17 00:00:00 2001 From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com> Date: Thu, 24 Oct 2024 11:54:47 +0200 Subject: [PATCH 3/4] fix(iam): review neda Co-authored-by: nerda-codes <87707325+nerda-codes@users.noreply.github.com> --- .../iam/reference-content/permission-sets.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx index 14035aa42f..5e24b124fb 100644 --- a/identity-and-access-management/iam/reference-content/permission-sets.mdx +++ b/identity-and-access-management/iam/reference-content/permission-sets.mdx @@ -124,5 +124,5 @@ Below is a list of the permission sets available at Scaleway. - Some additional Permission sets may appear on your Scaleway Console if you are enrolled in Beta products or features. + Some additional permission sets may appear on your Scaleway console if you are enrolled in beta testing for products or features. From f9cd633d7a7ee367312ec9268504efc3165742ce Mon Sep 17 00:00:00 2001 From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com> Date: Thu, 24 Oct 2024 11:57:58 +0200 Subject: [PATCH 4/4] fix(iam): review luiza --- .../iam/reference-content/permission-sets.mdx | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx index 5e24b124fb..885481098d 100644 --- a/identity-and-access-management/iam/reference-content/permission-sets.mdx +++ b/identity-and-access-management/iam/reference-content/permission-sets.mdx @@ -85,8 +85,8 @@ Below is a list of the permission sets available at Scaleway. | VPCReadOnly | Read access to VPC | | AutoscalingFullAccess | Full access to autoscaling | | AutoscalingReadOnly | Read access to autoscaling | -| EdgeServicesFullAccess | Full access to edge services | -| EdgeServicesReadOnly | Read access to edge services | +| EdgeServicesFullAccess | Full access to Edge Services | +| EdgeServicesReadOnly | Read access to Edge Services | | IPAMFullAccess | Full access to IPAM | | IPAMReadOnly | Read access to IPAM | | LoadBalancersReadOnly | List and read access to Load Balancer | @@ -105,10 +105,10 @@ Below is a list of the permission sets available at Scaleway. | TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails | | TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration | | TransactionalEmailEmailFullAccess | Full access to e-mails in Transactional Email. Does not include permissions for domain configuration | -| TransactionalEmailWebhookFullAccess | Full access to webhooks in transactional email | -| TransactionalEmailWebhookReadOnly | Read access to webhooks in transactional email | -| TransactionalEmailProjectSettingsFullAccess | Full access to project settings in transactional email | -| TransactionalEmailProjectSettingsReadOnly | Read access to project settings in transactional email | +| TransactionalEmailWebhookFullAccess | Full access to Webhooks in Transactional Email | +| TransactionalEmailWebhookReadOnly | Read access to Webhooks in Transactional Email | +| TransactionalEmailProjectSettingsFullAccess | Full access to Project settings in Transactional Email | +| TransactionalEmailProjectSettingsReadOnly | Read access to Project settings in Transactional Email | | WebHostingReadOnly | List and read access to Web Hosting | | WebHostingFullAccess | Full access to create, read, list, edit and delete Web Hosting | | SecretManagerReadOnly | List and read secrets' metadata (name, tags, creation date, etc.). Does not include permissions for data (versions) accessing or editing | @@ -119,8 +119,6 @@ Below is a list of the permission sets available at Scaleway. | SecretManagerSecretWrite | Permission to edit the metadata (name, tags, description, etc.) of secrets and their versions in Secret Manager. Does not include permission to create secrets and versions | | BlockStorageReadOnly | List and read access to Block Storage | | BlockStorageFullAccess | Full access to create, read, list, edit and delete in Block Storage | -| QaaSFullAccess | Full access to Quantum as a Service | -| QaaSReadOnly | Read access to Quantum as a Service |