Add impersonation documentation to RBAC security guide.#186
Open
niknamess wants to merge 30 commits into
Open
Conversation
Document impersonation permissions, session constraints, restricted actions, and audit traceability so administrators can use the feature safely. Co-authored-by: Cursor <cursoragent@cursor.com>
* Updates for links in release notes and other edits Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * ai-assistant doc fixes Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * mcp-server fixes Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * fix of domain example Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * one number fix Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Co-authored-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Added what instructions returns Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Removed bold text Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> --------- Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com>
* add entity cards view * fix Signed-off-by: sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com>
* add rrpo section * fixes * add tech-support and licensing * fix --------- Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
* change hugo-web-product-module version to v0.1.12 Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> * change hugo version to v0.159.2 Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> --------- Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
* new relations graph * new relations graph * Query changes * fixes * fixes * add users sorting fix * add favorites * fix markdown-lint * types Signed-off-by: sidorok <a.sidorok@me.com> * types-health Signed-off-by: sidorok <a.sidorok@me.com> * v1.5.0 Signed-off-by: sidorok <a.sidorok@me.com> * catalog Signed-off-by: sidorok <a.sidorok@me.com> * types2 Signed-off-by: sidorok <a.sidorok@me.com> * types3 Signed-off-by: sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * fix type4 Signed-off-by: sidorok <a.sidorok@me.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com>
* docs: Add github actions widget * Minor language correction (#149) Signed-off-by: Lada <lada7878@Ladas-MacBook-Pro.local> * docs: Edit github tags widget (Review PR 126) (#148) * docs: add Go template support for repository ignore rules (#146) Co-authored-by: pavel.korolkov <pavel.korolkov@flant.com> * processes error element (#151) * processes error element * minor edit Signed-off-by: Lada7878 <ladalada7878@gmail.com> --------- Signed-off-by: Lada7878 <ladalada7878@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: Lada7878 <ladalada7878@gmail.com> * change release date (#154) Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * [frontend] Harden upstream resilience and startup (#155) - Add DNS readiness loop and upstream cache-warming entrypoint to ensure external backends are resolvable and responsive before nginx begins accepting traffic - Introduce dedicated includes location block with non-intercepting error handling and strict proxy timeouts, separating static asset proxying from the default fallback-to-hugo routing logic - Enable dynamic DNS resolution on upstream definitions via resolve flag and shared memory zones, replacing static resolution that broke on address changes - Restore default upstream mapping to the international endpoint, removing temporary override to the Russian locale - Disable git-info via environment variable for the static site generator to avoid build-time penalties in local development * [build] Add port-freeing and clean teardown to up (#156) - Introduce a free-ports target that discovers and stops any containers occupying configurable published ports before the service stack is brought up, preventing bind-address conflicts - Chain down and free-ports as prerequisites of the up target to guarantee a clean environment on every invocation - Extend the down target with orphan removal to ensure no stale containers persist across successive runs * AI-assistant chats and context (#153) * AI-assistant chats and context * add breaking changes * fix list Signed-off-by: sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> * update process loop element description (#147) * update process loop element description * add note element description * add note element description * fix release notes * fix release notes * add deprecation notice * add deprecation notice * fix release notes * gitlab contributors widget * fix rn 1.3 * fix tupes_ru Signed-off-by: sidorok <a.sidorok@me.com> * Update types.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update types.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update types.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update types.ru.md GitLab Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update v1.4.0.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update v1.3.0.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> * add codescoring secrets widget (#157) Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * docs: Action CreateVaultSecret: add merge_or_create (#145) Co-authored-by: pavel.korolkov <pavel.korolkov@flant.com> * Decrecation: remove specific kubernetes datasources (#158) Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * Mcp tools tuning 1 (#160) * mcp tools tuning * mcp tools tuning * mcp tools tuning --------- Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * Release v1.4.0 (#162) * Release v1.4.0 * Release v1.4.0 --------- Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * docs: Mcp tools tunung and AI-assistant review (#166) * Updates for links in release notes and other edits Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * ai-assistant doc fixes Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * mcp-server fixes Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * fix of domain example Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * one number fix Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Co-authored-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Added what instructions returns Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Apply suggestions from code review Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> * Removed bold text Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> --------- Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> * add entity cards view (#167) * add entity cards view * fix Signed-off-by: sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update catalog.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> * add rrpo section (#171) * add rrpo section * fixes * add tech-support and licensing * fix --------- Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * change hugo version to v0.159.2 (#172) * change hugo-web-product-module version to v0.1.12 Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> * change hugo version to v0.159.2 Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> --------- Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> * change naming (#175) Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> * Release notes v1.5.0 (#170) * new relations graph * new relations graph * Query changes * fixes * fixes * add users sorting fix * add favorites * fix markdown-lint * types Signed-off-by: sidorok <a.sidorok@me.com> * types-health Signed-off-by: sidorok <a.sidorok@me.com> * v1.5.0 Signed-off-by: sidorok <a.sidorok@me.com> * catalog Signed-off-by: sidorok <a.sidorok@me.com> * types2 Signed-off-by: sidorok <a.sidorok@me.com> * types3 Signed-off-by: sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * fix type4 Signed-off-by: sidorok <a.sidorok@me.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> --------- Signed-off-by: Lada <lada7878@Ladas-MacBook-Pro.local> Signed-off-by: Lada7878 <ladalada7878@gmail.com> Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Signed-off-by: Aleksandr Radchenko <dacetascien@gmail.com> Co-authored-by: pavel.korolkov <pavel.korolkov@flant.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Co-authored-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Nikita Velgin <direct.vegas@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com> Co-authored-by: Lada7878 <ladalada7878@gmail.com> Co-authored-by: Artem Kladov <6360800+z9r5@users.noreply.github.com> Co-authored-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com> Co-authored-by: Denis Rebenok <60424108+denmaloyreb@users.noreply.github.com> Co-authored-by: Aleksandr Radchenko <102186217+dacetascien@users.noreply.github.com>
* ai-chat widget * ai-chat widget * Update v1.5.0.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
* resource dashboards changes * Update catalog.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
* change widget types heading level * fix --------- Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
* fix_release-note Signed-off-by: sidorok <a.sidorok@me.com> * Update v1.3.0.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update v1.4.0.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Update v1.4.0.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com>
* new actions docs * fixes * pre-final * fixes * fixes * fixes * fixes * fixes * Update overview.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> * fix release notes --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
Co-authored-by: pavel.korolkov <pavel.korolkov@flant.com>
Signed-off-by: Valeria Brazhnikova <valeria.brazhnikova@flant.com>
Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
- Introduce normative Cursor rules covering global style, terminology, glossary, editorial policy, Hugo shortcodes, supported code block languages, front matter conventions, OpenAPI x-doc fields, and EN/RU parity enforcement - Add AGENTS.md as the primary entry point for AI-assisted documentation workflows, referencing rule hierarchy and preferred make targets for local preview and linting - Provide a documentation-review prompt defining a structured checklist with severity model for automated compliance audits - Include a run-website skill describing local site lifecycle via make up/down for agent-driven preview orchestration
- Add ordered-list numbering convention across style guide, editorial policy, and review prompt to mandate repeated one-prefix notation for improved diff readability - Update editorial policy example to demonstrate the correct lazy-numbering pattern and clarify the rule in Russian
* fix1 Signed-off-by: sidorok <a.sidorok@me.com> * Update templating.ru.md Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com>
* fix Signed-off-by: sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> * Apply suggestions from code review Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> --------- Signed-off-by: sidorok <a.sidorok@me.com> Signed-off-by: Anastasia Sidorok <a.sidorok@me.com> Co-authored-by: Lada Lysenko <127337005+Lada7878@users.noreply.github.com>
* add audit logs export docs * fix lint * fix lint * fix lint * add new release notes entries * fix quotes * fix quotes * add-templating-and-datasources-to-release-notes * Update types.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> * Update types.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> * Update audit-logs.ru.md Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> --------- Signed-off-by: Nikita Velgin <direct.vegas@gmail.com> Co-authored-by: Nikita Velgin <nikita.velgin@flant.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Document impersonation permissions, session constraints, restricted actions, and audit traceability so administrators can use the feature safely.