From cae5e7b81544133010facc5be471761dc917bcc2 Mon Sep 17 00:00:00 2001
From: Dmitriy Ivolgin <dmitriy@replicated.com>
Date: Mon, 31 Jul 2023 16:15:39 -0700
Subject: [PATCH] RBAC for instance notifications (#1331)

* RBAC for instance notifications

* Added "the" and reordered the list alphabetically

---------

Co-authored-by: Jonquil Williams <91626429+jonquil2002@users.noreply.github.com>
---
 .../team-management-rbac-resource-names.md    | 54 ++++++++++++-------
 1 file changed, 35 insertions(+), 19 deletions(-)

diff --git a/docs/vendor/team-management-rbac-resource-names.md b/docs/vendor/team-management-rbac-resource-names.md
index c757d899e2..ea80010ec7 100644
--- a/docs/vendor/team-management-rbac-resource-names.md
+++ b/docs/vendor/team-management-rbac-resource-names.md
@@ -84,12 +84,20 @@ Grants the holder permission to create a new license in the specified applicatio
 
 ### kots/app/[:appId]/license/[:customerId]/read
 
-Grants the holder permission to view the license specified by ID. If this is denied, the licenses will not show up in search, CSV export or on the Vendor Portal.
+Grants the holder permission to view the license specified by ID. If this is denied, the licenses will not show up in search, CSV export or on the Vendor Portal, and the holder will not be able to subscribe to this license's instance notifications.
 
 ### kots/app/[:appId]/license/[:customerId]/update
 
 Grants the holder permission to edit the license specified by ID for the specified application(s).
 
+### kots/app/[:appId]/license/[:customerId]/slack-notifications/read
+
+Grants the holder permission to view the team's Slack notification subscriptions for instances associated with the specified license.
+
+### kots/app/[:appId]/license/[:customerId]/slack-notifications/update
+
+Grants the holder permission to edit the team's Slack notification subscriptions for instances associated with the specified license.
+
 ### kots/license/[:customerId]/airgap/password
 
 Grants the holder permission to generate a new download portal password for the license specified (by ID) for the specified application(s).
@@ -162,6 +170,18 @@ Grants the holder permission to push images into Replicated registry.
 
 ## Team
 
+### team/auditlog/read
+
+Grants the holder permission to view the audit log for the team.
+
+### team/authentication/update
+
+Grants the holder permission to manage the following team authentication settings: Google authentication, Auto-join, and SAML authentication.
+
+### team/authentication/read
+
+Grants the holder permission to read the following authentication settings: Google authentication, Auto-join, and SAML authentication.
+
 ### team/integration/list
 
 Grants the holder permission to view team's integrations.
@@ -190,21 +210,13 @@ Grants the holder permission to invite additional people to the team.
 
 Grants the holder permission to delete other team members.
 
-### team/serviceaccount/list
-
-Grants the holder permission to list service accounts.
-
-### team/serviceaccount/create
-
-Grants the holder permission to create new service accounts.
-
-### team/serviceaccount/[:name]/delete
+### team/notifications/slack-webhook/read
 
-Grants the holder permission to delete the service account identified by the name specified.
+Grants the holder permission to view the team's Slack webhook for instance notifications.
 
-### team/auditlog/read
+### team/notifications/slack-webhook/update
 
-Grants the holder permission to view the audit log for the team.
+Grants the holder permission to edit the team's Slack webhook for instance notifications.
 
 ### team/policy/read
 
@@ -222,17 +234,21 @@ Grants the holder permission to delete RBAC policies for the team.
 
 Grants the holder permission to create RBAC policies for the team.
 
-### team/authentication/update
+### team/security/update
 
-Grants the holder permission to manage the following team authentication settings: Google authentication, Auto-join, and SAML authentication.
+Grants the holder permission to manage team password requirements including two-factor authentication and password complexity requirements.
 
-### team/authentication/read
+### team/serviceaccount/list
 
-Grants the holder permission to read the following authentication settings: Google authentication, Auto-join, and SAML authentication.
+Grants the holder permission to list service accounts.
 
-### team/security/update
+### team/serviceaccount/create
 
-Grants the holder permission to manage team password requirements including two-factor authentication and password complexity requirements.
+Grants the holder permission to create new service accounts.
+
+### team/serviceaccount/[:name]/delete
+
+Grants the holder permission to delete the service account identified by the name specified.
 
 ### team/support-issues/read