Book split for security (#1100)

Co-authored-by: Steven Smith <[email protected]>

tls-config/docinfo.xml → access_permissions_management/docinfo.xml

@@ -1,8 +1,8 @@
 <productname>{productname}</productname>
 <productnumber>{producty}</productnumber>
-<subtitle>Configuring SSL/TLS for {productname}</subtitle>
+<subtitle>Securing {productname}</subtitle>
 <abstract>
-    <para>Using SSL/TLS with {productname}</para>
+    <para>Securing {productname}: SSL/TLS, Certificates, and Encryption</para>
 </abstract>
 <authorgroup>
     <orgname>Red Hat OpenShift Documentation Team</orgname>

access_permissions_management/master.adoc

@@ -0,0 +1,49 @@
+include::modules/attributes.adoc[]
+
+:_content-type: ASSEMBLY
+[id="access-permissions-management-quay"]
+= Managing access and permissions for {productname}
+:context: quay-security
+
+{productname} offers a comprehensive permissions model, which allows administrators the ability to control who can access, manage, and modify repositories at a granular level. The following sections show you how to manage user access, define team roles, set permissions for users and robot accounts, and define the visibility of a repository. These guides include instructions using both the {productname} UI and the API. 
+
+The following topics are covered:
+
+* Role-based access controls
+* Adjusting repository visibility
+* Creating and managing robot accounts
+* Clair vulnerability reporting
+
+//rbac
+
+include::modules/role-based-access-control-intro.adoc[leveloffset=+1]
+include::modules/teams-overview.adoc[leveloffset=+2]
+include::modules/set-team-role.adoc[leveloffset=+3]
+include::modules/managing-team-members-repo-permissions-ui.adoc[leveloffset=+3]
+include::modules/setting-role-of-team-within-organization-api.adoc[leveloffset=+3]
+include::modules/default-permissions-v2-ui.adoc[leveloffset=+2]
+include::modules/default-permissions-api.adoc[leveloffset=+2]
+include::modules/allow-access-user-repo.adoc[leveloffset=+2]
+include::modules/adjust-access-user-repo-api.adoc[leveloffset=+2]
+
+//private repo
+include::modules/proc_use-quay-create-repo.adoc[leveloffset=+1]
+include::modules/adjusting-repository-visibility-via-the-ui.adoc[leveloffset=+2]
+include::modules/adjusting-repository-access-via-the-api.adoc[leveloffset=+2]
+
+//robot accounts
+include::modules/robot-account-overview.adoc[leveloffset=+1]
+include::modules/creating-robot-account-v2-ui.adoc[leveloffset=+2]
+include::modules/creating-robot-account-api.adoc[leveloffset=+2]
+include::modules/managing-robot-account-permissions-v2-ui.adoc[leveloffset=+2]
+include::modules/disabling-robot-account.adoc[leveloffset=+2]
+include::modules/regenerating-robot-account-token-api.adoc[leveloffset=+2]
+include::modules/deleting-robot-account-v2-ui.adoc[leveloffset=+2]
+include::modules/deleting-robot-account-api.adoc[leveloffset=+2]
+
+
+//isolated builds
+
+
+//clair
+include::modules/clair-vulnerability-scanner-overview.adoc[leveloffset=+1]

securing_quay/docinfo.xml

@@ -0,0 +1,10 @@
+<productname>{productname}</productname>
+<productnumber>{producty}</productnumber>
+<subtitle>Securing {productname}</subtitle>
+<abstract>
+    <para>Securing {productname}: SSL/TLS, Certificates, and Encryption</para>
+</abstract>
+<authorgroup>
+    <orgname>Red Hat OpenShift Documentation Team</orgname>
+</authorgroup>
+<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />

securing_quay/master.adoc

@@ -0,0 +1,40 @@
+include::modules/attributes.adoc[]
+
+:_content-type: ASSEMBLY
+[id="securing-quay"]
+= Securing {productname}
+:context: quay-security
+
+{productname} offers administrators the ability to secure communication and trusted access to their repositories through the use of Transport Layer Security (TLS), certificate management, and encryption techniques. Properly configuring SSL/TLS and implementing custom certificates can help safeguard data, secure external connections, and maintain trust between {productname} and the integrated services of your choosing. 
+
+The following topics are covered:
+
+* Configuring custom SSL/TLS certificates for standalone {productname} deployments
+* Configuring custom SSL/TLS certificates for {productname-ocp}
+* Adding additional Certificate Authorities to the {productname} container
+* Adding additional Certificate Authorities to {productname-ocp}
+
+//creating ssl-tls-certificates
+include::modules/ssl-tls-quay-overview.adoc[leveloffset=+1]
+include::modules/ssl-create-certs.adoc[leveloffset=+2]
+//SSL/TLS Standalone
+include::modules/configuring-ssl-tls.adoc[leveloffset=+2]
+include::modules/ssl-config-cli.adoc[leveloffset=+3]
+include::modules/ssl-trust-ca-podman.adoc[leveloffset=+3]
+include::modules/ssl-trust-ca-system.adoc[leveloffset=+3]
+//SSL/TLS Operator
+include::modules/operator-custom-ssl-certs-config-bundle.adoc[leveloffset=+2]
+include::modules/creating-custom-ssl-certs-config-bundle.adoc[leveloffset=+3]
+
+//additional ca certificates
+include::modules/config-extra-ca-certs-quay.adoc[leveloffset=+1]
+//Additional CA Certificates standalone
+include::modules/config-custom-ssl-certs-manual.adoc[leveloffset=+2]
+//Additional CA Certificates Operator
+include::modules/config-additional-ca-certs-operator.adoc[leveloffset=+2]
+include::modules/operator-config-cli-download.adoc[leveloffset=+3]
+include::modules/adding-ca-certs-to-config.adoc[leveloffset=+3]
+//Kubernetes
+include::modules/config-custom-ssl-certs-kubernetes.adoc[leveloffset=+2]
+
+//isolated builds

securing_quay/modules

@@ -0,0 +1 @@
+../modules/