changelog for access fine-grained permissioning

src/content/changelog/fundamentals/2025-10-01-fine-grained-permissioning-beta.mdx

@@ -0,0 +1,27 @@
+---
+title: Fine-grained Permissioning for Access for Apps, IdPs, & Targets now in Public Beta
+description: Expanding Role-Based-Access-Control with resource-level controls in Cloudflare Zero Trust.
+products:
+  - fundamentals
+date: 2025-10-01
+---
+
+Fine-grained permissions for **Access Applications, Identity Providers (IdPs), and Targets** is now available in Public Beta. This expands our RBAC model beyond account & zone-scoped roles, enabling administrators to grant permissions scoped to individual resources.
+
+### What's New
+- **[Access Applications](https://developers.cloudflare.com/cloudflare-one/applications/)**: Grant admin permissions to specific Access Applications.  
+- **[Identity Providers](https://developers.cloudflare.com/cloudflare-one/identity/)**: Grant admin permissions to individual Identity Providers.  
+- **[Targets](https://developers.cloudflare.com/cloudflare-one/applications/non-http/infrastructure-apps/#1-add-a-target)**: Grant admin rights to specific Targets
+
+![Updated Permissions Policy UX](~/assets/images/changelog/fundamentals/2025-10-01-fine-grained-permissioning-ux.png) 
+
+:::note
+During the public beta, members must also be assigned an account-scoped, read only role to view resources in the dashboard. This restriction will be lifted in a future release. 
+- **Account Read Only** plus a fine-grained permission for a specific App, IdP, or Target  
+- **Cloudflare Zero Trust Read Only** plus fine-grained permission for a specific App, IdP, or Target  
+:::
+
+For more info:
+
+- [Get started with Cloudflare Permissioning](/fundamentals/manage-members/roles/)
+- [Manage Member Permissioning via the UI & API](/fundamentals/manage-members/manage)