RHIDP-3971 authorization introduction (#632)

Signed-off-by: Fabrice Flore-Thébault <[email protected]>
Co-authored-by: Gerry-Forde <[email protected]>

Author: themr0c

assemblies/assembly-configuring-authorization-in-rhdh.adoc

@@ -1,7 +1,30 @@
 [id='configuring-authorization-in-rhdh']
 = Configuring authorization in {product}
 
-include::modules/authorization/con-rbac-overview.adoc[leveloffset=+1]
+In link:{authorization-book-url}[{authentication-book-title}], you learnt how to authenticate users to {product}.
+{product-short} knowns who the users are.
+
+In this book, learn how to authorize users to perform actions in {product-short}.
+Define what users can do in {product-short}.
+
+Role-Based Access Control (RBAC) is a security concept that controls access to resources in a system, and specifies a mapping between users of the system, and the actions they can perform on resources in the system.
+You define roles with specific permissions, and then assign the roles to users and groups.
+
+RBAC on {product-short} is built on top of the Permissions framework, which defines RBAC policies in code.
+Rather than defining policies in code,
+the {product-short} RBAC feature allows you
+to define policies in a declarative fashion using a simple CSV based format.
+You can define the policies by using {product-short} web interface or REST API, rather than editing the CSV directly.
+
+To apply RBAC in {product-short}:
+
+. The {product-short} administrator sets up the RBAC feature:
+.. Enable the RBAC feature
+.. Configure Policy Administrators
+
+. The {product-short} policy administrator configures your RBAC policies:
+.. Define roles with specific permissions
+.. Assign the roles to users and groups
 
 
 include::modules/authorization/ref-rbac-permission-policies.adoc[leveloffset=+1]