fix: upgrade indicatif and add comprehensive documentation (#476)

* fix: upgrade indicatif to 0.18 to resolve RUSTSEC-2025-0119

Upgrade indicatif from 0.17 to 0.18 which replaces the unmaintained
number_prefix crate with unit-prefix, resolving the security advisory.

* docs: add comprehensive documentation for all command groups

- Cloud: ACL, users, provider accounts, tasks
- Enterprise: users, CRDB, databases, modules, nodes, logs, stats
- Plus 44 additional doc files with command references and examples

Author: joshrotenberg

docs/src/api-reference/api.md

@@ -0,0 +1,99 @@
+# ACL Management
+
+Redis Cloud Access Control Lists (ACLs) provide fine-grained control over database access. redisctl supports managing Redis rules, roles, and ACL users.
+
+## Commands Overview
+
+```bash
+redisctl cloud acl --help
+```
+
+### Redis Rules
+
+Redis rules define what Redis commands and keys a user can access.
+
+```bash
+# List all Redis ACL rules
+redisctl cloud acl list-redis-rules <subscription_id>
+
+# Create a new Redis ACL rule
+redisctl cloud acl create-redis-rule <subscription_id> --data '{"name": "read-only", "redisRules": ["+@read", "-@write"]}'
+
+# Update an existing rule
+redisctl cloud acl update-redis-rule <subscription_id> <rule_id> --data '{"redisRules": ["+@read", "+@hash"]}'
+
+# Delete a rule
+redisctl cloud acl delete-redis-rule <subscription_id> <rule_id>
+```
+
+### Roles
+
+Roles group Redis rules and database associations together.
+
+```bash
+# List all ACL roles
+redisctl cloud acl list-roles <subscription_id>
+
+# Create a new role
+redisctl cloud acl create-role <subscription_id> --data '{"name": "app-reader", "redisRules": [{"ruleId": 123}]}'
+
+# Update a role
+redisctl cloud acl update-role <subscription_id> <role_id> --data '{"name": "app-reader-v2"}'
+
+# Delete a role
+redisctl cloud acl delete-role <subscription_id> <role_id>
+```
+
+### ACL Users
+
+ACL users are the actual accounts that connect to databases with specific permissions.
+
+```bash
+# List all ACL users
+redisctl cloud acl list-acl-users <subscription_id>
+
+# Get user details
+redisctl cloud acl get-acl-user <subscription_id> <user_id>
+
+# Create a new ACL user
+redisctl cloud acl create-acl-user <subscription_id> --data '{"name": "app-user", "password": "secure-password", "roles": [{"roleId": 456}]}'
+
+# Update an ACL user
+redisctl cloud acl update-acl-user <subscription_id> <user_id> --data '{"password": "new-password"}'
+
+# Delete an ACL user
+redisctl cloud acl delete-acl-user <subscription_id> <user_id>
+```
+
+## JSON Output
+
+All commands support `-o json` for structured output:
+
+```bash
+redisctl cloud acl list-roles 12345 -o json | jq '.[] | {name, id}'
+```
+
+## Common Patterns
+
+### Create a Read-Only User
+
+```bash
+# 1. Create a read-only rule
+redisctl cloud acl create-redis-rule 12345 --data '{
+  "name": "readonly-rule",
+  "redisRules": ["+@read", "-@write", "-@admin", "-@dangerous"]
+}'
+
+# 2. Create a role using that rule
+redisctl cloud acl create-role 12345 --data '{
+  "name": "readonly-role",
+  "redisRules": [{"ruleId": <rule_id>}]
+}'
+
+# 3. Create a user with that role
+redisctl cloud acl create-acl-user 12345 --data '{
+  "name": "readonly-user",
+  "password": "secure-password",
+  "roles": [{"roleId": <role_id>}]
+}'
+```

docs/src/cloud/access-control/acl.md

@@ -0,0 +1,67 @@
+# User Management
+
+Manage Redis Cloud account users who can access the Redis Cloud console and API.
+
+> **Note**: These are Redis Cloud *account* users (console/API access), not database ACL users. For database-level access control, see [ACL Management](acl.md).
+
+## Commands Overview
+
+```bash
+redisctl cloud user --help
+```
+
+## List Users
+
+```bash
+# List all users in your account
+redisctl cloud user list
+
+# Output as JSON
+redisctl cloud user list -o json
+```
+
+## Get User Details
+
+```bash
+# Get details for a specific user
+redisctl cloud user get <user_id>
+
+# Get specific fields with JMESPath
+redisctl cloud user get <user_id> -q '{name: name, email: email, role: role}'
+```
+
+## Update User
+
+```bash
+# Update user information
+redisctl cloud user update <user_id> --data '{"name": "New Name"}'
+```
+
+## Delete User
+
+```bash
+# Delete a user from the account
+redisctl cloud user delete <user_id>
+```
+
+## JSON Output
+
+All commands support structured output for scripting:
+
+```bash
+# List all user emails
+redisctl cloud user list -o json | jq '.[].email'
+
+# Find admin users
+redisctl cloud user list -o json | jq '.[] | select(.role == "owner")'
+```
+
+## User Roles
+
+Redis Cloud account users have roles that determine their permissions:
+
+- **owner**: Full access to all account features
+- **member**: Access to assigned resources
+- **viewer**: Read-only access
+
+For managing database-level permissions (what Redis commands users can run), use the [ACL commands](acl.md) instead.

docs/src/cloud/access-control/users.md

@@ -0,0 +1,48 @@
+# Redis Cloud Commands
+
+Redis Cloud commands are organized into three layers:
+
+## 1. Human-Friendly Commands
+
+High-level commands with typed parameters and structured output.
+
+```bash
+redisctl cloud <resource> <action> [options]
+```
+
+See [Human-Friendly Commands](./human-commands.md) for the complete reference.
+
+## 2. Raw API Access
+
+Direct access to any REST endpoint when you need full control.
+
+```bash
+redisctl api cloud <method> <path> [options]
+```
+
+See [Raw API Access](./api-access.md) for details.
+
+## 3. Workflows (Coming Soon)
+
+Multi-step orchestrated operations for complex tasks:
+- Database migration workflows
+- Backup and restore procedures
+- Cluster setup automation
+
+## Quick Reference
+
+### Most Common Commands
+
+```bash
+# Subscriptions
+redisctl cloud subscription list
+redisctl cloud subscription get <id>
+
+# Databases
+redisctl cloud database list --subscription-id <id>
+redisctl cloud database get --subscription-id <id> --database-id <id>
+
+# Direct API
+redisctl api cloud get /subscriptions
+redisctl api cloud post /subscriptions/<id>/databases --data @database.json
+```