Security reorg preview structure

cmilesb · cmilesb · commit 50ba4ec9e057 · 2025-05-19T13:13:27.000-04:00
diff --git a/content/operate/rc/security/_index.md b/content/operate/rc/security/_index.md
@@ -8,6 +8,8 @@ categories:
 description: null
 hideListLinks: true
 weight: 51
+bannerText: This section is a work in progress. Page content is not final.
+bannerChildren: true
 ---
 
 Redis Cloud provides a number of ways to secure subscriptions and databases.
diff --git a/content/operate/rc/security/access-control/_index.md b/content/operate/rc/security/access-control/_index.md
@@ -1,6 +1,6 @@
 ---
-LinkTitle: Access control
-Title: Access control
+LinkTitle: Console access control (Access management, SAML SSO, MFA)
+Title: Console access control
 alwaysopen: false
 categories:
 - docs
@@ -9,7 +9,7 @@ categories:
 description: Control who can access the Redis Cloud console and databases.
 hideListLinks: false
 toc: 'true'
-weight: 5
+weight: 2
 ---
 
 Redis Cloud offers you a few different ways to control who can access and make changes to your databases.
diff --git a/content/operate/rc/security/data-access-control/_index.md b/content/operate/rc/security/data-access-control/_index.md
@@ -1,6 +1,6 @@
 ---
-LinkTitle: Data access control
-Title: Data access control
+LinkTitle: Database access control (Default user, RBAC)
+Title: Database access control
 alwaysopen: false
 categories:
 - docs
@@ -11,7 +11,11 @@ description: Control who can access your databases using the default user databa
 headerRange: '[1-3]'
 hideListLinks: true
 toc: 'true'
-weight: 25
+weight: 3
+aliases:
+    - /operate/rc/security/access-control/data-access-control/
+    - /operate/rc/security/access-control/database-access-control/
+    - /operate/rc/security/database-access-control/
 ---
 
 ## Default user
diff --git a/content/operate/rc/security/data-access-control/default-user.md b/content/operate/rc/security/data-access-control/default-user.md
@@ -8,7 +8,11 @@ categories:
 description: Learn how to change your default user password or turn off access using
   the default user password.
 linkTitle: Default user
-weight: 5
+weight: 1
+aliases:
+    - /operate/rc/security/access-control/data-access-control/default-user/
+    - /operate/rc/security/access-control/database-access-control/default-user/
+    - /operate/rc/security/database-access-control/default-user/
 ---
 
 Password-based authentication is a basic but essential Redis security feature. When you create a Redis Cloud database, your database is given a randomly generated password called the **Default user password**.
diff --git a/content/operate/rc/security/data-access-control/role-based-access-control/_index.md b/content/operate/rc/security/data-access-control/role-based-access-control/_index.md
@@ -9,7 +9,11 @@ categories:
 description: Lets you define multiple users with fine-grained data authorization features.
 headerRange: '[1-3]'
 toc: 'true'
-weight: 10
+weight: 2
+aliases:
+    - /operate/rc/security/access-control/data-access-control/role-based-access-control/
+    - /operate/rc/security/access-control/database-access-control/role-based-access-control/
+    - /operate/rc/security/database-access-control/role-based-access-control/
 ---
 
 Role-based access control (RBAC) lets you define *roles* with specific sets of *permissions*. You can then assign *users* to these roles
diff --git a/content/operate/rc/security/data-access-control/role-based-access-control/active-active-roles.md b/content/operate/rc/security/data-access-control/role-based-access-control/active-active-roles.md
@@ -9,7 +9,11 @@ categories:
 description: null
 headerRange: '[1-3]'
 toc: 'true'
-weight: $weight
+weight: 3
+aliases:
+    - /operate/rc/security/access-control/data-access-control/active-active-roles/
+    - /operate/rc/security/access-control/database-access-control/active-active-roles/
+    - /operate/rc/security/database-access-control/active-active-roles/
 ---
 
 For [Active-Active databases]({{< relref "/operate/rc/databases/configuration/active-active-redis" >}}), you can define roles with different levels of access for different regions. For example, you can define a user role with full database access in one region and read-only access in another. Or, you can prevent a user from running any commands in a specified region.
diff --git a/content/operate/rc/security/data-access-control/role-based-access-control/configure-acls.md b/content/operate/rc/security/data-access-control/role-based-access-control/configure-acls.md
@@ -9,7 +9,11 @@ categories:
 description: null
 headerRange: '[1-3]'
 toc: 'true'
-weight: 15
+weight: 1
+aliases:
+    - /operate/rc/security/access-control/data-access-control/configure-acls/
+    - /operate/rc/security/access-control/database-access-control/configure-acls/
+    - /operate/rc/security/database-access-control/configure-acls/
 ---
 
 You can define custom Redis ACL rules to assign to a data access role or use predefined Redis ACLs.
diff --git a/content/operate/rc/security/data-access-control/role-based-access-control/create-assign-users.md b/content/operate/rc/security/data-access-control/role-based-access-control/create-assign-users.md
@@ -9,7 +9,11 @@ categories:
 description: Create a database user and assign it a role.
 headerRange: '[1-3]'
 toc: 'true'
-weight: 25
+weight: 4
+aliases:
+    - /operate/rc/security/access-control/data-access-control/create-assign-users/
+    - /operate/rc/security/access-control/database-access-control/create-assign-users/
+    - /operate/rc/security/database-access-control/create-assign-users/
 ---
 
 Before you create a database user, you must [create a data access role]({{< relref "/operate/rc/security/access-control/data-access-control/create-roles" >}}) to assign to that user.
diff --git a/content/operate/rc/security/data-access-control/role-based-access-control/create-roles.md b/content/operate/rc/security/data-access-control/role-based-access-control/create-roles.md
@@ -9,7 +9,7 @@ categories:
 description: null
 headerRange: '[1-3]'
 toc: 'true'
-weight: 20
+weight: 2
 ---
 
 To assign [Redis ACLs]({{< relref "/operate/rc/security/access-control/data-access-control/configure-acls" >}}) to a data access role:
diff --git a/content/operate/rc/security/database-security/_index.md b/content/operate/rc/security/database-security/_index.md
@@ -1,13 +1,14 @@
 ---
-Title: Cloud database security
+Title: Data security
+linkTitle: Data security (TLS, encryption at rest)
 alwaysopen: false
 categories:
 - docs
 - operate
 - rc
 description: null
 hideListLinks: true
-weight: 20
+weight: 4
 ---
 
 Redis Cloud provides several features to help you secure your databases. These include
diff --git a/content/operate/rc/security/database-security/encryption-at-rest.md b/content/operate/rc/security/database-security/encryption-at-rest.md
@@ -7,6 +7,8 @@ categories:
 - rc
 description: Describes when data is encrypted at rest.
 weight: 40
+aliases:
+    - /operate/rc/security/encryption-at-rest/
 ---
 Redis Cloud databases write their data to disk whenever [persistence]({{< relref "/operate/rc/databases/configuration/data-persistence.md" >}}) is enabled. 
 
diff --git a/content/operate/rc/security/network-security/_index.md b/content/operate/rc/security/network-security/_index.md
@@ -1,13 +1,15 @@
 ---
-Title: Network security
+Title: Network security and connectivity
 alwaysopen: false
 categories:
 - docs
 - operate
 - rc
 description: null
-linkTitle: Network security
-weight: 30
+linkTitle: Network security and connectivity (CIDR allow list, private endpoints)
+weight: 5
+aliases:
+    - /operate/rc/security/database-security/network-security/
 ---
 
 Redis Cloud supports two types of network security: database-level CIDR allow lists and [VPC](#virtual-private-clouds)-wide CIDR allow lists.
diff --git a/content/operate/rc/security/network-security/cidr-whitelist.md b/content/operate/rc/security/network-security/cidr-whitelist.md
@@ -8,7 +8,9 @@ categories:
 description: The CIDR allow list permits traffic between a range of IP addresses and
   the Redis Cloud VPC.
 linkTitle: CIDR allow list
-weight: 30
+weight: 1
+aliases:
+    - /operate/rc/security/cidr-whitelist/
 ---
 
 The [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) [allow list](https://en.wikipedia.org/wiki/Whitelist) lets you restrict traffic to your Redis Cloud database. When you configure an allow list, only the [IP addresses](https://en.wikipedia.org/wiki/IP_address) defined in the list can connect to the database. Traffic from all other IP addresses is blocked.
diff --git a/content/operate/rc/security/network-security/connect-private-endpoint/_index.md b/content/operate/rc/security/network-security/connect-private-endpoint/_index.md
@@ -0,0 +1,11 @@
+---
+Title: Connect to private endpoints
+alwaysopen: false
+categories:
+- docs
+- operate
+- rc
+description: null
+linkTitle: Connect to private endpoints
+weight: 3
+---
diff --git a/content/operate/rc/security/network-security/connect-private-endpoint/aws-transit-gateway.md b/content/operate/rc/security/network-security/connect-private-endpoint/aws-transit-gateway.md
@@ -8,6 +8,8 @@ categories:
 description: null
 linkTitle: Transit Gateway
 weight: 80
+aliases:
+    - /operate/rc/security/aws-transit-gateway/
 ---
 
 [Amazon Web Services (AWS) Transit Gateway](https://docs.aws.amazon.com/vpc/latest/tgw/how-transit-gateways-work.html) acts as a Regional virtual router for traffic flowing between your virtual private cloud(s) (VPCs) and on-premises networks. You can attach different resources to your Transit Gateway which include:
diff --git a/content/operate/rc/security/network-security/connect-private-endpoint/private-service-connect.md b/content/operate/rc/security/network-security/connect-private-endpoint/private-service-connect.md
@@ -10,6 +10,8 @@ description: Private Service Connect creates a private endpoint that allows secu
 linkTitle: Private Service Connect
 toc: 'true'
 weight: 50
+aliases:
+    - /operate/rc/security/private-service-connect/
 ---
 
 [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect) (PSC) creates a private endpoint that allows secure connections to Redis Cloud databases without exposing your application's [virtual private cloud](https://en.wikipedia.org/wiki/Virtual_private_cloud) (VPC). 
diff --git a/content/operate/rc/security/network-security/connect-private-endpoint/vpc-peering.md b/content/operate/rc/security/network-security/connect-private-endpoint/vpc-peering.md
@@ -9,6 +9,8 @@ description: VPC peering uses private IP addresses to route traffic between a Re
   Cloud VPC and an application VPC.
 linkTitle: VPC peering
 weight: 80
+aliases:
+    - /operate/rc/security/vpc-peering/
 ---
 
 VPC peering uses private IP addresses to allow network connections between two [virtual private clouds](https://en.wikipedia.org/wiki/Virtual_private_cloud) (VPCs).
diff --git a/content/operate/rc/security/shared-responsibility-model.md b/content/operate/rc/security/shared-responsibility-model.md
@@ -7,7 +7,7 @@ categories:
 - rc
 description: null
 linkTitle: Shared responsibility model
-weight: 10
+weight: 1
 ---
 
 The security of all Redis Cloud deployments is a shared responsibility. Redis, the public cloud providers (Amazon Web Services [AWS], Google Cloud, and Microsoft Azure), and our customers all help ensure the security of these deployments.
