fix(iam): reviews 21/04 (#4878)

Author: ldecarvalho-doc

pages/iam/concepts.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: Understand the fundamental concepts of Identity and Access Management in Scaleway.
 tags: advanced settings owner iam principal
 dates:
-  validation: 2025-04-08
+  validation: 2025-04-23
 ---
 
 <Lightbox src="scaleway-iam-concepts.webp" alt="" />
@@ -74,9 +74,9 @@ As a Member you are subject to [complying with the security requirements](/iam/h
 
 ## Organization
 
-An Organization is made of one or several [Projects](#project). When you create your Scaleway account, an Organization is automatically created, of which you are the Owner. When you create [IAM rules](#rule), you can set their scope at Organization level.
+An Organization is made of one or several [Projects](#project). When you create your Scaleway account, an Organization is automatically created, of which you are the Owner. You can also be added to an existing Organization as a [Guest](#guest) or as a [Member](#member).
 
-This means you can give access to features managed at Organization level, like billing and IAM, to users, applications, and groups in your Organization.
+When you create [IAM rules](#rule), you can set their scope at Organization level. This means you can give access to features managed at Organization level, like billing and IAM, to users, applications, and groups in your Organization.
 
 <Lightbox src="scaleway-iam-organization.webp" alt="" />
 
@@ -136,14 +136,7 @@ A rule (also known as an IAM rule) is the part of a [policy](#policy) that defin
     - **Projects** group your Scaleway resources (e.g. Instances, Object Storage buckets, Managed Databases etc.) together. An Organization may have many Projects, or just one default Project. If you choose to define scope at Project level, you can select one, many, or all Projects. When you then define the [permission sets](#permission-set) for this scope, you can give access to different resources within the Project(s).
     - An **Organization** is made of one or several Projects. Billing, IAM, Project management and support are all managed at Organization level, so choose the Organization scope to give access to these features.
 2. One or more [**permission sets**](#permission-set) (e.g. "list all Instances"). A permission set consists of one or multiple [permissions](#permission) to perform actions on resources or features. Each permission set has a clear description, e.g. `InstancesFullAccess`, `InstancesReadOnly`, `DatabaseFullAccess`, `BillingReadOnly`.
-
-    The rule below defines various levels of access to different resources in Project A. The [principal](#principal) (user, group, or application) can create, list, delete and manage Instances and Databases, but for Object Storage can only list and read the resources:
-
-SCOPE
-: Project A
-
-PERMISSION SET
-: InstancesFullAccess, ObjectStorageReadOnly, DatabasesFullAccess
+3. (Optional) One or more [IAM conditions](#conditions) - defined in Common Expression Language (CEL) expressions.
 
 ## Scope
 

pages/iam/how-to/comply-with-sec-requirements-member.mdx

@@ -1,6 +1,7 @@
 ---
-title: How to comply with security requirements as a Member
-description: Instructions for complying with security requirements as an IAM Member
+meta:
+  title: How to comply with security requirements as a Member
+  description: Instructions for complying with security requirements as an IAM Member
 content:
   h1: How to comply with security requirements as a Member
   paragraph: Instructions for complying with security requirements as an IAM Member

pages/iam/how-to/manage-members.mdx

@@ -18,18 +18,19 @@ dates:
 ## How to create a Member
 
 1. Click **Identity and Access Management (IAM)** from the top-right of your [Organization Dashboard](https://console.scaleway.com/organization) in the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
-2. Click **+ Create Member**. A pop-up displays.
-3. Enter a username and the email address of the Member you want to add to your Organization.
+2. Click **+ Add user**. A pop-up displays prompting you to choose between creating a **Member** or adding a **Guest**.
+3. Select **Member** and click **Continue**.
+4. Enter a username and the email address of the Member you want to add to your Organization.
     <Message type="important">
       When you create a Member, a Scaleway account is created for them. They exist only within your Organization. If you delete the Member, their account is also deleted.
     </Message>
-4. (Optional) Check the box if you want to send a welcome email to the Member.
-5. Add a password.
+5. (Optional) Check the box if you want to send a welcome email to the Member.
+6. Add a password.
     <Message type="note">
       This step is optional. If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. If password renewal is enforced in the Organization, from their first login, the Member has up to 3 days to update their password and comply with this security requirement.
     </Message>
-6. (Optional) Check the box if you want to send the password to the Member via email.
-7. Click **Create Member**.
+7. (Optional) Check the box if you want to send the password to the Member via email.
+8. Click **Create Member**.
 
 If you did not send an welcome email to the Member, make sure you give them their login information.
 

pages/iam/quickstart.mdx

@@ -23,15 +23,22 @@ Read our dedicated page for a [general overview of IAM](/iam/reference-content/o
 
 ## How to invite a user to your Organization
 
-Invite other users to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later.
+Invite other users to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later. You can add two types of users: [Guests](/iam/concepts/#guest) and [Members](/iam/concepts/#member). In this section we show you how to [add a member](/iam/how-to/manage-members/#how-to-create-a-member).
 
 1. Click **Identity and Access Management (IAM)** from the top-right of your [**Organization Dashboard**](https://console.scaleway.com/organization) in the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
 2. Click **+ Add user**. A pop-up displays prompting you to choose between creating a **Member** or adding a **Guest**.
-3. Select **Guest** and click **Continue**.
-4. Enter the email address of the person you want to invite. If you want to invite more than one user, enter multiple email addresses separated by commas. Optionally, you can also select a [group](/iam/concepts/#group) to add the user to and add one or more tags.
-5. Click **Invite** to send the invitation.
-    The user receives an email inviting them to accept your invitation. If they do not already have a Scaleway account, they will be prompted to [create one](/account/how-to/create-an-account/) first.
-6. The user will appear in the list of your Organization's users once they have accepted the invitation.
+3. Select **Member** and click **Continue**.
+4. Enter a username and the email address of the Member you want to add to your Organization.
+    <Message type="important">
+      When you create a Member, a Scaleway account is created for them. They exist only within your Organization. If you delete the Member, their account is also deleted.
+    </Message>
+5. (Optional) Check the box if you want to send a welcome email to the Member.
+6. Add a password.
+    <Message type="note">
+      This step is optional. If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. If password renewal is enforced in the Organization, from their first login, the Member has up to 3 days to update their password and comply with this security requirement.
+    </Message>
+7. (Optional) Check the box if you want to send the password to the Member via email.
+8. Click **Create Member**.
 
 ## How to create an application
 

pages/iam/reference-content/overview.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: High-level overview of Scaleway IAM features.
 tags: iam
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
 categories:
   - iam
   - console
@@ -25,19 +25,25 @@ When you create your Scaleway account, an [Organization](/iam/concepts/#organiza
 
   <Lightbox src="scaleway-iam-organization.webp" alt="" />
 
+<Message type="note">
+  You can also be added to an existing Organization as a [Guest](#guest) or as a [Member](#member). Your permissions in these Organizations will depend on the policies set for you by the Organization administrator.
+</Message>
+
 ### Creating Resources & Projects
 
-Once you set up your account, you can start creating resources such as Instances, Kubernetes Kapsules, Elastic Metal servers, etc. All resources that you create are added to your Organization's default [Project](/iam/concepts/#project). However, you can choose to create multiple other Projects in your Organization, which lets you separate and group your resources as you wish.
+Once you set up your account, you can start creating resources such as Instances, Kubernetes Kapsule, Elastic Metal servers, etc. All resources that you create are added to your Organization's default [Project](/iam/concepts/#project). However, you can choose to create multiple other Projects in your Organization, which lets you separate and group your resources as you wish.
 
 ## IAM
 
 ### Sharing access: users & policies
 
 If you want to give someone else permission to view, edit, create or manage resources (or features such as billing or support tickets) in your Organization, IAM makes this possible:
 
-1. [Invite the user](/iam/how-to/invite-user-to-orga/) to your Organization. They create their own Scaleway account, if they do not already have one, and can then accept your invitation. They will appear in your Organization as a Guest.
+1. [Create a new IAM Member](/iam/how-to/manage-members/#how-to-create-a-member). You can provide them the credentials necessary to [log in as a Member](/iam/how-to/log-in-as-a-member) in your Organization.
 
-    Alternatively, you can [create a new IAM member](/iam/how-to/manage-members/#how-to-create-a-member). You can provide them the credentials necessary to [log in as a member](/iam/how-to/log-in-as-a-member) in your Organization.
+    <Message type="note">
+      Alternatively, [invite the user](/iam/how-to/invite-user-to-orga/) to your Organization as a Guest. They create their own Scaleway account, if they do not already have one, and can then accept your invitation.
+    </Message>
 
 2. Give the user permissions via [policies](/iam/concepts/#policy). Create a policy to define what permissions and access rights you want the user to have in your Organization.
     <Lightbox src="scaleway-iam-policy.webp" alt="" />

pages/iam/reference-content/policy.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: Detailed additional content for policies within Scaleway IAM.
 tags: iam
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
 categories:
   - iam
   - console

pages/iam/reference-content/reproduce-roles-project-api-keys.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: This page explains how to generate an access system similar to Scaleway's roles feature and Project-scoped API keys, that existed before IAM.
 tags: iam
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
 categories:
   - iam
   - console

pages/iam/reference-content/users-groups-and-applications.mdx

@@ -6,7 +6,7 @@ content:
   h1: Users, groups, and applications
   paragraph: Manage users, groups, and applications within Scaleway IAM.
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
 ---
 
 IAM users, groups, and applications are principals in Scaleway Organizations. A principal is an entity that can be attached to a policy.

pages/managed-databases-for-postgresql-and-mysql/concepts.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: Understand key concepts for Scaleway Managed Databases for PostgreSQL and MySQL.
 tags: endpoint allowed-ip clone-feature engine read-replica
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
 categories:
   - managed-databases
   - postgresql-and-mysql

pages/managed-databases-for-postgresql-and-mysql/how-to/change-volume-type.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: This page explains how to change the volume type of your Database
 tags: managed-database database volume-type
 dates:
-  validation: 2024-10-16
+  validation: 2025-04-23
   posted: 2021-03-10
 categories:
   - managed-databases
@@ -20,7 +20,7 @@ It is possible to change your [volume type](/managed-databases-for-postgresql-an
 
 - A Scaleway account logged into the [console](https://console.scaleway.com)
 - [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
-- A [PostgreSQL or MySQL Database Instance](/managed-databases-for-postgresql-and-mysql/quickstart/) with Local Storage
+- A [PostgreSQL or MySQL Database Instance](/managed-databases-for-postgresql-and-mysql/quickstart/) with local Storage
 
 1. Click **PostgreSQL and MySQL** under **Managed Databases** on the side menu. A list of your Database Instances displays.
 2. Click the name of the Database Instance you want to edit. The database's Overview page displays.
@@ -37,8 +37,8 @@ It is possible to change your [volume type](/managed-databases-for-postgresql-an
     The Database Instance goes into the `Initializing` state.
 
     <Message type="important">
-      - When switching from a Local volume to a Block volume, and if [Autobackup](/managed-databases-for-postgresql-and-mysql/how-to/enable-autobackup/) is enabled, be aware that the snapshot type will change. Local volumes use logical backups, whereas Block Storage employs snapshots. Both types are priced at €0.03 per GB per month, but their distinct backup methods affect storage space differently, influencing the final monthly cost based on your usage.
-      - Disk size cannot be reduced, so when switching from Local to Block, the volume size remains the same by default.
-      - When switching from a Block to a Local volume, make sure to select a node with a Local Storage with size equal or greater than your current Block Storage. If you choose a Database Instance type with a Local volume larger than your current block volume, you will be billed for the full capacity of the Database Instance.
-      - When autobackup is enabled for your Local or Block volumes, regular quota limitations for backups and snapshots do not apply. Refer to the [Managed Databases FAQ page](/managed-databases-for-postgresql-and-mysql/faq/#why-is-my-number-of-active-backupssnapshots-exceeding-the-quota) for more information.
+      - When switching from a local volume to a Block volume, and if [Autobackup](/managed-databases-for-postgresql-and-mysql/how-to/enable-autobackup/) is enabled, be aware that the snapshot type will change. Local volumes use logical backups, whereas Block Storage employs snapshots. Both types are priced at €0.03 per GB per month, but their distinct backup methods affect storage space differently, influencing the final monthly cost based on your usage.
+      - Disk size cannot be reduced, so when switching from local to Block, the volume size remains the same by default.
+      - When switching from a Block to a local volume, make sure to select a node with a local Storage with size equal or greater than your current Block Storage. If you choose a Database Instance type with a local volume larger than your current block volume, you will be billed for the full capacity of the Database Instance.
+      - When autobackup is enabled for your local or Block volumes, regular quota limitations for backups and snapshots do not apply. Refer to the [Managed Databases FAQ page](/managed-databases-for-postgresql-and-mysql/faq/#why-is-my-number-of-active-backupssnapshots-exceeding-the-quota) for more information.
     </Message>