themr0c
diff --git a/‎artifacts/attributes.adoc‎
Lines changed: 4 additions & 3 deletions b/‎artifacts/attributes.adoc‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎assemblies/assembly-configuring-default-secret-pvc-mounts.adoc‎
Lines changed: 0 additions & 10 deletions b/‎assemblies/assembly-configuring-default-secret-pvc-mounts.adoc‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎assemblies/assembly-install-rhdh-eks-operator.adoc‎
Lines changed: 0 additions & 12 deletions b/‎assemblies/assembly-install-rhdh-eks-operator.adoc‎
Lines changed: 0 additions & 12 deletions
diff --git a/‎assemblies/assembly-installing-rhdh-on-platform-by-using-the-operator.adoc‎
Lines changed: 25 additions & 0 deletions b/‎assemblies/assembly-installing-rhdh-on-platform-by-using-the-operator.adoc‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎assemblies/assembly-rhdh-default-configuration.adoc‎
Lines changed: 22 additions & 0 deletions b/‎assemblies/assembly-rhdh-default-configuration.adoc‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎modules/authorization/proc-enabling-the-rbac-plugin.adoc‎
Lines changed: 6 additions & 2 deletions b/‎modules/authorization/proc-enabling-the-rbac-plugin.adoc‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎modules/authorization/ref-rbac-rest-api-endpoints.adoc‎
Lines changed: 80 additions & 0 deletions b/‎modules/authorization/ref-rbac-rest-api-endpoints.adoc‎
Lines changed: 80 additions & 0 deletions
diff --git a/‎modules/configuring-external-databases/con-automated-operator-features.adoc‎
Lines changed: 6 additions & 0 deletions b/‎modules/configuring-external-databases/con-automated-operator-features.adoc‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎modules/configuring-external-databases/con-configuring-default-secret-pvc-mounts.adoc‎
Lines changed: 6 additions & 0 deletions b/‎modules/configuring-external-databases/con-configuring-default-secret-pvc-mounts.adoc‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎modules/configuring-external-databases/con-default-base-urls.adoc‎
Lines changed: 26 additions & 0 deletions b/‎modules/configuring-external-databases/con-default-base-urls.adoc‎
Lines changed: 26 additions & 0 deletions
@@ -93,6 +93,7 @@
 
 // First mention of OpenShift CLI or `oc` in a module
 :openshift-cli: pass:quotes[OpenShift CLI (`oc`)]
+:platform-generic: OpenShift
 
 // Links and their title (in alphabetical order)
 :about-book-link: {product-docs-link}/html-single/about_red_hat_developer_hub/index
@@ -127,11 +128,11 @@
 :installing-and-viewing-plugins-book-title: Installing and viewing plugins in {product}
 :installing-in-air-gap-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_in_an_air-gapped_environment/index
 :installing-in-air-gap-book-title: Installing {product} in an air-gapped environment
-:installing-on-aks-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_microsoft_azure_kubernetes_service/index
+:installing-on-aks-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_microsoft_azure_kubernetes_service_aks/index
 :installing-on-aks-book-title: Installing {product} on {aks-brand-name}
-:installing-on-eks-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_amazon_elastic_kubernetes_service/index
+:installing-on-eks-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_amazon_elastic_kubernetes_service_eks/index
 :installing-on-eks-book-title: Installing {product} on {eks-brand-name}
-:installing-on-gke-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_google_kubernetes_engine/index
+:installing-on-gke-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_google_kubernetes_engine_gke/index
 :installing-on-gke-book-title: Installing {product} on {gke-brand-name}
 :installing-on-ocp-book-link: {product-docs-link}/html-single/installing_red_hat_developer_hub_on_openshift_container_platform/index
 :installing-on-ocp-book-title: Installing {product} on {ocp-short}
 
@@ -0,0 +1,25 @@
+:_mod-docs-content-type: ASSEMBLY
+// To use this module define the attributes: :platform-long: :platform: :platform-id:
+[id="assembly-installing-rhdh-on-{platform-id}-by-using-the-operator"]
+= Installing {product-short} on {platform-long} by using the Operator
+
+To benefit from over-the-air updates and catalogs provided by Operator-based applications distributed with the Operator Lifecycle Manager (OLM) framework, consider installing {product} by using the {product} Operator distributed in the {company-name} Ecosystem.
+
+On {platform}, the most notable differences over an OpenShift-based installation are:
+
+* The OLM framework and the {company-name} Ecosystem are not built-in.
+* The {company-name} Ecosystem pull-secret is not managed globally.
+* To expose the application, Ingresses replace OpenShift Routes.
+
+For clarity, the content is broken down in sections highlighting these platform-specific additional steps.
+
+include::modules/installation/proc-installing-the-operator-on-{platform-id}-by-using-olm.adoc[leveloffset=+1]
+
+include::modules/configuring/proc-provisioning-your-custom-configuration.adoc[leveloffset=+1]
+
+include::modules/installation/proc-provisioning-your-pull-secret-to-your-rhdh-instance-namespace.adoc[leveloffset=+1]
+
+include::modules/configuring/proc-using-the-operator-to-run-rhdh-with-your-custom-configuration.adoc[leveloffset=+1]
+
+include::modules/installation/proc-exposing-your-operator-based-rhdh-instance-on-{platform-id}.adoc[leveloffset=+1]
+
@@ -0,0 +1,22 @@
+:_mod-docs-content-type: ASSEMBLY
+
+[id="assembly-rhdh-default-configuration_{context}"]
+= {product} default configuration
+
+You can deploy a standard {product} ({product-very-short}) instance, understand the structure, and tailor {product-very-short} instance to meet your needs.
+
+include::modules/configuring-external-databases/ref-rhdh-default-configuration.adoc[leveloffset=+1]
+
+include::modules/configuring-external-databases/con-automated-operator-features.adoc[leveloffset=+1]
+
+include::modules/configuring-external-databases/con-metadata-generation.adoc[leveloffset=+2]
+
+include::modules/configuring-external-databases/con-multiple-resources.adoc[leveloffset=+2]
+
+include::modules/configuring-external-databases/con-default-base-urls.adoc[leveloffset=+2]
+
+include::modules/configuring-external-databases/con-configuring-default-secret-pvc-mounts.adoc[leveloffset=+1]
+
+include::modules/configuring-external-databases/proc-configuring-mount-paths.adoc[leveloffset=+2]
+
+include::modules/configuring-external-databases/proc-mounting-to-specific-containers.adoc[leveloffset=+2]
@@ -41,9 +41,11 @@ permission:
       users:
         - name: user:default/__<your_policy_administrator_name>__
 ----
-. In order for the {product-short} Web UI to display available permissions provided by installed plugins, add the corresponding plugin IDs to {configuring-book-link}[your custom `{my-app-config-file}` {product-short} configuration file].
+
+. In order to display the available permissions provided by installed plugins in the {product-short} UI, you must supply the corresponding list of plugin IDs. There are two ways to do this, by updating your application configuration or by using the RBAC REST API permissions endpoint.
 +
-To display available permissions in RBAC UI, edit your custom {product-short} ConfigMap, such as `app-config-rhdh`, and add following code to the `{my-app-config-file}` content:
+
+.. To provide plugins by updating your application configuration, you can specify the plugins with permissions in your `{my-app-config-file}` file as follows:
 +
 .`{my-app-config-file}` fragment
 [source,yaml,subs=+quotes]
@@ -60,6 +62,8 @@ permission:
       - permission
 ----
 
+.. To specify the plugins with permissions by using the RBAC REST API permissions endpoint, see the xref:rbac-rest-api-permission-endpoints_{context}[RBAC REST API permissions endpoint].
+
 .Verification
 . Sign out from the existing {product} session and log in again using the declared policy administrator account.
 . With RBAC enabled, most features are disabled by default.
 
@@ -561,6 +561,86 @@ Returns permission policies for all static plugins.
 ----
 --
 
+[id='rbac-rest-api-permission-endpoints_{context}']
+[GET] /api/permission/plugins/id::
++
+--
+Returns object with list plugin IDs:
+
+.Example response (JSON)
+[source,json]
+----
+[
+  {
+    "ids": ["catalog", "permission"]
+  }
+]
+----
+--
+
+[POST] /api/permission/plugins/id::
++
+--
+Add more plugins IDs defined in the request object.
+
+Request Parameters: object in JSON format.
+
+.Example request body (JSON)
+[source,json]
+----
+[
+  {
+    "ids": ["scaffolder"]
+  }
+]
+----
+
+Returns a status code of 200 and JSON with actual object stored in the server:
+
+.Example response (JSON)
+[source,json]
+----
+[
+  {
+    "ids": ["catalog", "permission", "scaffolder"]
+  }
+]
+----
+--
+
+[DELETE] /api/permission/plugins/id::
++
+--
+Delete plugins IDs defined in the request object.
+
+Request Parameters: object in JSON format.
+
+.Example request body (JSON)
+[source,json]
+----
+[
+  {
+    "ids": ["scaffolder"]
+  }
+]
+----
+
+Returns a status code of 200 and JSON with actual object stored in the server:
+
+.Example response (JSON)
+[source,json]
+----
+[
+  {
+    "ids": ["catalog", "permission"]
+  }
+]
+----
+--
+
+[NOTE]
+In order to prevent an inconsistent state after a deployment restart, the REST API does not allow deletion of plugin IDs that were provided by using the application configuration. These ID values can only be removed through the configuration file. 
+
 == Conditional policies
 
 The RBAC REST API supports the following endpoints for managing conditional policies in the {product}.
 
@@ -0,0 +1,6 @@
+:_mod-docs-content-type: CONCEPT
+
+[id="con-automated-operator-features_{context}"]
+= Automated Operator features
+
+You can use the Operator to automate several key processes to effectively configure your {product-custom-resource-type} application.
@@ -0,0 +1,6 @@
+:_mod-docs-content-type: CONCEPT
+
+[id="con-configuring-default-secret-pvc-mounts_{context}"]
+= Configuring mounts for default Secrets and Persistent Volume Claims (PVCs)
+
+You can use annotations to configure mount paths and specify containers for Secrets and Persistent Volume Claims (PVCs) that are attached to the Operator default resources in your {product} deployment. This method is specific for default objects, for instance, the {product-custom-resource-type} Deployment that the Operator manages.
@@ -0,0 +1,26 @@
+:_mod-docs-content-type: CONCEPT
+
+[id="con-default-base-urls"]
+= Default base URLs
+
+The Operator automatically sets the base URLs for your {product-custom-resource-type} application in the default `app-config` ConfigMap known as `backstage-appconfig-{CR_name}`. The Operator does so based on your Route parameters and the OpenShift cluster ingress domain.
+
+The Operator follows these rules to set the base URLs for your application:
+
+* If the cluster is not OpenShift, the Operator makes no changes.
+* If you explicitly set the `spec.application.route.enabled` field in your Custom Resource (CR) to `false`, no changes are made.
+* If you define `spec.application.route.host` in the {product-custom-resource-type} CR, the base URLs are set to `https://<spec.application.route.host>`.
+* If you specify the `spec.application.route.subdomain` in the {product-custom-resource-type} CR, the base URLs are set to `https://<spec.application.route.subdomain>.<cluster_ingress_domain>`.
+* If no custom host or subdomain is provided, the Operator sets the base URLs to `https://backstage-{cr_name}-<namespace>.<cluster_ingress_domain>`, which is the default domain for the created _Route_ resource.
+
+The Operator updates the following base URLs in the default `app-config` ConfigMap:
+
+* `app.baseUrl`
+* `backend.baseUrl`
+* `backend.cors.origin`
+
+[NOTE]
+====
+You can perform these actions on a best-effort basis and only on OpenShift. During an error or on non-OpenShift clusters, you can still override these defaults by providing a custom `app-config` ConfigMap.
+====
+