docs(platform): Generate version 1.8 platform documentation (#64948)

Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: ian.alton@airbyte.io <ian.alton@airbyte.io>

Author: devin-ai-integration[bot]

docs/release_notes/v-1.8.md

@@ -24,17 +24,17 @@ You might notice slight visual and content differences on some pages as a result
 
 ### File streams indicated in the UI
 
-If a connection contains a stream that moves files, Airbyte's UI now indicates this on the connection's schema tab. [**Learn more >**](/platform/next/using-airbyte/sync-files-and-records)
+If a connection contains a stream that moves files, Airbyte's UI now indicates this on the connection's schema tab. [**Learn more >**](/platform/using-airbyte/sync-files-and-records)
 
 ![Files and records moving](../platform/using-airbyte/assets/file-based-stream.png)
 
 ### Helm chart V2 is available
 
 A new Helm chart is available for you to use in your deployments. Migrating to this new chart is currently optional. In a future version of Airbyte, Helm chart V2 will be mandatory.
 
-- New deployments should use Helm chart V2 from the start to avoid a future upgrade. The [Deployment documentation](/platform/next/deploying-airbyte/) includes examples for this Helm chart.
+- New deployments should use Helm chart V2 from the start to avoid a future upgrade. The [Deployment documentation](/platform/deploying-airbyte/) includes examples for this Helm chart.
 
-- Existing deployments can migrate at the time of your choosing. Schedule a convenient time to migrate so you aren't blocked from upgrading to a future version. For help and to learn more, see the migration guides for [Self-Managed Community](/platform/next/deploying-airbyte/chart-v2-community) or [Self-Managed Enterprise](/platform/next/enterprise-setup/chart-v2-enterprise).
+- Existing deployments can migrate at the time of your choosing. Schedule a convenient time to migrate so you aren't blocked from upgrading to a future version. For help and to learn more, see the migration guides for [Self-Managed Community](/platform/deploying-airbyte/chart-v2-community) or [Self-Managed Enterprise](/platform/enterprise-setup/chart-v2-enterprise).
 
 - Version 0.30 of abctl uses Helm chart V2 by default when installing new versions of Airbyte.
 
@@ -44,7 +44,7 @@ Airbyte's working toward some big product milestones. Some of these improvements
 
 ### Data activation and reverse ETL
 
-Airbyte now supports data activation and reverse ETL use cases. Data activation enables you to move data out of your data warehouse and into the operational tools where work happens, like CRMs, marketing platforms, and support systems. With this capability, you can deliver modeled data directly to points of action and systems people already use, helping your organization respond faster and more effectively. Customer IO and HubSpot destinations are already available. [**Learn more >**](/platform/next/move-data/elt-data-activation)
+Airbyte now supports data activation and reverse ETL use cases. Data activation enables you to move data out of your data warehouse and into the operational tools where work happens, like CRMs, marketing platforms, and support systems. With this capability, you can deliver modeled data directly to points of action and systems people already use, helping your organization respond faster and more effectively. Customer IO and HubSpot destinations are already available. [**Learn more >**](/platform/move-data/elt-data-activation)
 
 ![Conceptual diagram showing data moving from a source, fields being mapped, and then moving to a destination](../platform/move-data/assets/data-activation-concept.png)
 
@@ -89,4 +89,4 @@ Airbyte has removed `airbyte-webapp` and merged its functions into `airbyte-serv
 - If you deploy Airbyte with abctl, ensure your version of abctl is compatible with this version of Airbyte.
 - If you deploy Airbyte with Helm, update any rules in your ingress controller that direct to `airbyte-webapp`.
 
-If you used version 1.7, you probably already completed these tasks. If not, make these necessary changes before upgrading to version 1.8. [**Learn more >**](/platform/next/deploying-airbyte/integrations/ingress-1-7)
+If you used version 1.7, you probably already completed these tasks. If not, make these necessary changes before upgrading to version 1.8. [**Learn more >**](/platform/deploying-airbyte/integrations/ingress-1-7)

docusaurus/platform_versioned_docs/version-1.8/access-management/rbac.md

@@ -0,0 +1,44 @@
+---
+products: oss-enterprise, cloud-teams
+---
+
+# Role Based Access Control (RBAC)
+
+Role Based Access Control allows a user with Administrative access to apply roles to users, granting different levels of permission within an Organization or Workspace. 
+
+:::info
+**Self-Managed Enterprise** instances have an `Instance Admin` role in addition to the other roles outlined in this document. The first user who logs on to Airbyte in a Self-Managed Enterprise instance will be assigned this role. This user will have all permissions listed below for all workspaces and all organizations associated with their Enterprise account. To update this assignment, enterprise customers should contact [Airbyte support](https://support.airbyte.com/hc/en-us).
+:::
+
+## Organization Resource Roles
+
+Permissions are scoped to the given Organization for which the user has this role, and any Workspaces within. 
+
+| Permissions             | Member     |  Reader    | Runner |  Editor | Admin |
+| :---------------------- | :--------: | :--------: | :--------: | :--------: |:--------: |
+| **Read Organization**<br /><ul><li> Read individual organizations</li></ul> | X | X | X | X | X |
+| **Create Workspace**<br /><ul><li>Create new workspace within a specified organization</li><li>Delete a workspace</li></ul> | | | | X | X |
+| **Update Organization**<br /><ul><li>Modify organization settings, including billing, PbA, SSO</li><li>Modify user roles within the organization</li></ul> | | |  |  | X |
+
+## Workspace Resource Roles
+Permissions are scoped to the specific Workspace in which the user has this role.
+
+| Permissions           | Reader    | Runner | Editor    | Admin    |
+| ---------------------- | :--------: | :--------:| :--------:| :--------: |
+| **Read Workspace**<br /><ul><li>List the connections in a workspace</li><li>Read individual connections</li><li>Read workspace settings (data residency, users, connector versions, notification settings) </li></ul> | X | X | X | X |
+| **Sync Connection**<br /><ul><li>Start/cancel syncs and refreshes</li></ul> | | X | X | X |
+| **Modify Connector Settings**<br /><ul><li>Create, modify, delete  sources and destinations in a workspace</li></ul> | | | X | X |
+| **Update Connection**<br /><ul><li>Modify a connection, including name, replication settings, normalization, DBT</li><li>Clear connection data</li><li>Create/Delete a connection</li><li> Create/Update/Delete connector builder connectors</li></ul> |  | | X | X |
+| **Update Workspace**<br /><ul><li> Update workspace settings (data residency, users, connector versions, notification settings)</li><li> Modify workspace connector versions</li></ul> | | |  | X |
+
+## Setting Roles
+
+<Arcade id="pYZ3aHWlV4kJatJG2dJN" title="Organization Permissions" paddingBottom="calc(61.37931034482759% + 41px)" />
+
+In the UI, navigate to `Settings` > `General` to see a list of your Organization or Workspace members. Here, by selecting the role listed under `Organization Role` or `Workspace Role`, you can change the assignment.
+
+Note that it is not possible to assign a Workspace member to a role that is more restricted than the role they've been assigned at the Organizational level. 
+
+For example, a person who is assigned to be an Organization `Admin` would automatically have Admin-level permissions in all Workspaces within the Organization and can not be demoted within a Workspace. On the other hand, a person assigned to the `Reader` role in an Organization could be assigned the `Reader`, `Editor`, or `Admin` role in an individual Workspace.
+
+

docusaurus/platform_versioned_docs/version-1.8/access-management/role-mapping.md

@@ -0,0 +1,133 @@
+---
+products: oss-enterprise, cloud-teams
+---
+
+# RBAC Role Mapping
+
+Role-Based Access Control (RBAC) role mapping allows automatic assignment of specific permissions to Airbyte users based on existing roles in your organization. It ensures users have appropriate Airbyte access without manual oversight. RBAC functionality is only available in Airbyte Teams and Self-Managed Enterprise.
+
+Enabling role mapping in Airbyte requires use of the Airbyte API. The Airbyte API exposes endpoints that allow you to retrieve and update user permissions. These endpoints can be used to build automation that manages user access to different workspaces. This functionality is currently limited to the Airbyte API, and is not available in the Terraform Provider.
+
+To enable the Airbyte API in Airbyte Teams or Self-Managed Enterprise, follow these [prerequisites](../enterprise-setup/api-access-config.md).
+
+## Relevant API Endpoints
+
+Organization-wide permissions and each set of workspace permissions each count as their own permission object. For example, if an Airbyte user is an 'Organization Member' and has 'Workspace Editor' access in 3 distinct workspaces, this user has 4 permissions in total.
+
+1. [Get a list of current Airbyte users in your organization](https://reference.airbyte.com/reference/listuserswithinanorganization).
+2. [Get a list of current Airbyte workspaces](https://reference.airbyte.com/reference/listworkspaces).
+2. [Create a permission for an Airbyte user to access to a new workspace](https://reference.airbyte.com/reference/createpermission).
+3. [Get a list of a user's current permissions](https://reference.airbyte.com/reference/listpermissions).
+3. [Modify permission scope or level of access](https://reference.airbyte.com/reference/updatepermission).
+4. [Delete a permission](https://reference.airbyte.com/reference/deletepermission).
+
+## Script Example
+
+### Prerequisites
+
+1. A mapping of user emails to your company-specific roles (e.g. `finance-team`, `security-team`, `us-employee`, etc.):
+
+```yaml
+{ 
+"user1@company.com": ["companyGroup1", "companyGroup2"], 
+"user1@company.com": ["companyGroup2", "companyGroup3"] 
+}
+```
+
+2. A mapping of your company-specific roles to desired Airbyte permissions:
+
+```yaml
+{
+  "companyGroup1": [
+    {
+      "scope": "workspace",
+      "scopeId": "11111111-11111111-11111111-11111111",
+      "permissionType": "workspace_admin"
+    },
+    {
+      "scope": "workspace",
+      "scopeId": "22222222-22222222-22222222-22222222",
+      "permissionType": "workspace_reader"
+    }
+  ],
+  "companyGroup2": [
+    {
+      "scope": "workspace",
+      "scopeId": "33333333-33333333-33333333-33333333",
+      "permissionType": "workspace_reader"
+    }
+  ]
+}
+```
+Notes:
+- `scope` must be set to either 'workspace' or 'organization'.
+- `scopeId` must the identifier of scope access is granted for. It is a GUID and for organization scope is always '00000000-00000000-00000000-00000000'. For workspace, refer to the UI and the output of a list workspace to identify your workspaceId.
+- `permissionType` must be set to a valid value, e.g. 'workspace_admin', 'workspace_reader', 'organization_admin', etc. All valid values are listed [here](https://github.com/airbytehq/airbyte-api-python-sdk/blob/main/src/airbyte_api/models/publicpermissiontype.py).
+
+### Complete Python Script
+
+Below is an example Python script using the above prerequisite files and the `airbyte-api` Python package to set user roles programmatically:
+
+<details>
+<summary>RBAC Role Mapping Python Example</summary>
+
+```python
+import json
+import airbyte_api
+from airbyte_api import api, models
+
+usersGroupsFile = open('usersGroups.json')
+usersGroups = json.load(usersGroupsFile)
+groupPermissionsFile = open('groupPermissions.json')
+groupPermissions = json.load(groupPermissionsFile)
+
+# 0. - Enter your own credentials to use Airbyte API. 
+s = airbyte_api.AirbyteAPI(
+  security=models.Security(
+    bearer_auth='...'
+  ),
+)
+
+# 1. - List all users in your organization. Find your organization ID in the Airbyte settings page.
+res = s.users.list_users(request=api.ListUsersRequest(
+  api.ListUsersRequest(organization_id='00000000-00000000-00000000-00000000')
+))
+
+allAirbyteUsers = res.users_response.data
+print("all users: ", allAirbyteUsers)
+
+# 2. grant permissions
+# for each user
+for airbyteUserResponse in allAirbyteUsers:
+  if airbyteUserResponse.email in usersGroups:
+    userGroups = usersGroups[airbyteUserResponse.email]
+    # for each group where user belongs to
+    for group in userGroups:
+      if group in groupPermissions:
+        permissionsToGrant = groupPermissions[group]
+	 # for each permission to create
+        for permission in permissionsToGrant:
+          print("permission to grant: ", permission)
+          if permission["scope"] == "workspace":
+            # create workspace level permission
+            permissionCreated = s.permissions.create_permission(
+              request=models.PermissionCreateRequest(
+                permission_type=permission["permissionType"],
+                user_id=airbyteUserResponse.user_id,
+                workspace_id=permission["scopeId"]
+              ))
+          elif permission["scope"] == "organization":
+            # create organization permission
+            permissionCreated = s.permissions.create_permission(
+              request=models.PermissionCreateRequest(
+                permission_type=permission["permissionType"],
+                user_id=airbyteUserResponse.user_id,
+                organization_id=permission["scopeId"]
+              ))
+          else:
+            print("permission scope not supported!")
+```
+
+</details>
+
+Please feel free to add your own logging and error-handling workflow in the example script, and you are free to configure it on a CRON job to run at the frequency of your choice.