Add Flux warning to FGA doc (#3452)

* WIP Flux FGA warning * added note about FGA and flux, closes influxdata/DAR#256
2021-12-02 11:33:12 -07:00 · 2021-12-02 11:33:12 -07:00 · 0266e31bdb
parent 22ec8b91e4
commit 0266e31bdb
3 changed files with 32 additions and 6 deletions
--- a/content/enterprise_influxdb/v1.7/guides/fine-grained-authorization.md
+++ b/content/enterprise_influxdb/v1.7/guides/fine-grained-authorization.md
@ -15,6 +15,12 @@ Use fine-grained authorization (FGA) in InfluxDB Enterprise to control user acce

 You must have [admin permissions](/influxdb/v1.7/administration/authentication_and_authorization/#admin-user-management) to set up FGA.

+{{% warn %}}
+#### FGA does not apply to Flux
+FGA does not restrict actions performed by Flux queries (both read and write).
+If using FGA, we recommend [disabling Flux](/enterprise_influxdb/v{{< current-version >}}/flux/installation/).
+{{% /warn %}}
+
 ## Set up fine-grained authorization

 1. [Enable authentication](/influxdb/v1.7/administration/authentication_and_authorization/#set-up-authentication) in your InfluxDB configuration file.
--- a/content/enterprise_influxdb/v1.8/guides/fine-grained-authorization.md
+++ b/content/enterprise_influxdb/v1.8/guides/fine-grained-authorization.md
@ -17,6 +17,12 @@ Use fine-grained authorization (FGA) in InfluxDB Enterprise to control user acce

 You must have [admin permissions](/influxdb/v1.8/administration/authentication_and_authorization/#admin-user-management) to set up FGA.

+{{% warn %}}
+#### FGA does not apply to Flux
+FGA does not restrict actions performed by Flux queries (both read and write).
+If using FGA, we recommend [disabling Flux](/enterprise_influxdb/v{{< current-version >}}/flux/installation/).
+{{% /warn %}}
+
 ## Set up fine-grained authorization

 1. [Enable authentication](/influxdb/v1.8/administration/authentication_and_authorization/#set-up-authentication) in your InfluxDB configuration file.
--- a/content/enterprise_influxdb/v1.9/guides/fine-grained-authorization.md
+++ b/content/enterprise_influxdb/v1.9/guides/fine-grained-authorization.md
@ -16,10 +16,18 @@ related:

 Use fine-grained authorization (FGA) in InfluxDB Enterprise to control user access at the database, measurement, and series levels.

-> **Note:** InfluxDB OSS controls access at the database level only.
+{{% note %}}
+**Note:** InfluxDB OSS controls access at the database level only.
+{{% /note %}}

 You must have [admin permissions](/enterprise_influxdb/v1.9/administration/authentication_and_authorization/#admin-user-management) to set up FGA.

+{{% warn %}}
+#### FGA does not apply to Flux
+FGA does not restrict actions performed by Flux queries (both read and write).
+If using FGA, we recommend [disabling Flux](/enterprise_influxdb/v{{< current-version >}}/flux/installation/).
+{{% /warn %}}
+
 ## Set up fine-grained authorization

 1. [Enable authentication](/enterprise_influxdb/v1.9/administration/authentication_and_authorization/#set-up-authentication) in your InfluxDB configuration file.
@ -34,19 +42,25 @@ You must have [admin permissions](/enterprise_influxdb/v1.9/administration/authe

 3. Ensure that you can access the **meta node** API (port 8091 by default).

-    > In a typical cluster configuration, the HTTP ports for data nodes
-    > (8086 by default) are exposed to clients but the meta node HTTP ports are not.
-    > You may need to work with your network administrator to gain access to the meta node HTTP ports.
+    {{% note %}}
+In a typical cluster configuration, the HTTP ports for data nodes
+(8086 by default) are exposed to clients but the meta node HTTP ports are not.
+You may need to work with your network administrator to gain access to the meta node HTTP ports.
+    {{% /note %}}

 4. _(Optional)_ [Create roles](#manage-roles).
   Roles let you grant permissions to groups of users assigned to each role.

-    > For an overview of how users and roles work in InfluxDB Enterprise, see [InfluxDB Enterprise users](/enterprise_influxdb/v1.9/features/users/).
+    {{% note %}}
+For an overview of how users and roles work in InfluxDB Enterprise, see [InfluxDB Enterprise users](/enterprise_influxdb/v1.9/features/users/).
+    {{% /note %}}

 5. [Set up restrictions](#manage-restrictions).
   Restrictions apply to all non-admin users.

-    > Permissions (currently "read" and "write") may be restricted independently depending on the scenario.
+    {{% note %}}
+Permissions (currently "read" and "write") may be restricted independently depending on the scenario.
+    {{% /note %}}

 7. [Set up grants](#manage-grants) to remove restrictions for specified users and roles.