DOC-5159 Role and permission attributes

antora.yml

@@ -55,4 +55,14 @@ asciidoc:
     scb-short: 'SCB'
     scb-brief: 'Secure Connect Bundle'
 
+    # Astra role attributes (compare with astra-vector-docs antora.yml)
+    organization-administrator-role: 'xref:astra-db-serverless:administration:rbac.adoc#organization-administrator-role[Organization Administrator]'
+    administrator-service-account-role: 'xref:astra-db-serverless:administration:rbac.adoc#administrator-service-account-role[Administrator Service Account]'
+    api-administrator-service-account-role: 'xref:astra-db-serverless:administration:rbac.adoc#api-administrator-service-account-role[API Administrator Service Account]'
+    api-administrator-user-role: 'xref:astra-db-serverless:administration:rbac.adoc#api-administrator-user-role[API Administrator User]'
+
+    # Astra permission attributes (compare with astra-vector-docs antora.yml)
+    manage-streaming-permission: 'xref:astra-db-serverless:administration:rbac.adoc#manage-streaming-permission[Manage Streaming]'
+    view-db-permission: 'xref:astra-db-serverless:administration:rbac.adoc#view-db-permission[View DB]'
+
     # For more attributes, see release.yml in the datastax-docs-site repo

modules/ROOT/pages/astream-org-permissions.adoc

@@ -8,26 +8,26 @@ For information about {astra} RBAC, including default roles, custom roles, permi
 
 Permissions specific to {product} include the following:
 
-* *Manage Streaming* (`org-stream-manage`): View, add, edit, or remove {product} configurations.
+* {manage-streaming-permission} (`org-stream-manage`): View, add, edit, or remove {product} configurations.
 
 === Default roles for {product}
 
 There are no default {astra} roles specifically scoped to {product}.
-However, the following default roles have the *Manage Streaming* permission:
+However, the following default roles have the {manage-streaming-permission} permission:
 
-* *Organization Administrator*
-* *Administrator Service Account*
-* *API Administrator Service Account*
-* *API Administrator User*
+* {organization-administrator-role}
+* {administrator-service-account-role}
+* {api-administrator-service-account-role}
+* {api-administrator-user-role}
 
 For information about permissions assigned to default roles, see xref:astra-db-serverless:administration:manage-database-access.adoc[].
 
 === Custom roles for {product}
 
 If you xref:astra-db-serverless:administration:manage-database-access.adoc#custom-roles[create custom roles] for {product}, those roles must have the following permissions, at minimum:
 
-* *Manage Streaming* (`org-stream-manage`): View and manage {product} in the {astra-ui}.
-* *View DB* (`org-db-view`): View the {astra-ui} in general.
+* {manage-streaming-permission} (`org-stream-manage`): View and manage {product} in the {astra-ui}.
+* {view-db-permission} (`org-db-view`): View the {astra-ui} in general.
 
 Additional permissions might be required, depending on the tasks the role needs to perform.
 

modules/developing/pages/astream-cdc.adoc

@@ -179,7 +179,7 @@ To enable CDC for {astra-db}, you need the following:
 
 * An active {astra-url}[{astra} account] with access to an organization that has an {product} subscription plan.
 +
-You need a role that grants permission to manage streaming tenants, such as the *Organization Administrator* role.
+You need a role that grants permission to manage streaming tenants, such as the {organization-administrator-role} role.
 
 * An active xref:astra-db-serverless:databases:create-database.adoc[database] with at least one xref:astra-db-serverless:databases:manage-keyspaces.adoc[keyspace].
 

modules/getting-started/pages/real-time-data-pipelines-tutorial.adoc

@@ -205,7 +205,7 @@ CREATE TABLE click_data.product_clicks (
 * **Name**: Enter `all-clicks`.
 * **Input topic**: Select your `all-clicks` topic in your `production` namespace.
 * **Database**: Select your `webstore-clicks` database.
-* **Token**: Click the link to create an {astra} application token with the **Organization Administrator** role, and then enter the token in the sink's **Token** field.
+* **Token**: Click the link to create an {astra} application token with the {organization-administrator-role} role, and then enter the token in the sink's **Token** field.
 Store the token securely, you will use it multiple times during this tutorial.
 * **Keyspace**: Enter `click_data`.
 * **Table Name**: Enter `all_clicks`.

modules/operations/pages/monitoring/stream-audit-logs.adoc

@@ -39,7 +39,7 @@ You can use the {devops-api-ref-url}#tag/Organization-Operations/operation/confi
 
 . In the {astra-ui-link} header, click icon:grip[name="Applications"], and then select *Admin*.
 
-. Click **Tokens**, and then create an xref:astra-db-serverless:administration:manage-application-tokens.adoc[{astra} application token] with the **Organization Administrator** role.
+. Click **Tokens**, and then create an xref:astra-db-serverless:administration:manage-application-tokens.adoc[{astra} application token] with the {organization-administrator-role} role.
 
 . Create the audit log streaming configuration using the values from the tenant's `client.conf` file and your {pulsar-short} configuration:
 +