Update docs with the availability of PrivilegedAccessPolicy (#513)

* Update docs with the availability of PrivilegedAccessPolicy * Fix expand header Signed-off-by: Ziv Nevo <[email protected]>
clusterlink-net · Apr 10, 2024 · 42cb30c · 42cb30c
1 parent e632cf7
commit 42cb30c
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/website/content/en/blog/hello-world/index.md b/website/content/en/blog/hello-world/index.md
@@ -81,5 +81,5 @@ I can't wait to start on this journey with all of you. Together, we'll make
  the world of Kubernetes a better, safer, and more connected place.
  Happy cluster linking! 🚀
 
-[^1]: While normal access control policies work, the implementation of privileged policy tier
- is ongoing and will be enabled shortly after the 0.1.0 release.
+[^1]: While normal access policies work, the implementation of privileged policy tier
+was ongoing and enabled shortly after the 0.1.0 release - it is currently part of `main` branch.
diff --git a/website/content/en/docs/concepts/policies.md b/website/content/en/docs/concepts/policies.md
@@ -56,8 +56,6 @@ For a connection to be established, both the ClusterLink gateway on the client
  the corresponding Import CR on the client side and the namespace of the corresponding
  Export on the service side.
 
-**Note**: Creating and deleting instances of `PrivilegedAccessPolicy` is currently not supported.
-
 ## Prerequisites
 
 The following assumes that you have `kubectl` access to two or more clusters where ClusterLink
@@ -70,10 +68,19 @@ Recall that a connection is dropped if it does not match any access policy.
  must be created on both sides of the connection.
  Creating an access policy is accomplished by creating an `AccessPolicy` CR in
  the relevant namespace (see Note above).
+ Creating a high-priority access policy is accomplished by creating a `PrivilegedAccessPolicy` CR.
+ Instances of `PrivilegedAccessPolicy` have no namespace and affect the entire cluster.
 
-{{% expand summary="Export Custom Resource" %}}
+{{% expand summary="PrivilegedAccessPolicy and AccessPolicy Custom Resources" %}}
 
 ```go
+type PrivilegedAccessPolicy struct {
+    metav1.TypeMeta   `json:",inline"`
+    metav1.ObjectMeta `json:"metadata,omitempty"`
+
+    Spec AccessPolicySpec `json:"spec,omitempty"`
+}
+
 type AccessPolicy struct {
     metav1.TypeMeta   `json:",inline"`
     metav1.ObjectMeta `json:"metadata,omitempty"`