match latest v25.2.1-rc6 docs

paulohtb6 · paulohtb6 · commit e503f2c29961 · 2025-07-28T17:23:57.000-03:00
diff --git a/modules/reference/pages/rpk/rpk-security/rpk-security-acl-create.adoc b/modules/reference/pages/rpk/rpk-security/rpk-security-acl-create.adoc
@@ -14,28 +14,34 @@ operation is required to create a single ACL.
 
 == Examples
 
-Allow all permissions to user bar on topic `foo` and group `g`:
+Allow all permissions to user bar on topic "foo" and group "g":
 
 ```bash
 rpk security acl create --allow-principal bar --operation all --topic foo --group g
 ```
 
+Allow all permissions to role bar on topic "foo" and group "g":
+
+```bash
+rpk security acl create --allow-role bar --operation all --topic foo --group g
+```
+
 Allow read permissions to all users on topics biz and baz:
 
 ```bash
-rpk security acl create --allow-principal * --operation read --topic biz,baz
+rpk security acl create --allow-principal '*' --operation read --topic biz,baz
 ```
 
-Allow write permissions to user buzz to transactional ID `txn`:
+Allow write permissions to user buzz to transactional ID "txn":
 
 ```bash
 rpk security acl create --allow-principal User:buzz --operation write --transactional-id txn
 ```
 
-Allow all permissions to role bar on topic "foo" and group "g":
+Allow read permissions to user panda on topic "bar" and schema registry subject "bar-value":
 
 ```bash
---allow-role bar --operation all --topic foo --group g
+rpk security acl create --allow-principal panda --operation read --topic bar --registry-subject bar-value
 ```
 
 == Usage
@@ -75,6 +81,10 @@ be denied (repeatable).
 
 |--operation |strings |Operation to grant (repeatable).
 
+|--registry-global |- |Whether to grant ACLs for the schema registry.
+
+|--registry-subject |strings |Schema Registry subjects to grant ACLs for (repeatable).
+
 |--resource-pattern-type |string |Pattern to use when matching resource
 names (literal or prefixed) (default "literal").
 
diff --git a/modules/reference/pages/rpk/rpk-security/rpk-security-acl-delete.adoc b/modules/reference/pages/rpk/rpk-security/rpk-security-acl-delete.adoc
@@ -88,6 +88,10 @@ rpk security acl delete [flags]
 |-f, --print-filters |- |Print the filters that were requested (failed
 filters are always printed).
 
+|--registry-global |- |Whether to remove ACLs for the schema registry.
+
+|--registry-subject |strings |Schema Registry subjects to remove ACLs for (repeatable).
+
 |--resource-pattern-type |string |Pattern to use when matching resource
 names (any, match, literal, or prefixed) (default "any").
 
diff --git a/modules/reference/pages/rpk/rpk-security/rpk-security-acl-list.adoc b/modules/reference/pages/rpk/rpk-security/rpk-security-acl-list.adoc
@@ -22,6 +22,41 @@ resource names:
 * "prefix" returns prefix patterns that match your input (prefix "fo" matches "foo")
 * "literal" returns exact name matches
 
+
+The list command lists ACLs for both Kafka and Schema Registry. To limit the results to a specific subsystem, use the `--subsystem` flag with either `kafka` or `registry`.
+
+== Examples
+
+List all ACLs:
+
+```bash
+rpk security acl list
+```
+
+List all Schema Registry ACLs:
+
+```bash
+rpk security acl list --subsystem registry
+```
+
+List all ACLs for topic "foo":
+
+```bash
+rpk security acl list --topic foo
+```
+
+List all ACLs for user "bar" on topic "foo":
+
+```bash
+rpk security acl list --allow-principal bar --topic foo
+```
+
+List all ACLs for role "admin" on schema registry subject "foo-value":
+
+```bash
+rpk security acl list --allow-role admin --registry-subject foo-value
+```
+
 == Usage
 
 [,bash]
@@ -68,9 +103,15 @@ list, ls, describe
 |-f, --print-filters |- |Print the filters that were requested (failed
 filters are always printed).
 
+|--registry-global |- |Whether to grant ACLs for the schema registry.
+
+|--registry-subject |strings |Schema Registry subjects to grant ACLs for (repeatable).
+
 |--resource-pattern-type |string |Pattern to use when matching resource
 names (any, match, literal, or prefixed) (default "any").
 
+|--subsystem |strings |Subsystem to match ACLs for. Possible values: `kafka`, `registry`, `kafka,registry` (both). Default: `kafka,registry`.
+
 |--topic |strings |Topic to match ACLs for (repeatable).
 
 |--transactional-id |strings |Transactional IDs to match ACLs for
diff --git a/modules/reference/pages/rpk/rpk-security/rpk-security-acl.adoc b/modules/reference/pages/rpk/rpk-security/rpk-security-acl.adoc
@@ -60,8 +60,8 @@ When you create a role, you must bind or associate ACLs to it before it can be u
 
 == Resources
 
-A resource is what an ACL allows or denies access to. There are four resources
-within Redpanda: topics, groups, the cluster itself, and transactional IDs.
+A resource is what an ACL allows or denies access to. There are six resources
+within Redpanda: topics, groups, the cluster itself, transactional IDs, schema registry, and schema registry subjects.
 Names for each of these resources can be specified with their respective flags.
 
 Resources combine with the operation that is allowed or denied on that
@@ -88,7 +88,7 @@ Redpanda has the following operations:
 |`all` |Allows all operations below.
 |`read` |Allows reading a given resource.
 |`write` |Allows writing to a given resource.
-|`create` |Allows creating a given resource.
+|`create` |Allows creating a given resource (Except for Redpanda Schema Registry).
 |`delete` |Allows deleting a given resource.
 |`alter` |Allows altering non-configurations.
 |`describe` |Allows querying non-configurations.
