From d446c710cc8c55d775e98e8a6fc9ba4f84a88b9c Mon Sep 17 00:00:00 2001 From: April M <36110273+aimurphy@users.noreply.github.com> Date: Thu, 9 Apr 2026 16:06:52 -0700 Subject: [PATCH 1/2] astra role attributes --- antora.yml | 6 +++++- modules/ROOT/pages/connect-clients-to-target.adoc | 2 +- modules/ROOT/pages/create-target.adoc | 2 +- modules/ROOT/pages/deploy-proxy-monitoring.adoc | 2 +- modules/ROOT/pages/troubleshooting-tips.adoc | 2 +- modules/sideloader/pages/migrate-sideloader.adoc | 2 +- 6 files changed, 10 insertions(+), 6 deletions(-) diff --git a/antora.yml b/antora.yml index aaa001c9..8ebc0dc9 100644 --- a/antora.yml +++ b/antora.yml @@ -58,4 +58,8 @@ asciidoc: cass-migrator-short: 'CDM' cass-migrator-repo: 'https://github.com/datastax/cassandra-data-migrator' cass-migrator-shield: 'image:https://img.shields.io/github/v/release/datastax/cassandra-data-migrator?label=latest[alt="Latest cassandra-data-migrator release on GitHub",link="{cass-migrator-repo}/packages"]' - sstable-sideloader: '{astra-db} Sideloader' \ No newline at end of file + sstable-sideloader: '{astra-db} Sideloader' + + # Astra role attributes (compare with astra-vector-docs antora.yml) + database-administrator-role: 'xref:astra-db-serverless:administration:rbac.adoc#database-administrator-role[Database Administrator]' + read-write-user-role: 'xref:astra-db-serverless:administration:rbac.adoc#read-write-user-role[Read/Write User]' diff --git a/modules/ROOT/pages/connect-clients-to-target.adoc b/modules/ROOT/pages/connect-clients-to-target.adoc index 8cfa5f62..4597ff3e 100644 --- a/modules/ROOT/pages/connect-clients-to-target.adoc +++ b/modules/ROOT/pages/connect-clients-to-target.adoc @@ -46,7 +46,7 @@ Connections to {astra-db} are different from connections to self-managed {cass-s To connect a driver to {astra-db}, you need the following: -* An xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token] with sufficient permissions to execute the required operations, such as the **Database Administrator** role. +* An xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token] with sufficient permissions to execute the required operations, such as the {database-administrator-role} role. + You must specify one of the following sets of credentials in your driver configuration: + diff --git a/modules/ROOT/pages/create-target.adoc b/modules/ROOT/pages/create-target.adoc index b10a77fd..02fdc25d 100644 --- a/modules/ROOT/pages/create-target.adoc +++ b/modules/ROOT/pages/create-target.adoc @@ -30,7 +30,7 @@ However, paid plans offer premium features that can facilitate your migration, i All databases start with an initial keyspace. If the name of this keyspace doesn't match your origin cluster's schema, you can delete the initial keyspace after recreating the schema later in this process. -. When your database reaches **Active** status, xref:astra-db-serverless:administration:manage-application-tokens.adoc[create an application token] with a role like *Read/Write User* or **Database Administrator**, and then store the credentials (Client ID, Client Secret, and Token) securely. +. When your database reaches **Active** status, xref:astra-db-serverless:administration:manage-application-tokens.adoc[create an application token] with a role like {read-write-user-role} or {database-administrator-role}, and then store the credentials (Client ID, Client Secret, and Token) securely. + These credentials are used by the client application and {product-proxy} to read and write to your target database. Make sure the token's role has sufficient permission to perform the actions required by your client application. diff --git a/modules/ROOT/pages/deploy-proxy-monitoring.adoc b/modules/ROOT/pages/deploy-proxy-monitoring.adoc index 3cd1a4f0..a8eb7279 100644 --- a/modules/ROOT/pages/deploy-proxy-monitoring.adoc +++ b/modules/ROOT/pages/deploy-proxy-monitoring.adoc @@ -90,7 +90,7 @@ If authentication isn't enabled, no credentials are required. {astra-db}:: + -- -For {astra-db} databases, xref:astra-db-serverless:administration:manage-application-tokens.adoc[generate an application token] with a role that can read and write to your database, such as the *Database Administrator* role, and then store the token securely. +For {astra-db} databases, xref:astra-db-serverless:administration:manage-application-tokens.adoc[generate an application token] with a role that can read and write to your database, such as the {database-administrator-role} role, and then store the token securely. At minimum, store the core token that is prefixed by `AstraCS:...`. diff --git a/modules/ROOT/pages/troubleshooting-tips.adoc b/modules/ROOT/pages/troubleshooting-tips.adoc index 240cf75e..b87d6ac4 100644 --- a/modules/ROOT/pages/troubleshooting-tips.adoc +++ b/modules/ROOT/pages/troubleshooting-tips.adoc @@ -540,7 +540,7 @@ To resolve this issue, sign in to the {astra-ui}, and then check the xref:astra- If the database isn't in *Active* status, xref:astra-db-serverless:databases:database-statuses.adoc#hibernated[reactivate] or wait for the database to return to **Active** status, and then retry the connection. If the database is in *Active* status, then the credentials likely have insufficient permissions. -Try using an xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token scoped to a database], specifically a token with the *Database Administrator* role for your target database. +Try using an xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token scoped to a database], specifically a token with the {database-administrator-role} role for your target database. [[_async_read_timeouts_stream_id_map_exhausted]] === Async read timeouts / stream id map exhausted diff --git a/modules/sideloader/pages/migrate-sideloader.adoc b/modules/sideloader/pages/migrate-sideloader.adoc index 18755a7e..e2835603 100644 --- a/modules/sideloader/pages/migrate-sideloader.adoc +++ b/modules/sideloader/pages/migrate-sideloader.adoc @@ -248,7 +248,7 @@ export dbID=*DATABASE_ID* export token=*TOKEN* ---- + -Replace *`DATABASE_ID`* with the xref:astra-db-serverless:databases:create-database.adoc#get-db-id[database ID], and replace *`TOKEN`* with an xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token] with the *Database Administrator* role. +Replace *`DATABASE_ID`* with the xref:astra-db-serverless:databases:create-database.adoc#get-db-id[database ID], and replace *`TOKEN`* with an xref:astra-db-serverless:administration:manage-application-tokens.adoc[application token] with the {database-administrator-role} role. + [TIP] ==== From 625f8f4e8392396d5c2d739de33aa896992db94f Mon Sep 17 00:00:00 2001 From: April M <36110273+aimurphy@users.noreply.github.com> Date: Thu, 9 Apr 2026 16:33:06 -0700 Subject: [PATCH 2/2] fix article --- modules/ROOT/pages/cassandra-data-migrator.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ROOT/pages/cassandra-data-migrator.adoc b/modules/ROOT/pages/cassandra-data-migrator.adoc index e69cf14d..526001f6 100644 --- a/modules/ROOT/pages/cassandra-data-migrator.adoc +++ b/modules/ROOT/pages/cassandra-data-migrator.adoc @@ -81,7 +81,7 @@ Replace `**PATCH**` with your {spark-short} patch version. {spark-reg} cluster:: + -For large (several terabytes) migrations, complex migrations, and use of {cass-migrator-short} as a long-term data transfer utility, {company} recommends that you use a {spark} cluster or {spark-short} Serverless platform. +For large (several terabytes) migrations, complex migrations, and use of {cass-migrator-short} as a long-term data transfer utility, {company} recommends that you use an {spark} cluster or {spark-short} Serverless platform. + If you deploy {cass-migrator-short} on a {spark-short} cluster, you must modify your `spark-submit` commands as follows: +