Doc changes for MM-67647 that adds two new roles to manage secure connections

[wiggin77]

Summary

Adds docs for two new roles added for granular control over Connected Workspaces features:

• Shared Channel Manager (shared_channel_manager) — grants the manage_shared_channels permission, allowing assigned users to share and unshare channels with existing secure connections.
• Secure Connection Manager (secure_connection_manager) — grants the manage_secure_connections permission, allowing assigned users to create, manage, and remove secure connections to remote servers.

Previously, only System Admins have these permissions, and the only workaround is repurposing the system_manager role (which carries ~80 unrelated sysconsole permissions) OR giving access to all users. These purpose-built roles let admins delegate shared channel and secure connection management to specific users without granting broader system access.

Note To be merged after mattermost/mattermost#35354

Ticket Link

https://mattermost.atlassian.net/browse/MM-67647

Summary by CodeRabbit

Documentation

• Updated administration guides to introduce Shared Channel Manager and Secure Connection Manager roles, enabling delegation of secure connection and shared channel management tasks to authorized users
• Expanded role-based access documentation to reflect permission changes for creating, managing, and sharing secure connections
• Updated guidance to replace role-specific admin language with new delegated administration role options throughout connection and channel management workflows

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA fb72d42

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA b44d94d

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 54e128e

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA afbef28

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 12d0921

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 9499fa8

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA d103900

[esethna]

Do we need to keep note in the docs for if this is applicable to version x.xx and earlier?

[wiggin77]

I added server version info for when this was deprecated.

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA bf46359

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 5d8f499

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 775f9a1

[github-actions]

Newest code from mattermost has been published to preview environment for Git SHA 577a1ef

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7f868532-5dc1-4724-a9e5-07d936ab7119

📥 Commits

Reviewing files that changed from the base of the PR and between 741ca93 and 577a1ef.

📒 Files selected for processing (3)

• source/administration-guide/onboard/advanced-permissions-backend-infrastructure.rst
• source/administration-guide/onboard/connected-workspaces.rst
• source/administration-guide/onboard/delegated-granular-administration.rst

---

📝 Walkthrough

Walkthrough

Documentation updates introduce two new delegated administration roles—Shared Channel Manager and Secure Connection Manager—with updated permission mappings, role definitions, and references across administration guides to reflect role-based access control instead of system admin-only capabilities.

Changes

Cohort / File(s)	Summary
Permission & Role Definitions source/administration-guide/onboard/advanced-permissions-backend-infrastructure.rst	Renamed manage_remote_clusters permission to manage_secure_connections with deprecation note; added new permissions entries for manage_shared_channels and manage_secure_connections; introduced shared_channel_manager and secure_connection_manager role mappings with updated system_admin references.
Delegated Administration Documentation source/administration-guide/onboard/delegated-granular-administration.rst	Expanded delegated granular administration framework with two new roles (Shared Channel Manager, Secure Connection Manager); updated privileges narrative; added default-permissions table rows and mmctl command guidance for granting the new roles; updated Admin roles matrix with new role entries and privilege access levels.
Workspace Connection Guidance source/administration-guide/onboard/connected-workspaces.rst	Replaced System admin-only language with role-based delegated access; updated instructions for creating connections, managing invitations, and administering workspaces to reference Secure Connection Manager and Shared Channel Manager roles; adjusted permission guidance and authorization descriptions throughout.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: adding documentation for two new roles (Shared Channel Manager and Secure Connection Manager) to manage secure connections and shared channels, which aligns with the substantial documentation updates across three files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch MM-67647_add_roles_for_shared_channels

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}