[Workspace] Add documentation for workspace and ACL (#8643) (#8687)

_config.yml

@@ -121,6 +121,9 @@ collections:
   getting-started:
     permalink: /:collection/:path/
     output: true
+  workspace:
+    permalink: /:collection/:path/
+    output: true
 
 opensearch_collection:
   # Define the collections used in the theme

_dashboards/management/acl.md

@@ -0,0 +1,78 @@
+---
+layout: default
+title: Access control lists for saved objects
+parent: Dashboards Management
+nav_order: 50
+---
+
+# Access control lists for saved objects
+Introduced 2.18
+{: .label .label-purple }
+
+You can use access control lists (ACLs) to manage permissions for your saved objects, providing authorization (AuthZ) capabilities without requiring backend plugin integration.
+
+## Understanding ACL types
+
+ACLs are applied at two levels:
+
+1. **Workspace ACL:** Workspace objects inherit permissions from their parent workspace. See [Workspace ACL]({{site.url}}{{site.baseurl}}/dashboards/workspace/workspace-acl) for more information.
+2. **Objects ACL:** Each individual object can have its own ACL policy. All operations on these objects must pass ACL policy validation.
+
+## Enabling the ACL feature
+
+The ACL feature must be enabled before you can define any access controls. Enable it by:
+
+1. Opening your `opensearch_dashboards.yml` file.
+2. Enabling permissions with `savedObjects.permission.enabled: true`.
+
+## Defining ACL permissions
+
+ACL permissions are defined using the following schema: 
+
+```json
+{
+  "permissions": {
+    "<permission_type_1>": {
+        "users": ["<principal_1>", "<principal_2>"],
+        "groups": ["<principal_3>", "<principal_4>"]
+    }
+  } 
+}
+```
+{% include copy-curl.html %}
+
+### Granting permissions to authenticated users
+
+The wildcard character (`*`) grants permissions to all authenticated users. In the following example, the ACL grants workspace management permissions to the `finance_manager` group and dashboard creation permissions to the `finance_analyst` group:
+
+```json
+{
+  "permissions": {
+    "write": {
+        "groups": ["finance_manager"]
+    },
+    "library_write": {
+        "groups": ["finance_analyst"]
+    }
+  } 
+}
+```
+{% include copy-curl.html %}
+
+### Configuring mixed-level permissions
+
+To allow one user, `user-1` for example, to modify an object while giving read-only access to others, you can configure the ACL policy as follows:
+
+```json
+{
+  "permissions": {
+    "read": {
+        "users": ["*"]
+    },
+    "write": {
+        "users": ["user-1"]
+    },
+  }
+}
+```
+{% include copy-curl.html %}

_dashboards/management/management-index.md

@@ -9,16 +9,14 @@ has_children: true
 Introduced 2.10
 {: .label .label-purple }
 
-**Dashboards Management** serves as the command center for customizing OpenSearch Dashboards to your needs. A view of the interface is shown in the following image.
+**Dashboards Management** is the central hub for managing and customizing OpenSearch data directly within OpenSearch Dashboards. 
 
-<img src="{{site.url}}{{site.baseurl}}/images/dashboards/dashboards-management-ui.png" alt="Dashboards Management interface" width="700"/>
-
-{::nomarkdown}<img src="{{site.url}}{{site.baseurl}}/images/icons/alert-icon.png" class="inline-icon" alt="alert icon"/>{:/} **Note**<br>OpenSearch and OpenSearch Dashboards privileges govern access to individual features. If you do not have the appropriate access, consult your administrator. 
-{: .note}
+OpenSearch and OpenSearch Dashboards permissions govern access to individual features. If you do not have the appropriate access permissions, consult your administrator.
+{: .warning}
 
 ## Applications
 
-The following applications are available in **Dashboards Management**:
+You can access the following applications in **Dashboards Management**:
 
 - **[Index Patterns]({{site.url}}{{site.baseurl}}/dashboards/management/index-patterns/):** To access OpenSearch data, you need to create an index pattern so that you can select the data you want to use and define the properties of the fields. The Index Pattern tool gives you the ability to create an index pattern from within the UI. Index patterns point to one or more indexes, data streams, or index aliases. 
 - **[Data Sources]({{site.url}}{{site.baseurl}}/dashboards/management/multi-data-sources/):** The Data Sources tool is used to configure and manage the data sources that OpenSearch uses to collect and analyze data. You can use the tool to specify the source configuration in your copy of the [OpenSearch Dashboards configuration file]({{site.url}}{{site.baseurl}}https://github.com/opensearch-project/OpenSearch-Dashboards/blob/main/config/opensearch_dashboards.yml).