DOCSP-17638 Add ADL Actions for the Custom Role Builder (#177)

* DOCSP-17638 Add ADL Actions for the Custom Role Builder

* DOCSP-17638 updates for copy review feedback

Author: kanchana-mongodb

source/deployment/deploy-s3.txt

@@ -25,7 +25,10 @@ Before you begin, you will need to:
 - `Install the AWS CLI 
   <https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html>`__.
 - `Configure the AWS CLI 
-  <https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html#cli-quick-configuration>`__.
+  <https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html#cli-quick-configuration>`__ 
+  to access your |aws| account. Alternatively, you must have access to 
+  the |aws| Management Console with permission to create `IAM roles 
+  <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html>`__.
 - *Optional.* :atlas:`Set Up Unified AWS Access 
   </security/set-up-unified-aws-access>`.
 

source/index.txt

@@ -60,30 +60,65 @@ A database user must have one of the following roles to query an
 - A :atlas:`custom role </security-add-mongodb-roles/>` with the  
   :manual:`find </reference/privilege-actions/>` privilege
 
-.. _atlas-data-lake-prereqs:
+.. _atlas-data-lake-actions:
 
-Prerequisites
--------------
+Privilege Actions 
+-----------------
 
-Verify that you meet the following prerequisites before you create a 
-|data-lake|:
+Privilege actions define the operations that you can perform on your 
+{+dl+}. You can grant the following {+adl+} privileges: 
 
-* One or more |aws| |s3| buckets in the same |aws| account.
+- When you :atlas:`create or modify </security-add-mongodb-roles/>` 
+  custom roles from the |service| User Interface
+- In the ``actions.action`` request body parameter when you 
+  :atlas:`create </reference/api/custom-roles-create-a-role/>` or 
+  :atlas:`update </reference/api/custom-roles-update-a-role/>` a custom 
+  role from the |service| |api|
 
-* An |aws| CLI configured to access your |aws| account. Alternatively, 
-  you must have access to the |aws| Management Console with permission 
-  to create `IAM roles <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html>`__.
+.. expression:: sqlGetSchema
 
-  .. note:
+   Retrieve the schema stored for a collection or view using 
+   the :ref:`sqlgetschema-cmd` command. 
 
-   To prevent excessive charges on your bill, create your |service|
-   |data-lake| in the same |aws| region as your |s3| data source.
+.. expression:: sqlSetSchema
+
+   Set or delete the schema for a collection or view using the 
+   :ref:`sqlsetschema-cmd` command.
+
+.. expression:: viewAllHistory 
+
+   Retrieve details about the queries that were run in the past 
+   24 hours using :ref:`$queryHistory <adl-query-history-stage>`.
+
+.. expression:: outToS3
+
+   Write data from any one of the :ref:`supported 
+   <datalake-configuration-file-overview>` {+data-lake-stores+} or 
+   multiple :ref:`supported <datalake-configuration-file-overview>` 
+   {+data-lake-stores+} to your |s3| bucket using :ref:`adl-out-stage`.
+
+.. expression:: storageGetConfig 
+
+   Retrieve your {+dl+} :ref:`storage configuration 
+   <datalake-configuration-file>` using the :ref:`storageGetConfig 
+   <datalake-getstorageconfig>` command.
+
+.. expression:: storageSetConfig 
+
+   Set or update your {+dl+} :ref:`storage configuration 
+   <datalake-configuration-file>` using the :ref:`storageSetConfig 
+   <datalake-setstorageconfig>` command.
 
 .. _atlas-data-lake-regions:
 
 {+adl+} Regions 
 -----------------------
 
+.. note::
+
+   To prevent excessive charges on your bill, create your |service|
+   |data-lake| in the same |aws| region as your |s3| data source.
+
 {+adl+} routes your {+dl+} requests through one of the following 
 regions: