From 0023ddb7daf1d7d7ebd5e69026f5bdcbcae545fe Mon Sep 17 00:00:00 2001
From: gfakbar20 <gfakbar20@gmail.com>
Date: Sun, 27 Apr 2025 15:09:53 +0700
Subject: [PATCH 1/4] Typo fix on access-control docs

---
 site/content/in-dev/unreleased/access-control.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/site/content/in-dev/unreleased/access-control.md b/site/content/in-dev/unreleased/access-control.md
index 560fd9e961..0e73f7cfa6 100644
--- a/site/content/in-dev/unreleased/access-control.md
+++ b/site/content/in-dev/unreleased/access-control.md
@@ -123,7 +123,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | TABLE_READ_DATA | Enables reading data from the table by receiving short-lived read-only storage credentials from the catalog. |
 | TABLE_WRITE_DATA | Enables writing data to the table by receiving short-lived read+write storage credentials from the catalog. |
 | TABLE_FULL_METADATA | Grants all table privileges, except TABLE_READ_DATA and TABLE_WRITE_DATA, which need to be granted individually. |
-| TABLE_ATTACH_POLICY | Enables attaching policy to a table. Applying policy at a table will override the same policy type defined at namespace and catalog |
+| TABLE_ATTACH_POLICY | Enables attaching policy to a table. Applying a policy at a table will override the same policy type defined at namespace and catalog |
 | TABLE_DETACH_POLICY | Enables detaching policy from a table |
 
 ### View privileges
@@ -159,7 +159,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | CATALOG_MANAGE_METADATA | Enables full management of the catalog, catalog roles, namespaces, and tables.  |
 | CATALOG_READ_PROPERTIES | Enables listing catalogs and reading properties of the catalog. |
 | CATALOG_WRITE_PROPERTIES | Enables configuring catalog properties. |
-| NAMESPACE_ATTACH_POLICY | Enables attaching policy to a catalog. All entities registered under the namespace will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed in this level. |
+| CATALOG_ATTACH_POLICY | Enables attaching policy to a catalog. All entities registered under the catalog will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed in this level. |
 | CATALOG_DETACH_POLICY | Enables detaching policy from a catalog. |
 
 ### Policy privileges

From b8ae3f13df3b2737bf663dabeb64c31a70bea4ba Mon Sep 17 00:00:00 2001
From: gfakbar20 <gfakbar20@gmail.com>
Date: Sun, 27 Apr 2025 15:23:02 +0700
Subject: [PATCH 2/4] Grammar fix - preposition

---
 site/content/in-dev/unreleased/access-control.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/site/content/in-dev/unreleased/access-control.md b/site/content/in-dev/unreleased/access-control.md
index 0e73f7cfa6..4603218b11 100644
--- a/site/content/in-dev/unreleased/access-control.md
+++ b/site/content/in-dev/unreleased/access-control.md
@@ -147,7 +147,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | NAMESPACE_READ_PROPERTIES | Enables reading all the namespace properties. |
 | NAMESPACE_WRITE_PROPERTIES | Enables configuring namespace properties. |
 | NAMESPACE_FULL_METADATA | Grants all namespace privileges. |
-| NAMESPACE_ATTACH_POLICY | Enables attaching policy to a namespace. A policy applied at this level will override the same policy type define at the parent namespace and catalog and all entities registered under the namespace will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed in this level. |
+| NAMESPACE_ATTACH_POLICY | Enables attaching policy to a namespace. A policy applied at this level will override the same policy type define at the parent namespace and catalog and all entities registered under the namespace will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed at this level. |
 | NAMESPACE_DETACH_POLICY | Enables detaching policy from a namespace. |
 
 ### Catalog privileges
@@ -159,7 +159,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | CATALOG_MANAGE_METADATA | Enables full management of the catalog, catalog roles, namespaces, and tables.  |
 | CATALOG_READ_PROPERTIES | Enables listing catalogs and reading properties of the catalog. |
 | CATALOG_WRITE_PROPERTIES | Enables configuring catalog properties. |
-| CATALOG_ATTACH_POLICY | Enables attaching policy to a catalog. All entities registered under the catalog will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed in this level. |
+| CATALOG_ATTACH_POLICY | Enables attaching policy to a catalog. All entities registered under the catalog will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed at this level. |
 | CATALOG_DETACH_POLICY | Enables detaching policy from a catalog. |
 
 ### Policy privileges

From 9ae04e9b37265ef358b58c668c6fdc5992e63066 Mon Sep 17 00:00:00 2001
From: gfakbar20 <gfakbar20@gmail.com>
Date: Mon, 28 Apr 2025 13:41:57 +0700
Subject: [PATCH 3/4] Review fix - remove detailed explanation of entitiest in
 access control page

---
 site/content/in-dev/unreleased/access-control.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/site/content/in-dev/unreleased/access-control.md b/site/content/in-dev/unreleased/access-control.md
index 4603218b11..02f6bb6bd5 100644
--- a/site/content/in-dev/unreleased/access-control.md
+++ b/site/content/in-dev/unreleased/access-control.md
@@ -123,7 +123,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | TABLE_READ_DATA | Enables reading data from the table by receiving short-lived read-only storage credentials from the catalog. |
 | TABLE_WRITE_DATA | Enables writing data to the table by receiving short-lived read+write storage credentials from the catalog. |
 | TABLE_FULL_METADATA | Grants all table privileges, except TABLE_READ_DATA and TABLE_WRITE_DATA, which need to be granted individually. |
-| TABLE_ATTACH_POLICY | Enables attaching policy to a table. Applying a policy at a table will override the same policy type defined at namespace and catalog |
+| TABLE_ATTACH_POLICY | Enables attaching policy to a table. |
 | TABLE_DETACH_POLICY | Enables detaching policy from a table |
 
 ### View privileges
@@ -147,7 +147,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | NAMESPACE_READ_PROPERTIES | Enables reading all the namespace properties. |
 | NAMESPACE_WRITE_PROPERTIES | Enables configuring namespace properties. |
 | NAMESPACE_FULL_METADATA | Grants all namespace privileges. |
-| NAMESPACE_ATTACH_POLICY | Enables attaching policy to a namespace. A policy applied at this level will override the same policy type define at the parent namespace and catalog and all entities registered under the namespace will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed at this level. |
+| NAMESPACE_ATTACH_POLICY | Enables attaching policy to a namespace. |
 | NAMESPACE_DETACH_POLICY | Enables detaching policy from a namespace. |
 
 ### Catalog privileges
@@ -159,7 +159,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | CATALOG_MANAGE_METADATA | Enables full management of the catalog, catalog roles, namespaces, and tables.  |
 | CATALOG_READ_PROPERTIES | Enables listing catalogs and reading properties of the catalog. |
 | CATALOG_WRITE_PROPERTIES | Enables configuring catalog properties. |
-| CATALOG_ATTACH_POLICY | Enables attaching policy to a catalog. All entities registered under the catalog will inherit this policy unless they have a different policy of the same type. Only inheritable policy such as, table compaction and snapshot expiry policy are allowed at this level. |
+| CATALOG_ATTACH_POLICY | Enables attaching policy to a catalog. |
 | CATALOG_DETACH_POLICY | Enables detaching policy from a catalog. |
 
 ### Policy privileges

From 7964996d4de9112913348275c27fc73c8bb43ef7 Mon Sep 17 00:00:00 2001
From: gfakbar20 <gfakbar20@gmail.com>
Date: Mon, 28 Apr 2025 13:54:52 +0700
Subject: [PATCH 4/4] proof read - period punctuation in the table

---
 site/content/in-dev/unreleased/access-control.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/site/content/in-dev/unreleased/access-control.md b/site/content/in-dev/unreleased/access-control.md
index 02f6bb6bd5..f8c21ab781 100644
--- a/site/content/in-dev/unreleased/access-control.md
+++ b/site/content/in-dev/unreleased/access-control.md
@@ -124,7 +124,7 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 | TABLE_WRITE_DATA | Enables writing data to the table by receiving short-lived read+write storage credentials from the catalog. |
 | TABLE_FULL_METADATA | Grants all table privileges, except TABLE_READ_DATA and TABLE_WRITE_DATA, which need to be granted individually. |
 | TABLE_ATTACH_POLICY | Enables attaching policy to a table. |
-| TABLE_DETACH_POLICY | Enables detaching policy from a table |
+| TABLE_DETACH_POLICY | Enables detaching policy from a table. |
 
 ### View privileges
 
@@ -166,14 +166,14 @@ To grant the full set of privileges (drop, list, read, write, etc.) on an object
 
 | Privilege | Description |
 | -----------------------| ----------- |
-| POLICY_CREATE | Enables creating a policy under specified namespace |
-| POLICY_READ | Enables reading policy content and metadata |
-| POLICY_WRITE | Enables updating the policy details such as its content or description |
-| POLICY_LIST | Enables listing any policy from the catalog |
-| POLICY_DROP | Enables dropping a policy if it is not attached to any resource entity |
+| POLICY_CREATE | Enables creating a policy under specified namespace. |
+| POLICY_READ | Enables reading policy content and metadata. |
+| POLICY_WRITE | Enables updating the policy details such as its content or description. |
+| POLICY_LIST | Enables listing any policy from the catalog. |
+| POLICY_DROP | Enables dropping a policy if it is not attached to any resource entity. |
 | POLICY_FULL_METADATA | Grants all policy privileges. |
-| POLICY_ATTACH | Enables policy to be attached to entities |
-| POLICY_DETACH | Enables policy to be detached from entities |
+| POLICY_ATTACH | Enables policy to be attached to entities. |
+| POLICY_DETACH | Enables policy to be detached from entities. |
 
 ## RBAC example