From 8e868c562f62090760644e08404a9766aa851191 Mon Sep 17 00:00:00 2001
From: Victor Castell <0x@vcastellm.xyz>
Date: Sun, 6 Oct 2024 21:08:13 +0200
Subject: [PATCH] doc: acl

---
 website/docs/pro/acls.md | 49 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/website/docs/pro/acls.md b/website/docs/pro/acls.md
index f73d27923..9794088ee 100644
--- a/website/docs/pro/acls.md
+++ b/website/docs/pro/acls.md
@@ -138,7 +138,56 @@ Check the full documentation on all the available ACL management commands.
 
 ### Use the readonly policy
 
+```json
+{
+    "path": {
+        "/v1/members": {
+            "capabilities": ["read"]
+        },
+        "/v1/jobs": {
+            "capabilities": [
+                "list",
+                "read"
+            ]
+        },
+        "/v1/jobs/*": {
+            "capabilities": [
+                "read"
+            ]
+        },            
+        "/v1/jobs/*/executions*": {
+            "capabilities": ["read"]
+        },
+        "/v1/jobs/*/executions/*": {
+            "capabilities": ["read"]
+        },
+        "/v1/leader": {
+            "capabilities": ["read"]
+        },
+        "/v1/isleader": {
+            "capabilities": ["read"]
+        },
+        "/v1/busy": {
+            "capabilities": ["read"]
+        }
+    }
+}
+```
+
+Write the readonly file content json to a local file named `readonly.json` and create the readonly policy:
+
+```
+dkron acl policy apply --name readonly --rules-file ./readonly.json
+```
+
+
+Create a new token for a readonly user:
+
+```
+dkron acl token create --name alice --type client --policy readonly
+```
 
+Handle the details to the user.
 
 ## Disable ACLs