coder · bpmct · Oct 11, 2022 · Oct 10, 2022 · Oct 10, 2022 · Oct 10, 2022
diff --git a/docs/admin/audit-logs.md b/docs/admin/audit-logs.md
@@ -1,6 +1,6 @@
 # Audit Logs
 
-Audit Logs allows **Admins** and **Auditors** to monitor user operations in
+Audit Logs allows **Auditors** to monitor user operations in
 their deployment.
 
 ## Tracked Events
@@ -32,4 +32,4 @@ The supported filters are:
 
 ## Enabling this feature
 
-This feature is auto enabled for all enterprise deployments. Admins may contact us to purchase a license [here](https://coder.com/contact?note=I%20want%20to%20upgrade%20my%20license).
+This feature is only available with an enterprise license. [Learn more](./enterprise.md)
diff --git a/docs/admin/enterprise.md b/docs/admin/enterprise.md
@@ -7,13 +7,14 @@ These features are available in the enterprise edition:
 
 - [Audit Logging](./audit-logs.md)
 - [Browser Only Connections](../networking.md#browser-only-connections)
+- [Groups](./groups.md)
+- [Template RBAC](./rbac.md)
 - [Quotas](./quotas.md)
 - [SCIM](./auth.md#scim)
 
 And we're releasing these imminently:
 
 - High Availability
-- Template RBAC
 - Multiple Git Provider Authentication
 
 ## Adding your license key

diff --git a/docs/admin/groups.md b/docs/admin/groups.md
@@ -0,0 +1,10 @@
+# Groups
+
+Groups can be used with [template RBAC](./rbac.md) to give groups of users access to specific templates.
+
+![Groups](../images/groups.png)
+
+## Enabling this feature
+
+This feature is only available with an enterprise license. [Learn more](./enterprise.md)
+
diff --git a/docs/admin/quotas.md b/docs/admin/quotas.md
@@ -15,6 +15,10 @@ Then, when users create workspaces they would see:
 
 <img src="../images/admin/quotas.png"/>
 
+## Enabling this feature
+
+This feature is only available with an enterprise license. [Learn more](./enterprise.md)
+
 ## Up next
 
 - [Enterprise](./enterprise.md)

diff --git a/docs/admin/rbac.md b/docs/admin/rbac.md
@@ -0,0 +1,18 @@
+# Role Based Access Control (RBAC)
+
+Use RBAC to define which users and [groups](./groups.md) can use specific templates in Coder.
+
+![rbac](../images/template-rbac.png)
+
+The "Everyone" group makes a template accessible to all users. This can be removed to make a template private.
+
+## Permissions
+
+You can set the following permissions:
+
+- **Admin**: Read, use, edit, push, and delete
+- **View**: Read, use
+
+## Enabling this feature
+
+This feature is only available with an enterprise license. [Learn more](./enterprise.md)
diff --git a/docs/admin/users.md b/docs/admin/users.md
@@ -7,12 +7,13 @@ This article walks you through the user roles available in Coder and creating an
 Coder offers these user roles in the community edition:
 
 |                                            | User Admin | Template Admin | Owner |
-| ------------------------------------------ | ---------- | -------------- |-------|
-| Add and remove Users                       | ✅         |                | ✅     |
-| Change User roles                          |            |                | ✅     |
-| Manage Templates                           |            | ✅             | ✅     |
-| View, update and delete **ALL** Workspaces |            | ✅             | ✅     |
-| Execute and use **ALL** Workspaces         |            |                | ✅     |
+| ------------------------------------------ | ---------- | -------------- | ----- |
+| Add and remove Users                       | ✅         |                | ✅    |
+| Manage groups (enterprise)                 |            |                |       |
+| Change User roles                          |            |                | ✅    |
+| Manage **ALL** Templates                   |            | ✅             | ✅    |
+| View, update and delete **ALL** Workspaces |            | ✅             | ✅    |
+| Execute and use **ALL** Workspaces         |            |                | ✅    |
 
 A user may have one or more roles. All users have an implicit Member role
 that may use personal workspaces.

diff --git a/docs/images/groups.png b/docs/images/groups.png
diff --git a/docs/images/icons/rbac.svg b/docs/images/icons/rbac.svg
diff --git a/docs/images/icons/users.svg b/docs/images/icons/users.svg
diff --git a/docs/images/template-rbac.png b/docs/images/template-rbac.png
diff --git a/docs/manifest.json b/docs/manifest.json
@@ -174,17 +174,31 @@
       "icon_path": "./images/icons/wrench.svg",
       "path": "./admin/index.md",
       "children": [
+        {
+          "title": "Authentication",
+          "description": "Learn how to set up authentication using GitHub or OpenID Connect.",
+          "icon_path": "./images/icons/key.svg",
+          "path": "./admin/auth.md"
+        },
         {
           "title": "Users",
           "description": "Learn about user roles available in Coder and how to create and manage users",
           "icon_path": "./images/icons/users.svg",
           "path": "./admin/users.md"
         },
         {
-          "title": "Authentication",
-          "description": "Learn how to set up authentication using GitHub or OpenID Connect.",
-          "icon_path": "./images/icons/key.svg",
-          "path": "./admin/auth.md"
+          "title": "Groups",
+          "description": "Learn how to manage user groups",
+          "icon_path": "./images/icons/group.svg",
+          "path": "./admin/groups.md",
+          "state": "enterprise"
+        },
+        {
+          "title": "RBAC",
+          "description": "Learn how to use the role based access control",
+          "icon_path": "./images/icons/rbac.svg",
+          "path": "./admin/rbac.md",
+          "state": "enterprise"
         },
         {
           "title": "Configuration",

diff --git a/docs/templates.md b/docs/templates.md
@@ -310,6 +310,10 @@ practices:
   - The Coder agent logs are typically stored in `/var/log/coder-agent.log`
   - The Coder agent startup script logs are typically stored in `/var/log/coder-startup-script.log`
 
+## Template permissions (enterprise)
+
+Template permissions can be used to give users and groups access to specific templates. [Learn more about RBAC](./admin/rbac.md).
+
 ## Change Management
 
 We recommend source controlling your templates as you would other code.

diff --git a/site/src/pages/GroupsPage/GroupsPageView.tsx b/site/src/pages/GroupsPage/GroupsPageView.tsx
@@ -60,7 +60,7 @@ export const GroupsPageView: React.FC<GroupsPageViewProps> = ({
                 </Link>
                 <Link
                   underline="none"
-                  href="https://coder.com/docs/coder-oss/latest/admin/upgrade"
+                  href="https://coder.com/docs/coder-oss/latest/admin/groups"
                   target="_blank"
                   rel="noreferrer"
                 >

diff --git a/site/src/pages/TemplatePage/TemplatePermissionsPage/TemplatePermissionsPage.tsx b/site/src/pages/TemplatePage/TemplatePermissionsPage/TemplatePermissionsPage.tsx
@@ -55,7 +55,7 @@ export const TemplatePermissionsPage: FC<
                 </Link>
                 <Link
                   underline="none"
-                  href="https://coder.com/docs/coder-oss/latest/admin/upgrade"
+                  href="https://coder.com/docs/coder-oss/latest/admin/rbac"
                   target="_blank"
                   rel="noreferrer"
                 >

diff --git a/site/src/pages/TemplatePage/TemplatePermissionsPage/TemplatePermissionsPageView.tsx b/site/src/pages/TemplatePage/TemplatePermissionsPage/TemplatePermissionsPageView.tsx
@@ -131,14 +131,14 @@ const RoleSelect: FC<SelectProps> = (props) => {
       <MenuItem key="view" value="view" className={styles.menuItem}>
         <div>
           <div>View</div>
-          <div className={styles.menuItemSecondary}>Read, access</div>
+          <div className={styles.menuItemSecondary}>Read, use</div>
         </div>
       </MenuItem>
       <MenuItem key="admin" value="admin" className={styles.menuItem}>
         <div>
           <div>Admin</div>
           <div className={styles.menuItemSecondary}>
-            Read, access, edit, push, and delete
+            Read, use, edit, push, and delete
           </div>
         </div>
       </MenuItem>