[CN-1421]: introduce client simple authentication doc

docs/modules/ROOT/examples/management-center-simple-auth.yaml

@@ -0,0 +1,12 @@
+apiVersion: hazelcast.com/v1alpha1
+kind: ManagementCenter
+metadata:
+  name: managementcenter-sample
+spec:
+  repository: 'hazelcast/management-center'
+  version: '{page-latest-supported-mc}'
+  hazelcastClusters:
+    - address: hazelcast-sample
+      name: dev
+      security:
+        clientSecretName: user1-secret

docs/modules/ROOT/nav.adoc

@@ -56,6 +56,8 @@
 * Security
 ** xref:tls.adoc[Configure TLS]
 ** xref:authorization.adoc[Authorization Methods to Access Cloud Storage]
+** Configuring Client Authentication
+*** xref:client-auth.adoc[Simple Authentication]
 
 * Compute
 ** xref:user-code-deployment.adoc[User Code Deployment]

docs/modules/ROOT/pages/client-simple-auth.adoc

@@ -0,0 +1,124 @@
+= Client Authentication and Authorization
+
+Use the Hazelcast Platform Operator to configure xref:hazelcast:security:authentication-overview.adoc[Client Authentication] and xref:hazelcast:security:client-authorization.adoc[Client Authorization].
+
+== Simple Authentication
+
+You can easily use xref:hazelcast:security:simple-authentication.adoc[Hazelcast Simple Authentication] by making minimal changes in the original configuration.
+
+For example:
+
+[source,yaml]
+----
+security:
+  enabled: true
+  realms:
+    - name: simpleRealm-clients
+      authentication:
+        simple:
+          users:
+          - secretName: user1-secret
+            roles:
+              - admin
+          - secretName: user2-secret
+            roles:
+              - monitor
+              - application
+  client-authentication:
+    realm: simpleRealm-clients
+  client-permissions:
+    all:
+      principal: admin
+      endpoints:
+        - 127.0.0.1
+    map:
+      - name: playground
+        actions:
+          - all
+      - name: accounts
+        principal: monitor
+        actions:
+          - read
+      - name: accounts
+        principal: application
+        endpoints:
+          - 192.168.1.*
+          - 192.168.2.*
+        actions:
+          - create
+          - destroy
+          - put
+          - read
+          - remove
+          - lock
+----
+
+This can be converted as:
+
+[source,yaml]
+----
+security:
+    operatorClientSecretName: user1-secret
+    realms:
+      - name: simpleRealm-clients
+        authentication:
+          simple:
+            users:
+            - secretName: user1-secret
+              roles:
+                - admin
+            - secretName: user2-secret
+              roles:
+                - monitor
+                - application
+    clientAuthentication:
+      realm: simpleRealm-clients
+    clientPermissions:
+      all:
+        principal: admin
+        endpoints:
+          - 127.0.0.1
+      permissions:
+        map:
+          - name: playground
+            actions:
+              - all
+          - name: accounts
+            principal: monitor
+            actions:
+              - read
+          - name: accounts
+            principal: application
+            endpoints:
+              - 192.168.1.*
+              - 192.168.2.*
+            actions:
+              - create
+              - destroy
+              - put
+              - read
+              - remove
+              - lock
+----
+
+Required Changes:
+
+* `security.enabled` should be removed.
+* convert kebab cases to camel cases:
+** `client-authentication` -> `clientAuthentication`
+** `client-permissions` -> `clientPermissions`
+* add `permissions` node to `clientPermissions` to wrap permissions other than `all`.
+
+NOTE:  The `operatorClientSecretName` is a mandatory field required for the Operator to establish a connection with the Hazelcast cluster. The given user in the `operatorClientSecretName` field must have a role that has all the client permissions. Otherwise, the Operator will fail with a validation error.
+
+=== Management Center Configuration
+
+As the Management Center serves as a client of the Hazelcast cluster, it must be properly configured to connect to the cluster. The `security.clientSecretName` field in the `hazelcastClusters` section is utilized for this configuration.
+
+.Management Center Simple Authentication Example
+[source,yaml,subs="attributes+"]
+----
+include::ROOT:example$/management-center-simple-auth.yaml[]
+----
+
+NOTE: The given user in the `clientSecretName` field have a role that has all the client permissions.