diff --git a/docs/platform/concepts/application-users.md b/docs/platform/concepts/application-users.md
index 35920960a..f315e3ee3 100644
--- a/docs/platform/concepts/application-users.md
+++ b/docs/platform/concepts/application-users.md
@@ -8,8 +8,6 @@ An application user is a type of user that provides programmatic access to the A
You must be an [organization admin](/docs/platform/concepts/permissions#organization-roles-and-permissions) to access this feature.
-## Application user permissions
-
You [create and manage application users](/docs/platform/howto/manage-application-users)
at the organization level and you
[give them access to projects and services](/docs/platform/howto/manage-permissions)
@@ -17,47 +15,7 @@ in the same way as organization users. You can also grant application users the
organization admin role, giving them full access to your organization,
its organizational units, projects, services, billing, and other settings.
-Unlike organization users, application users can't log in to the Aiven Console and the
-authentication policies don't apply to them.
-
-## Security best practices
-
-Because application users can have the same level of access to projects and services it's
-important to secure these accounts and their tokens to avoid abuse. The
-following are some suggested best practices for using Aiven application users.
-
-### Create dedicated application users for each application
-
-Try to create a different application user for each tool or application. For example, if
-you have an application that needs to connect to services in one of your projects and
-you're using Aiven Terraform Provider in the same project, create two application users. Use
-the description field for each user to clearly indicate what it's used for.
-
-This helps you manage the lifecycle of the users and ensure the access permissions are
-correct for each use case.
-
-### Restrict access to trusted networks
-
-Specify allowed IP address ranges for each token. This prevents tokens from being used
-outside of your trusted networks, reducing the risk of breaches. You can also specify
-these ranges in your organization's
-[authentication policy](/docs/platform/howto/set-authentication-policies), limiting
-all access to the Aiven Platform to these IP addresses, including
-through application tokens.
-
-### Keep tokens secure and rotate them regularly
-
-Make sure tokens are securely stored and only accessible by people who need them. Tokens
-should also be routinely [revoked](/docs/platform/howto/manage-application-users#revoke-a-token-for-an-application-user)
-and replaced with new tokens.
-
-### Delete unused users and tokens
-
-Regularly audit your list of application users to delete unused users. You can view a
-list of your organization's application users and the last time they were used in
-**Admin** > . Click
- >
-to see a user's tokens.
+Unlike organization users, application users can't log in to the Aiven Console.
-You can [delete unused users](/docs/platform/howto/manage-application-users#delete-an-application-user)
-and [revoke specific tokens](/docs/platform/howto/manage-application-users#revoke-a-token-for-an-application-user).
+Follow the [security best practices for application users]
+to keep these account secure.
diff --git a/docs/platform/concepts/orgs-units-projects.md b/docs/platform/concepts/orgs-units-projects.md
index d936eefe5..01ed330f0 100644
--- a/docs/platform/concepts/orgs-units-projects.md
+++ b/docs/platform/concepts/orgs-units-projects.md
@@ -89,6 +89,11 @@ the project. The following are some examples of how customers organize their ser
## Best practices for organizations
+The following are recommendations for organizing your resources in the Aiven Platform
+using organizations, organizational units, and projects. Read the
+[security checklist](/docs/platform/reference/security-best-practices) for more
+information on best practices for securing your organization using Aiven features.
+
### Small organizations
For smaller organizations that have a limited number of projects and services,
diff --git a/docs/platform/howto/list-identity-providers.md b/docs/platform/howto/list-identity-providers.md
index a64bcc2a9..6dcaf69b6 100644
--- a/docs/platform/howto/list-identity-providers.md
+++ b/docs/platform/howto/list-identity-providers.md
@@ -1,11 +1,12 @@
---
-title: SAML identity providers and verified domains
+title: Identity providers and SAML authentication
sidebar_label: Identity providers
---
Set up single sign-on (SSO) access to Aiven through a Security Assertion Markup Language (SAML) compliant identity provider (IdP). This lets you centrally manage your users in your IdP while giving them a seamless login experience.
-Every IdP must be linked to a domain in Aiven. After you
+Every IdP must be linked to a domain in Aiven and you can link each verified domain to
+only one IdP. After you
[verify that you own a domain](/docs/platform/howto/manage-domains), the users in your
organization become managed users, which provides a higher level of security for your
organization by controlling things like
@@ -15,48 +16,13 @@ With a verified domain you can add an IdP. All users with an email address from
the verified domain are automatically authenticated with the linked IdP. With
IdP-initiated SSO enabled, users can log in to Aiven directly from the IdP.
-Aiven also supports System for Cross-domain Identity Management (SCIM) for Okta to automatically
-provision, update, and deactivate user identities from your IdP.
+Aiven also supports System for Cross-domain Identity Management (SCIM) for Okta to
+automatically provision, update, and deactivate user identities from your IdP.
With automatic provisioning you don’t need to manually create organization users.
-
When adding an IdP you link it to the verified domain
-and can set up SCIM at the same time.
-
-## Limitations
-
-You can link each verified domain to only one IdP. If you set up user provisioning with
+and can set up SCIM at the same time. If you set up user provisioning with
SCIM, you should only make changes to user details in the IdP.
-## Security best practices
-
-It’s recommended to verify your domains in Aiven even if you don’t use SSO. When
-configuring an IdP it's best to enable the following SAML security settings:
-
-- **Require assertion to be signed**: Verifies assertions were issued by a trusted party
- and have not been tampered with.
-- **Sign authorization request sent to IdP**: Ensures authenticity and integrity with a
- digital signature.
-
-The [authentication policy](/docs/platform/howto/set-authentication-policies) for the
-organization is also an important component in securing access through an IdP. At a
-minimum, use these settings for your authentication policy:
-
-- Don't allow password authentication
-- Require log in with this organization's identity provider
-
-To limit access further, also consider these authentication policy settings:
-
-- **Don't allow third-party authentication**: This combined with the preceding password and
- organization identity provider settings ensures that users only log in to the Console
- with your chosen IdP.
-- **Don't allow users to create personal tokens**: This prevents users from accessing
- organization resources through the API using a long-lived
- [personal token](/docs/platform/concepts/authentication-tokens) they created.
-
-If you allow your users to create personal tokens, you can still make these more
-secure by enabling **Require users to be logged in with an allowed
-authentication method**. This means that users cannot access your organization's
-resources with a token they created when logged in with another organization's
-allowed authentication methods or a previously allowed method.
-This setting also gives you the flexibility to change the authentication policy at any
-time because tokens that are no longer compliant with the new policy cannot be used.
+See the [security checklist](/docs/platform/reference/security-best-practices#add-an-identity-provider)
+for best practices for configuring your identity providers and
+organization authentication policy.
diff --git a/docs/platform/howto/manage-application-users.md b/docs/platform/howto/manage-application-users.md
index 4d9c7d08d..83bcd4313 100644
--- a/docs/platform/howto/manage-application-users.md
+++ b/docs/platform/howto/manage-application-users.md
@@ -16,7 +16,7 @@ to access this feature.
:::important
Application users can be a security risk if not carefully managed and monitored. Follow
- [best practices](/docs/platform/concepts/application-users#security-best-practices) for
+ [best practices](/docs/platform/reference/security-best-practices) for
mitigating these risks.
:::
@@ -72,6 +72,15 @@ More information on this resource and its configuration options are available in
+## View application users and tokens
+
+To view your organization's application users and the last time they
+were used:
+
+1. In your organization, click **Admin**.
+1. Click .
+1. Click the name of an application user to view its profile, tokens, and groups.
+
## Revoke a token for an application user
1. Click **Admin** > .
diff --git a/docs/platform/howto/unsafe-passwords.md b/docs/platform/howto/unsafe-passwords.md
index 10d6cb470..8f271b217 100644
--- a/docs/platform/howto/unsafe-passwords.md
+++ b/docs/platform/howto/unsafe-passwords.md
@@ -2,6 +2,8 @@
title: Change unsafe passwords
---
+import RelatedPages from "@site/src/components/RelatedPages";
+
The Aiven Platform checks your email and password combination against a database of exposed credentials every time you log in and change your password.
If Aiven detects an unsafe password, your login is blocked until you
@@ -12,3 +14,7 @@ You don't need to do anything else, but Aiven recommends every user
[enable two-factor authentication](/docs/platform/howto/user-2fa).
Two-factor authentication also needs to be re-enabled after you
reset or change your password.
+
+
+
+* Get tips for creating secure passwords in the [security checklist](/docs/platform/reference/security-best-practices)
diff --git a/docs/platform/reference/password-policy.md b/docs/platform/reference/password-policy.md
deleted file mode 100644
index 6da20f877..000000000
--- a/docs/platform/reference/password-policy.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Password policy
----
-
-Aiven is committed to keeping your data secure. Creating a strong
-password makes it harder for attackers to gain unauthorized access to
-your account.
-
-Creating a strong password is a first step in securing your account. You
-can add another layer of security by
-[enabling two-factor authentication](/docs/platform/howto/user-2fa).
-
-## Password requirements
-
-Aiven enforces the following rules for password strength:
-
-- Minimum length is 8 characters
-- Cannot contain single repeating characters such as `aaaaaaaa`
-- Cannot contain your name or email address
-- Cannot contain common words, phrases, or strings such as password,
- security, or common names
-- Cannot contain words that are very similar to common words such as
- `password1`
-
-These rules are also used for service integration passwords. For remote
-services (for example, sending logs to an external OpenSearch® service),
-these rules are not enforced, but they are recommended.
-
-## Password tips
-
-The following are some suggestions for creating or resetting your Aiven
-password:
-
-- Use a password manager to create a randomly generated strong
- password
-- Use passphrases since these are harder to guess
-- Do not use the same password for multiple services
diff --git a/docs/platform/reference/security-best-practices.md b/docs/platform/reference/security-best-practices.md
new file mode 100644
index 000000000..65c0adae5
--- /dev/null
+++ b/docs/platform/reference/security-best-practices.md
@@ -0,0 +1,276 @@
+---
+title: Security checklist
+---
+
+The Aiven Platform offers security features to help you protect your data and resources. Security needs vary based on organization, but the following are best practices you can use to make the best use of these features and increase your security posture.
+
+- [Verify a domain](#verify-a-domain)
+- [Add an identity provider](#add-an-identity-provider)
+- [Configure your authentication policy](#configure-your-authentication-policy)
+ - [Password requirements](#password-requirements)
+ - [Create secure password](#create-secure-password)
+- [Use units and projects to separate concerns](#use-units-and-projects-to-separate-concerns)
+- [Grant least-privilege access to users](#grant-least-privilege-access-to-users)
+ - [Limit the number of admin](#limit-the-number-of-admin)
+ - [Use groups](#use-groups)
+ - [Examples](#examples)
+- [Create application users for automated access](#create-application-users-for-automated-access)
+ - [Create dedicated application users for each application](#create-dedicated-application-users-for-each-application)
+ - [Restrict access to trusted networks](#restrict-access-to-trusted-networks)
+ - [Keep tokens secure and rotate them regularly](#keep-tokens-secure-and-rotate-them-regularly)
+ - [Delete unused users and tokens](#delete-unused-users-and-tokens)
+- [Create virtual private clouds](#create-virtual-private-clouds)
+- [Employ a multi-cloud, geographically distributed strategy](#employ-a-multi-cloud-geographically-distributed-strategy)
+- [Keep services up-to-date](#keep-services-up-to-date)
+- [Use enhanced compliance environments](#use-enhanced-compliance-environments)
+
+## Verify a domain
+
+To make your organization users managed users and to set up single sign-on through
+an identity provider, verify your organization's domain. Even if you
+don't use an identity provider for logins, verifying your domain helps to
+secure you organization on the Aiven Platform.
+
+- [Verify your domain](/docs/platform/howto/manage-domains)
+- [Learn about managed users](/docs/platform/concepts/managed-users)
+
+## Add an identity provider
+
+Use SAML federation for regular access to the Aiven Platform through an
+identity provider (IdP). IdPs let you centralize identity management for multiple
+platforms, give your organization users access through single sign-on (SSO), and
+help to reduce the risk of credential exposure. This can reduce administrative
+overhead and improve the user experience. Many IdPs also have additional
+security features like multi-factor authentication and auditing.
+
+All users with an email address from a verified domain
+linked to your IdP can sign up and log in to the Aiven Platform without the need
+for your admin to create individual user accounts. Use the strongest
+cryptographic signature method supported by the provider.
+
+When configuring an IdP it's best to enable the following SAML security settings:
+
+- **Require assertion to be signed**: Verifies assertions were issued by a trusted party
+ and have not been tampered with.
+- **Sign authorization request sent to IdP**: Ensures authenticity and integrity with a
+ digital signature.
+
+The [authentication policy](#configure-your-authentication-policy) for the
+organization is also an important component in securing access through an IdP.
+
+- [Add an identity provider](/docs/platform/howto/saml/add-identity-providers)
+
+## Configure your authentication policy
+
+Set a policy that allows your organization users to access your organization on
+the Aiven Platform only through approved methods.
+
+For a greater level of security, only allow users to log in with your identity provider
+and select the **require log in with an identity provider** option. If you do allow
+password authentication, enforce two-factor authentication for all users.
+
+Don't allow users to create personal tokens. If you decide to allow your users to
+create personal tokens, you can still make these more secure by enabling the
+**require log in with this organization's identity provider** setting.
+This means that users cannot access your organization's resources with a token they
+created when logged in with another organization's allowed authentication methods
+or a previously allowed method. This setting also gives you the flexibility to change
+the authentication policy at any time because tokens that are no longer compliant
+with the new policy cannot be used.
+
+A more secure way to centrally manage access through tokens is to create
+[application users and application tokens](#create-application-users-for-automated-access).
+
+- [Set an organization authentication policy](/docs/platform/howto/set-authentication-policies)
+
+### Password requirements
+
+Aiven enforces the following rules for password strength:
+
+- Minimum length is 8 characters
+- Cannot contain single repeating characters such as `aaaaaaaa`
+- Cannot contain your name or email address
+- Cannot contain common words, phrases, or strings such as password,
+ security, or common names
+- Cannot contain words that are very similar to common words such as
+ `password1`
+
+These rules are also used for service integration passwords. For remote
+external integrations these rules are not enforced, but they are recommended.
+
+### Create secure password
+
+If you use password authentication, follow these guidelines to create secure passwords:
+
+- Use a password manager to create a randomly generated strong passwords
+- Use passphrases as these are harder to guess
+- Always use a unique password for every service and app
+
+## Use units and projects to separate concerns
+
+Avoid creating projects directly in the organization. Instead, create organizational
+units to separate your projects, and use projects to further divide your services.
+To support the principle of least privilege and to enable appropriate configuration
+baselines, create unrelated services in different projects.
+For example, put an OLTP database for order tracking and a time-series database
+for website analytics in separate projects.
+
+- [Learn about units and projects](/docs/platform/concepts/orgs-units-projects)
+
+## Grant least-privilege access to users
+
+Use granular permissions and roles to grant the lowest level of access needed to
+users and groups at the appropriate level.
+[Roles and permissions](/docs/platform/concepts/permissions) are available
+at the organization, unit, and project level. This is where
+[using projects and units to separate services](#use-units-and-projects-to-separate-concerns)
+makes it easier to manage access.
+
+At the service level, don't use the `avnadmin` service user for normal operations.
+This user is intended for provisioning and recovery. Instead, create lower-privileged
+service users within the service that have only the necessary permissions.
+Additionally, users who only need to access services may not need to have
+Aiven user accounts. For example ,a database administrator (DBA) who is configuring
+a PostgreSQL service for an application might not need access to the Aiven Console.
+You can create service users for these types of users and give them the connection string
+and credentials for only that specific service.
+
+### Limit the number of admin
+
+Limit the number of organization admin and project admin. Grant the organization admin
+to a limited number of users in the organization. Instead, assign specific permissions
+at the organization level such as the **manage groups** or **manage projects** permissions.
+
+Most importantly, minimize the number of
+[super admin](/docs/platform/howto/manage-permissions#make-users-super-admin)
+in your organization. Reserve super admin for emergency access when no other users have
+enough permissions. Don't use super admin for normal operational tasks.
+For user accounts with super admin access follow these best practices to secure them:
+
+- **Store passwords offline**: Store printed passwords in a secure location that requires
+ two-party control for access.
+- **Enable two-factor authentication** and store the credentials offline.
+- **Re-generate credentials after use**: If a super admin account is used, change its
+ password.
+- **Restrict access to the email associated with a super admin user**: A user with
+ access to this email address can reset its password.
+- **Use different emails for notifications**: Configure an email address not associated
+ with a super admin account for billing, project, service, and other system notifications.
+
+### Use groups
+
+Use groups to streamline and increase the visibility of the process of granting access
+to users. If you choose to automatically add users to a group when they sign up,
+make sure the group has minimal permissions. Only grant users permissions to projects
+that have a business need to access them.
+
+### Examples
+The following are examples of typical user types along with the roles and permissions they
+need.
+
+**Finance team members**
+
+Users on this team often only need to view and download invoices. Grant these users
+the **view billing** permission. If they need to edit billing details, grant them
+the **manage billing** permission.
+
+**Auditors**
+
+Grant these users the **read only** role in the projects relevant for their work.
+
+**Database administrators**
+
+For users like database administrators, who use the Aiven Console or API to
+configure services, but don't need to create them or power them off, grant them
+the **developer** role in the relevant projects.
+
+**DevOps**
+
+For users who maintain services to keep them updated and set the maintenance window to
+avoid downtime, grant the **maintain services** permission. If they also need to be
+able to help restore a service after an incident, grant them the **recover services**
+permission.
+
+- [Roles and permissions](/docs/platform/concepts/permissions)
+- [Manage permissions for users and groups](/docs/platform/howto/manage-permissions)
+
+## Create application users for automated access
+
+Because application users can have the same level of access to projects and services it's
+important to secure these accounts and their tokens to avoid abuse.
+
+### Create dedicated application users for each application
+
+Create a different application user for each tool or application and generate
+application tokens for each. For example, if you have an application that needs to
+connect to services in one of your projects and you're using Aiven Terraform Provider
+ in the same project, create two application users. Use the description field for
+ each user to clearly indicate what it's used for.
+
+This helps you manage the lifecycle of the users and ensure the access permissions are
+correct for each use case.
+
+### Restrict access to trusted networks
+
+Specify allowed IP address ranges for each token. This prevents tokens from being used
+outside of your trusted networks, reducing the risk of breaches. You can also specify
+these ranges in your organization's
+[authentication policy](#configure-your-authentication-policy), limiting
+all access to the Aiven Platform to these IP addresses, including
+through application tokens.
+
+### Keep tokens secure and rotate them regularly
+
+Make sure application tokens are securely stored and only accessible by people
+who need them. Tokens should also be routinely
+[revoked](/docs/platform/howto/manage-application-users#revoke-a-token-for-an-application-user)
+and replaced with new tokens.
+
+### Delete unused users and tokens
+
+Regularly audit your list of application users to identify unused users. You can
+view all application users, get details about when their tokens were last used,
+and delete unused users in the Aiven Console and API.
+
+- [Manage application users and tokens](/docs/platform/howto/manage-application-users)
+
+## Create virtual private clouds
+
+Many security compliance standards such as PCI DSS require that databases
+not be reachable over the internet. Place services that don't need to be accessible
+from the internet within a Virtual private cloud (VPC) in a supported cloud.
+Peer the VPC with your cloud account at the relevant provider.
+Route non-cloud resources through the provider.
+
+Alternatively, you can create custom clouds using Aiven's bring your own cloud (BYOC)
+feature to configure your infrastructure to meet your specific business requirements.
+
+- Get detailed information about
+ [cloud security at Aiven](/docs/platform/concepts/cloud-security)
+- [Learn more about VPCs](/docs/platform/concepts/vpcs)
+- [Learn about BYOC](/docs/platform/concepts/byoc)
+
+## Employ a multi-cloud, geographically distributed strategy
+
+For mission-critical services, deploy read-only replicas or standbys in different cloud
+providers and regions. For example, for a primary service hosted on AWS in the
+`us-west-2` region, create a standby on Azure in `eastus2`.
+
+## Keep services up-to-date
+
+When a new major version of a service becomes available, upgrade to it as soon as possible.
+Don't continue to use end-of-life versions or discontinued services.
+
+Don't avoid or delay maintenance and updates. Set maintenance windows during periods of
+low activity or low business criticality. Stagger the maintenance windows for
+redundant services.
+
+- [Learn about maintenance, updates, and upgrades](/docs/platform/concepts/maintenance-window)
+
+## Use enhanced compliance environments
+
+If your environment is subject to a security compliance standards like PCI DSS or HIPAA,
+Aiven can help you set up projects as enhanced compliance environments (ECE) so that
+they meet these standards.
+
+- [Learn about ECEs](/docs/platform/concepts/enhanced-compliance-env)
diff --git a/sidebars.ts b/sidebars.ts
index c4ee2843d..627762253 100644
--- a/sidebars.ts
+++ b/sidebars.ts
@@ -21,6 +21,7 @@ const sidebars: SidebarsConfig = {
collapsible: false,
items: [
'get-started',
+ 'platform/reference/security-best-practices',
'platform/concepts/free-plan',
'platform/concepts/free-trial',
'marketplace-setup',
@@ -146,7 +147,6 @@ const sidebars: SidebarsConfig = {
},
items: [
'platform/howto/add-authentication-method',
- 'platform/reference/password-policy',
'platform/reference/change-password',
'platform/howto/user-2fa',
'platform/howto/set-authentication-policies',
diff --git a/static/_redirects b/static/_redirects
index 59cd63683..dd5d3fd8a 100644
--- a/static/_redirects
+++ b/static/_redirects
@@ -1,261 +1,265 @@
#
# Redirect file for Cloudflare.
# See https://developers.cloudflare.com/pages/configuration/redirects/
+# Internal redirects.
+# Make sure to keep the /docs/ prefix in the destination url but leave the source url without it.
+# This is because aiven.io/docs proxy to this site.
#
+/caching /docs/products/caching
+/valkey /docs/products/valkey
+/category/administrative-tasks /docs/get-started
+/category/concepts /docs/get-started
+/category/concepts-1 /docs/get-started
+/category/how-to /docs/platform/howto/list-service
+/category/how-to-1 /docs/get-started
+/category/integrations /docs/platform/concepts/service-integration
+/category/reference /docs/get-started
+/category/reference-1 /docs/get-started
+/category/reference-2 /docs/get-started
+/category/topic-and-schema-management /docs/products/kafka/concepts/governance-overview
+/category/troubleshooting /docs/products/services
+/category/user-access /docs/platform/howto/manage-org-users
+/community/documentation/tips-tricks/renaming-files /docs
+/platform/concepts/projects_accounts_access.html /docs/platform/howto/manage-org-users
+/products/opensearch/howto/list-integrations /docs/products/opensearch
+/products/opensearch/howto/list-manage-service /docs/products/opensearch
+/integrations /docs/platform/concepts/service-integration
+/integrations/cloudwatch/list-cloudwatch-logs /docs/integrations/cloudwatch/cloudwatch-logs-console
+/integrations/google-bigquery /docs/products/kafka/kafka-connect/howto/gcp-bigquery-sink-prereq
+/kafka-connect/opensearch /docs/products/kafka/kafka-connect/howto/opensearch-sink
+/platform/concepts/beta_services /docs/platform/concepts/service-and-feature-releases
+/platform/concepts/billing-groups /docs/platform/concepts/billing-and-payment
+/platform/concepts/billing-groups-overview /docs/platform/concepts/billing-and-payment
+/platform/concepts/choosing-timeseries-database /docs/platform/howto/list-service
+/platform/concepts/corporate-billing /docs/platform/concepts/billing-and-payment
+/platform/concepts/corporate-billing.html /docs/platform/concepts/billing-and-payment
+/platform/concepts/dynamic-disk-sizing /docs/platform/howto/add-storage-space
+/platform/concepts/hourly-billing-model /docs/platform/concepts/billing-and-payment
+/platform/concepts/hourly-billing-model.html /docs/platform/concepts/billing-and-payment
+/platform/concepts/list-billing /docs/platform/concepts/billing-and-payment
+/platform/concepts/logs-metrics-alerts /docs/platform/howto/list-monitoring
+/platform/concepts/orgs-and-units /docs/platform/concepts/orgs-units-projects
+/platform/concepts/projects /docs/platform/concepts/orgs-units-projects
+/platform/concepts/projects_accounts_access /docs/platform/howto/manage-project
+/platform/concepts/service-scaling /docs/platform/howto/scale-services
+/platform/howto/access-service-log /docs/platform/howto/list-monitoring
+/platform/howto/access-service-logs /docs/platform/howto/list-monitoring
+/platform/howto/add-groups-projects /docs/platform/howto/manage-groups
+/platform/howto/add-project-members /docs/platform/howto/manage-permissions
+/platform/howto/billing-assign-projects /docs/platform/howto/use-billing-groups
+/platform/howto/billing-aws-marketplace-subscription /docs/marketplace-setup
+/platform/howto/billing-azure-marketplace-subscription /docs/marketplace-setup
+/platform/howto/billing-google-cloud-platform-marketplace-subscription /docs/marketplace-setup
+/platform/howto/byoc/create-custom-cloud /docs/platform/howto/byoc/create-cloud/create-custom-cloud
+/platform/howto/change-billing-contact /docs/platform/howto/use-billing-groups
+/platform/howto/change-support-tier /docs/platform/howto/support
+/platform/howto/cleanup-powered-off-services /docs/platform/concepts/service-power-cycle
+/platform/howto/console-fork-service /docs/platform/concepts/service-forking
+/platform/howto/create-billing-groups /docs/platform/howto/use-billing-groups
+/platform/howto/download-ca-cert /docs/platform/concepts/tls-ssl-certificates
+/platform/howto/enable-aiven-password /docs/platform/reference/password-policy
+/platform/howto/list-account /docs/platform/howto/list-user
+/platform/howto/list-backup-to-another-region /docs/platform/concepts/backup-to-another-region
+/platform/howto/list-billing /docs/platform/concepts/billing-and-payment
+/platform/howto/list-billing-groups /docs/platform/concepts/billing-and-payment
+/platform/howto/list-byoc /docs/platform/concepts/byoc
+/platform/howto/list-groups /docs/platform/howto/manage-groups
+/platform/howto/list-network /docs/platform/concepts/cloud-security
+/platform/howto/list-user /docs/platform/howto/manage-org-users
+/platform/howto/make-super-admin /docs/platform/howto/manage-permissions
+/platform/howto/manage-org-vpc-peering-upcloud /docs/platform/howto/list-organization-vpc-peering
+/platform/howto/manage-vpc-peering /docs/platform/howto/manage-project-vpc
+/platform/howto/metrics-integrations /docs/platform/howto/list-monitoring
+/platform/howto/migrate-services /docs/products/postgresql/howto/list-replication-migration
+/platform/howto/monitoring-services /docs/platform/howto/list-monitoring
+/platform/howto/move-to-aws-marketplace-billing /docs/platform/howto/list-marketplace-payments
+/platform/howto/move-to-azure-marketplace-billing /docs/platform/howto/list-marketplace-payments
+/platform/howto/move-to-gcp-marketplace-billing /docs/platform/howto/list-marketplace-payments
+/platform/howto/okta-user-provisioning-with-scim /docs/platform/howto/saml/add-okta-idp
+/platform/howto/pause-from-cli /docs/platform/concepts/service-power-cycle
+/platform/howto/payment-issues-plan-upgrades /docs/platform/concepts/billing-and-payment
+/platform/howto/payment-methods /docs/platform/concepts/billing-and-payment
+/platform/howto/project-support-center /docs/platform/howto/support
+/platform/howto/project-support-center.html /docs/platform/howto/support
+/platform/howto/recover-a-deleted-service /docs/platform/concepts/service_backups
+/platform/howto/rename-a-service /docs/platform/concepts/service-forking
+/platform/howto/saml/saml-authentication /docs/platform/howto/saml/add-identity-providers
+/platform/howto/saml/setup-saml-auth0.html /docs/platform/howto/saml/add-auth0-idp
+/platform/howto/saml/setup-saml-azure /docs/platform/howto/saml/add-azure-idp
+/platform/howto/saml/setup-saml-fusionauth /docs/platform/howto/saml/add-fusionauth-idp
+/platform/howto/saml/setup-saml-google /docs/platform/howto/saml/add-google-idp
+/platform/howto/saml/setup-saml-jumpcloud /docs/platform/howto/saml/add-jumpcloud-idp
+/platform/howto/saml/setup-saml-okta /docs/platform/howto/saml/add-okta-idp
+/platform/howto/saml/setup-saml-onelogin /docs/platform/howto/saml/add-onelogin-idp
+/platform/howto/service-metrics /docs/platform/howto/list-monitoring
+/platform/howto/static-ip-addresses /docs/platform/concepts/static-ips
+/platform/howto/update-tax-status /docs/platform/concepts/tax-information
+/platform/ip-addresses /docs/platform/reference/service-ip-address
+/platform/privatelink /docs/platform/howto/use-aws-privatelinks
+/platform/reference/password-policy /docs/platform/reference/security-best-practices
+/platform/reference/project-member-privileges /docs/platform/concepts/permissions
+/platform/vpc /docs/platform/howto/manage-vpc-peering
+/products/alloydbomni/advanced-params /docs/products/alloydbomni/reference/advanced-params
+/products/caching/concepts /docs/products/caching
+/products/caching/concepts/overview /docs/products/caching
+/products/caching/howto /docs/products/caching/howto/list-code-samples
+/products/caching/howto/list-dba-tasks /docs/products/caching
+/products/caching/howto/migrate-aiven-redis.html /docs/products/caching/howto/migrate-redis-aiven-via-console
+/products/caching/howto/migrate-redis-db /docs/products/caching/howto/configure-acl-permissions
+/products/caching/reference /docs/products/caching/reference/advanced-params
+/products/caching/troubleshooting /docs/products/caching/troubleshooting/troubleshoot-redis-connection-issues
+/products/cassandra/concepts /docs/products/cassandra/concepts/tombstones
+/products/cassandra/howto /docs/products/cassandra/howto/list-code-samples
+/products/cassandra/howto/list-get-started /docs/products/cassandra/get-started
+/products/cassandra/overview /docs/products/cassandra
+/products/cassandra/reference /docs/products/cassandra/reference/advanced-params
+/products/clickhouse/concepts /docs/products/clickhouse/concepts/service-architecture
+/products/clickhouse/concepts/features-overview /docs/products/clickhouse
+/products/clickhouse/howto /docs/products/clickhouse/howto/list-connect-to-service
+/products/clickhouse/howto/list-get-started /docs/products/clickhouse/get-started
+/products/clickhouse/howto/list-manage-service /docs/products/clickhouse/howto/manage-users-roles
+/products/clickhouse/howto/load-dataset /docs/products/clickhouse/get-started#load-a-dataset
+/products/clickhouse/list-overview /docs/products/clickhouse
+/products/clickhouse/reference /docs/products/clickhouse/reference/advanced-params
+/products/dragonfly/concept /docs/products/dragonfly
+/products/dragonfly/concepts/overview /docs/products/dragonfly
+/products/dragonfly/howto /docs/products/dragonfly/howto/list-code-samples
+/products/dragonfly/howto/list-migrate-data /docs/products/dragonfly/howto/migrate-aiven-caching-df-console
+/products/dragonfly/howto/migrate-aiven-redis-df-console /docs/products/dragonfly/howto/migrate-aiven-caching-df-console
+/products/dragonfly/reference /docs/products/dragonfly/reference/advanced-params
+/products/flink/concepts /docs/products/flink/concepts/flink-architecture
+/products/flink/concepts/flink-features /docs/products/flink
+/products/flink/concepts/managed-service-features /docs/products/flink
+/products/flink/concepts/managed-service-features.html /docs/products/flink
+/products/flink/howto /docs/products/flink/howto/create-integration
+/products/flink/howto/advanced-topics /docs/products/flink/howto/timestamps_opensearch
+/products/flink/howto/list-flink-table-integrations /docs/products/flink/howto/connect-kafka
+/products/flink/howto/list-flink-tables /docs/products/flink/howto/list-flink-table-integrations
+/products/flink/howto/list-get-started /docs/products/flink/get-started
+/products/flink/howto/list-integrations /docs/products/flink/howto/create-integration
+/products/flink/howto/real-time-alerting-solution /docs/products/flink/howto/list-get-started
+/products/flink/list-overview /docs/products/flink
+/products/flink/reference /docs/products/flink/reference/advanced-params
+/products/grafana/concepts/grafana-features /docs/products/grafana
+/products/grafana/howto /docs/products/grafana/howto/log-in
+/products/grafana/howto/list-manage-dashboards /docs/products/grafana/howto/dashboard-previews
+/products/grafana/list-overview /docs/products/grafana
+/products/grafana/reference /docs/products/grafana/reference/advanced-params
+/products/grafana/user-access /docs/products/grafana/howto/log-in
+/products/influxdb /docs/products/services
+/products/kafka/getting-started /docs/products/kafka/get-started
+/products/kafka/howto /docs/products/kafka/howto/list-code-samples
+/products/kafka/howto/enable-karapace /docs/products/kafka/howto/enable-schema-registry
+/products/kafka/howto/fake-sample-data /docs/products/kafka/howto/generate-sample-data-manually
+/products/kafka/howto/list-admin /docs/products/kafka/howto/enable-karapace
+/products/kafka/howto/list-integration /docs/products/kafka/howto/integrate-service-logs-into-kafka-topic
+/products/kafka/howto/list-integration.html /docs/products/kafka
+/products/kafka/howto/list-schema-registry /docs/products/kafka/howto/enable-schema-registry
+/products/kafka/howto/list-security /docs/products/kafka/howto/keystore-truststore
+/products/kafka/howto/list-tools /docs/products/kafka/howto/kafka-tools-config-file
+/products/kafka/howto/list-topic-management /docs/products/kafka/howto/create-topic
+/products/kafka/howto/use-zookeeper /docs/products/kafka
+/products/kafka/index.html /docs/products/kafka
+/products/kafka/kafka-connect/concepts /docs/products/kafka/kafka-connect/concepts/list-of-connector-plugins
+/products/kafka/kafka-connect/howto /docs/products/kafka/kafka-connect/howto/best-practices
+/products/kafka/kafka-connect/howto/list-admin /docs/products/kafka/kafka-connect/howto/best-practices
+/products/kafka/kafka-connect/howto/list-sink-connectors /docs/products/kafka/kafka-connect/howto/enable-connect
+/products/kafka/kafka-connect/howto/list-source-connectors /docs/products/kafka/kafka-connect/howto/enable-connect
+/products/kafka/kafka-connect/reference /docs/products/kafka/kafka-connect/reference/advanced-params
+/products/kafka/kafka-mirrormaker/concepts /docs/products/kafka/kafka-mirrormaker/concepts/disaster-recovery-migration
+/products/kafka/kafka-mirrormaker/howto /docs/products/kafka/kafka-mirrormaker/howto/integrate-external-kafka-cluster
+/products/kafka/kafka-mirrormaker/howto/setup-mirrormaker-monitoring /docs/products/kafka/kafka-mirrormaker/howto/setup-replication-flow
+/products/kafka/kafka-mirrormaker/reference /docs/products/kafka/kafka-mirrormaker/reference/advanced-params
+/products/kafka/karapace/concepts /docs/products/kafka/kafka-connect/concepts/list-of-connector-plugins
+/products/kafka/karapace/howto /docs/products/kafka/karapace/howto/enable-karapace
+/products/kafka/karapace/howto/manage-kafka-rest-proxy-authorization /docs/products/kafka/karapace/howto/enable-kafka-rest-proxy-authorization
+/products/kafka/reference /docs/products/kafka/reference/advanced-params
+/products/m3db/concepts /docs/products/m3db/concepts/m3-components
+/products/metrics/concepts /docs/products/metrics/concepts/storage-resource-scaling
+/products/metrics/concepts/metrics-overview /docs/products/metrics
+/products/metrics/howto /docs/products/metrics/howto/storage-usage
+/products/metrics/howto/list-data-migration /docs/products/metrics/howto/migrate-influxdb-thanos
+/products/mysql/concepts /docs/products/mysql/concepts/max-number-of-connections
+/products/mysql/howto /docs/products/mysql
+/products/mysql/howto/list-get-started /docs/products/mysql/get-started
+/products/mysql/overview /docs/products/mysql
+/products/mysql/reference /docs/products/mysql/reference/advanced-params
+/products/mysql/reference/list-of-advanced-params /docs/products/mysql/reference/advanced-params
+/products/opensearch/concepts /docs/products/opensearch/concepts/access_control
+/products/opensearch/concepts/service-overview /docs/products/opensearch
+/products/opensearch/concepts/users-access-controls /docs/products/opensearch/howto/control_access_to_content
+/products/opensearch/dashboards/howto /docs/products/opensearch/dashboards/howto/dev-tools-usage-example
+/products/opensearch/howto /docs/products/opensearch/howto/control_access_to_content
+/products/opensearch/howto/list-access-control /docs/products/opensearch/howto/control_access_to_content
+/products/opensearch/howto/list-data-management /docs/products/opensearch/howto/import-opensearch-data-elasticsearch-dump-to-aiven
+/products/opensearch/howto/upgrade-to-opensearch /docs/products/opensearch/howto/upgrade-clients-to-opensearch
+/products/opensearch/list-overview /docs/products/opensearch
+/products/opensearch/reference /docs/products/opensearch/reference/advanced-params
+/products/opensearch/reference/index-replication /docs/products/opensearch/concepts/index-replication
+/products/opensearch/troubleshooting /docs/products/opensearch
+/products/postgresql/concepts /docs/products/postgresql/concepts/aiven-db-migrate
+/products/postgresql/getting-started /docs/products/postgresql/get-started
+/products/postgresql/howto /docs/products/postgresql/howto/list-code-samples
+/products/postgresql/howto/list-dba-tasks /docs/products/postgresql/howto/create-database
+/products/postgresql/howto/list-get-started /docs/products/postgresql/get-started
+/products/postgresql/howto/list-integrations /docs/products/postgresql/howto/monitor-database-with-datadog
+/products/postgresql/howto/list-replication /docs/products/postgresql/howto/create-read-replica
+/products/postgresql/howto/list-replication-migration /docs/products/postgresql/howto/migrate-cloud-region
+/products/postgresql/overview /docs/products/postgresql
+/products/postgresql/reference /docs/products/postgresql/reference/advanced-params
+/products/postgresql/reference/high-cpu-load-of-pgbouncer /docs/products/postgresql/troubleshooting/troubleshooting-connection-pooling
+/products/postgresql/reference/list-of-advanced-params /docs/products/postgresql/reference/advanced-params
+/products/postgresql/troubleshooting /docs/products/postgresql/troubleshooting/troubleshooting-connection-pooling
+/products/redis /docs/products/caching
+/products/redis/concepts/lua-scripts-redis /docs/products/caching/concepts/lua-scripts-caching
+/products/redis/howto/list-dba-tasks /docs/products/caching/howto/configure-acl-permissions
+/products/redis/howto/migrate-aiven-redis /docs/products/caching/howto/migrate-redis-aiven-cli
+/products/valkey/reference /docs/products/valkey/reference/advanced-params
+/tools/aiven-console/howto/create-accounts /docs/platform/howto/manage-org-users
+/tools/cli/account /docs/tools/cli
+/tools/cli/account.html /docs/tools/cli
+/tools/cli/account/account-team /docs/tools/aiven-console/howto/create-manage-teams
+/tools/cli/project /docs/tools/cli
+/tools/cli/service /docs/tools/cli/service-cli
+/tools/cli/ticket /docs/platform/howto/support
+/tools/terraform/concepts/data-sources /docs/tools/terraform
+/tools/terraform/get-started /docs/tools/terraform
+/tools/terraform/howto/terraform-logging /docs/tools/terraform
+/tools/terraform/howto/upgrade-to-opensearch /docs/products/opensearch/get-started
+/tools/terraform/index.html /docs/tools/terraform
+/tools/terraform/reference/cookbook /docs/tools/terraform/get-started
+/tools/terraform/reference/cookbook/kafka-connect-terraform-recipe /docs/tools/terraform/get-started
+/tools/terraform/reference/troubleshooting /docs/tools/terraform
+/tools/terraform/reference/troubleshooting/private-access-error /docs/tools/terraform
-/caching https://aiven.io/docs/products/caching
-/category/administrative-tasks https://aiven.io/docs/get-started
-/category/concepts https://aiven.io/docs/get-started
-/category/concepts-1 https://aiven.io/docs/get-started
-/category/how-to https://aiven.io/docs/platform/howto/list-service
-/category/how-to-1 https://aiven.io/docs/get-started
-/category/integrations https://aiven.io/docs/platform/concepts/service-integration
-/category/reference https://aiven.io/docs/get-started
-/category/reference-1 https://aiven.io/docs/get-started
-/category/reference-2 https://aiven.io/docs/get-started
-/category/topic-and-schema-management https://aiven.io/docs/products/kafka/concepts/governance-overview
-/category/troubleshooting https://aiven.io/docs/products/services
-/category/user-access https://aiven.io/docs/platform/howto/manage-org-users
-/community/documentation/tips-tricks/renaming-files https://aiven.io/docs
-/docs/platform/concepts/projects_accounts_access.html https://aiven.io/docs/platform/howto/manage-org-users
-/docs/products/opensearch/howto/list-integrations https://aiven.io/docs/products/opensearch
-/docs/products/opensearch/howto/list-manage-service https://aiven.io/docs/products/opensearch
-/integrations https://aiven.io/docs/platform/concepts/service-integration
-/integrations/cloudwatch/list-cloudwatch-logs https://aiven.io/docs/integrations/cloudwatch/cloudwatch-logs-console
-/integrations/google-bigquery https://aiven.io/docs/products/kafka/kafka-connect/howto/gcp-bigquery-sink-prereq
-/kafka-connect/opensearch https://aiven.io/docs/products/kafka/kafka-connect/howto/opensearch-sink
-/platform/concepts/beta_services https://aiven.io/docs/platform/concepts/service-and-feature-releases
-/platform/concepts/billing-groups https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/billing-groups-overview https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/choosing-timeseries-database https://aiven.io/docs/platform/howto/list-service
-/platform/concepts/corporate-billing https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/corporate-billing.html https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/dynamic-disk-sizing https://aiven.io/docs/platform/howto/add-storage-space
-/platform/concepts/hourly-billing-model https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/hourly-billing-model.html https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/list-billing https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/concepts/logs-metrics-alerts https://aiven.io/docs/platform/howto/list-monitoring
-/platform/concepts/orgs-and-units https://aiven.io/docs/platform/concepts/orgs-units-projects
-/platform/concepts/projects https://aiven.io/docs/platform/concepts/orgs-units-projects
-/platform/concepts/projects_accounts_access https://aiven.io/docs/platform/howto/manage-project
-/platform/concepts/service-scaling https://aiven.io/docs/platform/howto/scale-services
-/platform/howto/access-service-log https://aiven.io/docs/platform/howto/list-monitoring
-/platform/howto/access-service-logs https://aiven.io/docs/platform/howto/list-monitoring
-/platform/howto/add-groups-projects https://aiven.io/docs/platform/howto/manage-groups
-/platform/howto/add-project-members https://aiven.io/docs/platform/howto/manage-permissions
-/platform/howto/billing-assign-projects https://aiven.io/docs/platform/howto/use-billing-groups
-/platform/howto/billing-aws-marketplace-subscription https://aiven.io/docs/marketplace-setup
-/platform/howto/billing-azure-marketplace-subscription https://aiven.io/docs/marketplace-setup
-/platform/howto/billing-google-cloud-platform-marketplace-subscription https://aiven.io/docs/marketplace-setup
-/platform/howto/byoc/create-custom-cloud https://aiven.io/docs/platform/howto/byoc/create-cloud/create-custom-cloud
-/platform/howto/change-billing-contact https://aiven.io/docs/platform/howto/use-billing-groups
-/platform/howto/change-support-tier https://aiven.io/docs/platform/howto/support
-/platform/howto/cleanup-powered-off-services https://aiven.io/docs/platform/concepts/service-power-cycle
-/platform/howto/console-fork-service https://aiven.io/docs/platform/concepts/service-forking
-/platform/howto/create-billing-groups https://aiven.io/docs/platform/howto/use-billing-groups
-/platform/howto/download-ca-cert https://aiven.io/docs/platform/concepts/tls-ssl-certificates
-/platform/howto/enable-aiven-password https://aiven.io/docs/platform/reference/password-policy
-/platform/howto/list-account https://aiven.io/docs/platform/howto/list-user
-/platform/howto/list-backup-to-another-region https://aiven.io/docs/platform/concepts/backup-to-another-region
-/platform/howto/list-billing https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/howto/list-billing-groups https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/howto/list-byoc https://aiven.io/docs/platform/concepts/byoc
-/platform/howto/list-groups https://aiven.io/docs/platform/howto/manage-groups
-/platform/howto/list-network https://aiven.io/docs/platform/concepts/cloud-security
-/platform/howto/list-user https://aiven.io/docs/platform/howto/manage-org-users
-/platform/howto/make-super-admin https://aiven.io/docs/platform/howto/manage-permissions
-/platform/howto/manage-org-vpc-peering-upcloud https://aiven.io/docs/platform/howto/list-organization-vpc-peering
-/platform/howto/manage-vpc-peering https://aiven.io/docs/platform/howto/manage-project-vpc
-/platform/howto/metrics-integrations https://aiven.io/docs/platform/howto/list-monitoring
-/platform/howto/migrate-services https://aiven.io/docs/products/postgresql/howto/list-replication-migration
-/platform/howto/monitoring-services https://aiven.io/docs/platform/howto/list-monitoring
-/platform/howto/move-to-aws-marketplace-billing https://aiven.io/docs/platform/howto/list-marketplace-payments
-/platform/howto/move-to-azure-marketplace-billing https://aiven.io/docs/platform/howto/list-marketplace-payments
-/platform/howto/move-to-gcp-marketplace-billing https://aiven.io/docs/platform/howto/list-marketplace-payments
-/platform/howto/okta-user-provisioning-with-scim https://aiven.io/docs/platform/howto/saml/add-okta-idp
-/platform/howto/pause-from-cli https://aiven.io/docs/platform/concepts/service-power-cycle
-/platform/howto/payment-issues-plan-upgrades https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/howto/payment-methods https://aiven.io/docs/platform/concepts/billing-and-payment
-/platform/howto/project-support-center https://aiven.io/docs/platform/howto/support
-/platform/howto/project-support-center.html https://aiven.io/docs/platform/howto/support
-/platform/howto/recover-a-deleted-service https://aiven.io/docs/platform/concepts/service_backups
-/platform/howto/rename-a-service https://aiven.io/docs/platform/concepts/service-forking
-/platform/howto/saml/saml-authentication https://aiven.io/docs/platform/howto/saml/add-identity-providers
-/platform/howto/saml/setup-saml-auth0.html https://aiven.io/docs/platform/howto/saml/add-auth0-idp
-/platform/howto/saml/setup-saml-azure https://aiven.io/docs/platform/howto/saml/add-azure-idp
-/platform/howto/saml/setup-saml-fusionauth https://aiven.io/docs/platform/howto/saml/add-fusionauth-idp
-/platform/howto/saml/setup-saml-google https://aiven.io/docs/platform/howto/saml/add-google-idp
-/platform/howto/saml/setup-saml-jumpcloud https://aiven.io/docs/platform/howto/saml/add-jumpcloud-idp
-/platform/howto/saml/setup-saml-okta https://aiven.io/docs/platform/howto/saml/add-okta-idp
-/platform/howto/saml/setup-saml-onelogin https://aiven.io/docs/platform/howto/saml/add-onelogin-idp
-/platform/howto/service-metrics https://aiven.io/docs/platform/howto/list-monitoring
-/platform/howto/static-ip-addresses https://aiven.io/docs/platform/concepts/static-ips
-/platform/howto/update-tax-status https://aiven.io/docs/platform/concepts/tax-information
-/platform/ip-addresses https://aiven.io/docs/platform/reference/service-ip-address
-/platform/privatelink https://aiven.io/docs/platform/howto/use-aws-privatelinks
-/platform/reference/project-member-privileges https://aiven.io/docs/platform/concepts/permissions
-/platform/vpc https://aiven.io/docs/platform/howto/manage-vpc-peering
-/products/alloydbomni/advanced-params https://aiven.io/docs/products/alloydbomni/reference/advanced-params
-/products/caching/concepts https://aiven.io/docs/products/caching
-/products/caching/concepts/overview https://aiven.io/docs/products/caching
-/products/caching/howto https://aiven.io/docs/products/caching/howto/list-code-samples
-/products/caching/howto/list-dba-tasks https://aiven.io/docs/products/caching
-/products/caching/howto/migrate-aiven-redis.html https://aiven.io/docs/products/caching/howto/migrate-redis-aiven-via-console
-/products/caching/howto/migrate-redis-db https://aiven.io/docs/products/caching/howto/configure-acl-permissions
-/products/caching/reference https://aiven.io/docs/products/caching/reference/advanced-params
-/products/caching/troubleshooting https://aiven.io/docs/products/caching/troubleshooting/troubleshoot-redis-connection-issues
-/products/cassandra/concepts https://aiven.io/docs/products/cassandra/concepts/tombstones
-/products/cassandra/howto https://aiven.io/docs/products/cassandra/howto/list-code-samples
-/products/cassandra/howto/list-get-started https://aiven.io/docs/products/cassandra/get-started
-/products/cassandra/overview https://aiven.io/docs/products/cassandra
-/products/cassandra/reference https://aiven.io/docs/products/cassandra/reference/advanced-params
-/products/clickhouse/concepts https://aiven.io/docs/products/clickhouse/concepts/service-architecture
-/products/clickhouse/concepts/features-overview https://aiven.io/docs/products/clickhouse
-/products/clickhouse/howto https://aiven.io/docs/products/clickhouse/howto/list-connect-to-service
-/products/clickhouse/howto/list-get-started https://aiven.io/docs/products/clickhouse/get-started
-/products/clickhouse/howto/list-manage-service https://aiven.io/docs/products/clickhouse/howto/manage-users-roles
-/products/clickhouse/howto/load-dataset https://aiven.io/docs/products/clickhouse/get-started#load-a-dataset
-/products/clickhouse/list-overview https://aiven.io/docs/products/clickhouse
-/products/clickhouse/reference https://aiven.io/docs/products/clickhouse/reference/advanced-params
-/products/dragonfly/concept https://aiven.io/docs/products/dragonfly
-/products/dragonfly/concepts/overview https://aiven.io/docs/products/dragonfly
-/products/dragonfly/howto https://aiven.io/docs/products/dragonfly/howto/list-code-samples
-/products/dragonfly/howto/list-migrate-data https://aiven.io/docs/products/dragonfly/howto/migrate-aiven-caching-df-console
-/products/dragonfly/howto/migrate-aiven-redis-df-console https://aiven.io/docs/products/dragonfly/howto/migrate-aiven-caching-df-console
-/products/dragonfly/reference https://aiven.io/docs/products/dragonfly/reference/advanced-params
-/products/flink/concepts https://aiven.io/docs/products/flink/concepts/flink-architecture
-/products/flink/concepts/flink-features https://aiven.io/docs/products/flink
-/products/flink/concepts/managed-service-features https://aiven.io/docs/products/flink
-/products/flink/concepts/managed-service-features.html https://aiven.io/docs/products/flink
-/products/flink/howto https://aiven.io/docs/products/flink/howto/create-integration
-/products/flink/howto/advanced-topics https://aiven.io/docs/products/flink/howto/timestamps_opensearch
-/products/flink/howto/list-flink-table-integrations https://aiven.io/docs/products/flink/howto/connect-kafka
-/products/flink/howto/list-flink-tables https://aiven.io/docs/products/flink/howto/list-flink-table-integrations
-/products/flink/howto/list-get-started https://aiven.io/docs/products/flink/get-started
-/products/flink/howto/list-integrations https://aiven.io/docs/products/flink/howto/create-integration
-/products/flink/howto/real-time-alerting-solution https://aiven.io/docs/products/flink/howto/list-get-started
-/products/flink/list-overview https://aiven.io/docs/products/flink
-/products/flink/reference https://aiven.io/docs/products/flink/reference/advanced-params
-/products/grafana/concepts/grafana-features https://aiven.io/docs/products/grafana
-/products/grafana/howto https://aiven.io/docs/products/grafana/howto/log-in
-/products/grafana/howto/list-manage-dashboards https://aiven.io/docs/products/grafana/howto/dashboard-previews
-/products/grafana/list-overview https://aiven.io/docs/products/grafana
-/products/grafana/reference https://aiven.io/docs/products/grafana/reference/advanced-params
-/products/grafana/user-access https://aiven.io/docs/products/grafana/howto/log-in
-/products/influxdb https://aiven.io/docs/products/services
-/products/kafka/getting-started https://aiven.io/docs/products/kafka/get-started
-/products/kafka/howto https://aiven.io/docs/products/kafka/howto/list-code-samples
-/products/kafka/howto/enable-karapace https://aiven.io/docs/products/kafka/howto/enable-schema-registry
-/products/kafka/howto/list-admin https://aiven.io/docs/products/kafka/howto/enable-karapace
-/products/kafka/howto/list-integration https://aiven.io/docs/products/kafka/howto/integrate-service-logs-into-kafka-topic
-/products/kafka/howto/list-integration.html https://aiven.io/docs/products/kafka
-/products/kafka/howto/list-schema-registry https://aiven.io/docs/products/kafka/howto/enable-schema-registry
-/products/kafka/howto/list-security https://aiven.io/docs/products/kafka/howto/keystore-truststore
-/products/kafka/howto/list-tools https://aiven.io/docs/products/kafka/howto/kafka-tools-config-file
-/products/kafka/howto/list-topic-management https://aiven.io/docs/products/kafka/howto/create-topic
-/products/kafka/howto/use-zookeeper https://aiven.io/docs/products/kafka
-/products/kafka/index.html https://aiven.io/docs/products/kafka
-/products/kafka/kafka-connect/concepts https://aiven.io/docs/products/kafka/kafka-connect/concepts/list-of-connector-plugins
-/products/kafka/kafka-connect/howto https://aiven.io/docs/products/kafka/kafka-connect/howto/best-practices
-/products/kafka/kafka-connect/howto/list-admin https://aiven.io/docs/products/kafka/kafka-connect/howto/best-practices
-/products/kafka/kafka-connect/howto/list-sink-connectors https://aiven.io/docs/products/kafka/kafka-connect/howto/enable-connect
-/products/kafka/kafka-connect/howto/list-source-connectors https://aiven.io/docs/products/kafka/kafka-connect/howto/enable-connect
-/products/kafka/kafka-connect/reference https://aiven.io/docs/products/kafka/kafka-connect/reference/advanced-params
-/products/kafka/kafka-mirrormaker/concepts https://aiven.io/docs/products/kafka/kafka-mirrormaker/concepts/disaster-recovery-migration
-/products/kafka/kafka-mirrormaker/howto https://aiven.io/docs/products/kafka/kafka-mirrormaker/howto/integrate-external-kafka-cluster
-/products/kafka/kafka-mirrormaker/howto/setup-mirrormaker-monitoring https://aiven.io/docs/products/kafka/kafka-mirrormaker/howto/setup-replication-flow
-/products/kafka/kafka-mirrormaker/reference https://aiven.io/docs/products/kafka/kafka-mirrormaker/reference/advanced-params
-/products/kafka/karapace/concepts https://aiven.io/docs/products/kafka/kafka-connect/concepts/list-of-connector-plugins
-/products/kafka/karapace/howto https://aiven.io/docs/products/kafka/karapace/howto/enable-karapace
-/products/kafka/karapace/howto/manage-kafka-rest-proxy-authorization https://aiven.io/docs/products/kafka/karapace/howto/enable-kafka-rest-proxy-authorization
-/products/kafka/reference https://aiven.io/docs/products/kafka/reference/advanced-params
-/products/m3db/concepts https://aiven.io/docs/products/m3db/concepts/m3-components
-/products/metrics/concepts https://aiven.io/docs/products/metrics/concepts/storage-resource-scaling
-/products/metrics/concepts/metrics-overview https://aiven.io/docs/products/metrics
-/products/metrics/howto https://aiven.io/docs/products/metrics/howto/storage-usage
-/products/metrics/howto/list-data-migration https://aiven.io/docs/products/metrics/howto/migrate-influxdb-thanos
-/products/mysql/concepts https://aiven.io/docs/products/mysql/concepts/max-number-of-connections
-/products/mysql/howto https://aiven.io/docs/products/mysql
-/products/mysql/howto/list-get-started https://aiven.io/docs/products/mysql/get-started
-/products/mysql/overview https://aiven.io/docs/products/mysql
-/products/mysql/reference https://aiven.io/docs/products/mysql/reference/advanced-params
-/products/mysql/reference/list-of-advanced-params https://aiven.io/docs/products/mysql/reference/advanced-params
-/products/opensearch/concepts https://aiven.io/docs/products/opensearch/concepts/access_control
-/products/opensearch/concepts/service-overview https://aiven.io/docs/products/opensearch
-/products/opensearch/concepts/users-access-controls https://aiven.io/docs/products/opensearch/howto/control_access_to_content
-/products/opensearch/dashboards/howto https://aiven.io/docs/products/opensearch/dashboards/howto/dev-tools-usage-example
-/products/opensearch/howto https://aiven.io/docs/products/opensearch/howto/control_access_to_content
-/products/opensearch/howto/list-access-control https://aiven.io/docs/products/opensearch/howto/control_access_to_content
-/products/opensearch/howto/list-data-management https://aiven.io/docs/products/opensearch/howto/import-opensearch-data-elasticsearch-dump-to-aiven
-/products/opensearch/howto/list-integrations https://aiven.io/docs/products/opensearch/get-started
-/products/opensearch/howto/upgrade-to-opensearch https://aiven.io/docs/products/opensearch/howto/upgrade-clients-to-opensearch
-/products/opensearch/list-overview https://aiven.io/docs/products/opensearch
-/products/opensearch/reference https://aiven.io/docs/products/opensearch/reference/advanced-params
-/products/opensearch/reference/index-replication https://aiven.io/docs/products/opensearch/concepts/index-replication
-/products/opensearch/troubleshooting https://aiven.io/docs/products/opensearch
-/products/postgresql/concepts https://aiven.io/docs/products/postgresql/concepts/aiven-db-migrate
-/products/postgresql/getting-started https://aiven.io/docs/products/postgresql/get-started
-/products/postgresql/howto https://aiven.io/docs/products/postgresql/howto/list-code-samples
-/products/postgresql/howto/list-dba-tasks https://aiven.io/docs/products/postgresql/howto/create-database
-/products/postgresql/howto/list-get-started https://aiven.io/docs/products/postgresql/get-started
-/products/postgresql/howto/list-integrations https://aiven.io/docs/products/postgresql/howto/monitor-database-with-datadog
-/products/postgresql/howto/list-replication https://aiven.io/docs/products/postgresql/howto/create-read-replica
-/products/postgresql/howto/list-replication-migration https://aiven.io/docs/products/postgresql/howto/migrate-cloud-region
-/products/postgresql/overview https://aiven.io/docs/products/postgresql
-/products/postgresql/reference https://aiven.io/docs/products/postgresql/reference/advanced-params
-/products/postgresql/reference/high-cpu-load-of-pgbouncer https://aiven.io/docs/products/postgresql/troubleshooting/troubleshooting-connection-pooling
-/products/postgresql/reference/list-of-advanced-params https://aiven.io/docs/products/postgresql/reference/advanced-params
-/products/postgresql/troubleshooting https://aiven.io/docs/products/postgresql/troubleshooting/troubleshooting-connection-pooling
-/products/redis https://aiven.io/docs/products/caching
-/products/redis/concepts/lua-scripts-redis https://aiven.io/docs/products/caching/concepts/lua-scripts-caching
-/products/redis/howto/list-dba-tasks https://aiven.io/docs/products/caching/howto/configure-acl-permissions
-/products/redis/howto/migrate-aiven-redis https://aiven.io/docs/products/caching/howto/migrate-redis-aiven-cli
-/products/valkey/reference https://aiven.io/docs/products/valkey/reference/advanced-params
-/tools/aiven-console/howto/create-accounts https://aiven.io/docs/platform/howto/manage-org-users
-/tools/cli/account https://aiven.io/docs/tools/cli
-/tools/cli/account.html https://aiven.io/docs/tools/cli
-/tools/cli/account/account-team https://aiven.io/docs/tools/aiven-console/howto/create-manage-teams
-/tools/cli/project https://aiven.io/docs/tools/cli
-/tools/cli/service https://aiven.io/docs/tools/cli/service-cli
-/tools/cli/ticket https://aiven.io/docs/platform/howto/support
-/tools/terraform/concepts/data-sources https://aiven.io/docs/tools/terraform
-/tools/terraform/get-started https://aiven.io/docs/tools/terraform
-/tools/terraform/howto/config-postgresql-provider https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/use-pg-provider-for-config
-/tools/terraform/howto/promote-to-master-pg-rr https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/manage-read-replicas
-/tools/terraform/howto/terraform-logging https://aiven.io/docs/tools/terraform
-/tools/terraform/howto/update-deprecated-resources https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/update-deprecated-resources
-/tools/terraform/howto/upgrade-caching-valkey-terraform https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/update-deprecated-resources#update-aiven_redis-resources-after-valkey-upgrade
-/tools/terraform/howto/upgrade-provider-v1-v2 https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/upgrade-guide-v1-to-v2
-/tools/terraform/howto/upgrade-provider-v2-v3 https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/upgrade-guide-v2-to-v3
-/tools/terraform/howto/upgrade-provider-v3-v4 https://registry.terraform.io/providers/aiven/aiven/latest/docs/guides/upgrade-guide-v3-to-v4
-/tools/terraform/howto/upgrade-to-opensearch https://aiven.io/docs/products/opensearch/get-started
+#
+# Redirect to external resources
+#
+/tutorials/anomaly-detection https://aiven.io/developer
+/tools/terraform/reference/cookbook/kafka-flink-integration-recipe https://aiven.io/developer/apache-kafka-to-opensearch-terraform
+/tools/terraform/reference/cookbook/multicloud-postgresql-recipe https://aiven.io/developer/multicloud-postgresql-terraform
+/tools/terraform/howto/config-postgresql-provider https://registry.terraform.io/providers/aiven/aiven/latest/guides/use-pg-provider-for-config
+/tools/terraform/howto/promote-to-master-pg-rr https://registry.terraform.io/providers/aiven/aiven/latest/guides/manage-read-replicas
+/tools/terraform/howto/update-deprecated-resources https://registry.terraform.io/providers/aiven/aiven/latest/guides/update-deprecated-resources
+/tools/terraform/howto/upgrade-caching-valkey-terraform https://registry.terraform.io/providers/aiven/aiven/latest/guides/update-deprecated-resources#update-aiven_redis-resources-after-valkey-upgrade
+/tools/terraform/howto/upgrade-provider-v1-v2 https://registry.terraform.io/providers/aiven/aiven/latest/guides/upgrade-guide-v1-to-v2
+/tools/terraform/howto/upgrade-provider-v2-v3 https://registry.terraform.io/providers/aiven/aiven/latest/guides/upgrade-guide-v2-to-v3
+/tools/terraform/howto/upgrade-provider-v3-v4 https://registry.terraform.io/providers/aiven/aiven/latest/guides/upgrade-guide-v3-to-v4
+/tools/terraform/list-upgrade-terraform https://registry.terraform.io/providers/aiven/aiven/latest/guides/upgrade-guide-v3-to-v4
+/tools/terraform/list-vpc-terraform https://github.com/aiven/terraform-provider-aiven/tree/main/examples
/tools/terraform/howto/vnet-peering-azure https://github.com/aiven/terraform-provider-aiven/tree/main/examples/azure_vnet_peering
/tools/terraform/howto/vpc-peering-aws https://github.com/aiven/terraform-provider-aiven/tree/main/examples/aws_vpc_peering
/tools/terraform/howto/vpc-peering-gcp https://github.com/aiven/terraform-provider-aiven/tree/main/examples/gcp_vpc_peering
-/tools/terraform/index.html https://aiven.io/docs/tools/terraform
-/tools/terraform/list-upgrade-terraform https://aiven.io/docs/tools/terraform/howto/upgrade-provider-v3-v4
-/tools/terraform/list-vpc-terraform https://github.com/aiven/terraform-provider-aiven/tree/main/examples
-/tools/terraform/reference/cookbook https://aiven.io/docs/tools/terraform/get-started
-/tools/terraform/reference/cookbook/kafka-connect-terraform-recipe https://aiven.io/docs/tools/terraform/get-started
-/tools/terraform/reference/cookbook/kafka-flink-integration-recipe https://aiven.io/developer/apache-kafka-to-opensearch-terraform
-/tools/terraform/reference/cookbook/multicloud-postgresql-recipe https://aiven.io/developer/multicloud-postgresql-terraform
-/tools/terraform/reference/troubleshooting https://aiven.io/docs/tools/terraform
-/tools/terraform/reference/troubleshooting/private-access-error https://aiven.io/docs/tools/terraform
-/tutorials/anomaly-detection https://aiven.io/developer
-/valkey https://aiven.io/docs/products/valkey
#
# Redirects for legacy urls
#
-/index.html https://aiven.io/docs
-/docs/* https://aiven.io/docs/:splat
-/*/index.html https://aiven.io/docs/:splat
-/*.html https://aiven.io/docs/:splat
-/*/ https://aiven.io/docs/:splat
+/index.html /docs
#
-# Keep splats at the end
+# Keep splats/ dynamic redirects at the end
#
-/platform/howto/byoc/create-custom-cloud/* https://aiven.io/docs/platform/howto/byoc/create-cloud/:splat
-/products/influxdb/* https://aiven.io/docs/products/services
-/products/redis/* https://aiven.io/docs/products/caching/:splat
+/*/index.html /docs/:splat
+/platform/howto/byoc/create-custom-cloud/* /docs/platform/howto/byoc/create-cloud/:splat
+/products/influxdb/* /docs/products/services
+/products/redis/* /docs/products/caching/:splat