rstudio · bschwedler · Jan 28, 2026 · Jan 28, 2026
@@ -97,9 +97,9 @@ flowchart TB;
   id3-- "copy as-is" -->id4
 ```
 
-> **IMPORTANT NOTE**: The template version is _tied to the product version_, and may differ between 
-> products. Take care when updating a product's template versions, and ensure that you have tested
-> with a proper license to ensure that the product is functional.
+:::{.callout-important}
+The template version is tied to the product version, and may differ between products. Take care when updating a product's template versions, and ensure that you have tested with a proper license to ensure that the product is functional.
+:::
 
 At some point, we plan to push some (all?) of the `helm`-based features upstream into the original. However, for now
 we are evaluating and gathering feedback on the mechanism. In particular, we need to explore what "sub-templating" and

@@ -44,12 +44,9 @@ Supporting and miscellaneous charts with varying levels of maintenance, usefulne
 
 ## Support
 
-**IMPORTANT:**
-
-These charts are provided as a convenience to Posit customers. If you have
-questions about these charts, you can ask them in the
-[issues](https://github.com/rstudio/helm/issues/new/choose) in the repository
-or to your support representative, who will route them appropriately.
+:::{.callout-important}
+These charts are provided as a convenience to Posit customers. If you have questions about these charts, you can ask them in the [issues](https://github.com/rstudio/helm/issues/new/choose) in the repository or to your support representative, who will route them appropriately.
+:::
 
 Bugs or feature requests should be opened in an [issue](https://github.com/rstudio/helm/issues/new/choose).
 

@@ -29,7 +29,9 @@ The `rstudio-library` chart will ensure that:
   - the array is aggregated into the required comma-separated list
   - the `target` part of the job spec will be modified by the Job Launcher
 
-**IMPORTANT:** `name` is arbitrary, but must be unique! (And should contain no spaces)
+:::{.callout-important}
+`name` is arbitrary, but must be unique (and should contain no spaces).
+:::
 
 See examples below.
 

@@ -4,9 +4,9 @@ category: "Authentication"
 
 # Configuring Posit Connect with OpenID Connect
 
-This example deploys Posit Connect using OpenID Connect (OIDC) SSO for authentication.
+This example deploys Posit Connect using OpenID Connect (OIDC) Single Sign-On (SSO) for authentication.
 
-Users will be authenticated via SSO (using OIDC) and then users will be created in Connect upon first login or upon creation via the Connect API. Connect will populate user information based on certain claims received from the IdP. See the [Customizing OpenID Connect](https://docs.posit.co/connect/admin/authentication/oauth2-openid-based/openid-connect/#customizing-openid-connect) section of the Connect Admin Guide for a list of the default claims mapping, which can be adjusted if needed.
+Users authenticate via SSO (using OIDC) and Connect creates user accounts upon first login or upon creation via the Connect API. Connect will populate user information based on certain claims received from the IdP. See the [Customizing OpenID Connect](https://docs.posit.co/connect/admin/authentication/oauth2-openid-based/openid-connect/#customizing-openid-connect) section of the Connect Admin Guide for a list of the default claims mapping, which can be adjusted if needed.
 
 By default all users get created with the Viewer role which is the default setting in [`Authorization.DefaultUserRole`](https://docs.posit.co/connect/admin/appendix/configuration/#Authorization.DefaultUserRole). Users can be [automatically mapped to different roles](https://docs.posit.co/connect/admin/authentication/oauth2-openid-based/openid-connect/#user-role-mapping) based on group membership.
 

@@ -4,9 +4,9 @@ category: "Authentication"
 
 # Configuring Posit Connect with SAML
 
-This example deploys Posit Connect using SAML SSO for authentication.
+This example deploys Posit Connect using SAML Single Sign-On (SSO) for authentication.
 
-Users will be authenticated via SSO (using SAML) and then users will be created in Connect upon first login or upon creation via the Connect API. Connect will populate user information based on certain attributes received from the IdP. `IdPAttributeProfile` may be set to prepopulate attribute mapping for common IdPs, set to `default` for a common generic mapping or left empty to manually map each attribute. See the [Using attribute profiles](https://docs.posit.co/connect/admin/authentication/saml-based/saml/#attribute-profiles) section of the Connect Admin Guide for more details regarding profile mappings.
+Users authenticate via SSO (using SAML) and Connect creates user accounts upon first login or upon creation via the Connect API. Connect will populate user information based on certain attributes received from the IdP. `IdPAttributeProfile` may be set to prepopulate attribute mapping for common IdPs, set to `default` for a common generic mapping or left empty to manually map each attribute. See the [Using attribute profiles](https://docs.posit.co/connect/admin/authentication/saml-based/saml/#attribute-profiles) section of the Connect Admin Guide for more details regarding profile mappings.
 
 By default all users get created with the Viewer role which is the default setting in [`Authorization.DefaultUserRole`](https://docs.posit.co/connect/admin/appendix/configuration/#Authorization.DefaultUserRole). Users can be [automatically mapped to different roles](https://docs.posit.co/connect/admin/authentication/saml-based/saml/#user-role-mapping) based on group membership.
 

@@ -6,13 +6,13 @@ category: "Container images"
 
 This example deploys Posit Connect using custom images instead of the default public Posit provided images.
 
-There are a minimum of three images that Connect requires to function in Off-Host Execution mode. They are listed below with their cooresponding default public repositories.
+Connect requires a minimum of three images to function in Off-Host Execution mode. The following list shows the default public repositories:
 
 - Connect service container [rstudio/rstudio-connect](https://hub.docker.com/r/rstudio/rstudio-connect)
 - Content container [rstudio/content-base](https://hub.docker.com/r/rstudio/content-base)
 - Content init container [rstudio/rstudio-connect-content-init](https://hub.docker.com/r/rstudio/rstudio-connect-content-init)
-  
-There are several content contents listed as execution enviornments by default on initial Connect startup based on the listing in the [default-runtime.yaml](https://github.com/rstudio/helm/blob/main/charts/rstudio-connect/default-runtime.yaml) file. Setting `customRuntimeYaml` will instead use the execution environments defined in that section instead of the default ones. Additional content containers may be added to provide more R, Python and Quarto versions and other system dependencies. See the [Content Execution Environment](https://docs.posit.co/connect/admin/appendix/off-host/execution-environments/) section in the Connect Admin Guide for more details.
+
+Connect lists several content containers as execution environments by default on initial startup based on the [default-runtime.yaml](https://github.com/rstudio/helm/blob/main/charts/rstudio-connect/default-runtime.yaml) file. Setting `customRuntimeYaml` will instead use the execution environments defined in that section instead of the default ones. Additional content containers may be added to provide more R, Python and Quarto versions and other system dependencies. See the [Content Execution Environment](https://docs.posit.co/connect/admin/appendix/off-host/execution-environments/) section in the Connect Admin Guide for more details.
 
 {{< include ../_prereqs.qmd >}}
 

@@ -6,7 +6,7 @@ category: "Ingress"
 
 This example deploys Posit Connect with an Ingress using the AWS Load Balancer Controller to create an Application Load Balancer (ALB).
 
-This example is provided to show how to set annotations to enabled session affinity, redirect HTTP traffic to HTTPS and use AWS Certificate Manager if desired.
+This example shows how to set annotations to enable session affinity, redirect HTTP traffic to HTTPS, and use AWS Certificate Manager if desired.
 
 The AWS Load Balancer Controller has a variety of settings and modes of operation. Please visit the [AWS documentation](https://kubernetes-sigs.github.io/aws-load-balancer-controller/) for more details specific to your use case.
 

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Connect with an Azure Application Gateway Ingress
 
 This example deploys Posit Connect with an Ingress using the Azure Application Gateway Ingress Controller to create an Azure Application Gateway load balancer.
-This example is provided to show how to set annotations to enabled session affinity and to redirect HTTP traffic to HTTPS.
+This example shows how to set annotations to enable session affinity and to redirect HTTP traffic to HTTPS.
 
 The Azure Application Gateway Ingress Controller has a variety of settings and modes of operation.
 Please visit the [Azure documentation](https://azure.github.io/application-gateway-kubernetes-ingress/) for more details specific to your use case.

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Connect with a GKE Ingress
 
 This example deploys Posit Connect with an Ingress using the GKE Ingress Controller to create a GCP Application Load Balancer.
-This example is provided to show how to set annotations to enabled session affinity, redirect HTTP traffic to HTTPS and use GCP Certificate Manager if desired.
+This example shows how to set annotations to enable session affinity, redirect HTTP traffic to HTTPS, and use GCP Certificate Manager if desired.
 
 The GKE Ingress Controller has a variety of settings and modes of operation. Please visit the [GCP documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/load-balance-ingress) for more details specific to your use case.
 

@@ -5,12 +5,12 @@ category: "Ingress"
 # Configuring Posit Connect with a NGINX Ingress
 
 This example deploys Posit Connect with an Ingress using the Ingress NGINX Controller.
-This example is provided to show how to set annotations to enabled session affinity and to redirect HTTP traffic to HTTPS.
+This example shows how to set annotations to enable session affinity and to redirect HTTP traffic to HTTPS.
 
 The Ingress NGINX Controller has a variety of settings and modes of operation. Please visit the [NGINX controller documentation](https://kubernetes.github.io/ingress-nginx/) for more details specific to your use case.
 
 
-::: callout-note
+:::{.callout-note}
 This example is for the Ingress NGINX Controller which is part of Kubernetes and is located at [https://github.com/kubernetes/ingress-nginx](https://github.com/kubernetes/ingress-nginx). If you are using the NGINX or NGINX Plus Ingress Controllers from NGINX Inc located at [https://github.com/nginxinc/kubernetes-ingress](https://github.com/nginxinc/kubernetes-ingress) then different annotations will need to be applied.
 :::
 

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Connect with a Traefik Ingress
 
 This example deploys Posit Connect with an Ingress using the Traefik Ingress Controller.
-This example is provided to show how to set annotations to enabled session affinity and to redirect HTTP traffic to HTTPS.
+This example shows how to set annotations to enable session affinity and to redirect HTTP traffic to HTTPS.
 
 The Traefik Ingress Controller has a variety of settings and modes of operation. Please visit the [Traefik documentation](https://doc.traefik.io/traefik/providers/kubernetes-ingress/) for more details specific to your use case.
 

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Package Manager with an AWS ALB Ingress
 
 This example deploys Posit Package Manager with an Ingress using the AWS Load Balancer Controller to create an Application Load Balancer (ALB).
-This example is provided to show how to set annotations to redirect HTTP traffic to HTTPS and use AWS Certificate Manager if desired.
+This example shows how to set annotations to redirect HTTP traffic to HTTPS and use AWS Certificate Manager if desired.
 
 The AWS Load Balancer Controller has a variety of settings and modes of operation. Please visit the [AWS documentation](https://kubernetes-sigs.github.io/aws-load-balancer-controller/) for more details specific to your use case.
 

@@ -4,8 +4,8 @@ category: "Ingress"
 
 # Configuring Posit Package Manager with an Azure Application Gateway
 
-This example deploys Posit Package Manager with an Ingress using the Azure Application Gateway Ingress Controller to create a Azure Application Gateway load balancer.
-This example is provided to show how to set annotations to redirect HTTP traffic to HTTPS.
+This example deploys Posit Package Manager with an Ingress using the Azure Application Gateway Ingress Controller to create an Azure Application Gateway load balancer.
+This example shows how to set annotations to redirect HTTP traffic to HTTPS.
 
 The Azure Application Gateway Ingress Controller has a variety of settings and modes of operation.
 Please visit the [Azure documentation](https://azure.github.io/application-gateway-kubernetes-ingress/) for more details specific to your use case.

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Package Manager with a GCE Ingress
 
 This example deploys Posit Package Manager with an Ingress using the GKE Ingress Controller to create a GCP Application Load Balancer.
-This example is provided to show how to set annotations to redirect HTTP traffic to HTTPS and use GCP Certificate Manager if desired.
+This example shows how to set annotations to redirect HTTP traffic to HTTPS and use GCP Certificate Manager if desired.
 
 The GKE Ingress Controller has a variety of settings and modes of operation. Please visit the [GCP documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/load-balance-ingress) for more details specific to your use case.
 

@@ -8,7 +8,7 @@ This example deploys Posit Package Manager with an Ingress using the Ingress NGI
 
 The Ingress NGINX Controller has a variety of settings and modes of operation. Please visit the [NGINX controller documentation](https://kubernetes.github.io/ingress-nginx/) for more details specific to your use case.
 
-::: callout-note
+:::{.callout-note}
 This example is for the Ingress NGINX Controller which is part of Kubernetes and is located at [https://github.com/kubernetes/ingress-nginx](https://github.com/kubernetes/ingress-nginx). If you are using the NGINX or NGINX Plus Ingress Controllers from NGINX Inc located at [https://github.com/nginxinc/kubernetes-ingress](https://github.com/nginxinc/kubernetes-ingress) then different annotations will need to be applied.
 :::
 

@@ -4,9 +4,9 @@ category: Authentication
 
 # Configuring Posit Workbench with OpenID Connect
 
-This example deploys Posit Workbench using OpenID Connect (OIDC) SSO for authentication and `sssd` for user provisioning.
+This example deploys Posit Workbench using OpenID Connect (OIDC) Single Sign-On (SSO) for authentication and `sssd` for user provisioning.
 
-Users will be authenticated via SSO (using OIDC) and Workbench will match a claim (`preferred_username` by default) to a Linux user account in the Workbench container. 
+Users authenticate via SSO (using OIDC) and Workbench matches a claim (`preferred_username` by default) to a Linux user account in the Workbench container. 
 `sssd` is already running in the Workbench container and can be used to automatically provision local user accounts using LDAP or Active Directory.
 
 See the [OpenID Connect Authentication](https://docs.posit.co/ide/server-pro/authenticating_users/openid_connect_authentication.html) section of the Workbench Admin Guide for more details.

@@ -4,9 +4,9 @@ category: Authentication
 
 # Configuring Posit Workbench with SAML
 
-This example deploys Posit Workbench using SAML SSO for authentication and `sssd` for user provisioning.
+This example deploys Posit Workbench using SAML Single Sign-On (SSO) for authentication and `sssd` for user provisioning.
 
-Users will be authenticated via SSO (using SAML) and Workbench will match an attribute (`Username` by default) to a Linux user account in the Workbench container.
+Users authenticate via SSO (using SAML) and Workbench matches an attribute (`Username` by default) to a Linux user account in the Workbench container.
 `sssd` is already running in the Workbench container and can be used to automatically provision local user accounts using LDAP or Active Directory.
 
 See the [SAML Single Sign-On Authentication](https://docs.posit.co/ide/server-pro/authenticating_users/saml_sso.html) section of the Workbench Admin Guide for more details.

@@ -10,7 +10,7 @@ Each example has a beginning description and a series of `TODO` comments.
 
 Before using an example, read through all the comments and ensure you address each `TODO`.
 
-While each example focuses on one or more particular configurations, RStudio Workbench has some standard requirements listed in each example. 
+While each example focuses on one or more particular configurations, Posit Workbench has some standard requirements listed in each example. 
 
 Each example needs the following to run correctly:
 

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Workbench with an AWS ALB Ingress
 
 This example deploys Posit Workbench with an Ingress using the AWS Load Balancer Controller to create an Application Load Balancer (ALB).
-This example is provided to show how to set annotations to enable session affinity, redirect HTTP traffic to HTTPS and use AWS Certificate Manager if desired.
+This example shows how to set annotations to enable session affinity, redirect HTTP traffic to HTTPS, and use AWS Certificate Manager if desired.
 
 The AWS Load Balancer Controller has a variety of settings and modes of operation. Please visit the [AWS documentation](https://kubernetes-sigs.github.io/aws-load-balancer-controller/) for more details specific to your use case.
 

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Workbench with an Azure Application Gateway Ingress
 
 This example deploys Posit Workbench with an Ingress using the Azure Application Gateway Ingress Controller to create an Azure Application Gateway load balancer.
-This example is provided to show how to set annotations to enabled session affinity and to redirect HTTP traffic to HTTPS.
+This example shows how to set annotations to enable session affinity and to redirect HTTP traffic to HTTPS.
 
 The Azure Application Gateway Ingress Controller has a variety of settings and modes of operation.
 Please visit the [Azure documentation](https://azure.github.io/application-gateway-kubernetes-ingress/) for more details specific to your use case.

@@ -5,7 +5,7 @@ category: "Ingress"
 # Configuring Posit Workbench with a GKE Ingress
 
 This example deploys Posit Workbench with an Ingress using the GKE Ingress Controller to create a GCP Application Load Balancer.
-This example is provided to show how to set annotations to enabled session affinity, redirect HTTP traffic to HTTPS and use GCP Certificate Manager if desired.
+This example shows how to set annotations to enable session affinity, redirect HTTP traffic to HTTPS, and use GCP Certificate Manager if desired.
 
 The GKE Ingress Controller has a variety of settings and modes of operation. Please visit the [GCP documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/load-balance-ingress) for more details specific to your use case.