Add latest changes from gitlab-org/gitlab@14-4-stable-eev14.4.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-10-20 11:43:02 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-10-20 11:43:02 +0300
commit: d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch)
tree: 2341ef426af70ad1e289c38036737e04b0aa5007 /doc/user/group
parent: d6e514dd13db8947884cd58fe2a9c2a063400a9b (diff)
23 files changed, 222 insertions, 168 deletions
diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md
index 0d885183a41..25eff076d8d 100644
--- a/doc/user/group/clusters/index.md
+++ b/doc/user/group/clusters/index.md
@@ -14,8 +14,10 @@ Similar to [project-level](../../project/clusters/index.md) and
 group-level Kubernetes clusters allow you to connect a Kubernetes cluster to
 your group, enabling you to use the same cluster across multiple projects.
 
-To view your group level Kubernetes clusters, navigate to your project and select
-**Kubernetes** from the left-hand menu.
+To view your group-level Kubernetes clusters:
+
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Kubernetes**.
 
 ## Cluster management project
 
@@ -58,7 +60,7 @@ differentiate the new cluster from your other clusters.
 
 You can choose to allow GitLab to manage your cluster for you. If GitLab manages
 your cluster, resources for your projects are automatically created. See the
-[Access controls](../../project/clusters/add_remove_clusters.md#access-controls)
+[Access controls](../../project/clusters/cluster_access.md)
 section for details on which resources GitLab creates for you.
 
 For clusters not managed by GitLab, project-specific resources aren't created
@@ -82,10 +84,11 @@ your cluster, which can cause deployment jobs to fail.
 
 To clear the cache:
 
-1. Navigate to your group's **Kubernetes** page,
-   and select your cluster.
-1. Expand the **Advanced settings** section.
-1. Click **Clear cluster cache**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Kubernetes**.
+1. Select your cluster.
+1. Expand **Advanced settings**.
+1. Select **Clear cluster cache**.
 
 ## Base domain
 
@@ -169,7 +172,7 @@ documentation for project-level clusters.
 ## More information
 
 For information on integrating GitLab and Kubernetes, see
-[Kubernetes clusters](../../project/clusters/index.md).
+[Kubernetes clusters](../../infrastructure/clusters/index.md).
 
 <!-- ## Troubleshooting
 
diff --git a/doc/user/group/contribution_analytics/index.md b/doc/user/group/contribution_analytics/index.md
index a2d7f358cd9..b13dd3f63cb 100644
--- a/doc/user/group/contribution_analytics/index.md
+++ b/doc/user/group/contribution_analytics/index.md
@@ -11,15 +11,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 With Contribution Analytics you can get an overview of the [contribution actions](../../../api/events.md#action-types) in your
 group.
 
-To view the Contribution Analytics, go to your group and select **Analytics > Contribution**.
-
-## Use cases
-
 - Analyze your team's contributions over a period of time, and offer a bonus for the top
   contributors.
 - Identify opportunities for improvement with group members who may benefit from additional
   support.
 
+## View Contribution Analytics
+
+To view Contribution Analytics:
+
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Contribution**.
+
 ## Using Contribution Analytics
 
 There are three main bar graphs that illustrate the number of contributions per group
diff --git a/doc/user/group/custom_project_templates.md b/doc/user/group/custom_project_templates.md
index 41046477b90..a9c56139b4d 100644
--- a/doc/user/group/custom_project_templates.md
+++ b/doc/user/group/custom_project_templates.md
@@ -17,6 +17,12 @@ in the group and select the **Group** tab.
 Every project in the subgroup, but not nested subgroups, can be selected by members
 of the group when a new project is created.
 
+- Public projects can be selected by any signed-in user as a template for a new project,
+  if all enabled [project features](../project/settings/index.md#sharing-and-permissions)
+  except for **GitLab Pages** and **Security & Compliance** are set to **Everyone With Access**.
+  The same applies to internal projects.
+- Private projects can be selected only by users who are members of the projects.
+
 Repository and database information that is copied over to each new project is identical to the
 data exported with the [GitLab Project Import/Export](../project/settings/import_export.md).
 
diff --git a/doc/user/group/devops_adoption/index.md b/doc/user/group/devops_adoption/index.md
index 554d01039ad..e3b858aff7d 100644
--- a/doc/user/group/devops_adoption/index.md
+++ b/doc/user/group/devops_adoption/index.md
@@ -14,6 +14,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 > - Dependency Scanning metrics [added](https://gitlab.com/gitlab-org/gitlab/-/issues/328034) in GitLab 14.2.
 > - Multiselect [added](https://gitlab.com/gitlab-org/gitlab/-/issues/333586) in GitLab 14.2.
 > - Overview table [added](https://gitlab.com/gitlab-org/gitlab/-/issues/335638) in GitLab 14.3.
+> - Adoption over time chart [added](https://gitlab.com/gitlab-org/gitlab/-/issues/337561) in GitLab 14.4.
 
 Prerequisites:
 
@@ -69,6 +70,13 @@ Each group appears as a separate row in the table.
 For each row, a feature is considered "adopted" if it has been used in a project in the given group
 during the time period (including projects in any subgroups of the given group).
 
+## Adoption over time
+
+The **Adoption over time** chart in the **Overview** tab displays DevOps Adoption over time. The chart displays the total number of adopted features from the previous twelve months,
+from when you enabled DevOps Adoption for the group.
+
+The tooltip displays information about the features tracked for individual months.
+
 ## When is a feature considered adopted
 
 A feature is considered "adopted" if it has been used anywhere in the group in the specified time.
diff --git a/doc/user/group/epics/img/epic_view_roadmap_v12_9.png b/doc/user/group/epics/img/epic_view_roadmap_v12_9.png
index e8224ced7e9..3a33a6c4cf8 100644
--- a/doc/user/group/epics/img/epic_view_roadmap_v12_9.png
+++ b/doc/user/group/epics/img/epic_view_roadmap_v12_9.png
diff --git a/doc/user/group/import/img/import_panel_v14_1.png b/doc/user/group/import/img/import_panel_v14_1.png
index 28417383b6c..52791a82c3c 100644
--- a/doc/user/group/import/img/import_panel_v14_1.png
+++ b/doc/user/group/import/img/import_panel_v14_1.png
diff --git a/doc/user/group/import/img/new_group_navigation_v13_8.png b/doc/user/group/import/img/new_group_navigation_v13_8.png
index 307175727c7..40be3dd41d2 100644
--- a/doc/user/group/import/img/new_group_navigation_v13_8.png
+++ b/doc/user/group/import/img/new_group_navigation_v13_8.png
diff --git a/doc/user/group/import/index.md b/doc/user/group/import/index.md
index 31c3a8e774e..1f5de36303e 100644
--- a/doc/user/group/import/index.md
+++ b/doc/user/group/import/index.md
@@ -5,7 +5,7 @@ group: Import
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
-# Import groups from another instance of GitLab **(FREE)**
+# Migrate groups from another instance of GitLab **(FREE)**
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/249160) in GitLab 13.7.
 > - [Deployed behind a feature flag](../../feature_flags.md), disabled by default.
@@ -102,8 +102,10 @@ This might involve reconfiguring your firewall to prevent blocking connection on
 
 ### Connect to the remote GitLab instance
 
-1. Navigate to the New Group page, either via the `+` button in the top navigation bar, or the **New subgroup** button
-on an existing group's page.
+1. Go to the New Group page:
+
+   - On the top bar, select `+` and then **New group**.
+   - Or, on an existing group's page, in the top right, select **New subgroup**.
 
    ![Navigation paths to create a new group](img/new_group_navigation_v13_8.png)
 
@@ -111,21 +113,20 @@ on an existing group's page.
 
    ![Fill in import details](img/import_panel_v14_1.png)
 
-1. Fill in source URL of your GitLab.
-1. Fill in [personal access token](../../../user/profile/personal_access_tokens.md) for remote GitLab instance.
-1. Click "Connect instance".
+1. Enter the source URL of your GitLab instance.
+1. Generate or copy a [personal access token](../../../user/profile/personal_access_tokens.md)
+   with the `api` and `read_repository` scopes on your remote GitLab instance.
+1. Enter the [personal access token](../../../user/profile/personal_access_tokens.md) for your remote GitLab instance.
+1. Select **Connect instance**.
 
 ### Selecting which groups to import
 
 After you have authorized access to the GitLab instance, you are redirected to the GitLab Group
-Migration importer page. Listed are the remote GitLab groups to which you have the Owner role.
+Migration importer page. The remote groups you have the Owner role for are listed.
 
 1. By default, the proposed group namespaces match the names as they exist in remote instance, but based on your permissions, you can choose to edit these names before you proceed to import any of them.
-
-1. Select the **Import** button next to any number of groups.
-
-1. The **Status** column shows the import status of each group. You can choose to leave the page open and it updates in real-time.
-
-1. Once a group has been imported, click its GitLab path to open its GitLab URL.
+1. Next to the groups you want to import, select **Import**.
+1. The **Status** column shows the import status of each group. If you leave the page open, it updates in real-time.
+1. After a group has been imported, select its GitLab path to open its GitLab URL.
 
 ![Group Importer page](img/bulk_imports_v14_1.png)
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index caf874cfe28..15d2da50012 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -571,10 +571,11 @@ To restrict group access by IP address:
 
 ## Restrict group access by domain **(PREMIUM)**
 
->- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7297) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
->- Support for specifying multiple email domains [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33143) added in GitLab 13.1.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7297) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
+> - Support for specifying multiple email domains [added](https://gitlab.com/gitlab-org/gitlab/-/issues/33143) in GitLab 13.1.
+> - Support for restricting access to projects within the group [added](https://gitlab.com/gitlab-org/gitlab/-/issues/14004) in GitLab 14.1.2.
 
-You can prevent users with email addresses in specific domains from being added to a group.
+You can prevent users with email addresses in specific domains from being added to a group and its projects.
 
 To restrict group access by domain:
 
@@ -593,9 +594,6 @@ Some domains cannot be restricted. These are the most popular public email domai
 - `hotmail.com`, `hotmail.co.uk`, `hotmail.fr`
 - `msn.com`, `live.com`, `outlook.com`
 
-NOTE:
-Domain restrictions apply to groups only. They do not prevent users from being added as members of projects owned by the restricted group.
-
 ## Group file templates **(PREMIUM)**
 
 Use group file templates to share a set of templates for common file
@@ -732,6 +730,27 @@ The group's new subgroups have push rules set for them based on either:
 - The closest parent group with push rules defined.
 - Push rules set at the instance level, if no parent groups have push rules defined.
 
+## Group approval rules **(PREMIUM)**
+
+> Introduced in GitLab 13.9. [Deployed behind the `group_merge_request_approval_settings_feature_flag` flag](../../administration/feature_flags.md), disabled by default.
+
+FLAG:
+On self-managed GitLab, by default this feature is not available. To make it available,
+per group, ask an administrator to [enable the `group_merge_request_approval_settings_feature_flag` flag](../../administration/feature_flags.md).
+The feature is not ready for production use.
+
+Group approval rules are an in-development feature that provides an interface for managing
+[project merge request approval rules](../project/merge_requests/approvals/index.md) at the
+top-level group level. When rules are configured [at the instance level](../admin_area/merge_requests_approvals.md),
+you can't edit locked rules.
+
+To view the merge request approval rules UI for a group:
+
+1. Go to the top-level group's **Settings > General** page.
+1. Expand the **Merge request approvals** section.
+1. Select the settings you want.
+1. Select **Save changes**.
+
 ## Related topics
 
 - [Group wikis](../project/wiki/index.md)
@@ -769,3 +788,22 @@ If a user sees a 404 when they would normally expect access, and the problem is
 
 In viewing the log entries, compare the `remote.ip` with the list of
 [allowed IPs](#restrict-group-access-by-ip-address) for the group.
+
+### Validation errors on namespaces and groups
+
+[GitLab 14.4 and later](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70365) performs
+the following checks when creating or updating namespaces or groups:
+
+- Namespaces must not have parents.
+- Group parents must be groups and not namespaces.
+
+You can disable the validation if GitLab shows the following errors:
+
+- `A user namespace cannot have a parent`.
+- `A group cannot have a user namespace as its parent`.
+
+To disable the validation,
+[disable the `validate_namespace_parent_type` flag](../../administration/feature_flags.md).
+
+In the unlikely event that you had to disable this feature flag to prevent errors,
+[contact Support](https://about.gitlab.com/support/) so that we can improve this validation.
diff --git a/doc/user/group/insights/img/insights_group_configuration.png b/doc/user/group/insights/img/insights_group_configuration.png
deleted file mode 100644
index d181a1e94c3..00000000000
--- a/doc/user/group/insights/img/insights_group_configuration.png
+++ /dev/null
diff --git a/doc/user/group/insights/index.md b/doc/user/group/insights/index.md
index 18177d656ab..9f841691eb8 100644
--- a/doc/user/group/insights/index.md
+++ b/doc/user/group/insights/index.md
@@ -9,34 +9,35 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/725) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
 
-Configure the Insights that matter for your groups to explore data such as
-triage hygiene, issues created/closed per a given period, average time for merge
-requests to be merged and much more.
+Configure the Insights that matter for your groups. Explore data such as
+triage hygiene, issues created or closed for a given period, average time for merge
+requests to be merged, and much more.
 
 ![Insights example stacked bar chart](img/insights_example_stacked_bar_chart_v13_11.png)
 
 ## View your group's Insights
 
-You can access your group's Insights by clicking the **Analytics > Insights**
-link in the left sidebar.
+To access your group's Insights:
 
-## Configure your Insights
-
-Navigate to your group's **Settings > General**, expand **Insights**, and choose
-the project that holds your `.gitlab/insights.yml` configuration file:
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Insights**.
 
-![group insights configuration](img/insights_group_configuration.png)
+## Configure your Insights
 
-If no configuration was set, a [default configuration file](
-https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/fixtures/insights/default.yml)
-will be used.
+GitLab reads Insights from the [default configuration file](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/fixtures/insights/default.yml).
+If you want to customize it:
 
-See the [Project's Insights documentation](../../project/insights/index.md) for
-more details about the `.gitlab/insights.yml` configuration file.
+1. Create a new file [`.gitlab/insights.yml`](../../project/insights/index.md)
+in a project that belongs to your group.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Settings > General**.
+1. Expand **Insights**.
+1. Select the project that contains your `.gitlab/insights.yml` configuration file.
+1. Select **Save changes**.
 
 ## Permissions
 
-If you have access to view a group, then you have access to view their Insights.
+If you have access to view a group, then you have access to view its Insights.
 
 NOTE:
 Issues or merge requests that you don't have access to (because you don't have
diff --git a/doc/user/group/repositories_analytics/index.md b/doc/user/group/repositories_analytics/index.md
index 685c4601ac4..c6cd763355b 100644
--- a/doc/user/group/repositories_analytics/index.md
+++ b/doc/user/group/repositories_analytics/index.md
@@ -7,16 +7,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Repositories Analytics **(PREMIUM)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215104) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4.
-
-WARNING:
-This feature might not be available to you. Check the **version history** note above for details.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215104) in GitLab 13.4.
 
 ![Group repositories analytics](../img/group_code_coverage_analytics_v13_9.png)
 
 ## Current group code coverage
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263478) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263478) in GitLab 13.7.
 
 The **Analytics > Repositories** group page displays the overall test coverage of all your projects in your group.
 In the **Overall activity** section, you can see:
@@ -27,46 +24,47 @@ In the **Overall activity** section, you can see:
 
 ## Average group test coverage from the last 30 days
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215140) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.9.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215140) in GitLab 13.9.
 
 The **Analytics > Repositories** group page displays the average test coverage of all your projects in your group in a graph for the last 30 days.
 
 ## Latest project test coverage list
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267624) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267624) in GitLab 13.6.
 
 To see the latest code coverage for each project in your group:
 
-1. Go to **Analytics > Repositories** in the group (not from a project).
-1. In the **Latest test coverage results** section, use the **Select projects** dropdown to choose the projects you want to check.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Repositories**.
+1. In the **Latest test coverage results** section, from the **Select projects** dropdown list, choose the projects you want to check.
 
 You can download code coverage data for specific projects using
 [code coverage history](../../../ci/pipelines/settings.md#view-code-coverage-history).
 
 ## Download historic test coverage data
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215104) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215104) in GitLab 13.4.
 
 You can get a CSV of the code coverage data for all of the projects in your group. This report has a maximum of 1000 records. The code coverage data is from the default branch in each project.
 
 To get the report:
 
-1. Go to your group's **Analytics > Repositories** page
-1. Click **Download historic test coverage data (`.csv`)**,
-1. In the popup, select the projects you want to include in the report.
-1. Select the date range for the report from the preset options.
-1. Click **Download test coverage data (`.csv`)**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Repositories**.
+1. Select **Download historic test coverage data (.csv)**.
+1. Select the projects and date range you want to include in the report.
+1. Select **Download test coverage data (.csv)**.
 
 The projects dropdown shows up to 100 projects from your group. If the project you want to check is not in the dropdown list, you can select **All projects** to download the report for all projects in your group, including any projects that are not listed. There is a plan to improve this behavior in this [related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/250684).
 
-For each day that a coverage report was generated by a job in a project's pipeline, there will be a row in the CSV which includes:
+For each day that a coverage report was generated by a job in a project's pipeline, a row in the CSV includes:
 
-- The date when the coverage job ran
+- The date the coverage job ran
 - The name of the job that generated the coverage report
 - The name of the project
 - The coverage value
 
-If the project's code coverage was calculated more than once in a day, we will take the last value from that day.
+If the project's code coverage was calculated more than once in a day, the last value from that day is used.
 
 NOTE:
 [In GitLab 13.7 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/270102), group code coverage
diff --git a/doc/user/group/roadmap/img/roadmap_view_v14_3.png b/doc/user/group/roadmap/img/roadmap_view_v14_3.png
index ca4b87b9fdd..ea5e870680e 100644
--- a/doc/user/group/roadmap/img/roadmap_view_v14_3.png
+++ b/doc/user/group/roadmap/img/roadmap_view_v14_3.png
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index 8f6b3e7244a..1c894550a14 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 > Introduced in GitLab 11.0.
 
-This page describes SAML for Groups. For instance-wide SAML on self-managed GitLab instances, see [SAML OmniAuth Provider](../../../integration/saml.md).
+This page describes SAML for groups. For instance-wide SAML on self-managed GitLab instances, see [SAML OmniAuth Provider](../../../integration/saml.md).
 [View the differences between SaaS and Self-Managed Authentication and Authorization Options](../../../administration/auth/index.md#saas-vs-self-managed-comparison).
 
 SAML on GitLab.com allows users to sign in through their SAML identity provider. If the user is not already a member, the sign-in process automatically adds the user to the appropriate group.
@@ -23,7 +23,8 @@ If required, you can find [a glossary of common terms](../../../integration/saml
 
 ## Configuring your identity provider
 
-1. Navigate to the GitLab group and select **Settings > SAML SSO**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Settings > SAML SSO**.
 1. Configure your SAML identity provider using the **Assertion consumer service URL**, **Identifier**, and **GitLab single sign-on URL**.
    Alternatively GitLab provides [metadata XML configuration](#metadata-configuration).
    See [specific identity provider documentation](#providers) for more details.
@@ -42,7 +43,7 @@ GitLab.com uses the SAML NameID to identify users. The NameID element:
 
 - Is a required field in the SAML response.
 - Must be unique to each user.
-- Must be a persistent value that will never change, such as a randomly generated unique user ID.
+- Must be a persistent value that never changes, such as a randomly generated unique user ID.
 - Is case sensitive. The NameID must match exactly on subsequent login attempts, so should not rely on user input that could change between upper and lower case.
 - Should not be an email address or username. We strongly recommend against these as it's hard to
   guarantee it doesn't ever change, for example, when a person's name changes. Email addresses are
@@ -66,15 +67,15 @@ the user details need to be passed to GitLab as SAML assertions.
 
 At a minimum, the user's email address *must* be specified as an assertion named `email` or `mail`.
 See [the assertions list](../../../integration/saml.md#assertions) for other available claims.
-
-NOTE:
-The `username` assertion is not supported for GitLab.com SaaS integrations.
+In addition to the attributes in the linked assertions list, GitLab.com supports `username`
+and `nickname` attributes.
 
 ### Metadata configuration
 
 GitLab provides metadata XML that can be used to configure your identity provider.
 
-1. Navigate to the group and select **Settings > SAML SSO**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Settings > SAML SSO**.
 1. Copy the provided **GitLab metadata URL**.
 1. Follow your identity provider's documentation and paste the metadata URL when it's requested.
 
@@ -82,7 +83,8 @@ GitLab provides metadata XML that can be used to configure your identity provide
 
 After you set up your identity provider to work with GitLab, you must configure GitLab to use it for authentication:
 
-1. Navigate to the group's **Settings > SAML SSO**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Settings > SAML SSO**.
 1. Find the SSO URL from your identity provider and enter it the **Identity provider single sign-on URL** field.
 1. Find and enter the fingerprint for the SAML token signing certificate in the **Certificate** field.
 1. Select the access level to be applied to newly added users in the **Default membership role** field. The default access level is 'Guest'.
@@ -110,7 +112,7 @@ However, users are not prompted to sign in through SSO on each visit. GitLab che
 has authenticated through SSO. If it's been more than 1 day since the last sign-in, GitLab
 prompts the user to sign in again through SSO.
 
-We intend to add a similar SSO requirement for [API activity](https://gitlab.com/gitlab-org/gitlab/-/issues/9152).
+We intend to add a similar SSO requirement for [API activity](https://gitlab.com/gitlab-org/gitlab/-/issues/297389).
 
 SSO has the following effects when enabled:
 
@@ -131,7 +133,7 @@ When SCIM updates, the user's access is immediately revoked.
 
 ## Providers
 
-The SAML standard means that a wide range of identity providers will work with GitLab. Your identity provider may have relevant documentation. It may be generic SAML documentation, or specifically targeted for GitLab.
+The SAML standard means that you can use a wide range of identity providers with GitLab. Your identity provider might have relevant documentation. It can be generic SAML documentation or specifically targeted for GitLab.
 
 When [configuring your identity provider](#configuring-your-identity-provider), please consider the notes below for specific providers to help avoid common issues and as a guide for terminology used.
 
@@ -224,7 +226,7 @@ When a user tries to sign in with Group SSO, GitLab attempts to find or create a
 
 To link SAML to your existing GitLab.com account:
 
-1. Sign in to your GitLab.com account.
+1. Sign in to your GitLab.com account. [Reset your password](https://gitlab.com/users/password/new) if necessary.
 1. Locate and visit the **GitLab single sign-on URL** for the group you're signing in to. A group owner can find this on the group's **Settings > SAML SSO** page. If the sign-in URL is configured, users can connect to the GitLab app from the identity provider.
 1. Select **Authorize**.
 1. Enter your credentials on the identity provider if prompted.
@@ -265,6 +267,9 @@ convert the information to XML. An example SAML response is shown here.
       <saml2:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
          <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">user.email</saml2:AttributeValue>
       </saml2:Attribute>
+      <saml2:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+        <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">user.nickName</saml2:AttributeValue>
+      </saml2:Attribute>
       <saml2:Attribute Name="first_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
          <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">user.firstName</saml2:AttributeValue>
       </saml2:Attribute>
@@ -309,7 +314,7 @@ group owner, and then you can unlink the account.
 
 For example, to unlink the `MyOrg` account:
 
-1. In the top-right corner, select your avatar.
+1. On the top bar, in the top right corner, select your avatar.
 1. Select **Edit profile**.
 1. On the left sidebar, select **Account**.
 1. In the **Social sign-in** section, select **Disconnect** next to the connected account.
@@ -346,8 +351,8 @@ a SAML identity provider group name to a GitLab Access Level. This can be done f
 
 To link the SAML groups from the `saml:AttributeStatement` example above:
 
-1. Enter the value of `saml:AttributeValue` in the `SAML Group Name` field.
-1. Choose the desired `Access Level`.
+1. In the **SAML Group Name** box, enter the value of `saml:AttributeValue`.
+1. Choose the desired **Access Level**.
 1. **Save** the group link.
 1. Repeat to add additional group links if desired.
 
@@ -356,7 +361,14 @@ To link the SAML groups from the `saml:AttributeStatement` example above:
 If a user is a member of multiple SAML groups mapped to the same GitLab group,
 the user gets the highest access level from the groups. For example, if one group
 is linked as `Guest` and another `Maintainer`, a user in both groups gets `Maintainer`
-access.
+access. 
+
+Users granted:
+
+- A higher role with Group Sync are displayed as having
+  [direct membership](../../project/members/#display-direct-members) of the group.
+- A lower or the same role with Group Sync are displayed as having
+  [inherited membership](../../project/members/#display-inherited-members) of the group.
 
 ### Automatic member removal
 
@@ -480,7 +492,7 @@ If you receive a `404` during setup when using "verify configuration", make sure
 [SHA-1 generated fingerprint](../../../integration/saml.md#notes-on-configuring-your-identity-provider).
 
 If a user is trying to sign in for the first time and the GitLab single sign-on URL has not [been configured](#configuring-your-identity-provider), they may see a 404.
-As outlined in the [user access section](#linking-saml-to-your-existing-gitlabcom-account), a group Owner will need to provide the URL to users.
+As outlined in the [user access section](#linking-saml-to-your-existing-gitlabcom-account), a group Owner needs to provide the URL to users.
 
 ### Message: "SAML authentication failed: Extern UID has already been taken"
 
@@ -502,13 +514,13 @@ Here are possible causes and solutions:
 
 | Cause                                                                                                                                    | Solution                                                                 |
 | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ |
-| When a user account with the email address already exists in GitLab, but the user does not have the SAML identity tied to their account. | The user will need to [link their account](#user-access-and-management). |
+| When a user account with the email address already exists in GitLab, but the user does not have the SAML identity tied to their account. | The user needs to [link their account](#user-access-and-management). |
 
 ### Message: "SAML authentication failed: Extern UID has already been taken, User has already been taken"
 
 Getting both of these errors at the same time suggests the NameID capitalization provided by the identity provider didn't exactly match the previous value for that user.
 
-This can be prevented by configuring the [NameID](#nameid) to return a consistent value. Fixing this for an individual user involves [unlinking SAML in the GitLab account](#unlinking-accounts), although this will cause group membership and to-dos to be lost.
+This can be prevented by configuring the [NameID](#nameid) to return a consistent value. Fixing this for an individual user involves [unlinking SAML in the GitLab account](#unlinking-accounts), although this causes group membership and to-do items to be lost.
 
 ### Message: "Request to link SAML account must be authorized"
 
@@ -541,7 +553,7 @@ Otherwise, to change the SAML app used for sign in, users need to [unlink the cu
 
 Many SAML terms can vary between providers. It is possible that the information you are looking for is listed under another name.
 
-For more information, start with your identity provider's documentation. Look for their options and examples to see how they configure SAML. This can provide hints on what you'll need to configure GitLab to work with these providers.
+For more information, start with your identity provider's documentation. Look for their options and examples to see how they configure SAML. This can provide hints on what you need to configure GitLab to work with these providers.
 
 It can also help to look at our [more detailed docs for self-managed GitLab](../../../integration/saml.md).
 SAML configuration for GitLab.com is mostly the same as for self-managed instances.
diff --git a/doc/user/group/settings/img/import_panel_v14_1.png b/doc/user/group/settings/img/import_panel_v14_1.png
deleted file mode 100644
index 28417383b6c..00000000000
--- a/doc/user/group/settings/img/import_panel_v14_1.png
+++ /dev/null
diff --git a/doc/user/group/settings/img/new_group_navigation_v13_1.png b/doc/user/group/settings/img/new_group_navigation_v13_1.png
deleted file mode 100644
index 307175727c7..00000000000
--- a/doc/user/group/settings/img/new_group_navigation_v13_1.png
+++ /dev/null
diff --git a/doc/user/group/settings/import_export.md b/doc/user/group/settings/import_export.md
index 516f3504a98..3f9d94f044e 100644
--- a/doc/user/group/settings/import_export.md
+++ b/doc/user/group/settings/import_export.md
@@ -4,6 +4,7 @@ stage: Manage
 group: Import
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
+
 # Group import/export **(FREE)**
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2888) in GitLab 13.0 as an experimental feature. May change in future releases.
@@ -23,9 +24,9 @@ Users with the [Owner role](../../permissions.md) for a group can enable
 import and export for that group:
 
 1. On the top bar, select **Menu > Admin**.
-1. On the left sidebar, select **Settings > General > Visibility and access controls**.
-1. Scroll to **Import sources**.
-1. Enable the desired **Import sources**.
+1. On the left sidebar, select **Settings > General**.
+1. Expand **Visibility and access controls**.
+1. In the **Import sources** section, select the checkboxes for the sources you want.
 
 ## Important Notes
 
@@ -65,19 +66,23 @@ For more details on the specific data persisted in a group export, see the
 
 ## Export a group
 
+WARNING:
+This feature will be [deprecated](https://gitlab.com/groups/gitlab-org/-/epics/4619)
+in GitLab 14.6 and replaced by [GitLab Migration](../import/).
+
 Users with the [Owner role](../../permissions.md) for a group can export the
 contents of that group:
 
-1. On the top bar, select **Menu >** **Groups** and find your group.
-1. On the left sidebar, select **Settings**.
-1. Scroll to the **Advanced** section, and select **Export Group**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Settings > General**.
+1. In the **Advanced** section, select **Export Group**.
 1. After the export is generated, you should receive an email with a link to the [exported contents](#exported-contents)
    in a compressed tar archive, with contents in NDJSON format.
 1. Alternatively, you can download the export from the UI:
 
    1. Return to your group's **Settings > General** page.
-   1. Scroll to the **Advanced** section, and select **Download export**.
-      You can also generate a new file by clicking **Regenerate export**.
+   1. In the **Advanced** section, select **Download export**.
+      You can also generate a new file by selecting **Regenerate export**.
 
 NOTE:
 The maximum import file size can be set by the Administrator, default is `0` (unlimited).
@@ -91,24 +96,18 @@ The Enterprise Edition retains some group data that isn't part of the Community
 
 ## Importing the group
 
-1. Navigate to the New Group page, either via the `+` button in the top navigation bar, or the **New subgroup** button
-on an existing group's page.
-
-   ![Navigation paths to create a new group](img/new_group_navigation_v13_1.png)
-
-1. On the New Group page, select the **Import group**.
-
-   ![Fill in group details](img/import_panel_v14_1.png)
+1. Create a new group:
+   - On the top bar, select **New** (**{plus}**) and then **New group**.
+   - On an existing group's page, select the **New subgroup** button.
 
+1. Select **Import group**.
 1. Enter your group name.
-
 1. Accept or modify the associated group URL.
-
-1. Click **Choose file**
-
+1. Select **Choose file**.
 1. Select the file that you exported in the [Export a group](#export-a-group) section.
+1. To begin importing, select **Import group**.
 
-1. Click **Import group** to begin importing. Your newly imported group page appears after the operation completes.
+Your newly imported group page appears after the operation completes.
 
 ## Version history
 
diff --git a/doc/user/group/subgroups/img/create_new_group.png b/doc/user/group/subgroups/img/create_new_group.png
deleted file mode 100644
index 9d011ec709a..00000000000
--- a/doc/user/group/subgroups/img/create_new_group.png
+++ /dev/null
diff --git a/doc/user/group/subgroups/img/create_subgroup_button_v13_6.png b/doc/user/group/subgroups/img/create_subgroup_button_v13_6.png
deleted file mode 100644
index 013aee6b0b4..00000000000
--- a/doc/user/group/subgroups/img/create_subgroup_button_v13_6.png
+++ /dev/null
diff --git a/doc/user/group/subgroups/img/group_members_13_7.png b/doc/user/group/subgroups/img/group_members_13_7.png
deleted file mode 100644
index ab22bcb932c..00000000000
--- a/doc/user/group/subgroups/img/group_members_13_7.png
+++ /dev/null
diff --git a/doc/user/group/subgroups/img/group_members_v14_4.png b/doc/user/group/subgroups/img/group_members_v14_4.png
new file mode 100644
index 00000000000..695564a8b74
--- /dev/null
+++ b/doc/user/group/subgroups/img/group_members_v14_4.png
diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index aaff0574ef0..49032d0a2ef 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -73,51 +73,41 @@ subgroups, the behavior is the same as when performing these actions at the
 
 ## Creating a subgroup
 
+Users can create subgroups if they are explicitly added as an Owner (or
+Maintainer, if that setting is enabled) to an immediate parent group, even if group
+creation is disabled by an administrator in their settings.
+
+To create a subgroup:
+
+1. On the top bar, select **Menu > Groups** and find the parent group.
+1. In the top right, select **New subgroup**.
+1. Select **Create group**.
+1. Fill in the fields. View a list of [reserved names](../../reserved_names.md)
+   that cannot be used as group names.
+1. Select **Create group**.
+
+### Change who can create subgroups
+
 To create a subgroup you must either be an Owner or a Maintainer of the
 group, depending on the group's setting.
 
-By default, groups created in:
+By default:
 
-- GitLab 12.2 or later allow both Owners and Maintainers to create subgroups.
-- GitLab 12.1 or earlier only allow Owners to create subgroups.
+- In GitLab 12.2 or later, both Owners and Maintainers can create subgroups.
+- In GitLab 12.1 or earlier, only Owners can create subgroups.
 
-The setting can be changed for any group by:
+You can change this setting:
 
-- A group owner:
+- As group owner:
   1. Select the group.
   1. On the left sidebar, select **Settings > General**.
-  1. Expand the **Permissions, LFS, 2FA** section.
-- An administrator:
+  1. Expand **Permissions, LFS, 2FA**.
+- As an administrator:
   1. On the top bar, select **Menu > Admin**.
   1. On the left sidebar, select **Overview > Groups**.
   1. Select the group, and select **Edit**.
 
-For:
-
-- More information, check the [permissions table](../../permissions.md#group-members-permissions).
-- A list of words that are not allowed to be used as group names, see the
-  [reserved names](../../reserved_names.md).
-
-Users can always create subgroups if they are explicitly added as an Owner (or
-Maintainer, if that setting is enabled) to an immediate parent group, even if group
-creation is disabled by an administrator in their settings.
-
-To create a subgroup:
-
-1. In the group's dashboard click the **New subgroup** button.
-
-   ![Subgroups page](img/create_subgroup_button_v13_6.png)
-
-1. Create a new group like you would normally do. Notice that the immediate parent group
-   namespace is fixed under **Group path**. The visibility level can differ from
-   the immediate parent group.
-
-   ![Subgroups page](img/create_new_group.png)
-
-1. Click the **Create group** button to be redirected to the new group's
-   dashboard page.
-
-Follow the same process to create any subsequent groups.
+For more information, view the [permissions table](../../permissions.md#group-members-permissions).
 
 ## Membership
 
@@ -136,7 +126,7 @@ the **Members** page of the group the member was added.
 You can tell if a member has inherited the permissions from a parent group by
 looking at the group's **Members** page.
 
-![Group members page](img/group_members_13_7.png)
+![Group members page](img/group_members_v14_4.png)
 
 From the image above, we can deduce the following things:
 
diff --git a/doc/user/group/value_stream_analytics/index.md b/doc/user/group/value_stream_analytics/index.md
index 68ae5e0df2d..5c8393f30ab 100644
--- a/doc/user/group/value_stream_analytics/index.md
+++ b/doc/user/group/value_stream_analytics/index.md
@@ -284,9 +284,9 @@ To sort the stage table by a table column, select the table header.
 You can sort in ascending or descending order. To find items that spent the most time in a stage,
 potentially causing bottlenecks in your value stream, sort the table by the **Time** column.
 From there, select individual items to drill in and investigate how delays are happening.
-To see which items the stage most recently, sort by the work item column on the left.
+To see which items most recently exited the stage, sort by the work item column on the left.
 
-The table displays up to 20 items at a time. If there are more than 20 items, you can use the
+The table displays 20 items per page. If there are more than 20 items, you can use the
 **Prev** and **Next** buttons to navigate through the pages.
 
 ### Creating a value stream
@@ -302,11 +302,12 @@ best practices. You can customize this flow by adding, hiding or re-ordering sta
 
 To create a value stream:
 
-1. Navigate to your group's **Analytics > Value Stream**.
-1. Click the Value stream dropdown and select **Create new Value Stream**
-1. Fill in a name for the new Value Stream
-   - You can [customize the stages](#creating-a-value-stream-with-stages)
-1. Click the **Create Value Stream** button.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Value Stream**.
+1. In the top right, select the dropdown list and then **Create new Value Stream**.
+1. Enter a name for the new Value Stream.
+   - You can [customize the stages](#creating-a-value-stream-with-stages).
+1. Select **Create Value Stream**.
 
 ![New value stream](img/new_value_stream_v13_12.png "Creating a new value stream")
 
@@ -324,18 +325,19 @@ add stages as desired.
 
 To create a value stream with stages:
 
-1. Go to your group and select **Analytics > Value Stream**.
-1. Select the Value Stream dropdown and select **Create new Value Stream**.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Value Stream**.
+1. In the top right, select the dropdown list and then **Create new Value Stream**.
 1. Select either **Create from default template** or **Create from no template**.
-   - Default stages in the value stream can be hidden or re-ordered.
+   - You can hide or re-order default stages in the value stream.
 
      ![Default stage actions](img/vsa_default_stage_v13_10.png "Default stage actions")
 
-   - New stages can be added by clicking the 'Add another stage' button.
-   - The name, start and end events for the stage can be selected
+   - You can add new stages by selecting **Add another stage**.
+   - You can select the name and start and end events for the stage.
 
      ![Custom stage actions](img/vsa_custom_stage_v13_10.png "Custom stage actions")
-1. Select the **Create Value Stream** button to save the value stream.
+1. Select **Create Value Stream**.
 
 #### Label-based stages
 
@@ -358,8 +360,9 @@ In this example, we'd like to measure times for deployment from a staging enviro
 
 After you create a value stream, you can customize it to suit your purposes. To edit a value stream:
 
-1. Go to your group and select **Analytics > Value Stream**.
-1. Find and select the relevant value stream from the value stream dropdown.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Value Stream**.
+1. In the top right, select the dropdown list and then select the relevant value stream.
 1. Next to the value stream dropdown, select **Edit**.
    The edit form is populated with the value stream details.
 1. Optional:
@@ -377,10 +380,11 @@ After you create a value stream, you can customize it to suit your purposes. To
 
 To delete a custom value stream:
 
-1. Navigate to your group's **Analytics > Value Stream**.
-1. Click the Value stream dropdown and select the value stream you would like to delete.
-1. Click the **Delete (name of value stream)**.
-1. Click the **Delete** button to confirm.
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Value Stream**.
+1. In the top right, select the dropdown list and then select the value stream you would like to delete.
+1. Select **Delete (name of value stream)**.
+1. To confirm, select **Delete**.
 
 ![Delete value stream](img/delete_value_stream_v13_12.png "Deleting a custom value stream")
 
@@ -398,15 +402,6 @@ from the chart itself.
 
 The chart data is limited to the last 500 items.
 
-### Disabling chart
-
-This chart is enabled by default. If you have a self-managed instance, an
-administrator can open a Rails console and disable it with the following command:
-
-```ruby
-Feature.disable(:cycle_analytics_scatterplot_enabled)
-```
-
 ## Type of work - Tasks by type chart
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32421) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.10.
@@ -422,7 +417,7 @@ select up to a total of 15 labels.
 
 ## Permissions
 
-To access Group-level Value Stream Analytics, users must have Reporter access or above.
+To access Group-level Value Stream Analytics, users must have at least the Reporter role.
 
 You can [read more about permissions](../../permissions.md) in general.
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-10-20 11:43:02 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-10-20 11:43:02 +0300
commit	d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch)
tree	2341ef426af70ad1e289c38036737e04b0aa5007 /doc/user/group
parent	d6e514dd13db8947884cd58fe2a9c2a063400a9b (diff)