docs: refactor API security docs

https://github.com/hasura/graphql-engine-mono/pull/1902

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Tirumarai Selvan <8663570+tirumaraiselvan@users.noreply.github.com>
GitOrigin-RevId: a7b1c17f3aec035f3a2e4d968f10e544f5a50559

docs/graphql/cloud/index.rst

@@ -39,13 +39,22 @@ realtime monitoring, caching, tracing, and rate-limiting. It supports both new a
     .. container:: toc-list-content
 
       - :ref:`metrics`
-      - :ref:`api_limits`
-      - :ref:`allow_lists`
       - :ref:`regression_tests`
       - :ref:`read_replicas`
       - :ref:`response_caching`
       - :ref:`tracing`
 
+  .. container:: toc-list-section
+
+    .. container:: toc-list-head
+
+       API Security
+
+    .. container:: toc-list-content
+
+       - :ref:`api_limits`
+       - :ref:`allow_lists`
+
   .. container:: toc-list-section
 
     .. container:: toc-list-head
@@ -67,8 +76,7 @@ realtime monitoring, caching, tracing, and rate-limiting. It supports both new a
   Getting Started <getting-started/index>
   projects/index
   metrics/index
-  api-limits
-  allow-lists
+  API Security <security/index>
   regression-tests
   read-replicas
   response-caching

docs/graphql/cloud/security/disable-graphql-introspection.rst

@@ -0,0 +1,28 @@
+.. meta::
+   :description: Hasura Cloud disable GraphQL introspection
+   :keywords: hasura, docs, cloud, security, introspection, disable, GraphQL
+
+.. _disable_graphql_introspection:
+
+Disable GraphQL introspection
+=============================
+
+.. contents:: Table of contents
+  :backlinks: none
+  :depth: 1
+  :local:
+
+Introduction
+------------
+
+The graphql-engine by default enables `GraphQL Schema Introspection <http://spec.graphql.org/June2018/#sec-Schema-Introspection>`__ which gives full information about the schema and may not be desired in production.
+
+To avoid this, you can disable GraphQL introspection on a per-role basis.
+
+Disabling GraphQL introspection for a role
+------------------------------------------
+
+Introspection can be disabled for a role as shown below:
+
+.. thumbnail:: /img/graphql/cloud/security/disable-introspection.png
+   :alt: Hasura Cloud Console allow list tab

docs/graphql/cloud/security/index.rst

@@ -0,0 +1,32 @@
+.. meta::
+  :description: Hasura Cloud API Security
+  :keywords: hasura, docs, cloud, security, API security, secure
+
+.. _api_security:
+
+API Security
+====================
+
+.. contents:: Table of contents
+  :backlinks: none
+  :depth: 1
+  :local:
+
+Introduction
+------------
+
+All API security related features can be found under the ``Security`` tab in the API explorer page of Hasura console.
+
+.. thumbnail:: /img/graphql/cloud/security/security.png
+   :alt: Security
+
+Features
+-------
+
+.. toctree::
+  :maxdepth: 1
+  :titlesonly:
+
+  allow-lists
+  api-limits
+  disable-graphql-introspection