-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use generated TOC pages for smaller sections (#42374)
Sections included in this change: - docs/pages/agents/ - docs/pages/auto-discovery/ - docs/pages/choose-an-edition/ - docs/pages/desktop-access/ - docs/pages/includes/ - docs/pages/kubernetes-access/ Other changes: - Move Helm includes out of docs/pages/kubernetes-access to match the expectations of the TOC page generator. Also move "Connect your Client" includes to docs/pages/includes. - Some pages were at the expected location of a TOC page (i.e., with the same name as a subdirectory), but included explanatory information that didn't fit the format of this kind of page. This change moves these pages to other locations as overview pages. - Update config.json.
- Loading branch information
Showing
29 changed files
with
452 additions
and
281 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| --- | ||
| title: Teleport Agents | ||
| description: How to use Teleport Agents, which enable users to connect to resources in your infrastructure. | ||
| --- | ||
|
|
||
| {/*TOPICS*/} | ||
|
|
||
| - [Deploy Teleport Agents with Terraform](agents/deploy-agents-terraform.mdx): In this guide, we will show you how to deploy a pool of Teleport agents so you can apply dynamic resources to enroll your infrastructure with Teleport. | ||
| - [Introduction to Teleport Agents](agents/introduction.mdx): Deploy agents to enroll resources in your infrastructure with Teleport. You can run multiple Teleport services per agent." | ||
|
|
||
| ## Join Agents to your Teleport Cluster | ||
|
|
||
| Methods you can use to established trust between a newly deployed Teleport agent and your Teleport cluster so you can protect resources. ([more info](agents/join-services-to-your-cluster.mdx)) | ||
|
|
||
| - [Join Methods for Teleport Agents](agents/join-services-to-your-cluster/overview.mdx): An overview of the available methods for registering the Proxy Service, Database Service, and other Teleport services with your cluster. | ||
| - [Join Services with GCP](agents/join-services-to-your-cluster/gcp.mdx): Use the GCP join method to add services to your Teleport cluster. | ||
| - [Join Services with a Secure Token](agents/join-services-to-your-cluster/join-token.mdx): This guide shows you how to join a Teleport instance to your cluster using a join token in order to proxy access to resources in your infrastructure. | ||
| - [Joining Services via AWS EC2 Identity Document](agents/join-services-to-your-cluster/aws-ec2.mdx): Use the EC2 join method to add services to your Teleport cluster on AWS | ||
| - [Joining Services via AWS IAM Role](agents/join-services-to-your-cluster/aws-iam.mdx): Use the IAM join method to add services to your Teleport cluster on AWS | ||
| - [Joining Services via Azure Managed Identity](agents/join-services-to-your-cluster/azure.mdx): Use the Azure join method to join Teleport services to your Teleport cluster on Azure | ||
| - [Joining Services via Kubernetes ServiceAccount Token](agents/join-services-to-your-cluster/kubernetes.mdx): Use Kubernetes ServiceAccount tokens to join services running in the same Kubernetes cluster as the Auth Service. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,22 +1,14 @@ | ||
| --- | ||
| title: Join Services to your Teleport Cluster | ||
| description: How to register the Proxy Service, Database Service, and other Teleport services with your cluster. | ||
| title: Join Agents to your Teleport Cluster | ||
| description: Methods you can use to established trust between a newly deployed Teleport agent and your Teleport cluster so you can protect resources. | ||
| --- | ||
|
|
||
| A **Teleport service** manages access to resources in your infrastructure, such | ||
| as Kubernetes clusters, Windows desktops, internal web applications, and | ||
| databases. A single **Teleport process** can run multiple Teleport services. | ||
|
|
||
| There are multiple methods you can use to join a Teleport process to your | ||
| cluster in order to run Teleport services, including an instance of the Proxy | ||
| Service. Choose the method that best suits your infrastructure: | ||
|
|
||
| |Method|Description|When to use| | ||
| |------|-----------|-----------| | ||
| |[EC2 Identity Document](./join-services-to-your-cluster/aws-ec2.mdx)|A Teleport process running on an EC2 instance authenticates to your cluster via a signed EC2 instance identity document.|Your Teleport process will run on EC2 and your Teleport cluster is self hosted.| | ||
| |[AWS IAM](./join-services-to-your-cluster/aws-iam.mdx)|A Teleport process uses AWS credentials to join the cluster, whether running on EC2 or not.|At least some of your infrastructure runs on AWS.| | ||
| |[Azure Managed Identity](./join-services-to-your-cluster/azure.mdx)|A Teleport process demonstrates that it runs in your Azure subscription by sending a signed attested data document and access token to the Teleport Auth Service.|Your Teleport process will run on Azure.| | ||
| |[Kubernetes ServiceAccount](./join-services-to-your-cluster/kubernetes.mdx)|A Teleport process uses a Kubernetes-signed proof to establish a trust relationship with your Teleport cluster.|Your Teleport process will run on Kubernetes.| | ||
| |[GCP IAM](./join-services-to-your-cluster/gcp.mdx)|A Teleport process uses a GCP-signed token to establish a trust relationship with your Teleport cluster.|Your Teleport process will run on a GCP VM.| | ||
| |[Join Token](./join-services-to-your-cluster/join-token.mdx)|A Teleport process presents a join token provided when starting the service.|There is no other supported method for your cloud provider.| | ||
| {/*TOPICS*/} | ||
|
|
||
| - [Join Methods for Teleport Agents](join-services-to-your-cluster/overview.mdx): An overview of the available methods for registering the Proxy Service, Database Service, and other Teleport services with your cluster. | ||
| - [Join Services with GCP](join-services-to-your-cluster/gcp.mdx): Use the GCP join method to add services to your Teleport cluster. | ||
| - [Join Services with a Secure Token](join-services-to-your-cluster/join-token.mdx): This guide shows you how to join a Teleport instance to your cluster using a join token in order to proxy access to resources in your infrastructure. | ||
| - [Joining Services via AWS EC2 Identity Document](join-services-to-your-cluster/aws-ec2.mdx): Use the EC2 join method to add services to your Teleport cluster on AWS | ||
| - [Joining Services via AWS IAM Role](join-services-to-your-cluster/aws-iam.mdx): Use the IAM join method to add services to your Teleport cluster on AWS | ||
| - [Joining Services via Azure Managed Identity](join-services-to-your-cluster/azure.mdx): Use the Azure join method to join Teleport services to your Teleport cluster on Azure | ||
| - [Joining Services via Kubernetes ServiceAccount Token](join-services-to-your-cluster/kubernetes.mdx): Use Kubernetes ServiceAccount tokens to join services running in the same Kubernetes cluster as the Auth Service. |
22 changes: 22 additions & 0 deletions
22
docs/pages/agents/join-services-to-your-cluster/overview.mdx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| --- | ||
| title: Join Methods for Teleport Agents | ||
| description: An overview of the available methods for registering the Proxy Service, Database Service, and other Teleport services with your cluster. | ||
| --- | ||
|
|
||
| A **Teleport service** manages access to resources in your infrastructure, such | ||
| as Kubernetes clusters, Windows desktops, internal web applications, and | ||
| databases. A single **Teleport process** can run multiple Teleport services. | ||
|
|
||
| There are multiple methods you can use to join a Teleport process to your | ||
| cluster in order to run Teleport services, including an instance of the Proxy | ||
| Service. Choose the method that best suits your infrastructure: | ||
|
|
||
| |Method|Description|When to use| | ||
| |------|-----------|-----------| | ||
| |[EC2 Identity Document](./join-services-to-your-cluster/aws-ec2.mdx)|A Teleport process running on an EC2 instance authenticates to your cluster via a signed EC2 instance identity document.|Your Teleport process will run on EC2 and your Teleport cluster is self hosted.| | ||
| |[AWS IAM](./join-services-to-your-cluster/aws-iam.mdx)|A Teleport process uses AWS credentials to join the cluster, whether running on EC2 or not.|At least some of your infrastructure runs on AWS.| | ||
| |[Azure Managed Identity](./join-services-to-your-cluster/azure.mdx)|A Teleport process demonstrates that it runs in your Azure subscription by sending a signed attested data document and access token to the Teleport Auth Service.|Your Teleport process will run on Azure.| | ||
| |[Kubernetes ServiceAccount](./join-services-to-your-cluster/kubernetes.mdx)|A Teleport process uses a Kubernetes-signed proof to establish a trust relationship with your Teleport cluster.|Your Teleport process will run on Kubernetes.| | ||
| |[GCP IAM](./join-services-to-your-cluster/gcp.mdx)|A Teleport process uses a GCP-signed token to establish a trust relationship with your Teleport cluster.|Your Teleport process will run on a GCP VM.| | ||
| |[Join Token](./join-services-to-your-cluster/join-token.mdx)|A Teleport process presents a join token provided when starting the service.|There is no other supported method for your cloud provider.| | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| title: Teleport API Guides | ||
| description: How to use the Teleport gRPC API, which allows custom client tools to manage dynamic Teleport resources. | ||
| --- | ||
|
|
||
| {/*TOPICS*/} | ||
|
|
||
| - [API Architecture](api/architecture.mdx): Architectural overview of the Teleport gRPC API. | ||
| - [API Getting Started Guide](api/getting-started.mdx): Get started working with the Teleport API programmatically using Go. | ||
| - [Automatically Register Resources with Teleport](api/automatically-register-agents.mdx): Learn how to use the Teleport API to start agents automatically when you add resources to your infrastructure. | ||
| - [Generate Teleport Roles from an External RBAC System](api/rbac.mdx): Use Teleport's API to automatically generate Teleport roles based on third-party RBAC policies | ||
| - [How to Build an Access Request Plugin](api/access-plugin.mdx): Manage Access Requests using custom workflows with the Teleport API | ||
| - [Teleport API Introduction](api/introduction.mdx): Introduction to the Teleport gRPC API. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| --- | ||
| title: Teleport Architecture Guides | ||
| description: Guides to the inner workings of components within a Teleport cluster. | ||
| --- | ||
|
|
||
| {/*TOPICS*/} | ||
|
|
||
| - [Agent Update Management](architecture/agent-update-management.mdx): This chapter explains how Teleport agent automatic update is working. | ||
| - [Proxy Peering](architecture/proxy-peering.mdx): How Teleport implements more efficient networking with Proxy Peering. | ||
| - [TLS Routing](architecture/tls-routing.mdx): How Teleport implements a single-port setup with TLS routing | ||
| - [Teleport Architecture Guides](architecture/introduction.mdx): Get detailed information about how Teleport works | ||
| - [Teleport Authentication](architecture/authentication.mdx): This chapter explains how Teleport uses certificate authorities to authenticate users and services. | ||
| - [Teleport Authorization](architecture/authorization.mdx): This chapter explains how Teleport authorizes users and roles. | ||
| - [Teleport Proxy Service](architecture/proxy.mdx): Architecture of Teleport's identity-aware proxy service | ||
| - [Teleport SSH Nodes](architecture/nodes.mdx): This chapter explains the concept of a Teleport Node and how Teleport manages SSH. | ||
| - [Teleport Session Recording](architecture/session-recording.mdx): An overview of Teleport's session recording and its configuration | ||
| - [Trusted Clusters Architecture](architecture/trustedclusters.mdx): Deep dive into design of Teleport Trusted Clusters. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| --- | ||
| title: Teleport Auto-Discovery | ||
| description: "Learn how to use the Teleport Discovery Service, which automatically enrolls resources by query APIs" | ||
| --- | ||
|
|
||
| The Teleport Discovery Service automatically detects resources in your | ||
| infrastructure and enrolls them in your Teleport cluster. When you deploy | ||
| servers, databases, and Kubernetes clusters, Teleport enables secure access to | ||
| these resources with no further configuration. This lets you decouple the need | ||
| to protect your infrastructure resources from the work of deploying and managing | ||
| them. | ||
|
|
||
| The Discovery Service runs on [Teleport agents](../agents/introduction.mdx). It | ||
| periodically queries cloud provider APIs to list resources in your | ||
| infrastructure. It then reconciles these resources with Teleport resources | ||
| registered on the Auth Service backend. | ||
|
|
||
| Set up Teleport auto-discovery for resources in your infrastructure: | ||
|
|
||
| {/*TOPICS*/} | ||
|
|
||
| - [AWS Database Auto-Discovery](auto-discovery/databases.mdx): How to configure Teleport to discover AWS-hosted databases. | ||
|
|
||
| ## Automatically Enroll Kubernetes Clusters | ||
|
|
||
| Register Kubernetes clusters with your Teleport cluster by polling service discovery endpoints. ([more info](auto-discovery/kubernetes.mdx)) | ||
|
|
||
| - [Kubernetes Clusters Discovery](auto-discovery/kubernetes/overview.mdx): Detailed guides for configuring Kubernetes Clusters Discovery. | ||
| - [Teleport AKS Auto-Discovery](auto-discovery/kubernetes/azure.mdx): Auto-Discovery of AKS clusters in Azure cloud. | ||
| - [Teleport EKS Auto-Discovery](auto-discovery/kubernetes/aws.mdx): How to configure auto-discovery of AWS EKS clusters in Teleport. | ||
| - [Teleport GKE Auto-Discovery](auto-discovery/kubernetes/google-cloud.mdx): How to configure auto-discovery of Google Kubernetes Engine clusters in Teleport. | ||
|
|
||
| ## Enroll Kubernetes Services as Teleport Applications | ||
|
|
||
| Teleport can automatically detect applications running in your Kubernetes clusters and register them with Teleport for secure access. ([more info](auto-discovery/kubernetes-applications.mdx)) | ||
|
|
||
| - [Get Started with Kubernetes Application Discovery](auto-discovery/kubernetes-applications/get-started.mdx): Detailed guide for configuring Kubernetes Application Discovery. | ||
| - [Kubernetes App Discovery Architecture](auto-discovery/kubernetes-applications/architecture.mdx): Learn how Teleport automatically discovers applications running on Kubernetes. | ||
| - [Kubernetes Application Discovery Reference](auto-discovery/kubernetes-applications/reference.mdx): This guide is a comprehensive reference of configuration options for automatically enrolling Kubernetes applications with Teleport. | ||
|
|
||
| ## Server Auto-Discovery | ||
|
|
||
| You can set up the Teleport Discovery Service to automatically enroll servers in your infrastructure. ([more info](auto-discovery/servers.mdx)) | ||
|
|
||
| - [Automatically Discover Azure Virtual Machines](auto-discovery/servers/azure-discovery.mdx): How to configure Teleport to automatically enroll Azure virtual machines. | ||
| - [Automatically Discover GCP Compute Instances](auto-discovery/servers/gcp-discovery.mdx): How to configure Teleport to automatically enroll GCP compute instances. | ||
| - [Configure Teleport to Automatically Enroll EC2 instances](auto-discovery/servers/ec2-discovery.mdx): How to configure Teleport to automatically enroll EC2 instances. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.