Merge branch 'master' into stevenGravy/eventhandlerdebug

gravitational · Jun 24, 2024 · 83f3338 · 83f3338
2 parents ace2ef3 + 0bc20f0
commit 83f3338
Show file tree

Hide file tree

Showing 26 changed files with 465 additions and 325 deletions.
diff --git a/docs/config.json b/docs/config.json
@@ -493,11 +493,24 @@
         },
         {
           "title": "Teleport Policy",
-          "slug": "/access-controls/access-graph/",
-          "forScopes": [
-            "enterprise"
-          ],
+          "slug": "/access-controls/teleport-policy/getting-started-policy/",
+          "forScopes": ["enterprise", "cloud"],
           "entries": [
+            {
+              "title": "Teleport Policy Integrations",
+              "slug": "/access-controls/teleport-policy/policy-integrations/",
+              "forScopes": ["enterprise", "cloud"]
+            },
+            {
+              "title": "Teleport Policy Connections",
+              "slug": "/access-controls/teleport-policy/policy-connections/",
+              "forScopes": ["enterprise", "cloud"]
+            },
+            {
+              "title": "Teleport Policy Usage",
+              "slug" : "/access-controls/teleport-policy/policy-how-to-use/",
+              "forScopes":["enterprise","cloud"]
+            },
             {
               "title": "Teleport Policy for Self-Hosted Clusters",
               "slug": "/access-controls/access-graph/self-hosted/",
@@ -2420,6 +2433,11 @@
       "destination": "/access-controls/introduction/",
       "permanent": true
     },
+    {
+      "source": "/access-controls/teleport-policy/",
+      "destination": "/access-controls/teleport-policy/getting-started-policy/",
+      "permanent": true
+    },
     {
       "source": "/try-out-teleport/",
       "destination": "/",
@@ -2715,11 +2733,6 @@
       "destination": "/server-access/guides/",
       "permanent": true
     },
-    {
-      "source": "/access-graph/",
-      "destination": "/access-controls/access-graph/",
-      "permanent": true
-    },
     {
       "source": "/database-access/guides/aws-discovery/",
       "destination": "/auto-discovery/databases/",

diff --git a/docs/img/access-graph/aws_access_graph_policy_step1.png b/docs/img/access-graph/aws_access_graph_policy_step1.png
diff --git a/docs/img/access-graph/aws_access_graph_regions_step3.png b/docs/img/access-graph/aws_access_graph_regions_step3.png
diff --git a/docs/img/access-graph/aws_enable_sync_access_graph_step2.png b/docs/img/access-graph/aws_enable_sync_access_graph_step2.png
diff --git a/docs/img/access-graph/connection_view.png b/docs/img/access-graph/connection_view.png
diff --git a/docs/img/access-graph/graph_view.png b/docs/img/access-graph/graph_view.png
diff --git a/docs/img/access-graph/query_view.png b/docs/img/access-graph/query_view.png
diff --git a/docs/img/access-graph/search_view.png b/docs/img/access-graph/search_view.png
diff --git a/docs/pages/access-controls/access-graph.mdx b/docs/pages/access-controls/access-graph.mdx
diff --git a/docs/pages/access-controls/access-graph/aws-sync.mdx b/docs/pages/access-controls/access-graph/aws-sync.mdx
@@ -30,7 +30,7 @@ Access Graph options can be found under the Permission Management section.
 Teleport Access Graph discovers AWS access patterns, synchronizes various AWS resources,
 including IAM Policies, Groups, Users, User Groups, EC2 instances, EKS clusters, and RDS databases. 
 These resources are then visualized using the graph representation detailed in the
-[Access Graph page](../access-graph.mdx).
+[Access Graph page](../teleport-policy/getting-started-policy.mdx).
 
 The importing process involves two primary steps:
 
@@ -66,7 +66,7 @@ graphical representation thereof.
 - A running Teleport Enterprise cluster v14.3.9/v15.2.0 or later.
 - For self-hosted clusters, an updated `license.pem` with Teleport Policy enabled.
 - For self-hosted clusters, a running Teleport Access Graph node v1.17.0 or later. 
-Check [Access Graph page](../access-graph.mdx) for details on
+Check [Access Graph page](../teleport-policy/getting-started-policy.mdx) for details on
 how to setup Teleport Access Graph.
 - The node running the Access Graph service must be reachable
 from Teleport Auth Service and Discovery Service. 

diff --git a/docs/pages/access-controls/teleport-policy/getting-started-policy.mdx b/docs/pages/access-controls/teleport-policy/getting-started-policy.mdx
@@ -0,0 +1,29 @@
+---
+title: Teleport Policy
+description: A reference for Access Graph with Teleport Policy.
+---
+
+Teleport Policy streamlines and centralizes access management across your entire infrastructure. Access Graph provides a 
+visual representation of the relationships between users, roles, and resources in your organization. 
+It can help you answer questions like:
+
+- What resources can a specific user access?
+- What users can access a specific resource?
+- What are the relationships between users, roles, and resources?
+
+## Getting started with Teleport Policy
+
+Access Graph is a feature of the Teleport Policy product that is only 
+available to Teleport Enterprise customers.
+
+After logging into the Teleport UI, go to the Management tab. If enabled, Access Graph options can be found
+under the Permission Management section.
+
+<Admonition type="note">
+Note: For managed Teleport Enterprise customers, Access Graph is enabled by default.
+If you are a self-hosted Teleport customer, you will need to set up [Access Graph](../access-graph/self-hosted.mdx) and ensure you have an updated 
+`license.pem` with Teleport Policy enabled to use it.
+</Admonition>
+
+## Next steps
+- Set up [Policy integrations](./policy-integrations.mdx) for use with Access Graph.