From aaea0748bed23189dca9fa331c35e33120cb4a1a Mon Sep 17 00:00:00 2001 From: Lisa Gunn Date: Thu, 28 Sep 2023 12:45:06 -0700 Subject: [PATCH 1/2] Replace Access Plane with Access Platform --- CHANGELOG.md | 4 ++-- .../guides/connecting-apps.mdx | 17 +++++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 28c1f8f6c37b..94df8d226481 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3229,7 +3229,7 @@ Teleport 5.0 introduces two distinct features: Teleport application access and s Teleport can now be used to provide secure access to web applications. This new feature was built with the express intention of securing internal apps which might have once lived on a VPN or had a simple authorization and authentication mechanism with little to no audit trail. application access works with everything from dashboards to single page Javascript applications (SPA). -application access uses mutually authenticated reverse tunnels to establish a secure connection with the Teleport unified Access Plane which can then becomes the single ingress point for all traffic to an internal application. +Application access uses mutually authenticated reverse tunnels to establish a secure connection with the Teleport unified Access Platform which can then becomes the single ingress point for all traffic to an internal application. Adding an application follows the same UX as adding SSH servers or Kubernetes clusters, starting with creating a static or dynamic invite token. @@ -3313,7 +3313,7 @@ You can learn more in the [Application Access introduction](./docs/pages/applica Teleport 5.0 also introduces two highly requested features for Kubernetes. -* The ability to connect multiple Kubernetes Clusters to the Teleport Access Plane, greatly reducing operational complexity. +* The ability to connect multiple Kubernetes Clusters to the Teleport Access Platform, greatly reducing operational complexity. * Complete Kubernetes audit log capture [#4526](https://github.com/gravitational/teleport/pull/4526), going beyond the existing `kubectl exec` capture. For a full overview please review the [Kubernetes RFD](https://github.com/gravitational/teleport/blob/master/rfd/0005-kubernetes-service.md). diff --git a/docs/pages/application-access/guides/connecting-apps.mdx b/docs/pages/application-access/guides/connecting-apps.mdx index 065ae3df44c5..4a76825f4ea7 100644 --- a/docs/pages/application-access/guides/connecting-apps.mdx +++ b/docs/pages/application-access/guides/connecting-apps.mdx @@ -3,7 +3,7 @@ title: Web Application Access description: In this getting started guide, learn how to connect an application to your Teleport cluster by running the Teleport Application Service. --- -Download the latest version of Teleport for your platform from our [downloads page](https://goteleport.com/download) +Download the latest version of Teleport for your platform from the [downloads page](https://goteleport.com/download) and follow the installation [instructions](../../installation.mdx). ## Start Auth/Proxy service @@ -30,7 +30,7 @@ ssh_service: ### Generate a token -A join token is required to authorize a Teleport Application Proxy service to +A join token is required to authorize a Teleport Application Service to join the cluster. Generate a short-lived join token and save it for example in `/tmp/token`: @@ -38,7 +38,7 @@ in `/tmp/token`: # Log in to your cluster with tsh so you can use tctl from your local machine. # You can also run tctl on your Auth Service host without running "tsh login" # first. -$ tsh login --user=myuser --proxy=teleport.example.com +$ tsh login --user= --proxy= $ tctl tokens add \ --type=app \ --app-name=grafana \ @@ -47,19 +47,20 @@ $ tctl tokens add \ ### TLS requirements -TLS is required to secure Teleport's Access Plane and any connected +TLS is required to secure the Teleport Access Platform and any connected applications. When setting up Teleport, the minimum requirement is a certificate -for the proxy and a wildcard certificate for its sub-domain. This is where +for the Teleport Proxy Service and a wildcard certificate for its sub-domain. This is where everyone will log into Teleport. (!docs/pages/includes/dns-app-access.mdx!) -In our example: +In this example: -- `teleport.example.com` will host the Access Plane. -- `*.teleport.example.com` will host all of the applications e.g. `grafana.teleport.example.com`. +- `teleport.example.com` hosts the Teleport Auth Service and the Teleport Proxy Service that are the + that form the core cluster services of the Telleport Access Platform. +- `*.teleport.example.com` hosts all of the applications, for example, `grafana.teleport.example.com`. (!docs/pages/includes/tls-certificate-setup.mdx!) From 3a38c7d6b0ab88c647e7a37931b8a8a1fd610f88 Mon Sep 17 00:00:00 2001 From: Lisa Gunn Date: Thu, 28 Sep 2023 15:09:16 -0700 Subject: [PATCH 2/2] Fix Telleport --- docs/pages/application-access/guides/connecting-apps.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/pages/application-access/guides/connecting-apps.mdx b/docs/pages/application-access/guides/connecting-apps.mdx index 4a76825f4ea7..758c6f9a6b42 100644 --- a/docs/pages/application-access/guides/connecting-apps.mdx +++ b/docs/pages/application-access/guides/connecting-apps.mdx @@ -59,7 +59,7 @@ everyone will log into Teleport. In this example: - `teleport.example.com` hosts the Teleport Auth Service and the Teleport Proxy Service that are the - that form the core cluster services of the Telleport Access Platform. + that form the core cluster services of the Teleport Access Platform. - `*.teleport.example.com` hosts all of the applications, for example, `grafana.teleport.example.com`. (!docs/pages/includes/tls-certificate-setup.mdx!)