-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Workload ID: Restructure docs to be more value-first #47637
base: master
Are you sure you want to change the base?
Workload ID: Restructure docs to be more value-first #47637
Conversation
🤖 Vercel preview here: https://docs-jmikoxn0k-goteleport.vercel.app/docs/ver/preview |
🤖 Vercel preview here: https://docs-5gce73z6h-goteleport.vercel.app/docs/ver/preview |
🤖 Vercel preview here: https://docs-c1fsy323m-goteleport.vercel.app/docs/ver/preview |
🤖 Vercel preview here: https://docs-hplr0qoj9-goteleport.vercel.app/docs/ver/preview |
There's a whole host of benefits to adopting Teleport Workload Identity, but | ||
here's some of the key ones: | ||
|
||
- Eliminate the use of long-lived shared secrets within your infrastructure, and | ||
reduce the risk of exfiltration and time spent by engineers creating and | ||
rotating these secrets. | ||
- Establish an out of the box universal form of identity for your workloads, | ||
enabling your engineers to get on with building new services without needing | ||
to think about how they'll authenticate. | ||
- Converge on a first-class form of identity for your workloads, simplifying | ||
infrastructure by reducing the number of different ways workloads authenticate. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would shorten this introductory section by combining the list of benefits with the list of use cases (and choosing three bullets total). That way, we can move past the generalities more quickly and get to the substantive details about how Workload Identity works and what it means in Teleport.
SPIFFE sets out: | ||
|
||
- A format for uniquely specifying an identity, the SPIFFE ID. | ||
- Standards for encoding the SPIFFE ID into verifiable documents, the SVID. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does "the SVID" modify here? Is it a rephrasing of "standards"?
- Processes that workloads should use to validate a received SVID. | ||
- A set of APIs that workloads can use to request SVIDS, the Workload API. | ||
|
||
The open nature and popularity of SPIFFE make it a great choice as a foundation |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a way to use a more objective-sounding word than "great" here?
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
🤖 Vercel preview here: https://docs-1zflfb9ky-goteleport.vercel.app/docs/ver/preview |
Since we don't have a general landing page for Workload ID on the main marketing site, I figured it made some sense to try and make the Workload Identity introduction on the docs focus a little more on the potential use-cases and value - rather than diving straight into the technical deep-end.