Web: replace side docs with sliding side panel #52779
Open
+371
−159
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kimlisa
added
no-changelog
kimlisa
commented
Mar 4, 2025
Comment on lines
+210
to
+230
| <Box> | ||
| <InfoTitle>Auth Connectors</InfoTitle> | ||
| <InfoParagraph> | ||
| Auth connectors allow Teleport to authenticate users via an external | ||
| identity source such as Okta, Microsoft Entra ID, GitHub, etc. This | ||
| authentication method is commonly known as single sign-on (SSO). | ||
| </InfoParagraph> | ||
| <ReferenceLinks | ||
| links={[ | ||
| isGitHub | ||
| ? { | ||
| title: 'Configure GitHub connector', | ||
| href: 'https://goteleport.com/docs/admin-guides/access-controls/sso/github-sso/', | ||
| } | ||
| : { | ||
| title: 'Samples of different connectors', | ||
| href: 'https://goteleport.com/docs/admin-guides/access-controls/sso/', | ||
| }, | ||
| ]} | ||
| /> | ||
| </Box> |
Comment on lines
+490
to
+526
| <Box> | ||
| <InfoTitle>Join Tokens</InfoTitle> | ||
| <InfoParagraph> | ||
| <InfoExternalTextLink href={InfoGuideReferenceLinks.JoinTokens.href}> | ||
| Join Tokens | ||
| </InfoExternalTextLink>{' '} | ||
| are how a Teleport agent authenticates itself to the Teleport cluster. | ||
| </InfoParagraph> | ||
| <InfoParagraph> | ||
| There are Join Tokens for most types of infrastructure you can connect to | ||
| Teleport that establish an identity for that infrastructure using | ||
| metadata, such as AWS role, GitHub organization or TPM hash. These are | ||
| called{' '} | ||
| <InfoExternalTextLink | ||
| href={InfoGuideReferenceLinks.DelegatedJoinMethods.href} | ||
| > | ||
| delegated join methods | ||
| </InfoExternalTextLink> | ||
| . We recommend you use these methods whenever possible. When they are not | ||
| available, there are{' '} | ||
| <InfoExternalTextLink | ||
| href={InfoGuideReferenceLinks.SecretBasedJoinMethods.href} | ||
| > | ||
| secret-based join methods | ||
| </InfoExternalTextLink>{' '} | ||
| to fall back on. | ||
| </InfoParagraph> | ||
| <InfoParagraph> | ||
| Agents’ permission to provide different connection services are limited by | ||
| the system role of their join token. For example, if you want to provide | ||
| access to a HTTP application running on a server, but also want to provide | ||
| SSH access to that server, the join token it uses must have both the{' '} | ||
| <Mark>node</Mark> | ||
| and <Mark>app</Mark> permissions. | ||
| </InfoParagraph> | ||
| <ReferenceLinks links={Object.values(InfoGuideReferenceLinks)} /> | ||
| </Box> |
Comment on lines
+329
to
+350
| <Box> | ||
| <InfoTitle>Role-based access control</InfoTitle> | ||
| <InfoParagraph> | ||
| Teleport Role-based access control (RBAC) provides fine-grained control | ||
| over who can access resources and in which contexts. A Teleport role can | ||
| be assigned automatically based on user identity when used with single | ||
| sign-on (SSO). | ||
| </InfoParagraph> | ||
| <InfoParagraph> | ||
| New clusters have several{' '} | ||
| <InfoExternalTextLink href={InfoGuideReferenceLinks.PresetRoles.href}> | ||
| preset roles | ||
| </InfoExternalTextLink> | ||
| . These are convenient for getting started but are very permissive, and | ||
| we recommend you follow our{' '} | ||
| <InfoExternalTextLink href={InfoGuideReferenceLinks.RoleTemplates.href}> | ||
| best practices guide | ||
| </InfoExternalTextLink>{' '} | ||
| to create your own. | ||
| </InfoParagraph> | ||
| <ReferenceLinks links={Object.values(InfoGuideReferenceLinks)} /> | ||
| </Box> |
Comment on lines
+263
to
+288
| <Box> | ||
| <InfoTitle>Users</InfoTitle> | ||
| <InfoParagraph> | ||
| Teleport allows for two kinds of{' '} | ||
| <InfoExternalTextLink href={InfoGuideReferenceLinks.Users}> | ||
| users | ||
| </InfoExternalTextLink> | ||
| : | ||
| <InfoUl> | ||
| <li> | ||
| <b>Local</b> users are created and managed in Teleport and stored in | ||
| the Auth Service backend. | ||
| </li> | ||
| <li> | ||
| <b>Single Sign-On (SSO)</b> users are stored on the backend of your | ||
| SSO solution, e.g., Okta or GitHub. SSO can be set up with an{' '} | ||
| <InternalLink to={cfg.routes.sso}>Auth Connector</InternalLink>. | ||
| </li> | ||
| </InfoUl> | ||
| </InfoParagraph> | ||
| <InfoParagraph> | ||
| To take any action in Teleport, users must have at least one{' '} | ||
| <InternalLink to={cfg.routes.roles}>Role</InternalLink> assigned. | ||
| </InfoParagraph> | ||
| <ReferenceLinks links={Object.values(InfoGuideReferenceLinks)} /> | ||
| </Box> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR just replaces visible side blocks that had docs, with a sliding side panel that is hidden by default. Users will have to click on the
info iconto slide open the info panelscreenshots:
auth connector editor:
auth connector:
add bots
bots list
join tokens
roles
users