Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(6.1) Update application access docs #6055

Merged
merged 3 commits into from
Mar 24, 2021
Merged

(6.1) Update application access docs #6055

merged 3 commits into from
Mar 24, 2021

Conversation

r0mant
Copy link
Collaborator

@r0mant r0mant commented Mar 18, 2021

Update App Access docs to have structure similar to K8s and Database Access docs. Fixes #5940.
Screen Shot 2021-03-18 at 11 27 00 AM

Changes made:

  • Top-level Application Access section which previously held all content now serves as a hub that only contains brief description of the feature, demo video and resource/guide links.
  • Most of the previous content written by Ben is now in Guides / General Usage (couldn't come up with a better name, suggestions welcome) and Guides / Integrating with JWT.
  • Added new pages Getting Started, Guides / API Access and Reference.

Needs forward-port to master.

@r0mant r0mant added this to the 6.1 milestone Mar 18, 2021
@r0mant r0mant self-assigned this Mar 18, 2021
@r0mant r0mant requested a review from russjones as a code owner March 18, 2021 18:32
webvictim
webvictim reviewed Mar 18, 2021
View reviewed changes
@benarent
Copy link
Contributor

I would also add a section about how to use RBAC to limit access to applications. Bonus points if it uses Workflows to get access to applications.

@klizhentas
Copy link
Contributor

@r0mant I will do another pass tomorrow, but overall, great work!

klizhentas
klizhentas reviewed Mar 19, 2021
View reviewed changes
docs/pages/application-access/guides/usage.mdx Outdated
# Name of the application. Used for identification purposes.
- name: "grafana"
# URI and port the application is available at.
uri: "http://localhost:3000"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This guide (or some other guide) should mention that if you have two apps with the same name on different hosts it will load balance them. (HA). May be for the future.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I think dedicated HA guides for both app and db access are needed. Also, app access HA needs some work too, the way it's implemented right now it's not really HA because the session sticks to the app server for its entire duration.

@r0mant r0mant force-pushed the roman/v6/app-access-docs branch from 21c3cd5 to 8260330 Compare March 23, 2021 15:42
@r0mant
Copy link
Collaborator Author

r0mant commented Mar 23, 2021

@klizhentas Addressed your review comments in 8260330.

@r0mant r0mant enabled auto-merge (squash) March 24, 2021 18:24
@r0mant
Copy link
Collaborator Author

r0mant commented Mar 24, 2021

I would also add a section about how to use RBAC to limit access to applications. Bonus points if it uses Workflows to get access to applications.

@benarent Yeah, I will do it in a future PR.

@r0mant r0mant merged commit fb1d371 into branch/v6 Mar 24, 2021
@r0mant r0mant deleted the roman/v6/app-access-docs branch March 24, 2021 18:31
r0mant added a commit that referenced this pull request Mar 24, 2021
@r0mant
Update application access docs (#6055)
31db02e
@r0mant r0mant mentioned this pull request Mar 24, 2021
Merged
r0mant added a commit that referenced this pull request Mar 28, 2021
@r0mant
Update application access docs (#6055) (#6137)
7fb637e
pierrebeaucamp pushed a commit that referenced this pull request Mar 31, 2021
Merge branch 'master' of github.com:gravitational/teleport into pierr…
5f5506b 
…e/dynamodb-gsi-autoscaling

* 'master' of github.com:gravitational/teleport: (41 commits)
  Refactor ssh.ClientConfig used by tctl and API clients to use the first valid principal as User.
  Update Architecture Overview With Link To User Roles (#6224)
  Add `lint-api` target and fix lint errors (#6169)
  ssh: fix relogin with jumphosts (#6213)
  drone: use emptyDir for /var/lib/docker filesystem and prevent repetitive docker pulls (#6145)
  Remove ARM64 FIPS builds (#6236)
  tsh Profile SSH certs fix (#6214)
  mfa: fix gRPC unimplemented check in cert reissue
  Open Sources Access Controls Docs (#6188) (#6217)
  add PAM environment with interpolation support
  Cache per-cluster SSH certificates under ~/.tsh (#5938)
  add special resource type for access plugin data
  Enable DynamoDB autoscaling on global secondary indices (#6112)
  darwin fips builds (#5866)
  kube: add kubernetes_labels to role JSON schema
  mfa: send username instead of SSH login name in MFA cert request
  fix nil slice bug
  RFD 16: Add a section on `tctl rm` resetting resources back to defaults (#5673)
  Update application access docs (#6055) (#6137)
  Bump linux FIPS builds to use go1.16.2b7 release (#6143)
  ...
@webvictim webvictim mentioned this pull request May 5, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benarent benarent benarent left review comments

@klizhentas klizhentas klizhentas approved these changes

@webvictim webvictim webvictim approved these changes

@russjones russjones Awaiting requested review from russjones russjones is a code owner

Assignees

@r0mant r0mant

Labels
application-access backport-required documentation
Projects
None yet
Milestone
6.1
Development

Successfully merging this pull request may close these issues.
4 participants
@r0mant @benarent @klizhentas @webvictim