mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 01:03:40 +00:00
docs: provide instructions on getting enterprise file from new license Teleport Account (#25677)
* docs: provide instructions on getting enterprise file from new license workspace * lint fix * Set name as Teleport Account * verbiage update * remove all references to dashboard.gravitational.com * lint fixes * verbiage update Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com> * update verbiage * modify Teleport Account to Teleport account * verbiage change Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com> * Update verbiage * verbiage change * update account site wording * fix link --------- Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com> Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
This commit is contained in:
parent
45341c223f
commit
eec4864611
Binary file not shown.
Before Width: | Height: | Size: 1.2 MiB After Width: | Height: | Size: 124 KiB |
|
@ -13,7 +13,6 @@ Jira tickets.
|
|||
|
||||
- Jira Server or Jira Cloud installation with an owner privileges, specifically
|
||||
to set up webhooks, issue types, and workflows
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
## Step 1/6. Create a user and role for access
|
||||
|
|
|
@ -25,13 +25,11 @@ government agencies.
|
|||
| [IA-03 Device Identification and Authentication]((=fedramp.control_url=)IA-3) | Teleport requires valid x509 or SSH certificates issued by a Teleport Certificate Authority (CA) to establish a network connection for device-to-device network connection between Teleport components. |
|
||||
| [SC-12 Cryptographic Key Establish and Management]((=fedramp.control_url=)SC-12) | Teleport initializes cryptographic keys that act as a Certificate Authority (CA) to further issue x509 and SSH certificates. SSH and x509 user certificates that are issued are signed by the CA and are (by default) short-lived. SSH host certificates are also signed by the CA and rotated automatically (a manual force rotation can also be performed).<br/>Teleport Enterprise builds against a FIPS 140-2 compliant library (BoringCrypto) is available. <br/>In addition, when Teleport Enterprise is in FedRAMP/FIPS 140-2 mode, Teleport will only start and use FIPS 140-2 compliant cryptography. |
|
||||
|
||||
Enterprise customers can download the custom FIPS package from the [Dashboard](https://dashboard.gravitational.com/web/login). Look for `Linux 64-bit (FedRAMP/FIPS)`. RPM and DEB packages are also available.
|
||||
|
||||
## Setup
|
||||
|
||||
Visit the [Teleport Customer
|
||||
Portal](https://dashboard.gravitational.com/web/login) to download a FIPS binary
|
||||
for Teleport Enterprise.
|
||||
Sign in to your [Teleport account](https://teleport.sh) to download a FIPS binary
|
||||
for Teleport Enterprise. Look for `Linux 64-bit (FedRAMP/FIPS)`. RPM and DEB
|
||||
packages are also available.
|
||||
|
||||
After downloading the binary tarball, run:
|
||||
|
||||
|
|
|
@ -103,7 +103,7 @@ e.g. `grafana.teleport.example.com`. You can also override `public_addr` e.g
|
|||
`grafana.acme.com` if you configure the appropriate DNS entry to point to the
|
||||
Teleport proxy server.
|
||||
|
||||
## Start application service with a config file
|
||||
## Start the Teleport Application Service with a config file
|
||||
|
||||
Example `teleport.yaml` configuration:
|
||||
|
||||
|
|
|
@ -64,7 +64,8 @@ See the [SSO](../../access-controls/sso.mdx) chapter for more details.
|
|||
|
||||
With Teleport we have built the foundation to meet FedRAMP requirements for the purposes of accessing infrastructure. This includes support for [FIPS 140-2](https://en.wikipedia.org/wiki/FIPS\_140-2), also known as the Federal Information Processing Standard, which is the US government approved standard for cryptographic modules.
|
||||
|
||||
Enterprise customers can download the custom FIPS package from the [Gravitational Dashboard](https://dashboard.gravitational.com/web/).
|
||||
Enterprise customers can download the custom FIPS package from their [Teleport account](https://teleport.sh).
|
||||
|
||||
Look for `Linux 64-bit (FedRAMP/FIPS)`.
|
||||
|
||||
Using `teleport start --fips` Teleport will start in FIPS mode, Teleport will
|
||||
|
|
|
@ -17,10 +17,13 @@ your license file.
|
|||
|
||||
### Download your license file
|
||||
|
||||
To obtain your license file, visit the [Teleport customer
|
||||
portal](https://dashboard.gravitational.com/web/login) and log in. Click
|
||||
"DOWNLOAD LICENSE KEY". You will see your current Teleport Enterprise account
|
||||
permissions and the option to download your license file:
|
||||
Teleport provides a dedicated account site where you can download your license and
|
||||
enterprise binaries, and maintain users' access to your license.
|
||||
|
||||
To obtain your license file navigate to your Teleport account site and log in.
|
||||
You can start at [teleport.sh](https://teleport.sh) and enter your
|
||||
Teleport account name (e.g. my-license). After logging in
|
||||
you will see the "DOWNLOAD LICENSE KEY" button to download the license file.
|
||||
|
||||
![License File modal](../../../img/enterprise/license.png)
|
||||
|
||||
|
|
|
@ -34,7 +34,6 @@ release.
|
|||
and attach IAM policies.
|
||||
- A host, e.g., an EC2 instance, where you will run the Teleport Database
|
||||
Service.
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
## Step 1/4. Set up Aurora
|
||||
|
|
|
@ -223,7 +223,7 @@ and replace the subscription in "assignableScopes" with your own subscription id
|
|||
![Create JSON role](../../../img/database-access/guides/azure/create-role-from-json@2x.png)
|
||||
</Figure>
|
||||
|
||||
### Create a role assignment for the Teleport Database Service principal.
|
||||
### Create a role assignment for the Teleport Database Service principal
|
||||
|
||||
(!docs/pages/includes/database-access/azure-assign-service-principal.mdx!)
|
||||
|
||||
|
|
|
@ -26,7 +26,6 @@ This guide will help you to:
|
|||
- `redis-cli` version `6.2` or newer installed and added to your system's `PATH` environment variable.
|
||||
- A host, e.g., an EC2 instance, where you will run the Teleport Database
|
||||
Service.
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
## Step 1/6. Create a Teleport user
|
||||
|
|
|
@ -185,10 +185,9 @@ EC2 instances. Do not use a keypair that you do not have access to.
|
|||
|
||||
### license_path
|
||||
|
||||
Setting `export TF_VAR_license_path="/home/user/teleport-license.pem"`
|
||||
(!docs/pages/includes//enterprise/obtainlicense.mdx!)
|
||||
|
||||
The full local path to your Teleport license file, which customers can download from
|
||||
[the Teleport customer dashboard](https://dashboard.gravitational.com/).
|
||||
Set `export TF_VAR_license_path="/home/user/license.pem"`
|
||||
|
||||
This license will be uploaded to AWS SSM and automatically downloaded to Teleport auth nodes in order to enable
|
||||
Teleport Enterprise/Pro functionality.
|
||||
|
|
|
@ -226,9 +226,9 @@ We recommend configuring Teleport as per the below steps:
|
|||
|
||||
<Tabs>
|
||||
<TabItem label="Open Source">
|
||||
**1. Configure Teleport Auth Server** using the below example `teleport.yaml`, and start it
|
||||
using [systemd](https://raw.githubusercontent.com/gravitational/teleport/master/examples/systemd/teleport.service)
|
||||
or use DEB/RPM packages available from our [Downloads Page](https://goteleport.com/download/).
|
||||
**1. Configure Teleport Auth Server** using the below example `teleport.yaml`,and start it
|
||||
using [systemd](../../management/admin/daemon.mdx). The DEB/RPM installations will
|
||||
automatically include the `systemd` configuration.
|
||||
|
||||
```yaml
|
||||
#
|
||||
|
@ -265,8 +265,8 @@ ssh_service:
|
|||
</TabItem>
|
||||
<TabItem label="Enterprise" label="Enterprise" scope={["enterprise"]}>
|
||||
**1. Configure Teleport Auth Server** using the below example `teleport.yaml`, and start it
|
||||
using [systemd](https://raw.githubusercontent.com/gravitational/teleport/master/examples/systemd/teleport.service)
|
||||
or use DEB/RPM packages available from the [Customer Portal](https://dashboard.gravitational.com).
|
||||
using [systemd](../../management/admin/daemon.mdx). The DEB/RPM installations will
|
||||
automatically include the `systemd` configuration.
|
||||
|
||||
```yaml
|
||||
#
|
||||
|
|
|
@ -271,9 +271,7 @@ Edit your `values.yaml` file to refer to the name of your secret:
|
|||
Before you can install Teleport in your Kubernetes cluster, you will need to
|
||||
create a secret that contains your Teleport license information.
|
||||
|
||||
Download your Teleport Enterprise license from the
|
||||
[Customer Portal](https://dashboard.gravitational.com/web/login) and save it to
|
||||
a file called `license.pem`.
|
||||
(!docs/pages/includes//enterprise/obtainlicense.mdx!)
|
||||
|
||||
Create a secret from your license file. Teleport will automatically discover
|
||||
this secret as long as your file is named `license.pem`.
|
||||
|
|
|
@ -136,9 +136,7 @@ namespace/teleport labeled
|
|||
Before you can install Teleport in your Kubernetes cluster, you will need to
|
||||
create a secret that contains your Teleport license information.
|
||||
|
||||
Download your Teleport Enterprise license from the
|
||||
[Customer Portal](https://dashboard.gravitational.com/web/login) and save it to
|
||||
a file called `license.pem`.
|
||||
(!docs/pages/includes//enterprise/obtainlicense.mdx!)
|
||||
|
||||
Create a secret from your license file. Teleport will automatically discover
|
||||
this secret as long as your file is named `license.pem`.
|
||||
|
|
|
@ -72,9 +72,9 @@ $ kubectl label namespace teleport-cluster 'pod-security.kubernetes.io/enforce=b
|
|||
namespace/teleport-cluster labeled
|
||||
```
|
||||
|
||||
Obtain your Teleport Enterprise license file from the [Teleport Customer
|
||||
Portal](https://dashboard.gravitational.com/web/login). Create a secret called
|
||||
"license" in the namespace you created:
|
||||
(!docs/pages/includes//enterprise/obtainlicense.mdx!)
|
||||
|
||||
Create a secret called "license" in the namespace you created:
|
||||
|
||||
```code
|
||||
$ kubectl -n teleport-cluster create secret generic license --from-file=license.pem
|
||||
|
|
|
@ -282,9 +282,7 @@ $ kubectl --namespace teleport create -f gcp-issuer.yaml
|
|||
Before you can install Teleport Enterprise in your Kubernetes cluster, you will need to
|
||||
create a secret that contains your Teleport license information.
|
||||
|
||||
Download your Teleport Enterprise license from the
|
||||
[Customer Portal](https://dashboard.gravitational.com/web/login) and save it to
|
||||
a file called `license.pem`.
|
||||
(!docs/pages/includes/enterprise/obtainlicense.mdx!)
|
||||
|
||||
Create a secret from your license file. Teleport will automatically discover
|
||||
this secret as long as your file is named `license.pem`.
|
||||
|
|
|
@ -7,8 +7,7 @@
|
|||
Started](/docs/enterprise/getting-started) guide.
|
||||
|
||||
- The Enterprise `tctl` admin tool and `tsh` client tool version >= (=teleport.version=),
|
||||
which you can download by visiting the
|
||||
[customer portal](https://dashboard.gravitational.com/web/login).
|
||||
which you can download by visiting your [Teleport account](https://teleport.sh).
|
||||
|
||||
```code
|
||||
$ tctl version
|
||||
|
|
|
@ -29,8 +29,7 @@ files in partials, this partial uses relative URL paths instead.
|
|||
[Getting Started](/docs/enterprise/getting-started) guide.
|
||||
|
||||
- The Enterprise `tctl` admin tool and `tsh` client tool version >= (=teleport.version=),
|
||||
which you can download by visiting the
|
||||
[customer portal](https://dashboard.gravitational.com/web/login).
|
||||
which you can download by visiting your [Teleport account](https://teleport.sh).
|
||||
|
||||
```code
|
||||
$ tctl version
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
The `teleport` binary reads a local license file to authenticate your Teleport
|
||||
The Teleport Auth Service reads a license file to authenticate your Teleport
|
||||
Enterprise account.
|
||||
|
||||
To obtain your license file, visit the [Teleport customer
|
||||
dashboard](https://dashboard.gravitational.com/web/login) and log in. Click
|
||||
"DOWNLOAD LICENSE KEY". You will see your current Teleport Enterprise account
|
||||
permissions and the option to download your license file:
|
||||
To obtain your license file, navigate to your [Teleport
|
||||
account](https://teleport.sh) and enter your
|
||||
account name (e.g., `my-license`). After logging in, click
|
||||
the "DOWNLOAD LICENSE KEY" button to download your
|
||||
license file.
|
||||
|
||||
![License File modal](../../../img/enterprise/license.png)
|
||||
![License File Download](../../../img/enterprise/license.png)
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
<ScopedBlock scope={["enterprise"]}>
|
||||
|
||||
Visit the [Downloads Page](https://dashboard.gravitational.com/web/downloads) in
|
||||
the customer portal and select the URL for your package of choice.
|
||||
Visit your [Teleport account](https://teleport.sh) and select the URL for your package of choice.
|
||||
|
||||
</ScopedBlock>
|
||||
|
||||
|
|
|
@ -22,8 +22,7 @@
|
|||
scope={["enterprise"]} label="Enterprise">
|
||||
|
||||
- The `tctl` and `tsh` client tools version >= (=teleport.version=), which you
|
||||
can download by visiting the
|
||||
[customer portal](https://dashboard.gravitational.com/web/login).
|
||||
can download by visiting your [Teleport account](https://teleport.sh).
|
||||
|
||||
```code
|
||||
$ tctl version
|
||||
|
|
|
@ -30,7 +30,6 @@ Auto-Discovery for GKE.
|
|||
- A Linux host where you will run the Teleport Discovery and Kubernetes
|
||||
services. You can run this host on any cloud provider or even use a local
|
||||
machine.
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
## Step 1/3. Obtain Google Cloud credentials
|
||||
|
|
|
@ -80,8 +80,7 @@ For example, this Teleport Proxy Service configuration would use self-signed cer
|
|||
```
|
||||
|
||||
- The `tctl` admin tool and `tsh` client tool version >= (=teleport.version=),
|
||||
which you can download by visiting the
|
||||
[customer portal](https://dashboard.gravitational.com/web/login).
|
||||
which you can download by visiting your [Teleport account](https://teleport.sh).
|
||||
|
||||
```code
|
||||
$ tctl version
|
||||
|
|
|
@ -151,7 +151,7 @@ Teleport v9.0.4 git: go1.18
|
|||
|
||||
<Tabs>
|
||||
<TabItem scope={["cloud", "enterprise"]} label="Commercial">
|
||||
If you need help, please ask on our [community forum](https://github.com/gravitational/teleport/discussions). You can also open an [issue on GitHub](https://github.com/gravitational/teleport/issues) or create a ticket through the [customer dashboard](https://dashboard.gravitational.com/web/login).
|
||||
If you need help, please ask on our [community forum](https://github.com/gravitational/teleport/discussions). You can also open an [issue on GitHub](https://github.com/gravitational/teleport/issues) or create a ticket through your [Teleport account](https://teleport.sh).
|
||||
|
||||
</TabItem>
|
||||
<TabItem scope={["oss"]} label="Open Source">
|
||||
|
|
|
@ -73,8 +73,7 @@ This guide will explain how to:
|
|||
our Enterprise [Getting Started](/docs/enterprise/getting-started) guide.
|
||||
|
||||
- The `tctl` admin tool and `tsh` client tool version >= (=teleport.version=),
|
||||
which you can download by visiting the
|
||||
[customer portal](https://dashboard.gravitational.com/web/login).
|
||||
which you can download by visiting your [Teleport account](https://teleport.sh).
|
||||
|
||||
```code
|
||||
$ tctl version
|
||||
|
|
|
@ -77,9 +77,9 @@ Create a namespace for your Teleport cluster resources:
|
|||
$ kubectl create namespace teleport-cluster
|
||||
```
|
||||
|
||||
Obtain your Teleport Enterprise license file from the [Teleport Customer
|
||||
Portal](https://dashboard.gravitational.com/web/login). Create a secret called
|
||||
"license" in the namespace you created:
|
||||
(!docs/pages/includes//enterprise/obtainlicense.mdx!)
|
||||
|
||||
Create a secret called "license" in the namespace you created:
|
||||
|
||||
```code
|
||||
$ kubectl -n teleport-cluster create secret generic license --from-file=license.pem
|
||||
|
|
|
@ -49,7 +49,6 @@ AWS-specific APIs.
|
|||
(!docs/pages/includes/edition-prereqs-tabs.mdx!)
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
- An AWS EC2 instance to host a Teleport process, with the Teleport binary
|
||||
installed. The host should not have an existing data dir (`/var/lib/teleport`
|
||||
by default). Remove the data directory if this instance has previously joined
|
||||
|
|
|
@ -28,7 +28,6 @@ since it must execute these commands in order to create transient users:
|
|||
- `groupadd`
|
||||
- `getent`
|
||||
- `visudo`
|
||||
|
||||
- (!docs/pages/includes/tctl.mdx!)
|
||||
|
||||
## Step 1/2. Configure a role
|
||||
|
|
Loading…
Reference in a new issue