Skip to content

Commit

Permalink
[v14] Replace Access Plane with Access Platform (#32878)
Browse files Browse the repository at this point in the history
* Replace Access Plane with Access Platform

* Fix Telleport
  • Loading branch information
lsgunn-teleport authored Oct 3, 2023
1 parent a9756b0 commit fcf2b9a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 10 deletions.
4 changes: 2 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3229,7 +3229,7 @@ Teleport 5.0 introduces two distinct features: Teleport application access and s

Teleport can now be used to provide secure access to web applications. This new feature was built with the express intention of securing internal apps which might have once lived on a VPN or had a simple authorization and authentication mechanism with little to no audit trail. application access works with everything from dashboards to single page Javascript applications (SPA).

application access uses mutually authenticated reverse tunnels to establish a secure connection with the Teleport unified Access Plane which can then becomes the single ingress point for all traffic to an internal application.
Application access uses mutually authenticated reverse tunnels to establish a secure connection with the Teleport unified Access Platform which can then becomes the single ingress point for all traffic to an internal application.

Adding an application follows the same UX as adding SSH servers or Kubernetes clusters, starting with creating a static or dynamic invite token.

Expand Down Expand Up @@ -3313,7 +3313,7 @@ You can learn more in the [Application Access introduction](./docs/pages/applica

Teleport 5.0 also introduces two highly requested features for Kubernetes.

* The ability to connect multiple Kubernetes Clusters to the Teleport Access Plane, greatly reducing operational complexity.
* The ability to connect multiple Kubernetes Clusters to the Teleport Access Platform, greatly reducing operational complexity.
* Complete Kubernetes audit log capture [#4526](https://github.com/gravitational/teleport/pull/4526), going beyond the existing `kubectl exec` capture.

For a full overview please review the [Kubernetes RFD](https://github.com/gravitational/teleport/blob/master/rfd/0005-kubernetes-service.md).
Expand Down
17 changes: 9 additions & 8 deletions docs/pages/application-access/guides/connecting-apps.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ title: Web Application Access
description: In this getting started guide, learn how to connect an application to your Teleport cluster by running the Teleport Application Service.
---

Download the latest version of Teleport for your platform from our [downloads page](https://goteleport.com/download)
Download the latest version of Teleport for your platform from the [downloads page](https://goteleport.com/download)
and follow the installation [instructions](../../installation.mdx).

## Start Auth/Proxy service
Expand All @@ -30,15 +30,15 @@ ssh_service:
### Generate a token
A join token is required to authorize a Teleport Application Proxy service to
A join token is required to authorize a Teleport Application Service to
join the cluster. Generate a short-lived join token and save it for example
in `/tmp/token`:

```code
# Log in to your cluster with tsh so you can use tctl from your local machine.
# You can also run tctl on your Auth Service host without running "tsh login"
# first.
$ tsh login --user=myuser --proxy=teleport.example.com
$ tsh login --user=<Var name="myuser"/> --proxy=<Var name="teleport.example.com"/>
$ tctl tokens add \
--type=app \
--app-name=grafana \
Expand All @@ -47,19 +47,20 @@ $ tctl tokens add \

### TLS requirements

TLS is required to secure Teleport's Access Plane and any connected
TLS is required to secure the Teleport Access Platform and any connected
applications. When setting up Teleport, the minimum requirement is a certificate
for the proxy and a wildcard certificate for its sub-domain. This is where
for the Teleport Proxy Service and a wildcard certificate for its sub-domain. This is where
everyone will log into Teleport.

<Admonition type="tip" title="Application Access and DNS">
(!docs/pages/includes/dns-app-access.mdx!)
</Admonition>

In our example:
In this example:

- `teleport.example.com` will host the Access Plane.
- `*.teleport.example.com` will host all of the applications e.g. `grafana.teleport.example.com`.
- `teleport.example.com` hosts the Teleport Auth Service and the Teleport Proxy Service that are the
that form the core cluster services of the Teleport Access Platform.
- `*.teleport.example.com` hosts all of the applications, for example, `grafana.teleport.example.com`.

(!docs/pages/includes/tls-certificate-setup.mdx!)

Expand Down

0 comments on commit fcf2b9a

Please sign in to comment.