Skip to content

Commit

Permalink
docs: helm updates (gravitational#32639)
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevenGravy
stevenGravy authored Sep 27, 2023
1 parent b2e6c16 commit b978568
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 27 deletions.
12 changes: 3 additions & 9 deletions docs/pages/deploy-a-cluster/helm-deployments/digitalocean.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,15 +159,9 @@ In this step, we created a user **tadmin** with roles `access, edit`. These are
### Create a new Kubernetes Role named "member"

Create a file named `member.yaml` with the following spec:
```yaml
kind: role
version: v4
metadata:
name: member
spec:
allow:
kubernetes_groups: ["system:masters"]
```

(!docs/pages/includes/kubernetes-access/member-role.mdx!)

<Admonition
type="warning"
title="Warning"
Expand Down
23 changes: 5 additions & 18 deletions docs/pages/deploy-a-cluster/helm-deployments/kubernetes-cluster.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,22 +284,7 @@ down. Let's create a local user who has access to Kubernetes group

Save this role as `member.yaml`:

```yaml
kind: role
version: v7
metadata:
name: member
spec:
allow:
kubernetes_groups: ["system:masters"]
kubernetes_labels:
'*': '*'
kubernetes_resources:
- kind: '*'
namespace: '*'
name: '*'
verbs: ['*']
```
(!docs/pages/includes/kubernetes-access/member-role.mdx!)

Create the role:

Expand All @@ -312,13 +297,15 @@ Create the user and generate an invite link:

```code
$ kubectl exec -ti deployment/teleport-cluster-auth -- tctl users add <Var name="username" /> --roles=member
```

```code
# User "myuser" has been created but requires a password. Share this URL with the user to
# complete user setup, link is valid for 1h:
# https://<Var name="clusterName" />:443/web/invite/(=presets.tokens.first=)
https://<Var name="clusterName" />:443/web/invite/(=presets.tokens.first=)
# NOTE: Make sure <Var name="clusterName" />:443 points at a Teleport proxy which users can access.
NOTE: Make sure <Var name="clusterName" />:443 points at a Teleport proxy which users can access.
```

Try `tsh login` with your local user:
Expand Down
16 changes: 16 additions & 0 deletions docs/pages/includes/kubernetes-access/member-role.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
```yaml
kind: role
version: v7
metadata:
name: member
spec:
allow:
kubernetes_groups: ["system:masters"]
kubernetes_labels:
'*': '*'
kubernetes_resources:
- kind: '*'
namespace: '*'
name: '*'
verbs: ['*']
```

0 comments on commit b978568

Please sign in to comment.