Skip to content

Commit

Permalink
Add JWT auth guide for ElasticSearch (#12612) (#13137)
Browse files Browse the repository at this point in the history
  • Loading branch information
@r0mant
r0mant authored Jun 3, 2022
1 parent 6045b69 commit de60686
Show file tree
Hide file tree
Showing 9 changed files with 250 additions and 38 deletions.
111 changes: 85 additions & 26 deletions docs/config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,10 @@
{
"title": "Linux Server",
"slug": "/getting-started/linux-server/",
"hideInScopes": ["enterprise", "cloud"]
"hideInScopes": [
"enterprise",
"cloud"
]
},
{
"title": "Docker Compose",
Expand All @@ -28,7 +31,10 @@
{
"title": "DigitalOcean",
"slug": "/getting-started/digitalocean/",
"hideInScopes": ["enterprise", "cloud"]
"hideInScopes": [
"enterprise",
"cloud"
]
}
]
},
Expand Down Expand Up @@ -248,17 +254,13 @@
"slug": "/application-access/getting-started/"
},
{
"title": "Guides",
"title": "Access Guides",
"slug": "/application-access/guides/",
"entries": [
{
"title": "Connecting Apps",
"slug": "/application-access/guides/connecting-apps/"
},
{
"title": "Integrating with JWT",
"slug": "/application-access/guides/jwt/"
},
{
"title": "API Access",
"slug": "/application-access/guides/api-access/"
Expand All @@ -273,6 +275,20 @@
}
]
},
{
"title": "JWT Guides",
"slug": "/application-access/jwt/",
"entries": [
{
"title": "Introduction",
"slug": "/application-access/jwt/introduction/"
},
{
"title": "ElasticSearch",
"slug": "/application-access/jwt/elasticsearch/"
}
]
},
{
"title": "Access Controls",
"slug": "/application-access/controls/"
Expand Down Expand Up @@ -348,8 +364,8 @@
"title": "Local Demo Cluster",
"slug": "/kubernetes-access/getting-started/local/"
},
{
"title": "Cluster",
{
"title": "Cluster",
"slug": "/kubernetes-access/getting-started/cluster/",
"hideInScopes": "cloud"
},
Expand Down Expand Up @@ -738,74 +754,106 @@
{
"title": "Getting Started",
"slug": "/enterprise/getting-started/",
"hideInScopes": ["oss", "cloud"]
"hideInScopes": [
"oss",
"cloud"
]
},
{
"title": "Single Sign-On (SSO)",
"slug": "/enterprise/sso/",
"hideInScopes": ["oss"],
"hideInScopes": [
"oss"
],
"entries": [
{
"title": "Azure Active Directory (AD)",
"slug": "/enterprise/sso/azuread/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "Active Directory (ADFS)",
"slug": "/enterprise/sso/adfs/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "Google Workspace",
"slug": "/enterprise/sso/google-workspace/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "GitLab",
"slug": "/enterprise/sso/gitlab/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "OneLogin",
"slug": "/enterprise/sso/one-login/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "OIDC",
"slug": "/enterprise/sso/oidc/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "Okta",
"slug": "/enterprise/sso/okta/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
}
]
},
{
"title": "Access Requests",
"slug": "/enterprise/workflow/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "FedRAMP",
"slug": "/enterprise/fedramp/",
"hideInScopes": ["cloud", "oss"]
"hideInScopes": [
"cloud",
"oss"
]
},
{
"title": "SOC2",
"slug": "/enterprise/soc2/",
"hideInScopes": ["oss"]
"hideInScopes": [
"oss"
]
},
{
"title": "HSM",
"slug": "/enterprise/hsm/",
"hideInScopes": ["cloud", "oss"]
"hideInScopes": [
"cloud",
"oss"
]
},
{
"title": "Enterprise License File",
"slug": "/enterprise/license/",
"hideInScopes": ["cloud", "oss"]
"hideInScopes": [
"cloud",
"oss"
]
}
]
},
Expand All @@ -820,7 +868,10 @@
{
"title": "Getting Started",
"slug": "/cloud/getting-started/",
"hideInScopes": ["oss", "enterprise"]
"hideInScopes": [
"oss",
"enterprise"
]
},
{
"title": "Architecture",
Expand All @@ -829,7 +880,10 @@
{
"title": "Downloads",
"slug": "/cloud/downloads/",
"hideInScopes": ["oss", "enterprise"]
"hideInScopes": [
"oss",
"enterprise"
]
},
{
"title": "FAQ",
Expand Down Expand Up @@ -1207,6 +1261,11 @@
"source": "/cluster/",
"destination": "/kubernetes-access/guides/multiple-clusters/",
"permanent": true
},
{
"source": "/application-access/guides/jwt/",
"destination": "/application-access/jwt/",
"permanent": true
}
]
}
}
2 changes: 1 addition & 1 deletion docs/pages/application-access/controls.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ allow:

- View access controls [Getting Started](../access-controls/getting-started.mdx)
and other available [guides](../access-controls/guides.mdx).
- Learn about using [JWT tokens](./guides/jwt.mdx) to implement access controls
- Learn about using [JWT tokens](./jwt/introduction.mdx) to implement access controls
in your application.
- Integrate with your identity provider:
- [OIDC](../enterprise/sso/oidc.mdx)
Expand Down
2 changes: 1 addition & 1 deletion docs/pages/application-access/getting-started.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ Alternatively, log in to the Teleport Web Interface at `https://teleport.example
Dive deeper into the topics relevant to your Application Access use-case:

- Learn in more detail about [connecting applications](./guides/connecting-apps.mdx) with Application Access.
- Learn about integrating with [JWT tokens](./guides/jwt.mdx) for auth.
- Learn about integrating with [JWT tokens](./jwt/introduction.mdx) for auth.
- Learn how to use Application Access with [RESTful APIs](./guides/api-access.mdx).
- See full configuration and CLI [reference](./reference.mdx).
- Read about how Let's Encrypt uses the [ACME protocol](https://letsencrypt.org/how-it-works/).
5 changes: 2 additions & 3 deletions docs/pages/application-access/guides.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,12 @@ description: Guides for configuring Teleport Application Access.
layout: tocless-doc
---

These guides explain basic Teleport Application Access usage.

<TileSet>
<Tile icon="window" title="Connecting Applications" href="./guides/connecting-apps.mdx">
How to use Teleport for Application Access.
</Tile>
<Tile icon="window" title="JWT Tokens" href="./guides/jwt.mdx">
How to use JWT tokens with Teleport Application Access for app authentication.
</Tile>
<Tile icon="window" title="API Access" href="./guides/api-access.mdx">
How to access REST APIs with Teleport Application Access.
</Tile>
Expand Down
2 changes: 1 addition & 1 deletion docs/pages/application-access/guides/connecting-apps.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -290,7 +290,7 @@ of the user's external `env` trait coming from the identity provider.

Additionally, the `{{internal.jwt}}` template variable will be replaced with
a JWT token signed by Teleport that contains user identity information. See
[Integrating with JWTs](./jwt.mdx) for more details.
[Integrating with JWTs](../jwt/introduction.mdx) for more details.

## View applications in Teleport

Expand Down
24 changes: 19 additions & 5 deletions docs/pages/application-access/introduction.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,16 +39,15 @@ internal dashboards and applications, such as:

Get started with Application Access in a 10 minute [guide](./getting-started.mdx).

## Guides
## Access guides

These guides explain basic Teleport Application Access usage.

<TileSet>
<Tile icon="window" title="Connecting Applications" href="./guides/connecting-apps.mdx">
How to use Teleport for Application Access.
</Tile>
<Tile icon="window" title="JWT Tokens" href="./guides/jwt.mdx">
How to use JWT tokens with Teleport Application Access for app authentication.
</Tile>
<Tile icon="window" title="API Access" href="./guides/api-access.mdx">
<Tile icon="window" title="API Access" href="./guides/api-access.mdx">
How to access REST APIs with Teleport Application Access.
</Tile>
<Tile icon="cloud" title="AWS Console Access" href="./guides/aws-console.mdx">
Expand All @@ -62,6 +61,21 @@ Get started with Application Access in a 10 minute [guide](./getting-started.mdx
</Tile>
</TileSet>

## JWT guides

These guides explain how web apps behind Teleport Application Access can
leverage Teleport-signed JWT tokens to implement authentication and
authorization.

<TileSet>
<Tile icon="window" title="Introduction" href="./jwt/introduction.mdx">
Introduction to JWT tokens with Application Access.
</Tile>
<Tile icon="window" title="Elasticsearch" href="./jwt/elasticsearch.mdx">
How to use JWT authentication with Elasticsearch.
</Tile>
</TileSet>

## Example legacy apps

A load balancer might display network telemetry through
Expand Down
18 changes: 18 additions & 0 deletions docs/pages/application-access/jwt.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
title: Application Access JWT Authentication
description: Guides for using Teleport Application Access JWT authentication.
layout: tocless-doc
---

These guides explain how web apps behind Teleport Application Access can
leverage Teleport-signed JWT tokens to implement authentication and
authorization.

<TileSet>
<Tile icon="window" title="Introduction" href="./jwt/introduction.mdx">
Introduction to JWT tokens with Application Access.
</Tile>
<Tile icon="window" title="Elasticsearch" href="./jwt/elasticsearch.mdx">
How to use JWT authentication with Elasticsearch.
</Tile>
</TileSet>
Loading

0 comments on commit de60686

Please sign in to comment.