From 6a1f17043dc6e9cffaba06148eba352043bfb666 Mon Sep 17 00:00:00 2001 From: stevenGravy Date: Wed, 8 Jan 2025 22:11:22 -0500 Subject: [PATCH 1/2] docs: update azure and openssh instrs --- docs/pages/enroll-resources/machine-id/deployment/azure.mdx | 2 +- .../server-access/openssh/openssh-manual-install.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/pages/enroll-resources/machine-id/deployment/azure.mdx b/docs/pages/enroll-resources/machine-id/deployment/azure.mdx index c78005fbb7598..1639f81cefc4a 100644 --- a/docs/pages/enroll-resources/machine-id/deployment/azure.mdx +++ b/docs/pages/enroll-resources/machine-id/deployment/azure.mdx @@ -12,7 +12,7 @@ On the Azure platform, virtual machines can be assigned a managed identity. The Azure platform will then make available to the virtual machine an attested data document and JWT that allows the virtual machine to act as this identity. This identity can be validated by a third party by attempting to use this token -to fetch it's own identity from the Azure identity service. +to fetch its own identity from the Azure identity service. The `azure` join method instructs the bot to use this attested data document and JWT to prove its identity to the Teleport Auth Server. This allows joining to diff --git a/docs/pages/enroll-resources/server-access/openssh/openssh-manual-install.mdx b/docs/pages/enroll-resources/server-access/openssh/openssh-manual-install.mdx index 31885ef8ba816..0f91c395dcd32 100644 --- a/docs/pages/enroll-resources/server-access/openssh/openssh-manual-install.mdx +++ b/docs/pages/enroll-resources/server-access/openssh/openssh-manual-install.mdx @@ -224,7 +224,7 @@ $ tctl get node/openssh-node When creating host certificates, it is important to specify all the domain names and addresses that refer to your node. If you try to connect to a node with a -name or address that was not specified when creating it's host certificate, +name or address that was not specified when creating its host certificate, Teleport will reject the SSH connection. On your local machine, assign the IP address, fully qualified domain name of From f54d6b11708e6a0f6128c8957e48f48a8828eaf0 Mon Sep 17 00:00:00 2001 From: stevenGravy Date: Wed, 8 Jan 2025 22:27:47 -0500 Subject: [PATCH 2/2] docs: update usage of its --- .../access-controls/idps/saml-attribute-mapping.mdx | 4 ++-- docs/pages/admin-guides/access-controls/idps/saml-guide.mdx | 2 +- docs/pages/reference/architecture/trustedclusters.mdx | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/pages/admin-guides/access-controls/idps/saml-attribute-mapping.mdx b/docs/pages/admin-guides/access-controls/idps/saml-attribute-mapping.mdx index 94e15948a88e9..25a485b253975 100644 --- a/docs/pages/admin-guides/access-controls/idps/saml-attribute-mapping.mdx +++ b/docs/pages/admin-guides/access-controls/idps/saml-attribute-mapping.mdx @@ -73,7 +73,7 @@ Attribute mapping that points to a non-existent value will not be included in SA Predicate expressions for attribute mapping are evaluated against user attributes that can be accessed using evaluation context listed above. -The supported functions and methods are listed below, along with the usage syntax and it's result, evaluated +The supported functions and methods are listed below, along with the usage syntax and its result, evaluated against the following reference user spec file: ```yaml # reference user spec file @@ -200,4 +200,4 @@ $ tctl idp saml test-attribute-mapping --user user.yml --sp sp.yml Print result in format of choice. ```code $ tctl idp saml test-attribute-mapping --user user.yml --sp sp.yml --format (json/yaml) -``` \ No newline at end of file +``` diff --git a/docs/pages/admin-guides/access-controls/idps/saml-guide.mdx b/docs/pages/admin-guides/access-controls/idps/saml-guide.mdx index 79a748fc2a60b..5d1c924c0912c 100644 --- a/docs/pages/admin-guides/access-controls/idps/saml-guide.mdx +++ b/docs/pages/admin-guides/access-controls/idps/saml-guide.mdx @@ -141,7 +141,7 @@ $ tctl create iamshowcase.yaml -If an `entity_descriptor` is provided, it's content takes preference over values provided in `entity_id` and `acs_url`. +If an `entity_descriptor` is provided, its content takes preference over values provided in `entity_id` and `acs_url`. Teleport only tries to fetch or generate entity descriptor when service provider is created for the first time. Subsequent updates require an entity descriptor to be present in the service provider spec. As such, when updating diff --git a/docs/pages/reference/architecture/trustedclusters.mdx b/docs/pages/reference/architecture/trustedclusters.mdx index 35bf8256cd30c..ee6cd43b4dbe2 100644 --- a/docs/pages/reference/architecture/trustedclusters.mdx +++ b/docs/pages/reference/architecture/trustedclusters.mdx @@ -29,7 +29,7 @@ databases behind a firewall. In the example below, there are three independent clusters: - Cluster `sso.example.com` is a root cluster. This cluster can be used as a single-sign-on entry point -for your organization. It can have it's own independent resources connected to it, or be used just for audit +for your organization. It can have its own independent resources connected to it, or be used just for audit logs collection and single-sign-on. - Clusters `us-east-1a` and `us-east-1b` are two independent clusters in different availability zones.