diff --git a/docs/config.json b/docs/config.json index c0195b5251b5d..187ef35ab366f 100644 --- a/docs/config.json +++ b/docs/config.json @@ -651,21 +651,21 @@ ] }, { - "title": "Access Graph", + "title": "Teleport Policy", "slug": "/access-controls/access-graph/", "forScopes": [ "enterprise" ], "entries": [ { - "title": "TAG for Self-Hosted Clusters", + "title": "Teleport Policy for Self-Hosted Clusters", "slug": "/access-controls/access-graph/self-hosted/", "forScopes": [ "enterprise" ] }, { - "title": "TAG for Self-Hosted Clusters with Helm", + "title": "Teleport Policy for Self-Hosted Clusters with Helm", "slug": "/access-controls/access-graph/self-hosted-helm/", "forScopes": [ "enterprise" diff --git a/docs/pages/access-controls/access-graph.mdx b/docs/pages/access-controls/access-graph.mdx index f5e17e94a2249..7155c6e860f87 100644 --- a/docs/pages/access-controls/access-graph.mdx +++ b/docs/pages/access-controls/access-graph.mdx @@ -1,20 +1,19 @@ --- -title: Teleport Access Graph -description: A reference for Teleport Access Graph. +title: Teleport Policy +description: A reference for Access Graph with Teleport Policy. --- -Teleport Access Graph visualizes and helps you understand access to your -infrastructure. It provides a visual representation of the relationships between -users, roles, and resources in your organization. It can help you answer -questions like: +Teleport Policy streamlines and centralizes access management across your entire infrastructure. + +Teleport Policy with Access Graph provides a visual representation of the relationships between +users, roles, and resources in your organization. It can help you answer questions like: - What resources can a specific user access? - What users can access a specific resource? - What are the relationships between users, roles, and resources? -Teleport Access Graph is a feature of the [Teleport -Policy](https://goteleport.com/platform/policy/) product that is only available -to Teleport Enterprise customers. +Access Graph is a feature of the [Teleport Policy](https://goteleport.com/platform/policy/) product that is only +available to Teleport Enterprise customers. After logging into the Teleport UI, go to the Management tab. If enabled, Access Graph options can be found under the Permission Management section. @@ -98,7 +97,7 @@ and what actions they can perform. ![Deny Path](../../img/access-graph/deny-path.png) -Deny paths connect identities to resources. They show what a identity cannot access +Deny paths connect identities to resources. They show what an identity cannot access and what actions they cannot perform. Deny paths take precedence over allow paths. diff --git a/docs/pages/access-controls/access-graph/aws-sync.mdx b/docs/pages/access-controls/access-graph/aws-sync.mdx index 2d303aa17b1ec..20eb34d8a9329 100644 --- a/docs/pages/access-controls/access-graph/aws-sync.mdx +++ b/docs/pages/access-controls/access-graph/aws-sync.mdx @@ -1,13 +1,14 @@ --- -title: Discover AWS Access Patterns with Teleport Access Graph -description: Describes how to import and visualize AWS accounts access patterns using Teleport Access Graph. +title: Discover AWS Access Patterns with Teleport Policy +description: Describes how to import and visualize AWS accounts access patterns using Teleport Policy and Access Graph. --- -Teleport Access Graph offers insights into access patterns within -your AWS account. By scanning IAM permissions, users, groups, resources, and -identities, it provides a visual representation and aids in enhancing the -permission model within your AWS environment. This functionality enables you -to address queries such as: +Teleport Policy streamlines and centralizes access management across your entire infrastructure. You can view access relationships in seconds, +viewing unified, up-to-date relationships and policies between all users, groups, and computing resources. + +Teleport Policy with Access Graph offers insights into access patterns within your AWS account. By scanning IAM +permissions, users, groups, resources, and identities, it provides a visual representation and aids in +enhancing the permission model within your AWS environment. This functionality enables you to address queries such as: - What resources are accessible to AWS users and roles? - Which resources can be reached via identities associated with EC2 instances? @@ -24,12 +25,11 @@ to Teleport Enterprise customers. After logging in to the Teleport UI, go to the Management tab. If enabled, Access Graph options can be found under the Permission Management section. -## How TAG discovers AWS access patterns +## How it works -Teleport Access Graph synchronizes various AWS resources, -including IAM Policies, Groups, Users, User Groups, EC2 instances, -EKS clusters, and RDS databases. These resources are then visualized -using the graph representation detailed in the +Teleport Access Graph discovers AWS access patterns, synchronizes various AWS resources, +including IAM Policies, Groups, Users, User Groups, EC2 instances, EKS clusters, and RDS databases. +These resources are then visualized using the graph representation detailed in the [Access Graph page](../access-graph.mdx). The importing process involves two primary steps: @@ -37,8 +37,7 @@ The importing process involves two primary steps: ### Polling Cloud APIs The Teleport Discovery Service continuously scans the configured AWS accounts. -At intervals of 15 minutes, it retrieves the following resources from your -AWS account: +At intervals of 15 minutes, it retrieves the following resources from your AWS account: - Users - Groups @@ -76,8 +75,8 @@ from Teleport Auth Service and Discovery Service. -If you have a Teleport Cloud cluster, you can disregard -this step, as Teleport Cloud already operates a properly configured +If you have a managed Teleport Enterprise cluster, you can disregard +this step, as managed Teleport Enterprise already operates a properly configured Discovery Service within your cluster.