Update Terraform reference category page locations

Backports #47955

As with #47797, Docusaurus expects category index pages to be
within--and named after--their parent directories. (Docusaurus also
accepts the names `README` and `index` for category pages, but we are
not using this convention.) This change applies this standard to our
Terraform provider reference docs.

- Update paths in the generator configuration. Assume that each category
  index page is in the same subdirectory as its contents.
- Update paths in the `lint.yaml` workflow.
- Fix internal links.

docs/pages/admin-guides/infrastructure-as-code/managing-resources/import-existing-resources.mdx

@@ -83,5 +83,6 @@ cluster configuration matches your expectations.
 - Follow [the user and role IaC guide](user-and-role.mdx) to use the Terraform
   Provider to create Teleport users and grant them roles.
 - Explore the full list of supported [Terraform provider
-  resources](../../../reference/terraform-provider.mdx).
-- See [the list of supported Teleport Terraform setups](../terraform-provider/terraform-provider.mdx):
+  resources](../../../reference/terraform-provider/terraform-provider.mdx).
+- See [the list of supported Teleport Terraform
+  setups](../terraform-provider/terraform-provider.mdx):

docs/pages/admin-guides/infrastructure-as-code/terraform-provider/dedicated-server.mdx

@@ -159,7 +159,7 @@ $ tctl get role/terraform-test
 ## Next steps
 
 - Explore the
-  [Terraform provider resource reference](../../../reference/terraform-provider.mdx)
+  [Terraform provider resource reference](../../../reference/terraform-provider/terraform-provider.mdx)
   to discover what can be configured with the Teleport Terraform provider.
 - Read the [tbot configuration reference](../../../reference/machine-id/configuration.mdx) to explore
   all the available `tbot` configuration options.

docs/pages/admin-guides/infrastructure-as-code/terraform-provider/local.mdx

@@ -159,8 +159,10 @@ Do not forget to obtain new temporary credentials every hour by re-running `eval
 - Follow [the user and role IaC guide](../managing-resources/user-and-role.mdx) to use the Terraform
   Provider to create Teleport users and grant them roles.
 - Consult the list of Terraform-supported
-  resources [in the Terraform reference](../../../reference/terraform-provider.mdx).
-- Once you have working Terraform code that configures your Teleport cluster, you might want to run it in the CI or
-  from a bastion instead of running it locally. To do this, please follow the dedicated guides:
+  resources [in the Terraform
+  reference](../../../reference/terraform-provider/terraform-provider.mdx).
+- Once you have working Terraform code that configures your Teleport cluster,
+  you might want to run it in the CI or from a bastion instead of running it
+  locally. To do this, please follow the dedicated guides:
   - [Run the Terraform Provider in CI or cloud VMs](./ci-or-cloud.mdx)
   - [Run the Terraform Provider on a dedicated server](./dedicated-server.mdx)

docs/pages/admin-guides/infrastructure-as-code/terraform-provider/long-lived-credentials.mdx

@@ -199,6 +199,9 @@ To apply the configuration:
 
 ## Next steps
 
-- Explore the full list of supported [Terraform provider resources](../../../reference/terraform-provider.mdx).
-- Learn [how to manage users and roles with IaC](../managing-resources/user-and-role.mdx)
-- Read more about [impersonation](../../access-controls/guides/impersonation.mdx).
+- Explore the full list of supported [Terraform provider
+  resources](../../../reference/terraform-provider/terraform-provider.mdx).
+- Learn [how to manage users and roles with
+  IaC](../managing-resources/user-and-role.mdx)
+- Read more about
+  [impersonation](../../access-controls/guides/impersonation.mdx).

docs/pages/admin-guides/infrastructure-as-code/terraform-provider/spacelift.mdx

@@ -260,8 +260,8 @@ $ tctl get users/terraform-test
 
 - Now that you know how to manage Teleport configuration resources with
   Terraform and Spacelift, read the [Terraform resource
-  reference](../../../reference/terraform-provider.mdx) so you can flesh out your
-  configuration.
+  reference](../../../reference/terraform-provider/terraform-provider.mdx) so
+  you can flesh out your configuration.
 - To find out more about Spacelift's OIDC implementation, which Machine ID uses
   to authenticate to your Teleport cluster, read [the Spacelift
   documentation](https://docs.spacelift.io/integrations/cloud-providers/oidc/).

docs/pages/admin-guides/infrastructure-as-code/terraform-provider/terraform-provider.mdx

@@ -10,30 +10,30 @@ dynamic resources.
 ## Setup
 
 For instructions on managing users and roles via Terraform, read
-the ["Managing users and roles with IaC" guide](managing-resources/user-and-role.mdx).
+the ["Managing users and roles with IaC" guide](../managing-resources/user-and-role.mdx).
 
 The provider must obtain an identity to connect to Teleport. The method to obtain it depends on where the Terraform code
 is executed. You must pick the correct guide for your setup:
 
 | Guide                                                                                                               | Use-case                                                                                                                                                                                                         | How it works                                                                                                                           |
 |---------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|
-| [Run the Teleport Terraform provider locally](./terraform-provider/local.mdx)                                       | You are getting started with the Teleport Terraform provider and managing Teleport resources with IaC.                                                                           | You use local credentials to create a temporary bot, obtain short-lived credentials, and store them in environment variables. |
-| [Run the Teleport Terraform provider on Terraform Cloud](./terraform-provider/terraform-cloud.mdx) | You're running on HCP Terraform (Terraform Cloud) or self-hosted Terraform Enterprise. | Terraform Cloud Workload Identity issues a proof of identity and the Teleport Terraform provider uses it to authenticate. |
-| [Run the Teleport Terraform provider in CI or a cloud VM](./terraform-provider/ci-or-cloud.mdx)                     | You already have a working Terraform module configuring Teleport and want to run it in CI to benefit from review and audit capabilities from your versioning system (e.g. git).                                  | You're using a proof provided by your runtime (CI engine, cloud provider) to prove your identity and join using MachineID.             |
-| [Run the Teleport Terraform provider on Spacelift](./terraform-provider/spacelift.mdx)                              | You already have a working Terraform module configuring Teleport and want to run it on the Spacelift platform.                                                                                                   | You're using a proof provided by Spacelift to prove your identity and join using MachineID.                                            |
-| [Run the Teleport Terraform provider from a server](./terraform-provider/dedicated-server.mdx)                      | You have working Terraform code and want to run it on a dedicated server. The server is long-lived, like a bastion or a task runner.                                                                             | You setup a MachineID daemon (`tbot`) that obtains and refreshes credentials for the Terraform provider.                               |
-| [Run the Teleport Terraform provider with long-lived credentials.](./terraform-provider/long-lived-credentials.mdx) | This method is discouraged as less secure than the others. This should be used when none of the other methods work in your case (short-lived CI environments that don't have dedicated Teleport join methods). | You sign one long lived certificate allowing the Terraform provider to connect to Teleport.                                            |
+| [Run the Teleport Terraform provider locally](./local.mdx)                                       | You are getting started with the Teleport Terraform provider and managing Teleport resources with IaC.                                                                           | You use local credentials to create a temporary bot, obtain short-lived credentials, and store them in environment variables. |
+| [Run the Teleport Terraform provider on Terraform Cloud](./terraform-cloud.mdx) | You're running on HCP Terraform (Terraform Cloud) or self-hosted Terraform Enterprise. | Terraform Cloud Workload Identity issues a proof of identity and the Teleport Terraform provider uses it to authenticate. |
+| [Run the Teleport Terraform provider in CI or a cloud VM](./ci-or-cloud.mdx)                     | You already have a working Terraform module configuring Teleport and want to run it in CI to benefit from review and audit capabilities from your versioning system (e.g. git).                                  | You're using a proof provided by your runtime (CI engine, cloud provider) to prove your identity and join using MachineID.             |
+| [Run the Teleport Terraform provider on Spacelift](./spacelift.mdx)                              | You already have a working Terraform module configuring Teleport and want to run it on the Spacelift platform.                                                                                                   | You're using a proof provided by Spacelift to prove your identity and join using MachineID.                                            |
+| [Run the Teleport Terraform provider from a server](./dedicated-server.mdx)                      | You have working Terraform code and want to run it on a dedicated server. The server is long-lived, like a bastion or a task runner.                                                                             | You setup a MachineID daemon (`tbot`) that obtains and refreshes credentials for the Terraform provider.                               |
+| [Run the Teleport Terraform provider with long-lived credentials.](./long-lived-credentials.mdx) | This method is discouraged as less secure than the others. This should be used when none of the other methods work in your case (short-lived CI environments that don't have dedicated Teleport join methods). | You sign one long lived certificate allowing the Terraform provider to connect to Teleport.                                            |
 
 ## Resource guides
 
 Once you have a functional Teleport Terraform provider, you will want to configure your resources with it.
 
-You can find the list of supported resources and their fields is
-available [in the Terraform reference](../../reference/terraform-provider.mdx).
+The list of supported resources and their fields is available [in the Terraform
+reference](../../../reference/terraform-provider/terraform-provider.mdx).
 
 Some resources have their dedicated Infrastructure-as-Code (IaC) step-by step guides such as:
-- [Managing Users And Roles With IaC](managing-resources/user-and-role.mdx)
-- [Creating Access Lists with IaC](managing-resources/access-list.mdx)
-- [Registering Agentless OpenSSH Servers with IaC](managing-resources/agentless-ssh-servers.mdx)
+- [Managing Users And Roles With IaC](../managing-resources/user-and-role.mdx)
+- [Creating Access Lists with IaC](../managing-resources/access-list.mdx)
+- [Registering Agentless OpenSSH Servers with IaC](../managing-resources/agentless-ssh-servers.mdx)
 
-Finally, you can [import your existing resources in Terraform](managing-resources/import-existing-resources.mdx).
+Finally, you can [import your existing resources in Terraform](../managing-resources/import-existing-resources.mdx).

docs/pages/admin-guides/infrastructure-as-code/terraform-starter/enroll-resources.mdx

@@ -623,7 +623,7 @@ edit your Terraform module to:
 1. **Change the userdata script** to enable additional Agent services additional
    infrastructure resources for your Agents to proxy.
 1. **Deploy dynamic resources:** Consult the [Terraform provider
-   reference](../../../reference/terraform-provider.mdx) for Terraform resources
-   that you can apply in order to enroll dynamic resources in your
-   infrastructure.
+   reference](../../../reference/terraform-provider/terraform-provider.mdx) for
+   Terraform resources that you can apply in order to enroll dynamic resources
+   in your infrastructure.
 

docs/pages/admin-guides/infrastructure-as-code/terraform-starter/rbac.mdx

@@ -563,4 +563,4 @@ troubleshoot the single sign-on provider.
 
 Now that you have configured RBAC in your Terraform demo cluster, fine-tune your
 setup by reading the comprehensive [Terraform provider
-reference](../../../reference/terraform-provider.mdx).
+reference](../../../reference/terraform-provider/terraform-provider.mdx).

docs/pages/enroll-resources/workload-identity/aws-oidc-federation.mdx

@@ -60,8 +60,9 @@ This guide covers configuring OIDC federation. For Roles Anywhere, see
 
 - (!docs/pages/includes/tctl.mdx!)
 - `tbot` must already be installed and configured on the host where the
-workloads which need to access Teleport Workload Identity will run. For more
-information, see the [deployment guides](../machine-id/deployment.mdx).
+  workloads which need to access Teleport Workload Identity will run. For more
+  information, see the [deployment
+  guides](../machine-id/deployment/deployment.mdx).
 
 <Notice type="warning">
 Issuing JWT SVIDs with Teleport Workload Identity requires at least Teleport

docs/pages/reference/helm-reference/helm-reference.mdx

@@ -39,7 +39,7 @@ layout: tocless-doc
 - [teleport-plugin-slack](teleport-plugin-slack.mdx): Deploy
   the Teleport Slack Plugin, which allows notifying Slack users and channels
   when Access Requests are made.
-- [teleport-plugin-datadog](./helm-reference/teleport-plugin-datadog.mdx): Deploy
+- [teleport-plugin-datadog](teleport-plugin-datadog.mdx): Deploy
   the Teleport Datadog Incident Management Plugin, which allows Access Requests
   to be managed as Datadog incidents.
 

docs/pages/reference/terraform-provider/data-sources/data-sources.mdx

@@ -0,0 +1,35 @@
+---
+title: "Terraform data-sources index"
+description: "Index of all the data-sources supported by the Teleport Terraform Provider"
+---
+
+{/*Auto-generated file. Do not edit.*/}
+{/*To regenerate, navigate to integrations/terraform and run `make docs`.*/}
+
+{/*
+    This file will be renamed data-sources.mdx during build time.
+    The template name is reserved by tfplugindocs so we suffix with -index.
+*/}
+
+The Teleport Terraform provider supports the following data-sources:
+
+  - [`teleport_access_list`](./access_list.mdx)
+  - [`teleport_access_monitoring_rule`](./access_monitoring_rule.mdx)
+  - [`teleport_app`](./app.mdx)
+  - [`teleport_auth_preference`](./auth_preference.mdx)
+  - [`teleport_cluster_maintenance_config`](./cluster_maintenance_config.mdx)
+  - [`teleport_cluster_networking_config`](./cluster_networking_config.mdx)
+  - [`teleport_database`](./database.mdx)
+  - [`teleport_github_connector`](./github_connector.mdx)
+  - [`teleport_installer`](./installer.mdx)
+  - [`teleport_login_rule`](./login_rule.mdx)
+  - [`teleport_oidc_connector`](./oidc_connector.mdx)
+  - [`teleport_okta_import_rule`](./okta_import_rule.mdx)
+  - [`teleport_provision_token`](./provision_token.mdx)
+  - [`teleport_role`](./role.mdx)
+  - [`teleport_saml_connector`](./saml_connector.mdx)
+  - [`teleport_session_recording_config`](./session_recording_config.mdx)
+  - [`teleport_static_host_user`](./static_host_user.mdx)
+  - [`teleport_trusted_cluster`](./trusted_cluster.mdx)
+  - [`teleport_trusted_device`](./trusted_device.mdx)
+  - [`teleport_user`](./user.mdx)

docs/pages/reference/terraform-provider/resources/resources.mdx

@@ -0,0 +1,37 @@
+---
+title: "Terraform resources index"
+description: "Index of all the datasources supported by the Teleport Terraform Provider"
+---
+
+{/*Auto-generated file. Do not edit.*/}
+{/*To regenerate, navigate to integrations/terraform and run `make docs`.*/}
+
+{/*
+    This file will be renamed data-sources.mdx during build time.
+    The template name is reserved by tfplugindocs so we suffix with -index.
+*/}
+
+The Teleport Terraform provider supports the following resources:
+
+  - [`teleport_access_list`](./access_list.mdx)
+  - [`teleport_access_monitoring_rule`](./access_monitoring_rule.mdx)
+  - [`teleport_app`](./app.mdx)
+  - [`teleport_auth_preference`](./auth_preference.mdx)
+  - [`teleport_bot`](./bot.mdx)
+  - [`teleport_cluster_maintenance_config`](./cluster_maintenance_config.mdx)
+  - [`teleport_cluster_networking_config`](./cluster_networking_config.mdx)
+  - [`teleport_database`](./database.mdx)
+  - [`teleport_github_connector`](./github_connector.mdx)
+  - [`teleport_installer`](./installer.mdx)
+  - [`teleport_login_rule`](./login_rule.mdx)
+  - [`teleport_oidc_connector`](./oidc_connector.mdx)
+  - [`teleport_okta_import_rule`](./okta_import_rule.mdx)
+  - [`teleport_provision_token`](./provision_token.mdx)
+  - [`teleport_role`](./role.mdx)
+  - [`teleport_saml_connector`](./saml_connector.mdx)
+  - [`teleport_server`](./server.mdx)
+  - [`teleport_session_recording_config`](./session_recording_config.mdx)
+  - [`teleport_static_host_user`](./static_host_user.mdx)
+  - [`teleport_trusted_cluster`](./trusted_cluster.mdx)
+  - [`teleport_trusted_device`](./trusted_device.mdx)
+  - [`teleport_user`](./user.mdx)