gravitational · marcoandredinis · Nov 12, 2024 · Nov 4, 2024 · Nov 7, 2024 · Nov 11, 2024
diff --git a/docs/pages/admin-guides/teleport-policy/integrations/aws-sync.mdx b/docs/pages/admin-guides/teleport-policy/integrations/aws-sync.mdx
@@ -88,7 +88,6 @@ that are set up with the `discovery_group` matching
 discovery_service:
   enabled: true
   discovery_group: <Var name="access-graph-disc" />
-
 ```
 
 Notice that if you already operate a Discovery Service within your cluster,

diff --git a/docs/pages/enroll-resources/auto-discovery/databases/databases.mdx b/docs/pages/enroll-resources/auto-discovery/databases/databases.mdx
@@ -75,14 +75,6 @@ Here's an example database discovery configuration for the Discovery Service:
 ```yaml
 discovery_service:
     enabled: true
-    # discovery_group is used to group discovered resources into different
-    # sets. This is required when you have multiple Teleport Discovery services
-    # running. It prevents discovered services from colliding in Teleport when
-    # managing discovered resources.
-    # If two Discovery Services match the same resources, they must be in the
-    # same discovery group.
-    # If two Discovery Services match different resources, they must be in
-    # different discovery groups.
     discovery_group: "disc-group"
     # poll_interval is the cadence at which the discovery server will run each of its
     # discovery cycles. The default is 5m.

diff --git a/docs/pages/enroll-resources/auto-discovery/kubernetes/google-cloud.mdx b/docs/pages/enroll-resources/auto-discovery/kubernetes/google-cloud.mdx
@@ -396,6 +396,7 @@ ssh_service:
   enabled: off
 discovery_service:
   enabled: "yes"
+  discovery_group: "gke-myproject"
   gcp:
     - types: ["gke"]
       locations: ["*"]
@@ -433,6 +434,7 @@ clusters in project `myproj-prod` running in `us-east2`, but *not* clusters in
 ```yaml
 discovery_service:
   enabled: "yes"
+  discovery_group: "gke-myproject"
   gcp:
     - types: ["gke"]
       locations: ["us-east1"]

diff --git a/docs/pages/enroll-resources/auto-discovery/kubernetes/kubernetes.mdx b/docs/pages/enroll-resources/auto-discovery/kubernetes/kubernetes.mdx
@@ -62,11 +62,6 @@ and their default values.
 # This section configures the Discovery Service
 discovery_service:
     enabled: "yes"
-    # discovery_group is used to group discovered resources into different
-    # sets. This is useful when you have multiple Teleport Discovery services
-    # running in the same cluster but polling different cloud providers or cloud
-    # accounts. It prevents discovered services from colliding in Teleport when
-    # managing discovered resources.
     discovery_group: "prod"
     aws:
        # AWS resource types. Valid options are:

diff --git a/docs/pages/enroll-resources/auto-discovery/servers/azure-discovery.mdx b/docs/pages/enroll-resources/auto-discovery/servers/azure-discovery.mdx
@@ -235,6 +235,8 @@ the Discovery Service.
 In order to enable Azure instance discovery the `discovery_service.azure` section
 of `teleport.yaml` must include at least one entry:
 
+(!docs/pages/includes/discovery/discovery-group.mdx!)
+
 ```yaml
 version: v3
 teleport:
@@ -250,6 +252,7 @@ ssh_service:
   enabled: off
 discovery_service:
   enabled: "yes"
+  discovery_group: "azure-prod"
   azure:
     - types: ["vm"]
       subscriptions: ["<subscription>"]

diff --git a/docs/pages/enroll-resources/auto-discovery/servers/ec2-discovery.mdx b/docs/pages/enroll-resources/auto-discovery/servers/ec2-discovery.mdx
@@ -118,6 +118,8 @@ run the Discovery Service.
 In order to enable EC2 instance discovery the `discovery_service.aws` section
 of `teleport.yaml` must include at least one entry:
 
+(!docs/pages/includes/discovery/discovery-group.mdx!)
+
 ```yaml
 version: v3
 teleport:
@@ -133,6 +135,7 @@ ssh_service:
   enabled: off
 discovery_service:
   enabled: "yes"
+  discovery_group: "aws-prod"
   aws:
    - types: ["ec2"]
      regions: ["us-east-1","us-west-1"]

diff --git a/docs/pages/enroll-resources/auto-discovery/servers/gcp-discovery.mdx b/docs/pages/enroll-resources/auto-discovery/servers/gcp-discovery.mdx
@@ -231,6 +231,8 @@ the Discovery Service.
 In order to enable GCP instance discovery the `discovery_service.gcp` section
 of `teleport.yaml` must include at least one entry:
 
+(!docs/pages/includes/discovery/discovery-group.mdx!)
+
 ```yaml
 version: v3
 teleport:
@@ -246,6 +248,7 @@ ssh_service:
   enabled: off
 discovery_service:
   enabled: "yes"
+  discovery_group: "gcp-prod"
   gcp:
     - types: ["gce"]
       # The IDs of GCP projects that VMs can join from.

diff --git a/docs/pages/includes/database-access/aws-troubleshooting-max-policy-size.mdx b/docs/pages/includes/database-access/aws-troubleshooting-max-policy-size.mdx
@@ -23,8 +23,12 @@ You can reduce the policy size by separating them into multiple IAM roles. Use
   <TabItem label="Auto-Discovery by Discovery Service">
   You can specify `assume_role_arn` in the AWS matchers of Discovery Service's
   configuration:
+
+  (!docs/pages/includes/discovery/discovery-group.mdx!)
+
   ```yaml
   discovery_service:
+    discovery_group: "prod"
     enabled: "yes"
     aws:
       - types: ["rds"]

diff --git a/docs/pages/includes/server-access/custom-installer.mdx b/docs/pages/includes/server-access/custom-installer.mdx
@@ -39,6 +39,7 @@ Multiple `installer` resources can exist and be specified in the
 
 ```yaml
 discovery_service:
+  # ...
   {{ matcher }}:
     - types: {{ matchTypes }}
       tags:

diff --git a/docs/pages/reference/agent-services/kubernetes-application-discovery.mdx b/docs/pages/reference/agent-services/kubernetes-application-discovery.mdx
@@ -37,6 +37,8 @@ Discovery Service, then restart the agents running these services.
 Configuration for the Discovery Service is controlled by the `kubernetes` field,
 example:
 
+(!docs/pages/includes/discovery/discovery-group.mdx!)
+
 ```yaml
 # This section configures the Discovery Service
 discovery_service:
-Original file line number
+Diff line change
@@ Expand Up @@
     ```yaml
     discovery_service:
+      # ...
       {{ matcher }}:
         - types: {{ matchTypes }}
           tags:
@@ Expand Down @@