Add a guide to creating Teleport roles via the API (#23204)

* Add a guide to creating Teleport roles via the API See #19716 This guide uses a small demo application to show how to create Teleport roles based on an external RBAC system. The demo revolves around a local `minikube` cluster. I chose this approach because Teleport works well with Kubernetes RBAC, and Kubernetes RBAC resources are pretty straightforward to set up locally. * Based the guide on a program in the examples dir * Respond to zmb3 PR feedback * Run make fix-license * Respond to PR feedback * Respond to alexfornuto feedback
gravitational · Mar 31, 2023 · e9f76c7 · e9f76c7
1 parent f978c9e
commit e9f76c7
Show file tree

Hide file tree

Showing 7 changed files with 1,935 additions and 4 deletions.
diff --git a/docs/config.json b/docs/config.json
@@ -1215,6 +1215,10 @@
 	{
 	    "title": "Automatically Register Teleport Agents",
 	    "slug": "/api/automatically-register-agents/"
+	},
+	{
+	    "title": "Automatically Generate Roles",
+	    "slug": "/api/rbac/"
 	}
       ]
     },

diff --git a/docs/pages/api/introduction.mdx b/docs/pages/api/introduction.mdx
@@ -4,8 +4,8 @@ description: Introduction to the Teleport gRPC API.
 layout: tocless-doc
 ---
 
-The Teleport Auth Service provides a gRPC API for remotely interacting with
-your cluster.
+The Teleport Auth Service provides a gRPC API for remotely interacting with your
+cluster. In this section, we will show you how to use Teleport's API. 
 
 ## Go client
 
@@ -19,8 +19,8 @@ Here is what you can do with the Go Client:
  - Integrate with external tools, e.g., to write an [Access Request
    plugin](../access-controls/access-request-plugins/index.mdx). Teleport
    maintains Access Request plugins for tools like Slack, Jira, and Mattermost.
- - Perform CRUD actions on resources, such as `roles`, `auth connectors`, and
-   `provisioning tokens`.
+ - Perform CRUD actions on resources, such as roles, authentication connectors,
+   and provisioning tokens.
  - Dynamically configure Teleport.
 
 ## Get started
@@ -38,6 +38,9 @@ Teleport's API client libraries:
 - [Automatically Register Teleport Agents](./automatically-register-agents.mdx):
   Write a Teleport API client to reconcile the resources in your Teleport
   cluster with an external service discovery API.
+- [Automatically generate Teleport roles](./rbac.mdx) from an external RBAC
+  system, making it easier to get started with Teleport-based RBAC and keep your
+  Teleport roles up to date.
 - [Write an Access Request Plugin](./access-plugin.mdx): Follow this guide for a
   minimal working example of a plugin that you can use to manage Access Requests
   through your organization's unique communication worfklows.