docs: Login Rule k8s operator docs

[nklaassen]

This PR adds docs for configuring Login Rules via the Teleport Kubernetes Operator

Issue: #20340

[github-advanced-security]

You have successfully added a new Trivy configuration .github/workflows/trivy.yaml:trivy. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

[ptgott]

@nklaassen Thanks for putting this and #23855 together! I think we'll need to deliberate a bit on whether this is the best information architecture for these instructions. Here are some considerations I'm thinking about:

• Eventually, we want to make the Kubernetes Operator and Terraform first-class approaches to applying configuration resources, with as much prominence in the docs as tctl.

• The Login Rules subsection of the docs is kind of unique in that it's a subsection devoted to a single feature, with its own reference, introduction, and how-to guide. I like this approach because users can discover the subsection by the name of the feature, and don't need to hunt through the docs to find a relevant how-to guide and reference.

  On the other hand, there are other configuration resources that aren't documented like this, so we'll need to think about how to include Terraform and Kubernetes Operator instructions for those.

We could also worry about the information architecture after editing/merging this guide.

@alexfornuto What do you think?

[nklaassen]

@ptgott Yeah I really wasn't sure where to place these docs, I am very open to changes. I drafted these guides based on a request from Sasha to write first-class IaC docs for Login Rules (and all new features going forward).

A few things I'm trying to add here over just adding the resources to the respective Terraform or Operator resource reference pages:

• a couple extra examples of the syntax
• specific notes on setting up RBAC (in the terraform guide)
• making sure you are running a new enough version of the helm chart which has the Login Rule CRD (in this operator guide)
• extra debug commands showing how to make sure the resource is actually installed in the cluster and testing that the syntax is right

[alexfornuto]

• The Login Rules subsection of the docs is kind of unique in that it's a subsection devoted to a single feature, with its own reference, introduction, and how-to guide. I like this approach because users can discover the subsection by the name of the feature, and don't need to hunt through the docs to find a relevant how-to guide and reference.
  On the other hand, there are other configuration resources that aren't documented like this, so we'll need to think about how to include Terraform and Kubernetes Operator instructions for those.

I agree, and think we should move forward with this approach and possibly even adjust other content to match.

We could also worry about the information architecture after editing/merging this guide.

Yes. Let's get it into the docs as is, to better review and structure holistically.

[nklaassen]

Hey @alexfornuto I ran through this guide again on 12.1.5, everything is working for me on this version, this is ready for review

[nklaassen]

Oh, one thing I forgot to include; if this requires Teleport Enterprise, that should be stated.

Added the license a a pre-req and explicitly mentioned that you should follow the Enterprise instructions of the Operator guide.

Thanks for the review!

[public-teleport-github-review-bot]

@nklaassen See the table below for backport results.

Branch	Result
branch/v12	Create PR
branch/v13	Create PR