diff --git a/docs/pages/deploy-a-cluster/helm-deployments/digitalocean.mdx b/docs/pages/deploy-a-cluster/helm-deployments/digitalocean.mdx
index 304c2e28c724c..b9c52ce665b12 100644
--- a/docs/pages/deploy-a-cluster/helm-deployments/digitalocean.mdx
+++ b/docs/pages/deploy-a-cluster/helm-deployments/digitalocean.mdx
@@ -16,7 +16,7 @@ cluster to Teleport.
## Prerequisites
- DigitalOcean account.
-- Your workstation configured with [kubectl](https://kubernetes.io/docs/tasks/tools/), [Helm](https://helm.sh/docs/intro/install/), [doctl](https://docs.digitalocean.com/reference/doctl/how-to/install/), and the Teleport [tsh](https://goteleport.com/docs/installation/) client.
+- Your workstation configured with [kubectl](https://kubernetes.io/docs/tasks/tools/), [Helm](https://helm.sh/docs/intro/install/), [doctl](https://docs.digitalocean.com/reference/doctl/how-to/install/), and the Teleport [tsh](../../installation.mdx) client.
## Step 1/4. Create a DigitalOcean Kubernetes cluster
diff --git a/docs/pages/machine-id/getting-started.mdx b/docs/pages/machine-id/getting-started.mdx
index e518c907a5a76..3472dd33fd55c 100644
--- a/docs/pages/machine-id/getting-started.mdx
+++ b/docs/pages/machine-id/getting-started.mdx
@@ -22,26 +22,6 @@ Here's an overview of what you will do:
(!/docs/pages/includes/tctl.mdx!)
-
-
-TLS Routing support was added to Machine ID in [Teleport
-9.3](https://goteleport.com/docs/preview/upcoming-releases/#teleport-93). For
-earlier versions, the Teleport Proxy Server will need to be configured with a
-dedicated SSH listener.
-
-```yaml
-version: v1
-proxy_service:
- enabled: "yes"
- listen_addr: "0.0.0.0:3023"
- ...
-```
-
-
## Step 1/4. Download and install Teleport (=teleport.version=)
In this step, you will be downloading and installing Teleport binaries onto the
@@ -93,7 +73,7 @@ auditor no-login-6566121f-b602-47f1-a118-c9c618ee5aec session:list,r
editor user:list,create,read,update,delete,...
```
-Machine ID can join with a token or the [IAM Method](https://goteleport.com/docs/setup/guides/joining-nodes-aws) on AWS.
+Machine ID can join with a token or the [IAM Method](../management/join-services-to-your-cluster/aws-iam.mdx) on AWS.
Assuming that you are using the default `access` role, ensure that you use the
`--logins` flag when adding your bot to specify the SSH logins that you wish to
@@ -333,4 +313,4 @@ use-case, for example:
- [Machine ID with Jenkins](./guides/jenkins.mdx)
- [Machine ID with Databases](./guides/databases.mdx)
-[More information about `TELEPORT_ANONYMOUS_TELEMETRY`.](./reference/telemetry.mdx)
\ No newline at end of file
+[More information about `TELEPORT_ANONYMOUS_TELEMETRY`.](./reference/telemetry.mdx)
diff --git a/docs/pages/machine-id/guides/github-actions.mdx b/docs/pages/machine-id/guides/github-actions.mdx
index c6a1cbdbd1dc7..59a590520a637 100644
--- a/docs/pages/machine-id/guides/github-actions.mdx
+++ b/docs/pages/machine-id/guides/github-actions.mdx
@@ -28,7 +28,7 @@ Actions runners as well as GitHub Enterprise Server.
(!docs/pages/includes/edition-prereqs-tabs.mdx!)
- (!docs/pages/includes/tctl.mdx!)
-- A node that is a part of the Teleport cluster with [Server Access](https://goteleport.com/docs/server-access/introduction/).
+- A node that is a part of the Teleport cluster with [Server Access](../../server-access/introduction.mdx).
- Your user should have the privileges to create token resources.
- A GitHub repository with GitHub Actions enabled. This guide uses the example `gravitational/example`
repo, however this value should be replaced with your own unique repo.
diff --git a/docs/pages/machine-id/guides/host-certificate.mdx b/docs/pages/machine-id/guides/host-certificate.mdx
index a82a31814a3bf..acb4bd3414ed5 100644
--- a/docs/pages/machine-id/guides/host-certificate.mdx
+++ b/docs/pages/machine-id/guides/host-certificate.mdx
@@ -6,7 +6,7 @@ description: Issuing Host Certificates with Machine ID for OpenSSH servers.
Host certificates are generally created on Teleport for access to OpenSSH servers that can not otherwise join a Teleport cluster.
While long-lived certificates may be applied for this purpose, short-lived and regularly rotated host certificates generated
through Teleport help to provide a number of security benefits over their long-lived counterparts. Regular certificate rotation reduces risk by ensuring that any potentially stolen
-certificates are usable for a shorter period of time. Additionally, when coupled with Teleport's [RBAC](https://goteleport.com/docs/access-controls/guides/role-templates/)
+certificates are usable for a shorter period of time. Additionally, when coupled with Teleport's [RBAC](../../access-controls/guides/role-templates.mdx)
support and host certificate **Principals** and **Predicates**, you can apply limitations to both the process of creating host certificates,
as well as the host certificates themselves.
@@ -402,6 +402,6 @@ to connect to OpenSSH with Teleport, see the following documentation:
- [Using Teleport With OpenSSH](../../server-access/guides/openssh.mdx)
- [Using SSH Host Certificates](https://goteleport.com/blog/how-to-ssh-properly/)
- [Machine ID Configuration Reference](../reference/configuration.mdx)
-- [Joining Nodes using the IAM method](https://goteleport.com/docs/setup/guides/joining-nodes-aws)
+- [Joining Nodes using the IAM method](../../management/join-services-to-your-cluster/aws-ec2.mdx)
[More information about `TELEPORT_ANONYMOUS_TELEMETRY`.](../reference/telemetry.mdx)
diff --git a/docs/pages/management/export-audit-events/datadog.mdx b/docs/pages/management/export-audit-events/datadog.mdx
index 234a4040c4da8..a86ef7d8013eb 100644
--- a/docs/pages/management/export-audit-events/datadog.mdx
+++ b/docs/pages/management/export-audit-events/datadog.mdx
@@ -352,7 +352,7 @@ Teleport Cluster, ensure that:
## Next steps
- Read more about
-[impersonation](https://goteleport.com/docs/access-controls/guides/impersonation/)
+[impersonation](../../access-controls/guides/impersonation.mdx)
here.
- While this guide uses the `tctl auth sign` command to issue credentials for the
Teleport Event Handler, production clusters should use Machine ID for safer,
diff --git a/docs/pages/management/export-audit-events/fluentd.mdx b/docs/pages/management/export-audit-events/fluentd.mdx
index c832f3c837d92..02119daba9567 100644
--- a/docs/pages/management/export-audit-events/fluentd.mdx
+++ b/docs/pages/management/export-audit-events/fluentd.mdx
@@ -366,7 +366,7 @@ Teleport Cluster, ensure that:
## Next Steps
Read more about
-[impersonation](https://goteleport.com/docs/access-controls/guides/impersonation/)
+[impersonation](../../access-controls/guides/impersonation.mdx)
here.
While this guide uses the `tctl auth sign` command to issue credentials for the
diff --git a/docs/pages/reference/cli.mdx b/docs/pages/reference/cli.mdx
index b6a8aab8c68e2..77782f7584db3 100644
--- a/docs/pages/reference/cli.mdx
+++ b/docs/pages/reference/cli.mdx
@@ -54,7 +54,7 @@ For more information on subcommands when working with the `teleport` cli, use th
The `teleport start` command includes a large number of optional configuration flags.
While configuration flags for `teleport start` can be used to set parameters for Teleport's configuration,
-we recommend using a [configuration file](https://goteleport.com/docs/reference/config/) in production.
+we recommend using a [configuration file](./config.mdx) in production.
#### Flags
@@ -2200,7 +2200,7 @@ The following flags are specific to Google Workspace:
| `--google-acc-uri` | URI of your service account credentials file. Example: `file:///var/lib/teleport/gworkspace-creds.json`.|
| `--google-acc` | String containing Google service account credentials. |
| `--google-admin` | Email of a Google admin to impersonate. |
-| `--google-legacy` | Flag to select groups with direct membership filtered by domain (legacy behavior).
Disabled by default. [More info](https://goteleport.com/docs/enterprise/sso/google-workspace/#how-teleport-uses-google-workspace-apis) |
+| `--google-legacy` | Flag to select groups with direct membership filtered by domain (legacy behavior).
Disabled by default. [More info](../access-controls/sso/google-workspace.mdx#how-teleport-uses-google-workspace-apis) |
| `--google-id` | Shorthand for setting the `--id` flag to `.apps.googleusercontent.com` |
#### Global flags
diff --git a/docs/pages/server-access/guides/azure-discovery.mdx b/docs/pages/server-access/guides/azure-discovery.mdx
index f8d43a3141787..6748a686938da 100644
--- a/docs/pages/server-access/guides/azure-discovery.mdx
+++ b/docs/pages/server-access/guides/azure-discovery.mdx
@@ -295,7 +295,7 @@ The `installer` resource has the following templating options:
- `{{ .PublicProxyAddr }}`: the public address of the Teleport Proxy Service to
connect to.
- `{{ .RepoChannel }}`: Optional package repository (apt/yum) channel name.
-Has format `/` e.g. stable/v12. See [installation](https://goteleport.com/docs/installation/#linux) for more details.
+Has format `/` e.g. stable/v(=teleport.major_version=). See [installation](../../installation.mdx#linux) for more details.
These can be used as follows:
diff --git a/docs/pages/server-access/guides/ec2-discovery.mdx b/docs/pages/server-access/guides/ec2-discovery.mdx
index b4ec741b7b0cc..8d4fa0c1e517e 100644
--- a/docs/pages/server-access/guides/ec2-discovery.mdx
+++ b/docs/pages/server-access/guides/ec2-discovery.mdx
@@ -339,7 +339,7 @@ The `installer` resource has the following templating options:
- `{{ .PublicProxyAddr }}`: the public address of the Teleport Proxy Service to
connect to.
- `{{ .RepoChannel }}`: Optional package repository (apt/yum) channel name.
-Has format `/` e.g. stable/v12. See [installation](https://goteleport.com/docs/installation/#linux) for more details.
+Has format `/` e.g. stable/v(=teleport.major_version=). See [installation](../../installation.mdx#linux) for more details.
These can be used as follows: