Update docs with database user auto provisioning modes#33819
Update docs with database user auto provisioning modes#33819gabrielcorado merged 3 commits intomasterfrom
Conversation
github-actions
Bot
requested review from
lsgunn-teleport,
ptgott,
r0mant,
xinding33 and
zmb3
|
🤖 Vercel preview here: https://docs-7fie2uuif-goteleport.vercel.app/docs/ver/preview |
There was a problem hiding this comment.
BTW, could you also align these text:
teleport/docs/pages/database-access/auto-user-provisioning/mysql.mdx
Lines 73 to 75 in a9c3182
Thanks!!
|
The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with |
|
@greedy52 I've removed those paragraphs from the pages since it is already mentioned in the "Create Teleport role" section. |
gabrielcorado
added
the
no-changelog
|
🤖 Vercel preview here: https://docs-5ag0ur5qd-goteleport.vercel.app/docs/ver/preview |
| | `cert_extensions` | Specifies extensions to be included in SSH certificates | | | ||
| | `create_host_user_mode` | Allow users to be automatically created on a host | Logical "AND" i.e. if all roles matching a server specify host user creation (`off`, `drop`, `keep`), it will evaluate to the option specified by all of the roles. If some roles specify both `drop` or `keep` it will evaluate to `keep`| | ||
| | `create_db_user_mode` | Allow [database user auto provisioning](../database-access/auto-user-provisioning.mdx) | Logical "OR" i.e. if any role allows database user auto-provisioning, it's allowed | | ||
| | `create_db_user_mode` | Allow [database user auto provisioning](../database-access/auto-user-provisioning.mdx) (`off`, `keep`, `best_effort_drop`) | Logical "OR" i.e. if any role allows database user auto-provisioning, it's allowed | |
There was a problem hiding this comment.
Is there a way to describe each possible value here?
There was a problem hiding this comment.
I've added the same description as the role spec.
|
🤖 Vercel preview here: https://docs-edaxmcxks-goteleport.vercel.app/docs/ver/preview |
gabrielcorado
deleted the
gabrielcorado/db-auto-provisioning-mode-docs
branch
|
@gabrielcorado See the table below for backport results.
|
3 participants
#32792 introduced a new role option to configure if provisioned database users should be kept (disabled) or dropped. This PR updates the auto-provisioning docs to add this new option.
Note:
create_db_userwill still work (true = keepandfalse = off), but it is preferred that users specify the mode (similar to thecreate_host_user_modeandcreate_host_useroptions).