From 04355112ddb6cb995eb28369743c9f5f6876de8a Mon Sep 17 00:00:00 2001 From: Paul Gottschling Date: Thu, 30 May 2024 14:20:59 -0400 Subject: [PATCH] Respond to r0mant feedback --- docs/pages/database-access/rbac.mdx | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/docs/pages/database-access/rbac.mdx b/docs/pages/database-access/rbac.mdx index 118ddbbd5c2f7..eeefe484bf003 100644 --- a/docs/pages/database-access/rbac.mdx +++ b/docs/pages/database-access/rbac.mdx @@ -10,12 +10,11 @@ data they need. Access Controls encompasses two levels of granularity: -- **Databases:** databases enrolled with your Teleport cluster. -- **Database objects:** tables, views, or stored - procedures. +- **Database servers:** database resources enrolled with your Teleport cluster. +- **Database objects:** tables, views, or stored procedures. -For both databases and database objects, Database Access Controls grants or -denies access based on Teleport labels. When you enroll a database with +For both database servers and database objects, Database Access Controls grants +or denies access based on Teleport labels. When you enroll a database with Teleport, you can configure the labels associated with the databse. For database objects, you can define import rules that instruct the Teleport Database Service to apply labels to database objects imported from databases that match labels @@ -31,6 +30,13 @@ For a more general description of Teleport roles and examples see [RBAC](../access-controls/introduction.mdx), as this section focuses on configuring RBAC for database access. + + +Database Access Controls for database objects only supports PostgreSQL +databases. + + + ## Role configuration Teleport's role resource provides the following instruments for restricting