(from getambassador.io) Change Telepresence 2 ref -> Telepresence

telepresenceio · May 12, 2021 · b289f50 · b289f50
1 parent 63738d4
commit b289f50
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/reference/rbac.md b/reference/rbac.md
@@ -1,10 +1,10 @@
 import Alert from '@material-ui/lab/Alert';
 
 # Telepresence RBAC
-The intention of this document is to provide a template for securing and limiting the permissions of Telepresence 2.
-This documentation will not cover the full extent of permissions necessary to administrate Telepresence 2 components in a cluster.  [Telepresence administration](/products/telepresence/) requires permissions for creating Service Accounts, ClusterRoles and ClusterRoleBindings, and for creating the `traffic-manager` [deployment](../architecture/#traffic-manager) which is typically done by a full cluster administrator.
+The intention of this document is to provide a template for securing and limiting the permissions of Telepresence.
+This documentation will not cover the full extent of permissions necessary to administrate Telepresence components in a cluster.  [Telepresence administration](/products/telepresence/) requires permissions for creating Service Accounts, ClusterRoles and ClusterRoleBindings, and for creating the `traffic-manager` [deployment](../architecture/#traffic-manager) which is typically done by a full cluster administrator.
 
-There are two general categories for cluster permissions with respect to Telepresence 2.  There are RBAC settings for a User and for an Administrator described above.  The User is expected to only have the minimum cluster permissions necessary to create a Telepresence [intercept](../../howtos/intercepts/), and otherwise be unable to affect Kubernetes resources.
+There are two general categories for cluster permissions with respect to Telepresence.  There are RBAC settings for a User and for an Administrator described above.  The User is expected to only have the minimum cluster permissions necessary to create a Telepresence [intercept](../../howtos/intercepts/), and otherwise be unable to affect Kubernetes resources.
 
 In addition to the above, there is also a consideration of how to manage Users and Groups in Kubernetes which is outside of the scope of the document.  This document will use Service Accounts to assign Roles and Bindings.  Other methods of RBAC administration and enforcement can be found on the [Kubernetes RBAC documentation](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) page.
 
@@ -15,7 +15,7 @@ In addition to the above, there is also a consideration of how to manage Users a
 
 ## Editing your kubeconfig
 
-This guide also assumes that you are utilizing a kubeconfig file that is specified by the `KUBECONFIG` environment variable.  This is a `yaml` file that contains the cluster's API endpoint information as well as the user data being supplied for authentication.  The Service Account name used in the example below is called tp2-user.  This can be replaced by any value (i.e. John or Jane) as long as references to the Service Account are consistent throughout the `yaml`.  After an administrator has applied the RBAC configuration, a user should create a `config.yaml` in your current directory that looks like the following:
+This guide also assumes that you are utilizing a kubeconfig file that is specified by the `KUBECONFIG` environment variable.  This is a `yaml` file that contains the cluster's API endpoint information as well as the user data being supplied for authentication.  The Service Account name used in the example below is called tp-user.  This can be replaced by any value (i.e. John or Jane) as long as references to the Service Account are consistent throughout the `yaml`.  After an administrator has applied the RBAC configuration, a user should create a `config.yaml` in your current directory that looks like the following:
 
 ```yaml
 apiVersion: v1
@@ -28,9 +28,9 @@ contexts:
 - name: my-context
   context:
     cluster: my-cluster # Must match the name field in the clusters config
-    user: tp2-user
+    user: tp-user
 users:
-- name: tp2-user # Must match the name of the Service Account created by the cluster admin
+- name: tp-user # Must match the name of the Service Account created by the cluster admin
   user:
     token: <service-account-token> # See note below
 ```
@@ -50,7 +50,7 @@ To allow users to make intercepts across all namespaces, but with more limited `
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: tp2-user                                       # Update value for appropriate value
+  name: tp-user                                       # Update value for appropriate value
   namespace: ambassador                                # Traffic-Manager is deployed to Ambassador namespace
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -92,7 +92,7 @@ kind: ClusterRoleBinding
 metadata:
   name: telepresence-rolebinding
 subjects:
-- name: tp2-user
+- name: tp-user
   kind: ServiceAccount
   namespace: ambassador
 roleRef:
@@ -112,7 +112,7 @@ RBAC for multi-tenant scenarios where multiple dev teams are sharing a single cl
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: tp2-user                                       # Update value for appropriate user name
+  name: tp-user                                       # Update value for appropriate user name
   namespace: ambassador                                # Traffic-Manager is deployed to Ambassador namespace
 ---
 kind: ClusterRole                         
@@ -152,7 +152,7 @@ metadata:
   namespace: ambassador
 subjects:
 - kind: ServiceAccount
-  name: tp2-user                                       # Should be the same as metadata.name of above ServiceAccount
+  name: tp-user                                       # Should be the same as metadata.name of above ServiceAccount
   namespace: ambassador
 roleRef:
   kind: ClusterRole
@@ -166,7 +166,7 @@ metadata:
   namespace: test                                      # Update "test" for appropriate namespace to be intercepted
 subjects:
 - kind: ServiceAccount
-  name: tp2-user                                       # Should be the same as metadata.name of above ServiceAccount
+  name: tp-user                                       # Should be the same as metadata.name of above ServiceAccount
   namespace: ambassador
 roleRef:
   kind: ClusterRole
@@ -190,7 +190,7 @@ metadata:
   name: telepresence-namespace-binding
 subjects:
 - kind: ServiceAccount
-  name: tp2-user                                       # Should be the same as metadata.name of above ServiceAccount
+  name: tp-user                                       # Should be the same as metadata.name of above ServiceAccount
   namespace: ambassador
 roleRef:
   kind: ClusterRole