Open russjones opened 2 years ago
We have the ability to update parts of a YAML resource in tctl
already with set-roles
:
https://github.com/gravitational/teleport/blob/master/tool/tctl/common/user_command.go#L92-L95
Let's add something similar here, maybe tctl users update --set-logins
.
Let's also break this work into parts so we can get it out quicker.
tsh ls
output showing the nicer error message.Hello, regarding the Web UI changes:
@atburke @jakule Let's punt on this for now. As part of Teleport Discover wizard we're updating the "get nodes" API to return all nodes even if your principals list is empty so this will partially be addressed then. Once that's done, we'll come back here and decide how we want to handle scenario when you can see the servers but don't have any principals to connect as.
Hello,
Currently on 14.3.2 opensource edition when we add a new user it gets created and saved to the sqlite DB without logins set, and therefore the newly created user cannot log in to nodes (neither via the web terminal nor via cli).
This works as a quick fix for now:
tctl users update --set-logins=root <username>
Umbrella: Improve user experience for users trying teleport with self-signed certificates.
Our getting started for local users has this:
The problem is, that this user has no principals and it should have been:
This one requires creative solution. First of all, user should be able to add principals without removing the user entry. Second, we should find a way to explain to users why they don't see the nodes if they are missing principals.
We only guessed (properly) when troubleshooting. But there should be a better way. For example, if users see empty list of nodes, they should see a different empty state:
Related issues: https://github.com/gravitational/teleport/issues/9790 https://github.com/gravitational/teleport/issues/10574