Move two sections into the new organization (#42686)

Reorganize the Auto-Enroll Resources and Server Access sections.

Move all of Auto-Enroll Resources into Protect Resources. To accommodate
more subsections of Protect Resources, add the Trusted Clusters and
Labels guides to an RBAC subsection of Admin Guides.

Move all of Server Access into Protect Resources except for the Server
Access RBAC reference, which this change moves into the References
section.

docs/config.json

@@ -579,74 +579,6 @@
         }
       ]
     },
-    {
-      "icon": "wand",
-      "title": "Auto-Enroll Resources",
-      "entries": [
-        {
-          "title": "Introduction",
-          "slug": "/auto-discovery/"
-        },
-        {
-          "title": "Servers",
-          "slug": "/auto-discovery/servers/",
-          "entries": [
-            {
-              "title": "EC2 Instance Discovery",
-              "slug": "/auto-discovery/servers/ec2-discovery/"
-            },
-            {
-              "title": "Azure Instance Discovery",
-              "slug": "/auto-discovery/servers/azure-discovery/"
-            },
-            {
-              "title": "GCP Instance Discovery",
-              "slug": "/auto-discovery/servers/gcp-discovery/"
-            }
-          ]
-        },
-        {
-          "title": "Kubernetes Clusters",
-          "slug": "/auto-discovery/kubernetes/",
-          "entries": [
-            {
-              "title": "AWS",
-              "slug": "/auto-discovery/kubernetes/aws/"
-            },
-            {
-              "title": "Azure",
-              "slug": "/auto-discovery/kubernetes/azure/"
-            },
-            {
-              "title": "Google Cloud",
-              "slug": "/auto-discovery/kubernetes/google-cloud/"
-            }
-          ]
-        },
-        {
-          "title": "Databases",
-          "slug": "/auto-discovery/databases/"
-        },
-        {
-          "title": "Kubernetes Applications",
-          "slug": "/auto-discovery/kubernetes-applications/",
-          "entries": [
-            {
-              "title": "Get Started",
-              "slug": "/auto-discovery/kubernetes-applications/get-started/"
-            },
-            {
-              "title": "Architecture",
-              "slug": "/auto-discovery/kubernetes-applications/architecture/"
-            },
-            {
-              "title": "Reference",
-              "slug": "/auto-discovery/kubernetes-applications/reference/"
-            }
-          ]
-        }
-      ]
-    },
     {
       "icon": "window",
       "title": "Application Access",
@@ -780,81 +712,6 @@
         }
       ]
     },
-    {
-      "icon": "server",
-      "title": "Server Access",
-      "entries": [
-        {
-          "title": "Introduction",
-          "slug": "/server-access/introduction/"
-        },
-        {
-          "title": "Getting Started",
-          "slug": "/server-access/getting-started/"
-        },
-        {
-          "title": "Enrolling OpenSSH Servers",
-          "slug": "/server-access/openssh/",
-          "entries": [
-            {
-              "title": "Agentless OpenSSH Integration",
-              "slug": "/server-access/openssh/openssh/"
-            },
-            {
-              "title": "Agentless OpenSSH Integration (Manual Install)",
-              "slug": "/server-access/openssh/openssh-manual-install/"
-            }
-          ]
-        },
-        {
-          "title": "Guides",
-          "slug": "/server-access/guides/",
-          "entries": [
-            {
-              "title": "Using Teleport with PAM",
-              "slug": "/server-access/guides/ssh-pam/"
-            },
-            {
-              "title": "Recording Proxy Mode",
-              "slug": "/server-access/guides/recording-proxy-mode/",
-              "forScopes": ["oss", "enterprise"]
-            },
-            {
-              "title": "BPF Session Recording",
-              "slug": "/server-access/guides/bpf-session-recording/"
-            },
-            {
-              "title": "Visual Studio Code",
-              "slug": "/server-access/guides/vscode/"
-            },
-            {
-              "title": "JetBrains SFTP",
-              "slug": "/server-access/guides/jetbrains-sftp/"
-            },
-            {
-              "title": "Host User Creation",
-              "slug": "/server-access/guides/host-user-creation/"
-            },
-            {
-              "title": "Linux Auditing System",
-              "slug": "/server-access/guides/auditd/"
-            },
-            {
-              "title": "Using Teleport with Ansible",
-              "slug": "/server-access/guides/ansible/"
-            }
-          ]
-        },
-        {
-          "title": "Access Controls",
-          "slug": "/server-access/rbac/"
-        },
-        {
-          "title": "Troubleshooting Server Access",
-          "slug": "/server-access/troubleshooting-server/"
-        }
-      ]
-    },
     {
       "icon": "kubernetes",
       "title": "Kubernetes Access",
@@ -1964,8 +1821,8 @@
       "permanent": true
     },
     {
-      "source": "/server-access/guides/openssh/",
-      "destination": "/server-access/openssh/",
+      "source": "/machine-id/guides/gitlab/",
+      "destination": "/machine-id/deployment/github-actions/",
       "permanent": true
     },
     {
@@ -2009,78 +1866,8 @@
       "permanent": true
     },
     {
-      "source": "/server-access/guides/restricted-session/",
-      "destination": "/server-access/guides/",
-      "permanent": true
-    },
-    {
-      "source": "/database-access/guides/aws-discovery/",
-      "destination": "/auto-discovery/databases/",
-      "permanent": true
-    },
-    {
-      "source": "/kubernetes-access/discovery/",
-      "destination": "/auto-discovery/kubernetes/",
-      "permanent": true
-    },
-    {
-      "source": "/kubernetes-access/discovery/aws/",
-      "destination": "/auto-discovery/kubernetes/aws/",
-      "permanent": true
-    },
-    {
-      "source": "/kubernetes-access/discovery/azure/",
-      "destination": "/auto-discovery/kubernetes/azure/",
-      "permanent": true
-    },
-    {
-      "source": "/kubernetes-access/discovery/google-cloud/",
-      "destination": "/auto-discovery/kubernetes/google-cloud/",
-      "permanent": true
-    },
-    {
-      "source": "/server-access/guides/azure-discovery/",
-      "destination": "/auto-discovery/servers/azure-discovery/",
-      "permanent": true
-    },
-    {
-      "source": "/server-access/guides/ec2-discovery/",
-      "destination": "/auto-discovery/servers/ec2-discovery/",
-      "permanent": true
-    },
-    {
-      "source": "/server-access/guides/gcp-discovery/",
-      "destination": "/auto-discovery/servers/gcp-discovery/",
-      "permanent": true
-    },
-    {
-      "source": "/application-access/enroll-kubernetes-applications/",
-      "destination": "/auto-discovery/kubernetes-applications/",
-      "permanent": true
-    },
-    {
-      "source": "/application-access/enroll-kubernetes-applications/architecture/",
-      "destination": "/auto-discovery/kubernetes-applications/architecture/",
-      "permanent": true
-    },
-    {
-      "source": "/application-access/enroll-kubernetes-applications/get-started/",
-      "destination": "/auto-discovery/kubernetes-applications/get-started/",
-      "permanent": true
-    },
-    {
-      "source": "/application-access/enroll-kubernetes-applications/reference/",
-      "destination": "/auto-discovery/kubernetes-applications/reference/",
-      "permanent": true
-    },
-    {
-      "source": "/server-access/guides/openssh/openssh-manual-install/",
-      "destination": "/server-access/openssh/openssh-manual-install/",
-      "permanent": true
-    },
-    {
-      "source": "/server-access/guides/openssh/openssh/",
-      "destination": "/server-access/openssh/openssh/",
+      "source": "/access-graph/",
+      "destination": "/access-controls/access-graph/",
       "permanent": true
     },
     {

docs/pages/admin-guides.mdx

@@ -5,8 +5,6 @@ description: "Step-by-step guides to performing common Teleport tasks"
 
 {/*TOPICS*/}
 
-- [AWS OIDC Integration](admin-guides/awsoidc-integration.mdx): How to connect your AWS account with Teleport and provide access to AWS resources.
-
 ## Common Operations
 
 Contains guides for performing common tasks on a Teleport cluster after the initial setup phase. ([more info](admin-guides/common-operations.mdx))
@@ -30,9 +28,10 @@ Use configuration files and dynamic resources to adjust access controls, enroll
 
 Guides for enrolling servers, databases, and other infrastructure resources with Teleport so you can set up secure access. ([more info](admin-guides/protect-resources.mdx))
 
-- [Configure Trusted Clusters](admin-guides/protect-resources/trustedclusters.mdx): Explains how you can configure a trust relationship and manage access between two Teleport clusters.
+- [AWS OIDC Integration](admin-guides/protect-resources/awsoidc-integration.mdx): How to connect your AWS account with Teleport and provide access to AWS resources.
+- [Protect Linux Servers with Teleport (section)](admin-guides/protect-resources/server-access.mdx): How to enroll Linux servers in your Teleport cluster to enable secure SSH access.
 - [Teleport Agents (section)](admin-guides/protect-resources/agents.mdx): How to use Teleport Agents, which enable users to connect to resources in your infrastructure.
-- [Teleport Label Guides (section)](admin-guides/protect-resources/labels.mdx): Guides to using Teleport labels, which underpin the Teleport role-based access controls system.
+- [Teleport Auto-Discovery (section)](admin-guides/protect-resources/auto-discovery.mdx): Learn how to use the Teleport Discovery Service, which automatically enrolls resources by query APIs
 
 ## Self-Hosting Teleport
 
@@ -41,3 +40,10 @@ Guides to deploying and managing the Teleport Auth Service and Proxy Service. ([
 - [Deploying a Self-Hosted Teleport Cluster (section)](admin-guides/self-hosting/deploy-a-cluster.mdx): Guides for deploying self-hosted Teleport clusters on various platforms and cloud providers.
 - [Manage a Self-Hosted Teleport Cluster (section)](admin-guides/self-hosting/management.mdx): Guides to completing common tasks on self-hosted Teleport clusters after the initial deployment.
 - [Running a Self-Hosted Teleport Demo Cluster (section)](admin-guides/self-hosting/demo-clusters.mdx): Guides to running small-scale, self-hosted Teleport clusters to test functionality.
+
+## Teleport Access Controls
+
+Guides to configuring the access that Teleport users have to infrastructure resources and cluster permissions. ([more info](admin-guides/rbac.mdx))
+
+- [Configure Trusted Clusters](admin-guides/rbac/trustedclusters.mdx): Explains how you can configure a trust relationship and manage access between two Teleport clusters.
+- [Teleport Label Guides (section)](admin-guides/rbac/labels.mdx): Guides to using Teleport labels, which underpin the Teleport role-based access controls system.

docs/pages/admin-guides/protect-resources.mdx

@@ -5,7 +5,17 @@ description: Guides for enrolling servers, databases, and other infrastructure r
 
 {/*TOPICS*/}
 
-- [Configure Trusted Clusters](protect-resources/trustedclusters.mdx): Explains how you can configure a trust relationship and manage access between two Teleport clusters.
+- [AWS OIDC Integration](protect-resources/awsoidc-integration.mdx): How to connect your AWS account with Teleport and provide access to AWS resources.
+
+## Protect Linux Servers with Teleport
+
+How to enroll Linux servers in your Teleport cluster to enable secure SSH access. ([more info](protect-resources/server-access.mdx))
+
+- [OpenSSH Guides (section)](protect-resources/server-access/openssh.mdx): Teleport Agentless OpenSSH integration guides.
+- [Protect SSH Servers with Teleport (section)](protect-resources/server-access/guides.mdx): Guides to enrolling SSH servers in your Teleport cluster with the Teleport SSH Service.
+- [Server Access Getting Started Guide](protect-resources/server-access/getting-started.mdx): Getting started with Teleport server access.
+- [Teleport Server Access Features and Introduction](protect-resources/server-access/introduction.mdx): Teleport server access features and introduction.
+- [Troubleshooting Server Access](protect-resources/server-access/troubleshooting-server.mdx): Describes common issues and solutions for access to servers.
 
 ## Teleport Agents
 
@@ -15,10 +25,11 @@ How to use Teleport Agents, which enable users to connect to resources in your i
 - [Join Agents to your Teleport Cluster (section)](protect-resources/agents/join-services-to-your-cluster.mdx): Methods you can use to established trust between a newly deployed Teleport agent and your Teleport cluster so you can protect resources.
 - [Protect Infrastructure with Teleport](protect-resources/agents/introduction.mdx): Deploy Agents to enroll resources in your infrastructure with Teleport. You can run multiple Teleport services per Agent.
 
-## Teleport Label Guides
+## Teleport Auto-Discovery
 
-Guides to using Teleport labels, which underpin the Teleport role-based access controls system. ([more info](protect-resources/labels.mdx))
+Learn how to use the Teleport Discovery Service, which automatically enrolls resources by query APIs ([more info](protect-resources/auto-discovery.mdx))
 
-- [Add Labels to Resources](protect-resources/labels/labels.mdx): How to assign static and command-based dynamic labels to Teleport resources.
-- [EC2 Tags as Teleport Node Labels](protect-resources/labels/ec2-tags.mdx): How to set up Teleport Node labels based on EC2 tags
-- [GCP Tags and Labels as Teleport Agent Labels](protect-resources/labels/gcp-tags.mdx): How to set up Teleport agent labels based on GCP tags and labels
+- [AWS Database Auto-Discovery](protect-resources/auto-discovery/databases.mdx): How to configure Teleport to discover AWS-hosted databases.
+- [Automatically Enroll Kubernetes Clusters (section)](protect-resources/auto-discovery/kubernetes.mdx): Register Kubernetes clusters with your Teleport cluster by polling service discovery endpoints.
+- [Enroll Kubernetes Services as Teleport Applications (section)](protect-resources/auto-discovery/kubernetes-applications.mdx): Teleport can automatically detect applications running in your Kubernetes clusters and register them with Teleport for secure access.
+- [Server Auto-Discovery (section)](protect-resources/auto-discovery/servers.mdx): You can set up the Teleport Discovery Service to automatically enroll servers in your infrastructure.

docs/pages/server-access.mdx → docs/pages/admin-guides/protect-resources/server-access.mdx

@@ -5,7 +5,6 @@ description: How to enroll Linux servers in your Teleport cluster to enable secu
 
 {/*TOPICS*/}
 
-- [Access Controls for Servers](server-access/rbac.mdx): Role-based access control (RBAC) for Teleport server access.
 - [Server Access Getting Started Guide](server-access/getting-started.mdx): Getting started with Teleport server access.
 - [Teleport Server Access Features and Introduction](server-access/introduction.mdx): Teleport server access features and introduction.
 - [Troubleshooting Server Access](server-access/troubleshooting-server.mdx): Describes common issues and solutions for access to servers.

docs/pages/admin-guides/rbac.mdx

@@ -0,0 +1,16 @@
+---
+title: Teleport Access Controls
+description: Guides to configuring the access that Teleport users have to infrastructure resources and cluster permissions.
+---
+
+{/*TOPICS*/}
+
+- [Configure Trusted Clusters](rbac/trustedclusters.mdx): Explains how you can configure a trust relationship and manage access between two Teleport clusters.
+
+## Teleport Label Guides
+
+Guides to using Teleport labels, which underpin the Teleport role-based access controls system. ([more info](rbac/labels.mdx))
+
+- [Add Labels to Resources](rbac/labels/labels.mdx): How to assign static and command-based dynamic labels to Teleport resources.
+- [EC2 Tags as Teleport Node Labels](rbac/labels/ec2-tags.mdx): How to set up Teleport Node labels based on EC2 tags
+- [GCP Tags and Labels as Teleport Agent Labels](rbac/labels/gcp-tags.mdx): How to set up Teleport agent labels based on GCP tags and labels

docs/pages/reference.mdx

@@ -17,6 +17,12 @@ References for concepts and tools available for operating Teleport. ([more info]
 - [Teleport Signals Reference](reference/operations/signals.mdx): Signals you can send to a running teleport process.
 - [User Types](reference/operations/user-types.mdx): Describes the different types of Teleport users and their properties.
 
+## Teleport Access Controls References
+
+Available options for configuring access to Teleport privileges and infrastructure resources. ([more info](reference/rbac.mdx))
+
+- [Access Controls for Servers](reference/rbac/server-rbac.mdx): Role-based access control (RBAC) for Teleport server access.
+
 ## Teleport Architecture Guides
 
 Guides to the inner workings of components within a Teleport cluster. ([more info](reference/architecture.mdx))

docs/pages/reference/rbac.mdx

@@ -0,0 +1,8 @@
+---
+title: Teleport Access Controls References
+description: Available options for configuring access to Teleport privileges and infrastructure resources.
+---
+
+{/*TOPICS*/}
+
+- [Access Controls for Servers](rbac/server-rbac.mdx): Role-based access control (RBAC) for Teleport server access.

package.json

@@ -2,7 +2,7 @@
   "name": "teleport-ui",
   "version": "1.0.0",
   "scripts": {
-    "all-topics": "node docs/gen-topic-pages/index.js --in docs/pages/admin-guides,docs/pages/database-access,docs/pages/access-controls,docs/pages/desktop-access,docs/pages/kubernetes-access,docs/pages/connect-your-client,docs/pages/auto-discovery,docs/pages/choose-an-edition,docs/pages/server-access,docs/pages/machine-id,docs/pages/reference,docs/pages/application-access",
+    "all-topics": "node docs/gen-topic-pages/index.js --in docs/pages/admin-guides,docs/pages/database-access,docs/pages/access-controls,docs/pages/desktop-access,docs/pages/kubernetes-access,docs/pages/connect-your-client,docs/pages/choose-an-edition,docs/pages/machine-id,docs/pages/reference,docs/pages/application-access",
     "build-ui": "yarn build-ui-oss && yarn build-ui-e",
     "build-ui-oss": "yarn workspace @gravitational/teleport build",
     "build-ui-e": "yarn workspace @gravitational/teleport.e build",