[v14] docs: change open source/OSS references to community edition (#…

…32877)

* Change Open source and OSS to Teleport Community Edition

* Change open-source to Teleport Community Edition

* Role access requests in the nav and title

docs/config.json

@@ -580,7 +580,7 @@
               ]
             },
             {
-              "title": "Role Requests in OSS Teleport",
+              "title": "Teleport Community Edition Role Access Requests",
               "slug": "/access-controls/access-requests/oss-role-requests/",
               "forScopes": [
                 "oss"

docs/pages/access-controls/access-requests.mdx

@@ -15,13 +15,13 @@ time. Request approvers can be configured with limited cluster access so they
 are not high value targets.
 
 Just-in-time Access Requests are a feature of Teleport Enterprise.
-Open-source Teleport users can get a preview of how Access Requests work by
+Teleport Community Edition users can get a preview of how Access Requests work by
 requesting a role via the Teleport CLI. Full Access Request functionality,
 including Resource Access Requests and an intuitive and searchable UI are
 available in Teleport Enterprise.
 
-For information on how to use Just-in-time Access Requests with OSS Teleport,
-see the [OSS Guide](./access-requests/oss-role-requests.mdx).
+For information on how to use Just-in-time Access Requests with Teleport Community 
+Edition, see [Teleport Community Access Requests](./access-requests/oss-role-requests.mdx).
 
 ## Resource Access Requests
 

docs/pages/access-controls/access-requests/oss-role-requests.mdx

@@ -1,13 +1,12 @@
 ---
-title: Just-in-time Access Requests in OSS Teleport
-description: OSS Teleport allows users to request access to roles from the CLI.
-h1: Teleport Resource Access Requests
+title: Teleport Community Edition Role Access Requests
+description: Teleport Community Edition allows users to request access to roles from the CLI.
 ---
 
 Just-in-time Access Requests are a feature of Teleport Enterprise.
 
-Open-source Teleport users can get a preview of how Access Requests work by
-requesting a role via the Teleport CLI. Full Access Request functionality,
+Teleport Community Edition users can get a preview of how Access Requests work by
+requesting a role using the Teleport CLI. Full Access Request functionality,
 including Resource Access Requests and an intuitive and searchable UI are
 available in Teleport Enterprise.
 
@@ -20,7 +19,7 @@ users can request access to. In this example, we will define two roles:
 - `dba`: this role grants access to databases
 
 There is no role for request approvers, because request approval rules can only
-be configured for Teleport Enterprise. In Open Source Teleport, approvals must
+be configured for Teleport Enterprise. In Teleport Community Edition, approvals must
 be performed by running `tctl` on the Auth Server.
 
 **Contractor role**
@@ -77,7 +76,7 @@ $ tctl create dba-role.yaml
 
 ## Requesting Access
 
-In OSS Teleport, requests are made from the `tsh` CLI. To create an access
+In Teleport Community Edition, requests are made from the `tsh` CLI. To create an access
 request, use the `tsh request create` command.
 
 ```code
@@ -121,7 +120,7 @@ $ tsh request ls
 
 ## Reviewing requests
 
-In OSS Teleport, Access Requests must be reviewed by a cluster administrator
+In Teleport Community Edition, Access Requests must be reviewed by a cluster administrator
 with the ability to run `tctl` on the Auth Server.
 
 Administrators can list requests with `tctl requests ls`, and view the details

docs/pages/access-controls/access-requests/resource-requests.mdx

@@ -15,7 +15,7 @@ The Access Request API makes it easy to dynamically approve or deny these
 requests.
 
 Just-in-time Access Requests are a feature of Teleport Enterprise.
-Open-source Teleport users can get a preview of how Access Requests work by
+Teleport Community Edition users can get a preview of how Access Requests work by
 requesting a role via the Teleport CLI. Full Access Request functionality,
 including Resource Access Requests and an intuitive and searchable UI are
 available in Teleport Enterprise.

docs/pages/access-controls/access-requests/role-requests.mdx

@@ -74,7 +74,7 @@ spec:
 
 <Admonition type="warning" title="Requires Teleport Enterprise">
 Roles containing a `review_requests` rule can only be used in Teleport
-Enterprise. In OSS Teleport, Access Requests must be approved by an admin
+Enterprise. In Teleport Community Edition, Access Requests must be approved by an admin
 running `tctl` on the Auth Server.
 </Admonition>
 

docs/pages/access-controls/idps/saml-grafana.mdx

@@ -3,7 +3,7 @@ title: Use Teleport's SAML Provider to authenticate with Grafana
 description: Configure Grafana to use identities provided by Teleport.
 ---
 
-Grafana is an open-source observability platform. Their enterprise version supports
+Grafana is an open source observability platform. Their enterprise version supports
 SAML authentication. This guide will help you configure Teleport as a SAML provider,
 and Grafana to accept the identities it provides.
 

docs/pages/application-access/cloud-apis/azure.mdx

@@ -222,8 +222,8 @@ identities.
 <Notice type="tip">
 
 We recommend using the dynamic approach, since it scales more easily as you add
-Azure identities to your account. If you have configured an open source Teleport
-cluster to authenticate users via GitHub SSO, you must use the static approach,
+Azure identities to your account. If you have configured a Teleport Community Edition
+cluster to authenticate users using GitHub SSO, you must use the static approach,
 as OAuth-based GitHub applications do not support custom claims.
 
 </Notice>

docs/pages/choose-an-edition/introduction.mdx

@@ -1,6 +1,6 @@
 ---
 title: "How to Choose a Teleport Edition"
-description: "Read this guide to determine whether to deploy Teleport Enterprise, Teleport Cloud, or Open Source Teleport"
+description: "Read this guide to determine whether to deploy Teleport Enterprise, Teleport Cloud, or Teleport Community Edition."
 ---
 
 Teleport supports four editions. In this guide, we will help you determine

docs/pages/choose-an-edition/teleport-cloud/faq.mdx

@@ -86,7 +86,7 @@ There is no need to open any ports on your infrastructure for inbound traffic.
 
 If you plan on connecting more than 10,000 nodes or agents, please contact your account executive or customer support to ensure your tenant is properly scaled.
 
-### Should we use Enterprise or Open Source Teleport for connecting resources to our Teleport cluster?
+### Should we use Enterprise or Teleport Community Edition for connecting resources to our Teleport cluster?
 (!docs/pages/includes/ent-vs-community-faq.mdx!)
 
 ### Are dynamic node tokens available?

docs/pages/contributing/documentation/reference.mdx

@@ -527,7 +527,7 @@ component if the user selects the appropriate scope:
 <Tabs>
   <TabItem label="Self-Hosted" scope={["oss", "enterprise"]}>
 
-  Here are instructions for users of open source Teleport and Teleport
+  Here are instructions for users of Teleport Community Edition and Teleport
   Enterprise.
 
   </TabItem>
@@ -544,7 +544,7 @@ Here is the result:
 <Tabs>
   <TabItem label="Self-Hosted" scope={["oss", "enterprise"]}>
 
-  Here are instructions for users of open source Teleport and Teleport
+  Here are instructions for users of Teleport Community Edition and Teleport
   Enterprise.
 
   </TabItem>

docs/pages/deploy-a-cluster/deployments/aws-terraform.mdx

@@ -152,8 +152,8 @@ cluster from scratch, so choose carefully.
 
 Setting `export TF_VAR_ami_name="gravitational-teleport-ami-ent-(=teleport.version=)"`
 
-Gravitational automatically builds and publishes OSS, Enterprise and Enterprise FIPS 140-2 AMIs when we
-release a new version of Teleport. The AMI names follow the format: `gravitational-teleport-ami-<type>-<version>`
+Gravitational automatically builds and publishes Teleport Community Edition, Enterprise, and Enterprise FIPS 140-2 
+AMIs when we release a new version of Teleport. The AMI names follow the format: `gravitational-teleport-ami-<type>-<version>`
 where `<type>` is either `oss` or `ent` (Enterprise) and `version` is the version of Teleport e.g. `(=teleport.version=)`.
 
 FIPS 140-2 compatible AMIs (which deploy Teleport in FIPS 140-2 mode by default) have the `-fips` suffix.
@@ -190,9 +190,10 @@ EC2 instances. Do not use a keypair that you do not have access to.
 Set `export TF_VAR_license_path="/home/user/license.pem"`
 
 This license will be uploaded to AWS SSM and automatically downloaded to Teleport auth nodes in order to enable
-Teleport Enterprise/Pro functionality.
+Teleport Enterprise functionality.
 
-(OSS users can provide any valid local file path here - it isn't used by the auth server in a Teleport OSS install)
+(Teleport Community Edition users can provide any valid local file path here. It isn't used by the Teleport Auth 
+Service in a Teleport Community Edition installs.)
 
 ### route53\_zone
 
@@ -525,7 +526,7 @@ You can use the Teleport command line tool (`tsh`) to log into your Teleport clu
 
 You can [download the Teleport package containing the `tsh` client from here](https://goteleport.com/download)
 
-- the client is the same for both OSS and Enterprise versions of Teleport.
+- the client is the same for both Teleport Community Edition and Teleport Enterprise.
 
 <Tabs>
 <TabItem scope={["oss"]} label="Teleport Community Edition">

docs/pages/faq.mdx

@@ -37,7 +37,7 @@ Yes, Teleport supports reverse SSH tunnels out of the box. To configure
 behind-firewall clusters refer to our
 [Trusted Clusters](./management/admin/trustedclusters.mdx) guide.
 
-## Should we use Enterprise or Open Source Teleport for connecting resources to our Teleport cluster?
+## Should we use Teleport Enterprise or Teleport Community Edition for connecting resources to our Teleport cluster?
 (!docs/pages/includes/ent-vs-community-faq.mdx!)
 
 ## Can individual agents create reverse tunnels to the Proxy Service without creating a new cluster?

docs/pages/includes/config-reference/auth-service.yaml

@@ -140,7 +140,7 @@ auth_service:
 
     authentication:
         # default authentication type. possible values are 'local' and 'github'
-        # for OSS, plus 'oidc' and 'saml' for Enterprise.
+        # for Teleport Community Edition, plus 'oidc' and 'saml' for Enterprise.
         # Only local authentication (Teleport's own user DB) & GitHub is
         # supported in the open source version
         type: local
@@ -256,7 +256,7 @@ auth_service:
           # - 'required' - enables device authentication and device-aware audit.
           #   Additionally, it requires a trusted device for all SSH, Database
           #   and Kubernetes connections.
-          mode: optional # always "off" for OSS
+          mode: optional # always "off" for Teleport Community Edition
 
         # Determines the default time to live for user certificates
         # issued by this auth server, defaults to 12 hours.  Examples:
@@ -342,7 +342,7 @@ auth_service:
     routing_strategy: unambiguous_match
 
     # License file to start auth server with. Note that this setting is ignored
-    # in the Teleport Open-Source Edition and is required only for Teleport Pro, Business
+    # in the Teleport Community Edition and is required only for Teleport Pro, Business
     # and Enterprise subscription plans.
     #
     # The path can be either absolute or relative to the configured `data_dir`

docs/pages/includes/ent-vs-community-faq.mdx

@@ -19,4 +19,4 @@ $ teleport version
 ```
 
 See the [Installation](../installation.mdx) guide for details on installing to specific platforms
-with Enterprise or OSS releases. 
+with Enterprise or Teleport Community Edition releases. 

docs/pages/installation.mdx

@@ -455,7 +455,7 @@ chart.
   Enterprise and Enterprise Cloud, we recommend installing the official Teleport
   Enterprise edition of `tctl`.
 
-  ### Installing open source Teleport with Homebrew
+  ### Installing Teleport with Homebrew
 
   To install Teleport with Homebrew, run the following command:
 

docs/pages/machine-id/reference/v14-upgrade-guide.mdx

@@ -83,5 +83,5 @@ might not have validated for these.
 
 If you are still unable to determine why your configuration will not migrate,
 seek guidance. If you have a support contract, submit a ticket. If you are using
-open source Teleport, join our
+Teleport Community Edition, join our
 [community Slack](https://goteleport.com/community-slack/).

docs/pages/management/admin/uninstall-teleport.mdx

@@ -303,7 +303,7 @@ $ docker stop teleport
 
   ```code
   $ sudo apt-get -y remove teleport-ent
-  # NOTE: Older Cloud users may be running OSS binaries instead
+  # NOTE: Older Cloud users may be running Teleport Community Edition binaries instead
   # $ sudo apt-get -y remove teleport
   ```
 
@@ -318,7 +318,7 @@ $ docker stop teleport
 
   ```code
   $ sudo dpkg -r teleport-ent
-  # NOTE: Older Cloud users may be running OSS binaries instead
+  # NOTE: Older Cloud users may be running Teleport Community Edition binaries instead
   # $ sudo dpkg -r teleport
   ```
   </Admonition>
@@ -332,7 +332,7 @@ $ docker stop teleport
   $ sudo yum -y remove teleport-ent
   # Optional: Use DNF on newer distributions
   # $ sudo dnf -y remove teleport-ent
-  # NOTE: Older Cloud users may be running OSS binaries instead
+  # NOTE: Older Cloud users may be running Teleport Community Edition binaries instead
   # $ sudo yum -y remove teleport
   # $ sudo dnf -y remove teleport
   ```
@@ -348,7 +348,7 @@ $ docker stop teleport
 
   ```code
   $ sudo rpm -e teleport-ent
-  # NOTE: Older Cloud users may be running OSS binaries instead
+  # NOTE: Older Cloud users may be running Teleport Community Edition binaries instead
   # $ sudo rpm -e teleport
   ```
   </Admonition>

docs/pages/management/export-audit-events/fluentd.mdx

@@ -4,7 +4,7 @@ description: Forwarding events with Fluentd and Teleport event handler
 videoBanner: HAqxs4rBv2c
 ---
 
-Fluentd is an open-source data collector for a unified logging layer. In this
+Fluentd is an open source data collector for a unified logging layer. In this
 guide, we will:
 
 - Set up Teleport's Event Handler plugin.

docs/pages/reference/helm-reference/teleport-cluster.mdx

@@ -241,7 +241,7 @@ proxy:
 | `string` | `local`       | Yes       | `auth_service.authentication.type` |
 
 `authentication.type` controls the authentication scheme used by Teleport.
-Possible values are `local` and `github` for OSS, plus `oidc` and `saml` for Enterprise.
+Possible values are `local` and `github` for Teleport Community Edition, plus `oidc` and `saml` for Enterprise.
 
 ### `authentication.connectorName`
 

docs/pages/reference/terraform-provider.mdx

@@ -389,7 +389,7 @@ DeviceTrust holds settings related to trusted device verification. Requires Tele
 |--------------------|------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | auto_enroll        | bool             |          | Enable device auto-enroll. Auto-enroll lets any user issue a device enrollment token for a known device that is not already enrolled. `tsh` takes advantage of auto-enroll to automatically enroll devices on user login, when appropriate. The effective cluster Mode still applies: AutoEnroll=true is meaningless if Mode="off".                                                                                                                      |
 | ekcert_allowed_cas | array of strings |          | Allow list of EKCert CAs in PEM format. If present, only TPM devices that present an EKCert that is signed by a CA specified here may be enrolled (existing enrollments are unchanged).  If not present, then the CA of TPM EKCerts will not be checked during enrollment, this allows any device to enroll.                                                                                                                                             |
-| mode               | string           |          | Mode of verification for trusted devices.  The following modes are supported:  - "off": disables both device authentication and authorization. - "optional": allows both device authentication and authorization, but doesn't enforce the presence of device extensions for sensitive endpoints. - "required": enforces the presence of device extensions for sensitive endpoints.  Mode is always "off" for OSS. Defaults to "optional" for Enterprise. |
+| mode               | string           |          | Mode of verification for trusted devices.  The following modes are supported:  - "off": disables both device authentication and authorization. - "optional": allows both device authentication and authorization, but doesn't enforce the presence of device extensions for sensitive endpoints. - "required": enforces the presence of device extensions for sensitive endpoints.  Mode is always "off" for Teleport Community Edition. Defaults to "optional" for Enterprise. |
 
 #### spec.idp