[v7] Prepare five guides for Cloud users

docs/pages/enterprise/getting-started.mdx

@@ -401,18 +401,7 @@ We currently only offer Docker images for `x86_64` architectures.
 
 ### Pick your image
 
-This table gives an idea of how our image naming scheme works. We offer images which point to a static version of Teleport Enterprise, as well as images which are
-automatically rebuilt every night. These nightly images point to the latest version of Teleport Enterprise from the three most recent release branches.
-They are stable, and we recommend their use to easily keep your Teleport Enterprise installation up to date.
-
-| Image name | Open Source or Enterprise? | Teleport version | Image automatically updated? | Image base |
-| - | - | - | - | - |
-| `(=teleport.latest_ent_docker_image=)` | Enterprise | The latest version of Teleport Enterprise (=version=) | Yes | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
-| `(=teleport.latest_ent_docker_image=)-fips` | Enterprise FIPS | The latest version of Teleport Enterprise (=version=) FIPS | Yes | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
-| `quay.io/gravitational/teleport-ent:(=teleport.version=)` | Enterprise | The version specified in the image's tag (i.e. (=teleport.version=)) | No | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
-| `quay.io/gravitational/teleport-ent:(=teleport.version=)-fips` | Enterprise FIPS | The version specified in the image's tag (i.e. (=teleport.version=)) | No | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
-
-For testing, we always recommend that you use the latest release version of Teleport Enterprise, which is currently `(=teleport.latest_ent_docker_image=)`.
+(!docs/pages/includes/enterprise/docker-images.mdx!)
 
 ### Quickstart using docker-compose
 

docs/pages/includes/enterprise/docker-images.mdx

@@ -0,0 +1,14 @@
+This table gives an idea of how our image naming scheme works. We offer images which point to a static version of Teleport Enterprise, as well as images which are
+automatically rebuilt every night. 
+
+Nightly images point to the latest version of Teleport Enterprise from the three most recent release branches.
+They are stable, and we recommend their use to easily keep your Teleport Enterprise installation up to date.
+
+| Image name | Open Source or Enterprise? | Teleport version | Image automatically updated? | Image base |
+| - | - | - | - | - |
+| `(=teleport.latest_ent_docker_image=)` | Enterprise | The latest version of Teleport Enterprise (=version=) | Yes | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
+| `(=teleport.latest_ent_docker_image=)-fips` | Enterprise FIPS | The latest version of Teleport Enterprise (=version=) FIPS | Yes | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
+| `quay.io/gravitational/teleport-ent:(=teleport.version=)` | Enterprise | The version specified in the image's tag (i.e. (=teleport.version=)) | No | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
+| `quay.io/gravitational/teleport-ent:(=teleport.version=)-fips` | Enterprise FIPS | The version specified in the image's tag (i.e. (=teleport.version=)) | No | [Ubuntu 20.04](https://hub.docker.com/\_/ubuntu) |
+
+For testing, we always recommend that you use the latest release version of Teleport Enterprise, which is currently `(=teleport.latest_ent_docker_image=)`.

docs/pages/setup/guides/docker.mdx

@@ -1,55 +1,143 @@
 ---
-title: Getting started with Teleport using Docker
-description: How to get started with Teleport Open Source Edition using Docker locally.
+title: How to Run Teleport Using Docker
+description: How to run Teleport using Docker.
 h1: Run Teleport using Docker
 ---
 
-This section will cover:
+This guide will explain how to run a container using one of Teleport's Docker
+images and execute commands on that container via Teleport's `tsh` client.
 
-- Getting started with a local Teleport using Docker.
-- Using Teleport with Teleport's native client, `tsh`.
+<Notice scope={["cloud"]} type="tip">
+
+Since all of Teleport's services are run from the same binary, you can
+use our Docker image to run services like the Database Service or App
+Service or explore the Auth and Proxy Services locally.
+
+</Notice>
 
 ## Prerequisites
 
-- Teleport v(=teleport.version=) Open Source or Enterprise.
-- Docker v(=docker.version=) or later.
+<Tabs>
+<TabItem scope={["oss"]} label="Open Source">
+
+- Docker v(=docker.version=) or later. We currently only offer Docker images for
+  `x86_64` architectures.
 
 ```code
 $ docker version
 # Client: Docker Engine - Community
 # Version:           (=docker.version=)
 ```
 
+- The `tsh` client tool, which ships with the `teleport` binary. Visit [Download Teleport](/teleport/download/) to download `tsh`.
+
+</TabItem>
+<TabItem scope={["cloud", "enterprise"]} label="Commercial">
+
+- Docker v(=docker.version=) or later. We currently only offer Docker images for
+  `x86_64` architectures.
+
+```code
+$ docker version
+# Client: Docker Engine - Community
+# Version:           (=docker.version=)
+```
+
+- The `tsh` client tool, which ships with the `teleport` binary. Visit the [customer portal](https://dashboard.gravitational.com/web/login) to download Teleport.
+
+</TabItem>
+</Tabs>
+
 ## Step 1/4. Pick your image
 
-(!docs/pages/includes/image.mdx!)
+<Tabs>
+<TabItem scope={["oss"]} label="Open Source">
+We provide pre-built Docker images for every version of Teleport.
+
+These images are hosted on quay.io. All tags under `quay.io/gravitational/teleport` [are Teleport Open Source images](https://quay.io/repository/gravitational/teleport?tag=latest\&tab=tags).
+
+The table below gives an idea of how our image naming scheme works. We offer images that
+point to a static version of Teleport, as well as images that are automatically rebuilt
+every night. These nightly images point to the latest version of Teleport from the
+three most recent release branches. They are stable, and we recommend their use to
+keep your Teleport installation up to date.
+
+<table>
+ <thead>
+   <tr><td>Image name</td><td>Teleport version</td><td>Image automatically updated?</td><td>Image base</td></tr>
+ </thead>
+ <tbody>
+   <tr><td>`(=teleport.latest_oss_docker_image=)`</td><td>The latest version of Teleport Open Source (=version=)</td><td>Yes</td><td>[Ubuntu 20.04](https://hub.docker.com/\_/ubuntu)</td></tr>
+   <tr><td>`quay.io/gravitational/teleport:(=teleport.version=)`</td><td>The version specified in the image's tag (i.e. (=teleport.version=))</td><td>No</td><td>[Ubuntu 20.04](https://hub.docker.com/\_/ubuntu)</td></tr> 
+ </tbody>
+</table>
+
+For testing, we always recommend that you use the latest release version of Teleport, which is currently `(=teleport.latest_oss_docker_image=)`.
+</TabItem>
+<TabItem scope={["enterprise", "cloud"]} label="Commercial">
+We provide pre-built Docker images for every version of Teleport.
+
+(!docs/pages/includes/enterprise/docker-images.mdx!)
 
-## Step 2/4. Start teleport
+</TabItem>
+</Tabs>
 
-Create teleport configs and start the process with sample `docker run` commands:
+## Step 2/4. Start Teleport
+
+<Tabs>
+<TabItem scope={["oss"]} label="Open Source">
+
+Create Teleport configs and start the process with the following `docker run` commands:
 
 ```code
-# Create local config and data directories for teleport, which will be mounted into the container
+# Create local config and data directories for Teleport, which will be mounted
+# into the container.
 $ mkdir -p ~/teleport/config ~/teleport/data
-# Generate a sample teleport config and write it to the local config directory.
-# This container will write the config and immediately exit - this is expected.
+# Generate a sample Teleport config and write it to the local config directory.
+# This container will write the config and immediately exit--this is expected.
 $ docker run --hostname localhost --rm \
   --entrypoint=/bin/sh \
   -v ~/teleport/config:/etc/teleport \
-  (=teleport.latest_oss_docker_image=) -c "teleport configure > /etc/teleport/teleport.yaml"
-# Start teleport with mounted config and data directories, plus all ports
+  (=teleport.latest_oss_docker_image=) bash -c "teleport configure > /etc/teleport/teleport.yaml"
+# Start Teleport with mounted config and data directories, plus all ports
 $ docker run --hostname localhost --name teleport \
   -v ~/teleport/config:/etc/teleport \
   -v ~/teleport/data:/var/lib/teleport \
   -p 3023:3023 -p 3025:3025 -p 3080:3080 \
   (=teleport.latest_oss_docker_image=)
 ```
 
+</TabItem>
+<TabItem scope={["enterprise", "cloud"]} label="Commercial">
+
+Create Teleport configs and start the process with the following `docker run` commands:
+
+```code
+# Create local config and data directories for Teleport, which will be mounted
+# into the container.
+$ mkdir -p ~/teleport/config ~/teleport/data
+# Generate a sample Teleport config and write it to the local config directory.
+# This container will write the config and immediately exit--this is expected.
+$ docker run --hostname localhost --rm \
+  --entrypoint=/bin/sh \
+  -v ~/teleport/config:/etc/teleport \
+  (=teleport.latest_ent_docker_image=) bash -c "teleport configure > /etc/teleport/teleport.yaml"
+# Start Teleport with mounted config and data directories, plus all ports
+$ docker run --hostname localhost --name teleport \
+  -v ~/teleport/config:/etc/teleport \
+  -v ~/teleport/data:/var/lib/teleport \
+  -p 3023:3023 -p 3025:3025 -p 3080:3080 \
+  (=teleport.latest_ent_docker_image=)
+```
+
+</TabItem>
+</Tabs>
+
 ## Step 3/4. Creating a Teleport user
 
 To create a user inside your Teleport container, use `docker exec`.
 
-This example command will create a Teleport user called `testuser` which is allowed to log in as either operating system user `root` or `ubuntu`:
+This example command will create a Teleport user called `testuser` which is allowed to log in as either `root` or `ubuntu` on the host operating system:
 
 ```code
 $ docker exec teleport tctl users add testuser --roles=editor,access --logins=root,ubuntu,ec2-user
@@ -69,11 +157,9 @@ The Web UI will be available at the displayed URL.
 
 ## Step 4/4. tsh into your Teleport container
 
-Finish signing up and creating your user using the generated link created previously.
-
-[Download and install](https://goteleport.com/teleport/download) a copy of Teleport locally. Doing so will install the `tsh` tool so you can interact with Docker containers.
-
-Open a second terminal and issue the command:
+After you have finished creating your user, open a second terminal and issue the
+command, which will log in to your Teleport cluster via the Proxy Service at
+`localhost`.
 
 ```code
 $ tsh login --proxy=localhost --insecure --user=testuser
@@ -115,7 +201,7 @@ $ tsh ls
 # localhost 127.0.0.1:3022 env=example, hostname=localhost 
 ```
 
-To SSH into the local Node `localhost` (running in your Docker container) issue the following `tsh` command:
+To SSH into the local Node called `localhost`:
 
 ```code
 $ tsh ssh root@localhost

docs/pages/setup/guides/ec2-tags.mdx

@@ -1,20 +1,25 @@
 ---
-title: EC2 Tags as Teleport node labels
-description: How to setup Teleport node labels based on EC2 tags
-h1: Sync EC2 Tags and Teleport node labels
+title: EC2 Tags as Teleport Node Labels
+description: How to set up Teleport Node labels based on EC2 tags
+h1: Sync EC2 Tags and Teleport Node Labels
 ---
 
-This section will explain how to setup Teleport node labels based on EC2 tags.
+This guide will explain how to set up Teleport Node labels based on Amazon EC2 tags.
 
 ## Prerequisites
 
 (!docs/pages/includes/edition-prereqs-tabs.mdx!)
 
-- An AWS EC2 instance running a Teleport node
+- One Teleport Node running on an Amazon EC2 instance. See
+  [Adding Nodes](../admin/adding-nodes.mdx) for how to set up a Teleport Node.
+- The following software installed on your Teleport Node: `curl`, `python`, and
+  the `aws` CLI, which comes from the `awscli` Python package.
 
 ## Step 1/3. Deploy the script
 
-You’ll need a script on your instance which can query the AWS API and get the values of tags for you.
+You’ll need a script on your EC2 instance that can query the AWS API and get the
+values of your instance's tags for you. The Teleport Node will then use these
+values to execute RBAC rules.
 
 Here’s one you can use:
 
@@ -46,13 +51,7 @@ Run the command below to make it executable:
 $ chmod +x /usr/local/bin/get-tag.sh
 ```
 
-<Admonition type="note">
-For the script to work, you’ll need `curl`, `python` and the `aws` command line tool installed.
-`aws` comes from the awscli Python package, so you can install it using `pip3 install awscli` or similar.
-If you don’t have `python`, `pip3` or curl installed, look for them in your OS’s package manager.
-</Admonition>
-
-## Step 2/3. Setup IAM role
+## Step 2/3. Set up an IAM role
 
 Grant your EC2 instance an IAM role which will allow it to query tags values for EC2 instances.
 
@@ -79,7 +78,7 @@ Once this is done, query the value of the test tag on your EC2 instance by runni
 tagValue
 ```
 
-## Step 3/3. Modify config file
+## Step 3/3. Modify the Teleport Node config file
 
 Modify your Teleport config file `/etc/teleport.yaml` to add commands to run on your node:
 
@@ -125,6 +124,11 @@ spec:
     port_forwarding: true
 ```
 
-When assigned to Teleport users, this role will only allow them to log into Teleport nodes which have the `aws_tag_test` label with the value of tagValue, effectively gating access to infrastructure based on the value of the EC2 test tag.
+When assigned to Teleport users, this role will only allow them to log in to
+Teleport Nodes which have the `aws_tag_test` label with the value of `tagValue`,
+effectively gating access to infrastructure based on the value of the EC2 `test`
+tag.
 
-By adding multiple commands to a Teleport node set to the values of different tags and then adding Teleport roles which reference them, you can build quite complex RBAC systems based off your EC2 tagging structure.
+By adding multiple commands to a Teleport Node, setting the values of different
+tags, then adding Teleport roles that reference these tags, you can build
+fine-grained RBAC systems based on your EC2 tagging structure.