Update DBeaver guides to use authenticated local proxy.

docs/pages/database-access/guides/gui-clients.mdx

@@ -79,6 +79,25 @@ Ensure that your environment includes the following:
 <ScopedBlock scope={["oss", "enterprise"]}>
 
 <Tabs>
+<TabItem label="Authenticated Proxy">
+Starting the local database proxy with the `--tunnel` flag will create an
+authenticated tunnel that you can use to connect to your database instances.
+You won't need to configure any credentials when connecting to this tunnel.
+
+Here is an example on how to start the proxy:
+
+```bash
+# First, login into the database.
+$ tsh db login <database-name>
+
+# Then, start the local proxy.
+$ tsh proxy db --tunnel <database-name>
+Started authenticated tunnel for the <engine> database "<database-name>" in cluster "<cluster-name>" on 127.0.0.1:62652.
+```
+
+You can then connect to the address the proxy command returns, in our example it
+is `127.0.0.1:62652`.
+</TabItem>
 <TabItem label="TLS routing">
 If you're using Teleport in [TLS routing](../../setup/operations/tls-routing.mdx)
 mode where each database protocol is multiplexed on the same web proxy port, use
@@ -178,6 +197,20 @@ certificate, key and root certificate from the configuration above:
 Click "Save", and pgAdmin should immediately connect. If pgAdmin prompts you
 for password, leave the password field empty and click OK.
 
+## PostgreSQL DBeaver
+To connect to your PostgreSQL instance, use the authenticated proxy address.
+This is `127.0.0.1:62652` in the example above (see the “Authenticated Proxy”
+section on [Get connection information](./gui-clients.mdx#get-connection-information)
+for more information).
+
+Use the "Database native" authentication with an empty password:
+
+![DBeaver Postgres Configure
+Server](../../../img/database-access/dbeaver-pg-configure-server.png)
+
+Clicking on "Test connection" should return a connection success message. Then,
+click on "Finish" to save the configuration.
+
 ## MySQL Workbench
 
 [MySQL Workbench](https://www.mysql.com/products/workbench/) is a GUI
@@ -219,7 +252,8 @@ In the search bar of the "Connect to a database" window that opens up, type "mys
 
 ![DBeaver Select Driver](../../../img/database-access/dbeaver-select-driver.png)
 
-In the newly-opened "Connection Settings" tab, copy the `Server Host` and `Port` from the `tsh db config` output into the DBeaver config fields:
+In the newly-opened "Connection Settings" tab, use the Host as `localhost` and
+Port as the one returned by the proxy command (`62652` in the example above):
 
 ![DBeaver Select Configure Server](../../../img/database-access/dbeaver-configure-server.png)
 
@@ -233,20 +267,8 @@ Authentication" box, and click "Ok" to save:
 
 ![DBeaver Driver Settings](../../../img/database-access/dbeaver-driver-settings.png)
 
-Once you are back in the "Connection Settings" window, navigate to the "Driver
-Properties" tab, scroll down to find the `enabledTLSProtocols` field and enter
-"TLSv1.2" into the `Value` field:
-
-![DBeaver TLS Settings](../../../img/database-access/dbeaver-tls-settings.png)
-
-Navigate to the "SSL" tab, check the "Use SSL" box, uncheck the "Verify Server
-Certificates" box, and copy the `CA Certificate`, `Client Certificate`, and
-`Client Private Key` paths from the output of the `tsh` command you ran at the
-beginning of this guide:
-
-![DBeaver SSL](../../../img/database-access/dbeaver-ssl.png)
-
-Click "Ok" to finish and DBeaver should connect to the remote MySQL server automatically.
+Once you are back in the "Connection Settings" window, click "Ok" to finish and
+DBeaver should connect to the remote MySQL server automatically.
 
 ## MongoDB Compass
 
@@ -276,7 +298,7 @@ Click on the "Connect" button.
 ## SQL Server DBeaver
 
 In the DBeaver connection configuration menu, use your proxy's endpoint. This is
-`localhost:4242` in the example above. (See
+`localhost:62652` in the example above. (See
 [Get connection information](./gui-clients.mdx#get-connection-information) for
 more information.)