Add Cloud-specific instructions to two guides

Backports #10674

* Add Cloud-specific instructions to two guides

Ensure that users of a particular scope don't see irrelevant info

See #10633

GitHub SSO guide
 - Edit the tctl partial to show only scope-relevant info.
 - Use tabs in the Prerequisites
 - Light edits for clarity

Adding Nodes
- Use Tabs for prerequisites
- Move sections specific to self-hosted deployments into Details
  boxes that are hidden for Cloud users
- Use Tabs components to offer Cloud-specific alternatives to
  examples of commands that presuppose a self-hosted deployment
- Misc clarity edits

* Respond to PR feedback

* Fix linter issues

docs/pages/cloud/faq.mdx

@@ -29,7 +29,7 @@ Currently there is no way to provide your own bucket.
 ## How do I add nodes to Teleport Cloud?
 
 You can connect servers, kubernetes clusters, databases and applications
-using [reverse tunnels](../setup/admin/adding-nodes.mdx#adding-a-node-located-behind-nat).
+using [reverse tunnels](../setup/admin/adding-nodes.mdx).
 
 There is no need to open any ports on your infrastructure for inbound traffic.
 
@@ -56,7 +56,7 @@ $ tctl tokens add --type=node
 ## Are dynamic node tokens available?
 
 After [connecting](#how-can-i-access-the-tctl-admin-tool) `tctl` to Teleport Cloud, users can generate
-[dynamic tokens](../setup/admin/adding-nodes.mdx#short-lived-dynamic-tokens):
+[dynamic tokens](../setup/admin/adding-nodes.mdx):
 
 ```code
 $ tctl nodes add --ttl=5m --roles=node,proxy --token=$(uuid)

docs/pages/faq.mdx

@@ -35,7 +35,7 @@ section of the Admin Manual.
 
 This was a popular customer [request](https://github.com/gravitational/teleport/issues/803) that was added in Teleport version 4.0.
 Once you've upgraded your Teleport Cluster, change the node config option `--auth-server` to point to web proxy address (this would be `public_addr` and `web_listen_addr`
-in file configuration). As defined in [Adding a node located behind NAT - Teleport Node Tunneling](./setup/admin/adding-nodes.mdx#adding-a-node-located-behind-nat)
+in file configuration). For more information, see [Adding Nodes to the Cluster](./setup/admin/adding-nodes.mdx).
 
 ### Can nodes use a single port for reverse tunnels?
 

docs/pages/includes/tctl.mdx

@@ -1,22 +1,34 @@
-<Details title="Before you begin: verify connectivity" opened={false}>
+<Details 
+title="Make sure you can connect to Teleport" 
+scope={["oss", "enterprise"]} 
+scopeOnly={true}
+opened={true}
+>
 
-Verify that your Teleport client is connected:
+Verify that your Teleport client is connected by running the following on your
+Auth Service host:
 
 ```code
 $ tctl status
-
 # Cluster  tele.example.com
 # Version  (=teleport.version=)
 # CA pin   sha256:sha-hash-here
 ```
+</Details>
+<Details 
+title="Make sure you can connect to Teleport" 
+scope={["cloud"]}
+scopeOnly={true}
+opened={true}
+>
 
-<Notice title="Connecting to the cloud" type="note" scope={["cloud"]}>
-To try this flow in the cloud, login into your cluster using `tsh`, then use `tctl` remotely:
+To connect to Teleport, log in to your cluster using `tsh`, then use `tctl` remotely:
 
 ```code
-$ tsh login --proxy=myinstance.teleport.sh
+$ tsh login --proxy=myinstance.teleport.sh [email protected]
 $ tctl status
+# Cluster  myinstance.teleport.sh
+# Version  (=teleport.version=)
+# CA pin   sha256:sha-hash-here
 ```
-</Notice>
-
 </Details>

docs/pages/kubernetes-access/helm/guides/custom.mdx

@@ -16,7 +16,7 @@ migrating your setup from a legacy version of the Helm charts.
 In `custom` mode, the `teleport-cluster` Helm chart does not create a `ConfigMap` containing a `teleport.yaml` file for you, but
 expects that you will provide this yourself.
 
-For this example, we'll be using this `teleport.yaml` configuration file (with appropriately complex [static tokens](../../../setup/admin/adding-nodes.mdx#insecure-static-tokens)):
+For this example, we'll be using this `teleport.yaml` configuration file with a static join token (for more information on join tokens, see [Adding Nodes to the Cluster](../../../setup/admin/adding-nodes.mdx)):
 
 ```bash
 $ cat << EOF > teleport.yaml