Faster.
More Secure.
Identity-Native Infrastructure Access
Teleport replaces the #1 source of data breaches — secrets — with true identity to deliver phishing-proof zero trust access for every engineer and service connected to your global infrastructure.
Get Started
| Hostname | Address | Labels | Actions |
|---|---|---|---|
ip-10-0-0-115 | ⟵ tunnel | region: us-west-1 | |
ip-10-0-0-20 | ⟵ tunnel | region: sa-east-1 | |
ip-10-0-0-60 | ⟵ tunnel | region: us-west-2 | |
ip-10-0-0-85 | ⟵ tunnel | region: eu-west-1 | |
ip-10-0-0-90 | ⟵ tunnel | region: us-east-1 |
| Name | Type | Labels | Actions |
|---|---|---|---|
aurora | RDS PostgreSQL | env: devpostgres | |
mongodb | Self-hosted MongoDB | env: dev-1mongodb | |
gcloud | GCP SQL Postgres | env: prodsql | |
Cockroach | Self-hosted CockroachDB | env: prodcrdb | |
mysql | Self-hosted Mysql | env: dev-2mysql |
| Name | Labels | Actions |
|---|---|---|
eks-stg-cluster | env: stg2region: us-west-2 | |
eks-prod-cluster | env:prodregion:us-east-2 | |
galactus | env:prodentropy-service | |
eks-dev-cluster | env:stgregion:us-east-2 | |
galaxy | env:stgEKS |
| Name | Address | Labels | Actions |
|---|---|---|---|
aws | https://dev.runteleport.com | env: dev | |
grafana | https://grafana.runteleport.com | env: work | |
jenkins | https://jenkins.runteleport.com | env: work | |
metabase | https://meta.runteleport.com | env: dev | |
gitlab | https://gitlab.runteleport.com | env: dev |
| Address | Name | Labels | Actions |
|---|---|---|---|
10.0.0.10 | Windows | name: Base | |
10.0.40.10 | Windows Prod | name: Prod | |
10.0.32.10 | Windows Dev | name: Dev | |
10.0.130.2 | Windows Bizops | name: Biz | |
10.0.157.72 | Windows Sys | name: Sys |
| Node | User(s) | Duration | Actions |
|---|---|---|---|
ip-10-0-0-51 | alice | 5 mins | |
ip-10-0-0-120 | bob | 7 mins | |
ip-10-0-0-51 | slack-plugin | 10 mins | |
ip-10-0-0-22 | terraform | 5 mins | |
ip-10-0-0-120 | eve | 7 mins |
| Username | Roles | Type | Actions |
|---|---|---|---|
alice | access | Github | |
bob | access | Github | |
terraform | terraform | Local User | |
slack-plugin | slack | Local User | |
eve | access | Local User |
Why Use Teleport
Identity-Native Infrastructure Access for engineers and machines.
Connect
Teleport's Identity-Native Access Proxy allows any engineer or machine to securely connect to any infrastructure resource in the world without the need for cumbersome VPNs.
Authenticate
Teleport was born "identity-native" on day one — no passwords, no secrets. With the combination of secretless and zero trust, engineers get an amazing experience while improving security.
Authorize
Teleport is the single source of truth for access, synchronized across your entire infrastructure. Beyond RBAC, Teleport's Just-In-Time Access Requests allow for temporary privilege escalation based on resource or role, leaving an attacker with no permanent admins to target.
Audit
Teleport observes and records every online resource, connection, interactive session, and other security events across all environments. These events are captured in a structured audit log, making it easy to see what's happening and who is responsible.
Why Use Teleport
Built for engineers
Open source Teleport was designed to provide access to the infrastructure you need without slowing you down. With a single tool, engineers get unified access to Linux and Windows servers, Kubernetes clusters, databases and DevOps applications like AWS Management Console, CI/CD, version control, and monitoring dashboards across all environments.
Identity
What's next in access?
Secrets like passwords, keys, tokens, even browser cookies are the #1 source of data breaches. Any access solution that tries to make secrets more secure is just pushing back the inevitable.
Teleport's Identity-Native access is different. By removing secrets from your infrastructure, phishing and pivot attacks are rendered useless since there is nothing to steal. Additionally, identity dramatically improves the access experience of engineers. Instead of juggling hundreds of credentials, all engineers need to do is login to Teleport one time using secure biometrics.
This is why Teleport is the one solution that engineering and security teams can agree on.
Why Use Teleport
How Teleport works
Teleport's unique architecture enables the secretless and zero-trust experience that both engineers and security teams love. Teleport's Identity-Native Access Proxy requires only a single open port to provide access to any Linux or Windows server, Kubernetes Cluster, Database or internal application.
With an optional lightweight Teleport agent running on every host, you get dramatically deeper and more granular access controls and audit than VPN or homegrown bastion services can provide.
Why Use Teleport
Teleport Access Platform protocols
Consolidate identity-native access to SSH, Kubernetes, Databases, Applications, and Windows across your infrastructure.
SSH
SSH securely into Linux servers
Kubernetes
Access Kubernetes clusters securely
Databases
Easily access to SQL, NoSQL, and cloud databases
Applications
Access your DevOps toolkit like CI/CD, monitoring and AWS Management Console
Windows
Access any Windows host via the browser
Shift Left Security
The language of infrastructure access
Teleport is the declarative language for defining infrastructure access. Similar to how code and DevOps shifted left, access security is going through a similar transformation. With Teleport's access-as-code approach, entire classes of attacks are eliminated. There are no passwords, access is consolidated to a single port, and programmatic access is locked down.
Teleport allows organizations to define access before going into production and access to be "just-in-time."
Works with everything you have
Amazon
CockroachDB
Elasticsearch
Github
Kubernetes
Linux
MongoDB
Okta
Rancher
Redis
Snowflake
Windows
...and many more
# on a client$ tsh login--proxy=example.com
# on a server$ apt install teleport
# in a Kubernetes cluster$ helm installEasy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
Teleport consists of just two binaries.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
