Teleport replaces the #1 source of data breaches — secrets — with true identity to deliver phishing-proof zero trust access for every engineer and service connected to your global infrastructure.Get Started
|⟵ tunnel||region: us-west-1|
|⟵ tunnel||region: sa-east-1|
|⟵ tunnel||region: us-west-2|
|⟵ tunnel||region: eu-west-1|
|⟵ tunnel||region: us-east-1|
|RDS PostgreSQL||env: devpostgres|
|Self-hosted MongoDB||env: dev-1mongodb|
|GCP SQL Postgres||env: prodsql|
|Self-hosted CockroachDB||env: prodcrdb|
|Self-hosted Mysql||env: dev-2mysql|
|env: stg2region: us-west-2|
|Windows Prod||name: Prod|
|Windows Dev||name: Dev|
|Windows Bizops||name: Biz|
|Windows Sys||name: Sys|
Teleport's Identity-Native Access Proxy allows any engineer or machine to securely connect to any infrastructure resource in the world without the need for cumbersome VPNs.
Teleport was born "identity-native" on day one — no passwords, no secrets. With the combination of secretless and zero trust, engineers get an amazing experience while improving security.
Teleport is the single source of truth for access, synchronized across your entire infrastructure. Beyond RBAC, Teleport's Just-In-Time Access Requests allow for temporary privilege escalation based on resource or role, leaving an attacker with no permanent admins to target.
Teleport observes and records every online resource, connection, interactive session, and other security events across all environments. These events are captured in a structured audit log, making it easy to see what's happening and who is responsible.
Open source Teleport was designed to provide access to the infrastructure you need without slowing you down. With a single tool, engineers get unified access to Linux and Windows servers, Kubernetes clusters, databases and DevOps applications like AWS Management Console, CI/CD, version control, and monitoring dashboards across all environments.
Secrets like passwords, keys, tokens, even browser cookies are the #1 source of data breaches. Any access solution that tries to make secrets more secure is just pushing back the inevitable.
Teleport's Identity-Native access is different. By removing secrets from your infrastructure, phishing and pivot attacks are rendered useless since there is nothing to steal. Additionally, identity dramatically improves the access experience of engineers. Instead of juggling hundreds of credentials, all engineers need to do is login to Teleport one time using secure biometrics.
This is why Teleport is the one solution that engineering and security teams can agree on.
Without Teleport, engineers must access infrastructure using an insecure and cumbersome mix of VPNs, bastions, secrets and legacy PAM solutions, each with its own access control and audit layer. Visibility is minimal and the risk of error is high. Controlling permissions for services connected to your infrastructure is just as complex.
With Teleport, every connection across your global infrastructure passes through Teleport’s Identity-Aware Access Proxy where it is authenticated and authorized based on human or machine identity. Because engineers and services are treated the same, you have complete visibility and control over every connection without managing different access control systems. And because Teleport bases authn/z on identity instead of static credentials like keys and passwords, it is more secure, cost effective to scale and easier to use.
Consolidate identity-native access to SSH, Kubernetes, Databases, Applications, and Windows across your infrastructure.
SSH securely into Linux servers
Access Kubernetes clusters securely
Easily access to SQL, NoSQL, and cloud databases
Access your DevOps toolkit like CI/CD, monitoring and AWS Management Console
Access any Windows host via the browser
Teleport is the declarative language for defining infrastructure access. Similar to how code and DevOps shifted left, access security is going through a similar transformation. With Teleport's access-as-code approach, entire classes of attacks are eliminated. There are no passwords, access is consolidated to a single port, and programmatic access is locked down.
Teleport allows organizations to define access before going into production and access to be "just-in-time."
# on a client$ tsh login --proxy=example.com
# on a server$ apt install teleport
# in a Kubernetes cluster$ helm install
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
Teleport consists of just two binaries.