Are you using multiple AWS accounts to separate your environments?
Dec 14
Virtual
Learn More
The Open Infrastructure Access Platform
The easiest, most secure way
to access all your infrastructure.
What is Teleport?
DevOps teams use Teleport to access SSH and Windows servers, Kubernetes, databases, AWS Console, and web applications. Teleport prevents phishing by moving away from static credentials towards ephemeral certificates backed by biometrics and hardware identity, and stops attacker pivots with the Zero Trust design.
Servers
600 total
Add Server
| Hostname | Address | Labels | Actions |
|---|---|---|---|
ip-10-0-0-115 | ⟵ tunnel | region: us-west-1 | |
ip-10-0-0-20 | ⟵ tunnel | region: sa-east-1 | |
ip-10-0-0-60 | ⟵ tunnel | region: us-west-2 | |
ip-10-0-0-85 | ⟵ tunnel | region: eu-west-1 | |
ip-10-0-0-90 | ⟵ tunnel | region: us-east-1 |
| Name | Type | Labels | Actions |
|---|---|---|---|
aurora | RDS PostgreSQL | env: devpostgres | |
mongodb | Self-hosted MongoDB | env: dev-1mongodb | |
gcloud | GCP SQL Postgres | env: prodsql | |
Cockroach | Self-hosted CockroachDB | env: prodcrdb | |
mysql | Self-hosted Mysql | env: dev-2mysql |
| Name | Labels | Actions |
|---|---|---|
eks-stg-cluster | env: stg2region: us-west-2 | |
eks-prod-cluster | env:prodregion:us-east-2 | |
galactus | env:prodentropy-service | |
eks-dev-cluster | env:stgregion:us-east-2 | |
galaxy | env:stgEKS |
| Name | Address | Labels | Actions |
|---|---|---|---|
aws | https://dev.runteleport.com | env: dev | |
grafana | https://grafana.runteleport.com | env: work | |
jenkins | https://jenkins.runteleport.com | env: work | |
metabase | https://meta.runteleport.com | env: dev | |
gitlab | https://gitlab.runteleport.com | env: dev |
| Address | Name | Labels | Actions |
|---|---|---|---|
10.0.0.10 | Windows | name: Base | |
10.0.40.10 | Windows Prod | name: Prod | |
10.0.32.10 | Windows Dev | name: Dev | |
10.0.130.2 | Windows Bizops | name: Biz | |
10.0.157.72 | Windows Sys | name: Sys |
| Node | User(s) | Duration | Actions |
|---|---|---|---|
ip-10-0-0-51 | alice | 5 mins | |
ip-10-0-0-120 | bob | 7 mins | |
ip-10-0-0-51 | slack-plugin | 10 mins | |
ip-10-0-0-22 | terraform | 5 mins | |
ip-10-0-0-120 | eve | 7 mins |
| Username | Roles | Type | Actions |
|---|---|---|---|
alice | access | GitHub | |
bob | access | GitHub | |
terraform | terraform | Local User | |
slack-plugin | slack | Local User | |
eve | access | Local User |
200%
reduce risk
Teleport’s use of identity instead of credentials will, as demonstrated, reduce this risk by 200% compared to that posed by static credentials
Paul Stringfellow
Why Use Teleport
Before and after Teleport
Before Teleport
- Access silos everywhere. Engineers use a mixture of VPNs, bastion hosts and proxies.
- High operational overhead of managing privileges across different infrastructure layers.
- Vulnerable to phishing because access is granted based on static credentials.
- Connectivity, authentication, authorization and audit are handled by stitched together systems such as IAM, SASE, PAM, and SIEM.
- Privileges are granted based on static user roles.
After Teleport
- A single login command gives engineers access to all infrastructure layers they need.
- Single place to manage all privileges for all layers of the stack, for humans and machines.
- Phishing-proof access is based on ephemeral or single-use certificates.
- Vertically integrated access platform tailored to the scale and security considerations of cloud-native infrastructure.
- Minimal privileges are dynamically granted to complete a given task.
Works with everything you have
Teleport integrates with over 170 cloud based resources
Our vision for Teleport Terminal is to become the universal user interface for everything in the cloud. Below is the list of the resources it supports, and we’ll be adding new protocols quickly:
Terminal
# on a client$ tsh login --proxy=example.com
# on a server$ apt install teleport
# in a Kubernetes cluster$ helm installEasy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
Teleport consists of just two binaries.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
