The easiest, most secure way to access infrastructure.
Only the open-source Teleport Access Plane consolidates connectivity, authentication, authorization, and audit into a single platform to improve security & agility.
| Hostname | Address | Labels | Actions |
|---|---|---|---|
ip-10-0-0-115 | ⟵ tunnel | region: us-west-1 | |
ip-10-0-0-20 | ⟵ tunnel | region: sa-east-1 | |
ip-10-0-0-60 | ⟵ tunnel | region: us-west-2 | |
ip-10-0-0-85 | ⟵ tunnel | region: eu-west-1 | |
ip-10-0-0-90 | ⟵ tunnel | region: us-east-1 |
| Name | Type | Labels | Actions |
|---|---|---|---|
aurora | RDS PostgreSQL | env: devpostgres | |
mongodb | Self-hosted MongoDB | env: dev-1mongodb | |
gcloud | GCP SQL Postgres | env: prodsql | |
Cockroach | Self-hosted CockroachDB | env: prodcrdb | |
mysql | Self-hosted Mysql | env: dev-2mysql |
| Name | Labels | Actions |
|---|---|---|
eks-stg-cluster | env: stg2region: us-west-2 | |
eks-prod-cluster | env:prodregion:us-east-2 | |
galactus | env:prodentropy-service | |
eks-dev-cluster | env:stgregion:us-east-2 | |
galaxy | env:stgEKS |
| Name | Address | Labels | Actions |
|---|---|---|---|
aws | https://dev.teleport-8.earth | env: dev | |
grafana | https://grafana.teleport-8.earth | env: work | |
jenkins | https://jenkins.teleport-8.earth | env: work | |
metabase | https://meta.teleport-8.earth | env: dev | |
gitlab | https://gitlab.teleport-8.earth | env: dev |
| Address | Name | Labels | Actions |
|---|---|---|---|
10.0.0.10 | Windows | name: Base | |
10.0.40.10 | Windows Prod | name: Prod | |
10.0.32.10 | Windows Dev | name: Dev | |
10.0.130.2 | Windows Bizops | name: Biz | |
10.0.157.72 | Windows Sys | name: Sys |
| Node | User(s) | Duration | Actions |
|---|---|---|---|
ip-10-0-0-51 | alice | 5 mins | |
ip-10-0-0-120 | bob | 7 mins | |
ip-10-0-0-51 | slack-plugin | 10 mins | |
ip-10-0-0-22 | terraform | 5 mins | |
ip-10-0-0-120 | eve | 7 mins |
| Username | Roles | Type | Actions |
|---|---|---|---|
alice | access | Github | |
bob | access | Github | |
terraform | terraform | Local User | |
slack-plugin | slack | Local User | |
eve | access | Local User |
Features & benefits
The Teleport Access Plane
By consolidating all aspects of infrastructure access into a single platform for software engineers and the applications they write, Teleport reduces attack surface area, cuts operational overhead, easily enforces compliance, and improves productivity. The Teleport Access Plane replaces VPNs, shared credentials, and legacy privileged access management technologies, improving security and engineering productivity.
Teleport Connect
Securely connect to your global infrastructure regardless of network boundaries.
Teleport Authenticate
Identity-based access for humans, machines, and services.
Teleport Authorize
Implement fine-grained access controls for every employee and service accessing your infrastructure.
Teleport Audit
Achieve unprecedented visibility into infrastructure access and behavior so you can meet and exceed compliance objectives.
Open source
Built for engineers
Open source Teleport was designed to provide access to the infrastructure you need without slowing you down. With a single tool, engineers and security professionals get unified access to Linux and Windows servers, Kubernetes clusters, databases and DevOps applications like CI/CD, version control, and monitoring dashboards across all environments.
Teleport products
The Teleport Access Plane consists of five products to deliver protocol-aware capabilities deep into your infrastrucure.
Why Teleport
Security software done right
Security software done right gets out of the way, improving productivity while protecting critical infrastructure. The key is simplicity.
Easy-to-use software is essential to first-class security because it reduces the risk of a human error. Teleport embodies the principle of simplicity in everything that we do. This is why the fastest growing, most innovative companies choose Teleport.
Learn About UsSpeed is key to our business. But so is security. The Teleport Access Plane allows our engineers to securely access the infrastructure they need to do their jobs without getting in the way of productivity. Everybody wins.
Luke Christopherson
Software Engineer, DoorDash
Teleport Access Requests changed the game in simplifying our infrastructure access for various compliances. It's led to more freedom and innovation by allowing us to move away from pre-defined root accounts. We have been extremely happy with the product.
Erik Redding
Director, Site Reliability Engineering, Elastic
Audit and recorded sessions in Teleport give us an understanding of exactly what was happening at any given moment. This is incredibly critical from a security and compliance perspective.
Mario Loria
Senior Site Reliability Engineer II, Carta
Teleport is our solution for secure remote access to customer environments. We’re especially fond of the node tunneling feature, which allows us to access environments with restrictive firewall policies in place. The OIDC integration and full session capture are key for us as well.
Zac Bergquist
Software Engineer, VMWare
Teleport allows us to comply with the regulatory hurdles that come with running an international stock exchange. The use of bastion hosts, integration with our identity service and auditing capabilities give us a compliant way to access our internal infrastructure.
Brendan Germain
Systems Reliability Engineer, Nasdaq
Teleport has made obtaining a FedRAMP-Moderate ATO that much more achievable via their FIPS 140-2 endpoints, ease in integration with our SSO and MFA , and the view into audit logs of remote connection sessions provide the appropriate insight for Continuous Monitoring.
Jeff Gill
Senior Director of Engineering, SumoLogic
Demo Video
Works with everything you have
Teleport Server Access is open source and relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single binary, it seamlessly integrates with the rest of your stack.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
# on a client
$ tsh login --proxy=example.com
# on a server
$ apt install teleport
# in a Kubernetes cluster
$ helm install