Teleport replaces the #1 source of data breaches — secrets — with true identity to deliver phishing-proof zero trust access for every engineer and service connected to your global infrastructure.
Get StartedHostname | Address | Labels | Actions |
---|---|---|---|
ip-10-0-0-115 | ⟵ tunnel | region: us-west-1 | |
ip-10-0-0-20 | ⟵ tunnel | region: sa-east-1 | |
ip-10-0-0-60 | ⟵ tunnel | region: us-west-2 | |
ip-10-0-0-85 | ⟵ tunnel | region: eu-west-1 | |
ip-10-0-0-90 | ⟵ tunnel | region: us-east-1 |
Name | Type | Labels | Actions |
---|---|---|---|
aurora | RDS PostgreSQL | env: devpostgres | |
mongodb | Self-hosted MongoDB | env: dev-1mongodb | |
gcloud | GCP SQL Postgres | env: prodsql | |
Cockroach | Self-hosted CockroachDB | env: prodcrdb | |
mysql | Self-hosted Mysql | env: dev-2mysql |
Name | Labels | Actions |
---|---|---|
eks-stg-cluster | env: stg2region: us-west-2 | |
eks-prod-cluster | env:prodregion:us-east-2 | |
galactus | env:prodentropy-service | |
eks-dev-cluster | env:stgregion:us-east-2 | |
galaxy | env:stgEKS |
Name | Address | Labels | Actions |
---|---|---|---|
aws | https://dev.runteleport.com | env: dev | |
grafana | https://grafana.runteleport.com | env: work | |
jenkins | https://jenkins.runteleport.com | env: work | |
metabase | https://meta.runteleport.com | env: dev | |
gitlab | https://gitlab.runteleport.com | env: dev |
Address | Name | Labels | Actions |
---|---|---|---|
10.0.0.10 | Windows | name: Base | |
10.0.40.10 | Windows Prod | name: Prod | |
10.0.32.10 | Windows Dev | name: Dev | |
10.0.130.2 | Windows Bizops | name: Biz | |
10.0.157.72 | Windows Sys | name: Sys |
Node | User(s) | Duration | Actions |
---|---|---|---|
ip-10-0-0-51 | alice | 5 mins | |
ip-10-0-0-120 | bob | 7 mins | |
ip-10-0-0-51 | slack-plugin | 10 mins | |
ip-10-0-0-22 | terraform | 5 mins | |
ip-10-0-0-120 | eve | 7 mins |
Username | Roles | Type | Actions |
---|---|---|---|
alice | access | Github | |
bob | access | Github | |
terraform | terraform | Local User | |
slack-plugin | slack | Local User | |
eve | access | Local User |
Teleport's Identity-Native Access Proxy allows any engineer or machine to securely connect to any infrastructure resource in the world without the need for cumbersome VPNs.
Teleport was born "identity-native" on day one — no passwords, no secrets. With the combination of secretless and zero trust, engineers get an amazing experience while improving security.
Teleport is the single source of truth for access, synchronized across your entire infrastructure. Beyond RBAC, Teleport's Just-In-Time Access Requests allow for temporary privilege escalation based on resource or role, leaving an attacker with no permanent admins to target.
Teleport observes and records every online resource, connection, interactive session, and other security events across all environments. These events are captured in a structured audit log, making it easy to see what's happening and who is responsible.
Open source Teleport was designed to provide access to the infrastructure you need without slowing you down. With a single tool, engineers get unified access to Linux and Windows servers, Kubernetes clusters, databases and DevOps applications like AWS Management Console, CI/CD, version control, and monitoring dashboards across all environments.
Secrets like passwords, keys, tokens, even browser cookies are the #1 source of data breaches. Any access solution that tries to make secrets more secure is just pushing back the inevitable.
Teleport's Identity-Native access is different. By removing secrets from your infrastructure, phishing and pivot attacks are rendered useless since there is nothing to steal. Additionally, identity dramatically improves the access experience of engineers. Instead of juggling hundreds of credentials, all engineers need to do is login to Teleport one time using secure biometrics.
This is why Teleport is the one solution that engineering and security teams can agree on.
Teleport's unique architecture enables the secretless and zero-trust experience that both engineers and security teams love. Teleport's Identity-Native Access Proxy requires only a single open port to provide access to any Linux or Windows server, Kubernetes Cluster, Database or internal application.
With an optional lightweight Teleport agent running on every host, you get dramatically deeper and more granular access controls and audit than VPN or homegrown bastion services can provide.
Consolidate identity-native access to SSH, Kubernetes, Databases, Applications, and Windows across your infrastructure.
SSH securely into Linux servers
Access Kubernetes clusters securely
Easily access to SQL, NoSQL, and cloud databases
Access your DevOps toolkit like CI/CD, monitoring and AWS Management Console
Access any Windows host via the browser
Teleport is the declarative language for defining infrastructure access. Similar to how code and DevOps shifted left, access security is going through a similar transformation. With Teleport's access-as-code approach, entire classes of attacks are eliminated. There are no passwords, access is consolidated to a single port, and programmatic access is locked down.
Teleport allows organizations to define access before going into production and access to be "just-in-time."
Amazon
CockroachDB
Elasticsearch
Github
Kubernetes
Linux
MongoDB
Okta
Rancher
Redis
Snowflake
Windows
# on a client$ tsh login --proxy=example.com
# on a server$ apt install teleport
# in a Kubernetes cluster$ helm install
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
Teleport consists of just two binaries.