Faster.
More Secure.

Identity-Native Infrastructure Access

Teleport replaces the #1 source of data breaches — secrets — with true identity to deliver phishing-proof zero trust access for every engineer and service connected to your global infrastructure.

Get Started
Servers
Databases
Kubernetes
Applications
Desktops
Activity
Team
Servers
600 total
Add Server
avatar
HostnameAddressLabelsActions
ip-10-0-0-115
⟵ tunnelregion: us-west-1
ip-10-0-0-20
⟵ tunnelregion: sa-east-1
ip-10-0-0-60
⟵ tunnelregion: us-west-2
ip-10-0-0-85
⟵ tunnelregion: eu-west-1
ip-10-0-0-90
⟵ tunnelregion: us-east-1
NameTypeLabelsActions
aurora
RDS PostgreSQLenv: devpostgres
mongodb
Self-hosted MongoDBenv: dev-1mongodb
gcloud
GCP SQL Postgresenv: prodsql
Cockroach
Self-hosted CockroachDBenv: prodcrdb
mysql
Self-hosted Mysqlenv: dev-2mysql
NameLabelsActions
eks-stg-cluster
env: stg2region: us-west-2
eks-prod-cluster
env:prodregion:us-east-2
galactus
env:prodentropy-service
eks-dev-cluster
env:stgregion:us-east-2
galaxy
env:stgEKS
NameAddressLabelsActions
aws
https://dev.runteleport.comenv: dev
grafana
https://grafana.runteleport.comenv: work
jenkins
https://jenkins.runteleport.comenv: work
metabase
https://meta.runteleport.comenv: dev
gitlab
https://gitlab.runteleport.comenv: dev
AddressNameLabelsActions
10.0.0.10
Windowsname: Base
10.0.40.10
Windows Prodname: Prod
10.0.32.10
Windows Devname: Dev
10.0.130.2
Windows Bizopsname: Biz
10.0.157.72
Windows Sysname: Sys
NodeUser(s)DurationActions
ip-10-0-0-51
alice5 mins
ip-10-0-0-120
bob7 mins
ip-10-0-0-51
slack-plugin10 mins
ip-10-0-0-22
terraform5 mins
ip-10-0-0-120
eve7 mins
UsernameRolesTypeActions
alice
accessGithub
bob
accessGithub
terraform
terraformLocal User
slack-plugin
slackLocal User
eve
accessLocal User

Why Use Teleport

Identity-Native Infrastructure Access for engineers and machines.

Connect

Teleport's Identity-Native Access Proxy allows any engineer or machine to securely connect to any infrastructure resource in the world without the need for cumbersome VPNs.


Authenticate

Teleport was born "identity-native" on day one — no passwords, no secrets. With the combination of secretless and zero trust, engineers get an amazing experience while improving security.


Authorize

Teleport is the single source of truth for access, synchronized across your entire infrastructure. Beyond RBAC, Teleport's Just-In-Time Access Requests allow for temporary privilege escalation based on resource or role, leaving an attacker with no permanent admins to target.


Audit

Teleport observes and records every online resource, connection, interactive session, and other security events across all environments. These events are captured in a structured audit log, making it easy to see what's happening and who is responsible.

Why Use Teleport

Built for engineers

Open source Teleport was designed to provide access to the infrastructure you need without slowing you down. With a single tool, engineers get unified access to Linux and Windows servers, Kubernetes clusters, databases and DevOps applications like AWS Management Console, CI/CD, version control, and monitoring dashboards across all environments.

pam winking with rainbow fingerprint

Identity

What's next in access?

Secrets like passwords, keys, tokens, even browser cookies are the #1 source of data breaches. Any access solution that tries to make secrets more secure is just pushing back the inevitable.

Teleport's Identity-Native access is different. By removing secrets from your infrastructure, phishing and pivot attacks are rendered useless since there is nothing to steal. Additionally, identity dramatically improves the access experience of engineers. Instead of juggling hundreds of credentials, all engineers need to do is login to Teleport one time using secure biometrics.

This is why Teleport is the one solution that engineering and security teams can agree on.

Why Use Teleport

How Teleport works

Teleport's unique architecture enables the secretless and zero-trust experience that both engineers and security teams love. Teleport's Identity-Native Access Proxy requires only a single open port to provide access to any Linux or Windows server, Kubernetes Cluster, Database or internal application.

With an optional lightweight Teleport agent running on every host, you get dramatically deeper and more granular access controls and audit than VPN or homegrown bastion services can provide.

Teleport Identity Native Proxy diagram

Why Use Teleport

Teleport Access Platform protocols

Consolidate identity-native access to SSH, Kubernetes, Databases, Applications, and Windows across your infrastructure.

SSH

SSH securely into Linux servers


Kubernetes

Access Kubernetes clusters securely


Databases

Easily access to SQL, NoSQL, and cloud databases


Applications

Access your DevOps toolkit like CI/CD, monitoring and AWS Management Console


Windows

Access any Windows host via the browser

Shift Left Security

The language of infrastructure access

Teleport is the declarative language for defining infrastructure access. Similar to how code and DevOps shifted left, access security is going through a similar transformation. With Teleport's access-as-code approach, entire classes of attacks are eliminated. There are no passwords, access is consolidated to a single port, and programmatic access is locked down.

Teleport allows organizations to define access before going into production and access to be "just-in-time."

pam winking with rainbow fingerprint

Works with everything you have

Teleport is open source and relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as easily as any other modern software package, it seamlessly integrates with the rest of your stack.

Amazon

CockroachDB

Elasticsearch

Github

Kubernetes

Linux

MongoDB

Okta

Rancher

Redis

Snowflake

Windows

...and many more

Terminal
# on a client$ tsh login--proxy=example.com
# on a server$ apt install teleport
# in a Kubernetes cluster$ helm install

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.

  1. The tsh client allows users to login to retrieve short-lived certificates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
Download Teleport

Try Teleport today

In the cloud, self-hosted, or open source.
View developer docs

Get Started
pam