Cockroach Labs and Teleport – Hyper-Scale Your Database Without Sacrificing Security

Sep 12, 2022 by 

Lisa Harding

Secure access cockroachdb

According to a recent Gartner study, the fast pace of change across technologies, organizational priorities, business opportunities and risks requires identity and access management architectures to be more flexible. As digital business relies on digital trust, security and identity are — more than ever — an essential foundation of an organization’s business ecosystem.

We understand and agree with Gartner’s assessment of the importance of digital trust and security in any organization’s ecosystem. We were looking for a partner that offered a database access solution that was simple to use, easy to navigate and most importantly secure — a solution that would provide easy access to users who have an ever-growing infrastructure.

This is why we chose to partner with Cockroach Labs. Cockroach Labs re-wrote the database, CockroachDB, from scratch for the demands of today’s data-driven world, architecting it to scale elastically, so it’s prepared to handle the demands of tomorrow. CockroachDB helps small to large organizations manage their transactional data at global scale, with high-availability, while providing multi-cloud & hybrid disaster proofing capabilities.

Why CockroachDB?

CockroachDB’s integration with Teleport enables our joint customers to improve their security posture, meet compliance requirements and have access to a full audit trail so that security and database teams can see what queries are being run on their databases. It is a win-win for our joint customers

Phil Simpson, VP of Alliances and Partnerships for Teleport.

Together, we provide a solution that enables quick and secure auditing of databases within CockroachDB while maintaining the highest compliance requirements. The solution provides an easy-to-implement identity-based access for databases. It prevents data exfiltration, helps customers meet compliance requirements and gives them complete visibility into access and behavior.

Why Teleport?

Teleport is the industry leader with the easiest, most secure platform for Accessing Infrastructure. The open-source Teleport Access Plane consolidates connectivity, authentication, authorization and audit into a single platform to improve security and agility

Keith McClellan, Director, Partner Sales Engineering.

Integrating Teleport with CockroachDB and leveraging Teleport’s Zero Trust model for managing database access will allow innovative DBAs to scale their environments without sacrificing security. Being able to audit CockroachDB SQL queries, and limit access to only what users require and for only the times they require it, will improve your security posture and increase efficiency of the DB operations team. Teleport leverages mTLS authentication and short-lived certificates to protect and gate access to your CockroachDB clusters. Additional capabilities include:

With Teleport Application Access, you can gate access to the CockroachDB Console so that only users with the correct permissions can access and use the DB Console.

With Teleport Database Access, you can leverage powerful-RBAC defined roles to grant access to your CockroachDB databases and obtain a full audit trail of the SQL queries and activity being run on your databases. Teleport uses short-lived database (TLS) certificates and integrates with the users’ single sign-on (SSO) flow to help maintain their organization-wide identities.

For DBAs that are using their favorite DB GUI tool to manage SQL queries to CockroachDB, you can continue to use those tools with Teleport.

Specific functionality that Teleport and CockroachDB solutions provide to their customers include:

Quick auditing. Reporting is made seamless and easy via access to one central log.

Users can view session logs of all queries and monitor log recordings of users and their actions in real time.

Secure and easy access. Experience database security that is easy to maintain and monitor. A single sign-on gives access to all databases behind firewalls across all environments and an audit log that gives complete visibility into access and behavior.

Compliance requirements met 100% of the time. The Teleport/CockroachDB solution was designed to continuously maintain compliance and pass audits with minimal configuration. The supported standards include SOC 2, PCI and more. SOC 2, FedRAMP, HIPAA, ISO 27001, PCI, and more.

How does the integration work?

Teleport and Cockroach DB

(source)

To learn more about the integration go to Database Access with self-hosted CockroachDB

Try Teleport today

In the cloud, self-hosted, or open source
Get StartedView developer docs