Simplifying Zero Trust Security for AWS with Teleport
Jan 23
Virtual
Register Now
Teleport logo

Home - Teleport Blog - Simplify Teleport - Jul 17, 2023

Simplify Teleport

Simplify Teleport Newsletter

This blog post is a copy of the Teleport monthly newsletter, if you would like to subscribe to the newsletter, you can do so here.

Hello Teleport Community,

For this month's newsletter, I’m going to cover a range of things you can do to simplify your Teleport deployment, so you can spend less time maintaining Teleport and more time enjoying the summer!

Automatic updates

Teleport releases major versions on a 3-month cycle, but the team makes continuous and often weekly updates to Teleport. These can be both bug fixes, improvements and security updates. Previously it’s been tedious to keep things up to date. As of Teleport 13, we’ve introduced automatic updates. Here’s a deeper dive into this with our latest blog post Teleport Automatic Agent Updates: The Details.

Maintaining roles

After the initial deployment, it’s important to have a method of updating Teleport RBAC that’s less fragile than a web-based YAML editor. This is why we’ve recently written up a post on Version Control Best Practices With Teleport RBAC Roles, where we outline best practices for using version control to store YAML roles.

Auto-enrolling resources

Another common Day-2 is keeping your fleet connected to Teleport. See our docs pages Kubernetes Auto-Discovery and configuring Teleport to Automatically Enroll EC2 instances, and if you really want to get your hands dirty, you can write your own workflow to automatically enroll resources.

Teleport UI client: Teleport Connect

Teleport Connect is our standalone app for connecting to Teleport. It has a few benefits that simplify accessing Teleport. A couple of my favorite features are:

  • Using Teleport Connect to access my databases, as it reduced the need to obtain new certs.
  • Using Teleport Connect to easily stay connected and connect to different clusters.
  • Cross Platform Support: I switch between my Mac daily driver and a Windows Box. Having a simple tool to connect across OS helps speed up my workflow.

Connect from anywhere

In the dreaded worst-case scenario, you may need to access a cluster on vacation. A majority of my AWS SSH access limits access to my home IP, and since Teleport is a zero-trust solution, it utilizes the identity of a person vs the identity of an IP. This means accessing via a different IP is still allowed and can easily be accessed via Teleport.

We hope some of these tips can help streamline your Teleport deployment, allowing you to focus more on your summer and DevOps activities. Until next month, enjoy your summer and happy Teleporting!

Upcoming events:

Product Updates:

ICYMI:

Tags

Teleport Newsletter

Stay up-to-date with the newest Teleport releases by subscribing to our monthly updates.

background

Subscribe to our newsletter

PAM / Teleport