Teleport Access Plane

Teleport Database Access

Implement identity-based access to PostgreSQL, MongoDB, and MySQL, prevent data exfiltration, meet compliance requirements, and have complete visibility into access and behavior.
Get Started
tsh login db-proxy
Single Sign On
Single Sign On
an enter password screen
Multi Factor Authentication
a biometric verification screen
Security Key or Biometric Authenticator
Multi Factor Authentication
a multi-factor authentication screen
Authentication Successful
For DevSecOps

Secure your databases & meet compliance requirements

Implement industry best practices for database access with unified access plane: identity-based single sign-on, short-lived certificates, multi-factor authentication, RBAC and audit for all databases across all environments.
a diagram of server architecture
Access Controls

Teleport offers all required access controls to implement compliance standards such as SOC2, PCI, and FedRAMP. This includes end-to-end encryption, idle session controls, RBAC, and others.

Access Workflows

Users can request elevated privileges to complete sensitive tasks. Their requests can be approved or denied via Slack, PagerDuty, or customized workflow via the programmable API.

For Developers

Access that doesn't get in the way

A single sign-on gives developers access to all databases behind NAT across all environments. There is no need to juggle multiple authentication methods across cloud providers or for jumping between VPNs.
a diagram of server architecture
Delightful Experience

A single login gives engineers instant secure access to all databases they need, ending the hassle of juggling multiple VPNs or rotating shared passwords.

Unified Database Catalog

Teleport allows developers to list all databases they have access to, across all environments, with a single CLI command or via a live view in a browser.

Unified Connectivity

Teleport automatically routes client connections to databases behind NAT, cloud VPCs, edge networks, even to mobile IoT platforms!

Audit Log

Complete visibility into access and behavior

Teleport Database Access keeps an audit log of database access events across all environments, making it easy to see what is happening and who is responsible.
a diagram of server architecture
Audit Log

Commands executed within sessions are to user identities and sent to a centralized destination of choice such as SIEM solutions.

Live Session View

Adminstrators can see all live client sessions across all dataabases, getting an instant picture of what is happening.

Demo Video

Works with everything you have

Teleport Database Access is open source and it relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary, it seamlessly integrates with the rest of your stack.

Google Cloud
One Login
Active Directory

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.
  1. The tsh client allows users to login to retrieve short-lived certifcates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
Download Teleport
# on a client
$ tsh login

# on a server
$ apt install teleport

# in a Kubernetes cluster
$ helm install

Our vision for the future

We are trying to solve the problem every company has - how to run and access software running anywhere in a secure and compliant manner. We call this environment-free computing.

Learn more

Try Teleport today

In the cloud, self-hosted, or open source
Get startedView developer docs