Secure, compliant, and effortless Database Access for all DBs from Amazon Aurora to SnowflakeGet Started
Move away from vulnerable keys and passwords towards auto-expiring certificates for users and service accounts to access databases.
Continuously maintain compliance and pass audits with minimal effort. The supported standards include SOC 2, FedRAMP, HIPAA, ISO 27001, PCI and more.
See what’s happening and who is responsible with the live session view, and the consolidated audit log across all databases.
You can access databases running anywhere. From clouds and data centers to third party private networks behind NAT and firewalls.
Login once and easily switch between environments. No need to juggle passwords or hop between VPNs.
Reduce overhead by consolidating database access permissions in one place. Easily enforce policy for engineers and service accounts across all environments.
SSO lets you quickly onboard and off-board your team. Teleport works with any SAML or OIDC SSO Provider.
Avoid human errors by enforcing only configuration options that are compliant with FIPS 140-2
Automatically issue and rotate certificates for CI/CD automation with the Machine ID feature.
Move away from privileged accounts with just-in-time temporary privilege escalation.
Moderated sessions, concurrent session restrictions, proactive session termination, and identity locking.
Automatic live catalog of trusted servers, trusted laptops and workstations.
Automatically discover and enroll unprotected databases across all cloud environments.
Support for all GUIs: pgAdmin, PopSQL, DBeaver, MySQL Workbench, MS SQL Management Studio and more.
Native query logging provides a way to inspect and audit queries, enabling complete query visibility.
Support for cloud databases on AWS, Azure or GCP, as well as popular self-hosted databases.
GCP Cloud SQL
Teleport is a certificate authority and identity-aware, multi-protocol access proxy which implements protocols such as SSH, RDP, HTTPS, Kubernetes API, and a variety of SQL and NoSQL databases. It is completely transparent to client-side tools and designed to work with everything in today's DevSecOps ecosystem.