Teleport supports three editions. In this guide, we will help you determine which edition is most appropriate for your use case.
Editions
Teleport Community Edition
We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.
Try out Open Source Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.
Teleport Enterprise Cloud
Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.
Read more about Teleport Enterprise Cloud.
Teleport Enterprise
A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.
Read more about Teleport Enterprise.
Comparing editions
Access controls
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Access Requests | Limited | ✔ | ✔ |
| Single Sign-On | GitHub | GitHub, Google Workspace, OIDC, SAML | GitHub, Google Workspace, OIDC, SAML |
| Role-Based Access Control | ✔ | ✔ | ✔ |
| Moderated Sessions | ✖ | ✔ | ✔ |
Infrastructure access
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Application Access | ✔ | ✔ | ✔ |
| Server Access | ✔ | ✔ | ✔ |
| Database Access | ✔ | ✔ | ✔ |
| Desktop Access | ✔ | ✔ | ✔ |
| Kubernetes Access | ✔ | ✔ | ✔ |
| Machine ID | ✔ | ✔ | ✔ |
| Agentless integration with OpenSSH servers | ✔ | ✔ | ✔ |
Session recording
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Recording Proxy Mode | ✔ | ✔ | ✖ |
| Enhanced Session Recording | ✔ | ✔ | ✔ |
Compliance
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| FedRAMP Control | ✖ | ✔ | ✖ |
| PCI DSS Features | Limited | ✔ | ✔ |
| SOC 2 Features | Limited | ✔ | ✔ |
| FIPS-compliant binaries available for FedRAMP High | ✖ | ✔ | ✖ |
Operations
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Auth and Proxy Service management | Self-hosted | Self-hosted | Fully managed |
| Proxy Service domain name | Custom | Custom | A subdomain of teleport.sh |
| Version support | All supported releases available to install and download. | All supported releases available to install and download. | Deploys last stable release with 2-3 week lag for stability. |
| Backend support | Any S3-compatible storage for session records, many managed backends for custom audit log storage. | Any S3-compatible storage for session records, many managed backends for custom audit log storage | All data is stored in DynamoDB and S3 with server-side encryption |
| Data storage location | Can store data anywhere in the world, on most managed cloud backends | Can store data anywhere in the world, on most managed cloud backends | Data is stored in us-west-2, with Proxy Service instances deployed across the world for low-latency access |
| Hardware Security Module support for encryption at rest | ✖ | ✔ | ✖ |
Support
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Support | Best-effort, community | 24x7 support with premium SLAs and account managers | 24x7 support with premium SLAs and account managers |
Licensing and usage management
| Open Source | Enterprise | Cloud | |
|---|---|---|---|
| Annual or multi-year contracts, volume discounts | ✖ | ✔ | ✔ |
| License | Apache 2 | Commercial | Commercial |
| Usage tracking | ✖ | ✖ | Enables you to track the number of users per protocol. |