Machine ID

Machine ID is a service that programmatically issues and renews short-lived certificates to any service account (e.g., a CI/CD server) by retrieving credentials from the Teleport Auth Service. This enables fine-grained role-based access controls and audit.

Machine ID supports the following Teleport features:

• Server Access
• Database Access
• Kubernetes Access (in Teleport v10.1)
• Application Access (in Teleport v10.1)
  • Note: AWS Console and API access is currently unsupported.
• Teleport API Access

These features are supported in Teleport Enterprise and Teleport Cloud.

The following features are not yet supported by Machine ID:

• Desktop Access
• User Impersonation: Machine ID uses Role Impersonation which cannot be combined with User Impersonation
• Multifactor authentication like WebAuthn and Passwordless
• AWS Console Access

Getting started

• Getting started: Getting started with Teleport Machine ID
• Architecture: A technical overview of how Machine ID works

Guides

• Using Machine ID with Ansible: How to integrate Machine ID with Ansible.
• Using Machine ID with Applications: How to use Machine ID to connect automated services to applications.
• Using Machine ID with Databases: How to use Machine ID to connect custom applications to your databases.
• Using Machine ID with GitHub Actions: How to use Machine ID to SSH into Teleport nodes from GitHub Actions.
• Using Machine ID with GitHub Actions and Kubernetes: How to use Machine ID to access Kubernetes clusters from GitHub Actions.
• Using Machine ID with CircleCI: How to use Machine ID to to access Teleport resources from CircleCI.
• Using Machine ID with Jenkins: How to integrate Machine ID with Jenkins.
• Using Machine ID with Kubernetes: How to use Machine ID to connect automated services to Kubernetes clusters.

FAQ & Troubleshooting

Finally, check out Frequently Asked Questions and the troubleshooting guide for common questions and issues.