Machine ID is a service that programmatically issues and renews short-lived certificates to any service account (e.g., a CI/CD server) by retrieving credentials from the Teleport Auth Service. This enables fine-grained role-based access controls and audit.
Machine ID supports the following Teleport features:
- Server Access
- Database Access
- Kubernetes Access (in Teleport v10.1)
- Application Access (in Teleport v10.1)
- Note: AWS Console and API access is currently unsupported.
- Teleport API Access
These features are supported in Teleport Enterprise and Teleport Cloud.
The following features are not yet supported by Machine ID:
- Desktop Access
- User Impersonation: Machine ID uses Role Impersonation which cannot be combined with User Impersonation
- Multifactor authentication like WebAuthn and Passwordless
- AWS Console Access
- Getting started: Getting started with Teleport Machine ID
- Architecture: A technical overview of how Machine ID works
- Using Teleport Machine ID with Ansible: How to integrate Teleport Machine ID with Ansible.
- Using Teleport Machine ID with Jenkins: How to integrate Teleport Machine ID with Jenkins.
- Using Teleport Machine ID with Databases: How to use Machine ID to connect custom applications to your databases.
- Using Teleport Machine ID with Kubernetes: How to use Machine ID to connect automated services to Kubernetes clusters.
- Using Teleport Machine ID with Applications: How to use Machine ID to connect automated services to applications.