Machine ID

Machine ID is a service that programmatically issues and renews short-lived certificates to any service account (e.g., a CI/CD server) by retrieving credentials from the Teleport Auth Service. This enables fine-grained role-based access controls and audit.

Machine ID supports the following Teleport features:

• Server Access
• Database Access
• Kubernetes Access (in Teleport v10.1)
• Application Access (in Teleport v10.1)
  • Note: AWS Console and API access is currently unsupported.
• Teleport API Access

These features are supported in Teleport Enterprise and Teleport Cloud.

The following features are not yet supported by Machine ID:

• Desktop Access
• User Impersonation: Machine ID uses Role Impersonation which cannot be combined with User Impersonation
• Multifactor authentication like WebAuthn and Passwordless
• AWS Console Access

Getting started

• Getting started: Getting started with Teleport Machine ID
• Architecture: A technical overview of how Machine ID works

Guides

• Using Teleport Machine ID with Ansible: How to integrate Teleport Machine ID with Ansible.
• Using Teleport Machine ID with Jenkins: How to integrate Teleport Machine ID with Jenkins.
• Using Teleport Machine ID with Databases: How to use Machine ID to connect custom applications to your databases.
• Using Teleport Machine ID with Kubernetes: How to use Machine ID to connect automated services to Kubernetes clusters.
• Using Teleport Machine ID with Applications: How to use Machine ID to connect automated services to applications.

FAQ & Troubleshooting

Finally, check out Frequently Asked Questions and the troubleshooting guide for common questions and issues.