Machine ID is a service that programmatically issues and renews short-lived certificates to any service account (e.g., a CI/CD server) by retrieving credentials from the Teleport Auth Service. This enables fine-grained role-based access controls and audit.
Machine ID supports the following Teleport features:
- Server Access
- Database Access
- Kubernetes Access (in Teleport v10.1)
- Application Access (in Teleport v10.1)
- Note: AWS Console and API access are currently unsupported.
- Teleport API Access
These features are supported in Teleport Enterprise and Teleport Cloud.
The following features are not yet supported by Machine ID:
- Desktop Access
- User Impersonation: Machine ID uses Role Impersonation which cannot be combined with User Impersonation
- Multifactor authentication like WebAuthn and Passwordless
- AWS Console Access
Getting started
- Getting started: Getting started with Teleport Machine ID
- Architecture: A technical overview of how Machine ID works
Guides
- Using Machine ID with Ansible: How to integrate Machine ID with Ansible.
- Using Machine ID with Applications: How to use Machine ID to connect automated services to applications.
- Using Machine ID with Databases: How to use Machine ID to connect custom applications to your databases.
- Using Machine ID with GitHub Actions: How to use Machine ID to SSH into Teleport nodes from GitHub Actions.
- Using Machine ID with GitHub Actions and Kubernetes: How to use Machine ID to access Kubernetes clusters from GitHub Actions.
- Using Machine ID with CircleCI: How to use Machine ID to to access Teleport resources from CircleCI.
- Using Machine ID with Jenkins: How to integrate Machine ID with Jenkins.
- Using Machine ID with Kubernetes: How to use Machine ID to connect automated services to Kubernetes clusters.
- Using Machine ID with GitLab CI: How to use Machine ID to SSH into Teleport nodes from GitLab CI.
FAQ & Troubleshooting
Finally, check out Frequently Asked Questions and the troubleshooting guide for common questions and issues.