AI Agents with Machine & Workload Identity

Security must be enforced deterministically; AI agents cannot be trusted to follow high-level instructions like "don't delete production". Teleport solves this by issuing each agent its own identity and requiring the agent's actions (for example, database queries) to flow through the Teleport proxy. This allows Teleport to apply Role-Based Access Control (RBAC) at both the network and protocol level.

Teleport can secure any type of infrastructure it supports, such as SSH servers, Kubernetes clusters, databases, or MCP servers, when accessed by agents. All queries, commands, and requests executed by the agent are logged, providing full visibility and auditability.