Enrolling Teleport Resources
You can use Teleport to protect infrastructure resources like servers, databases, and Kubernetes clusters. Once an infrastructure resource is protected by Teleport, you can restrict access to the resource using the Teleport role-based access controls system and use Teleport features like session recordings and audit events to understand how your users interact with the resource.
To enroll a resource with Teleport, you deploy a Teleport Agent, an instance of
the teleport binary configured to run certain services, such as the Teleport
SSH Service and Teleport Database Service. You then configure the Agent to proxy
a resource by querying a service discovery API (Auto Discovery), using a
dynamic Teleport
resource, or
naming the resource in the Agent's configuration file. Read more about Teleport
Agent architecture.
You can also create a Teleport bot user and set up Machine & Workload Identity to enable service accounts to access Teleport-protected resources.
Read the following documentation for more information on enrolling infrastructure resources with Teleport:
- Applications (section): Guides to using Teleport to protect web applications, cloud provider APIs, and more.
- Databases (section): Teleport database access introduction, demo and resources.
- Kubernetes Clusters (section): Guides to protecting Kubernetes clusters with Teleport
- Linux Servers (section): Securely connect to Linux servers via SSH
- MCP Servers (section): Protect MCP servers with Teleport's access controls and auditing capabilities
- Windows Desktops (section): Protect Windows Resources with Teleport's passwordless access and other features.
- Joining Teleport Agents (section): Deploy Agents to enroll resources in your infrastructure with Teleport. You can run multiple Teleport services per Agent.
- Teleport Auto-Discovery (section): Learn how to use the Teleport Discovery Service, which automatically enrolls resources by query APIs
- Automatic Labels (section): Provides information on labeling Teleport Agents automatically by integrating with your cloud provider.