Teleport Zero Trust Access

Report an Issue

Is this page helpful?

How can we improve this page?

Teleport Zero Trust Access

Easy access to all your infrastructure, on a foundation of cryptographic identity and zero trust.

Authentication and session joining

Get started with role-based access control (RBAC)

Export audit events to a SIEM tool

Popular topics

• Sign in with your identity provider

  Log into infrastructure via your Single Sign-On (SSO) provider

  • Okta
  • GitHub
  • Entra ID
  • More IdPs

• VNet: Build without VPNs

  Connect to internal, non-browser TCP and SSH resources without VPNs. Use familiar tools and workflows while eliminating exposure to public internet.

  • Teleport VNet demo
  • VNet guide

• Manage and track Teleport audit events

  Log granular audit events when users and services interact with your cluster. View audit events in Teleport or export them to a third-party tool.

  • Elastic Stack
  • Panther
  • Datadog
  • Splunk

• Self-host Teleport

  Run Teleport Enterprise in your own infrastructure, with guides covering high availability and multi-region clusters, securing key material with KMS or HSMs, and more.

  • AWS KMS
  • Google Cloud KMS
  • Helm chart

• Infrastructure as Code

  Manage Teleport's Dynamic Resources using infrastructure as code tools, including Terraform, Helm and the Teleport tctl client tool.

  • Terraform
  • Kubernetes operator

• Security best practices

  Run Teleport Enterprise in your own infrastructure, with guides covering high availability and multi-region clusters, secure CA keys with KMS or HSM, and more.

  • Reducing the blast radius of attacks
  • Restricting access
  • Revoking access

Use cases

• Enroll and protect your infrastructure

  Apps, servers, databases, Kubernetes, desktops, and more

• VNet: Build without VPNs

  Secure app and SSH access with no VPNs or proxies

• Secure MCP

  Secure MCP integration with a granular audit trail

• Role-Based Access Control (RBAC)

  Govern infrastructure access with granular permissions

• Passwordless authentication

  Log in securely using biometrics

• Integrate with SSO providers

  Connect Okta, Entra ID, Google, and more

• Structured audit export

  Forward audit logs to SIEMs like Splunk and Datadog

• Identity-based audit events

  Detailed audit logs for every user action

• Session recording and playback

  Record a detailed review of what took place

• Session sharing and moderation

  Require a moderator for privileged sessions

• Dual authorization capabilities

  Require approvals to perform critical actions

• Manage clusters with IaC

  Create, update, and manage Teleport in declarative code.

Enroll resources

Applications

Protect web apps, TCP apps, and Cloud APIs

Linux servers

Secure Linux servers and OpenSSH servers

Database access

PostgreSQL, MongoDB, SQL Server, and more

Kubernetes clusters

Kubernetes clusters and the apps running in them

Windows desktops

With or without Active Directory

Auto-discovery of resources

SSH servers, databases, Kubernetes clusters and apps

Cloud providers

AWS, Azure, and Google Cloud consoles and CLI

MCP and AI agents

Secure agentic AI connections to databases and MCP servers