Introduction to Enrolling Applications
Teleport can provide secure access to applications and cloud provider APIs.
Examples include:
- The AWS management console.
- The
aws,gcloud,gsutil, andazCLIs. - Applications configured for single sign-on through Okta.
- Internal control panels.
- Tools, such as wikis, that are available only when connected to a VPN.
- Infrastructure dashboards, such as Kubernetes or Grafana.
- Developer tools, such as Jenkins, GitLab, or Opsgenie.
Getting started
Learn how to register an application with Teleport in our getting started guide.
Cloud provider APIs
You can use Teleport to provide secure access to your cloud provider's APIs. This means that you can prevent unauthorized usage of management consoles and CLI tools with the same RBAC system you use to protect your infrastructure.
- AWS Console and CLI Applications: How to access AWS Management Console, AWS CLI, and AWS SDKs with Teleport.
- Google Cloud CLI Applications: How to access Google Cloud CLI applications and SDKs with Teleport.
- Azure CLI Applications: How to access Azure CLI applications and SDKs with Teleport.
Internal applications
You can use Teleport to enable secure access to internal applications. For example, a load balancer might display network telemetry through a control panel but might lack the ability to authenticate with and be accessed by resources outside your private network.
Teleport lets team members access these resources securely, even outside a private network, with no shared secrets.
These guides explain how to protect internal applications with Teleport:
- Web App Access: How to access web apps with Teleport.
- TCP App Access: How to access plain TCP apps with Teleport.
- API Access: How to access REST APIs with Teleport.
- Dynamic Registration: Register/unregister apps without restarting Teleport.
- Interactive Lab: Try Teleport using our guided Teleport application access lab.
Automatically enroll Kubernetes applications
If you are running applications on Kubernetes, you can enroll them in your Teleport cluster automatically.
Teleport-signed JSON Web Tokens
These guides explain how web apps registered with Teleport can use Teleport-signed JSON web tokens to implement authentication and authorization.
- Introduction: Introduction to JWT tokens with application access.
- Elasticsearch: How to use JWT authentication with Elasticsearch.
Okta applications
Teleport can import and grant access to Okta applications and user groups. Users
can access Okta applications through the Teleport Web UI and tsh, and
administrators can manage access to these applications by defining RBAC policies
in Teleport roles.
Learn more about the Teleport Okta integration.