Skip to main content

Introduction to Enrolling Kubernetes Clusters

Teleport provides secure access to Kubernetes clusters:

  • Users can access Kubernetes clusters with Single Sign-On (SSO) providers like Okta and switch between clusters without logging in twice.
  • Operators can implement granular role-based access controls, including limiting access to specific Kubernetes clusters or even specific resources within a cluster.
  • Organizations can achieve compliance by recording kubectl sessions.

The guides in this section show you how to protect Kubernetes clusters with Teleport. For instructions on self-hosting Teleport Community Edition or Teleport Enterprise on Kubernetes, see the Kubernetes Deployment Guides.

Here is an example of using Teleport to access a Kubernetes cluster, execute commands, and view your kubectl activity in Teleport's audit log:

Kubernetes access architecture

Get started

The fastest way to register a Kubernetes cluster with Teleport is to deploy a Teleport Kubernetes Service instance on the cluster you want to register. We'll show you how to do this in our Getting Started Guide.

Automatically register Kubernetes clusters

Teleport can automatically discover Kubernetes clusters by communicating with your cloud provider. When you create or destroy a Kubernetes cluster, Teleport registers or deregisters the cluster so your access controls stay up to date with your infrastructure.

Read our overview of how Teleport automatically discovers Kubernetes clusters.

Read our guides to automatically registering Kubernetes clusters with Teleport on your cloud:

Manually register Kubernetes clusters

In some cases, you will want to register a Kubernetes cluster with Teleport manually when you create the cluster. There are a few ways to do this:

Configure access to Kubernetes clusters

Once you register a Kubernetes cluster with Teleport, you can apply fine-grained access controls to manage the way users access your cluster.

Read our Kubernetes RBAC guide for step-by-step instructions on giving your users the correct access to Kubernetes clusters, groups, users, and resources.

For a comprehensive reference to configuring access controls in your Teleport-registered Kubernetes clusters, see our Access Controls Reference.

See how to federate your Kubernetes access controls using Teleport Trusted Clusters.