Teleport Access Plane

Teleport Kubernetes Access

Consolidate identity-based access to Kubernetes clusters across all environments, meet compliance requirements, and have complete visibility into access and behavior.
Get Started
Terminal
$
tsh login k8s-proxy
Placeholder
Single Sign On
Single Sign On
an enter password screen
Verify
Multi Factor Authentication
a biometric verification screen
Security Key or Biometric Authenticator
Multi Factor Authentication
a multi-factor authentication screen
Authentication Successful
For DevSecOps

Secure Kubernetes & meet compliance requirements

Implement industry best practices for Kubernetes access with minimal configuration. Easily enforce MFA, RBAC, and SSO using identity-based short-lived X.509 certificates.
a diagram of server architecture
miniature diagram
Access Controls
Teleport offers all required server access controls to implement compliance standards such as SOC2, PCI, and FedRAMP.
miniature diagram
Access Requests
Move away from root accounts with just-in-time privilege escalation for administrative tasks.
miniature diagram
Per Session MFA
Easily implement multi-factor authentication across your organization without relying on device management systems.
For Developers

Access that doesn't get in the way

A single sign-on gives engineers instant Kubernetes access across all environments. Leave behind configuration complexity, juggling of shared keys, hopping between VPNs and bastion hosts.
a diagram of server architecture
miniature diagram
Session Sharing
Invite colleagues to collaborate in a shared terminal session. Record sessions for knowledge sharing purposes.
miniature diagram
Live Server Catalog
List servers across all environments and see which servers are online with a single CLI command or via a live view in a browser.
miniature diagram
Plugins and API
Automate access provisioning and request approvals using your favorite programming language.
For Security Professionals

Complete visibility into access and behavior

Teleport provides a live view and the audit log of kubectl sessions and access events for all Kubernetes clusters across all environments, making it easy to see what’s happening and who is responsible.
a diagram of server architecture
miniature diagram
Session Recording
Every interactive session is recorded for future replay and can be analyzed by other tools for behavior anomalies.
miniature diagram
Audit Log
All kubectl sessions and security events are logged and exported to SIEM solutions as a single source of truth.
miniature diagram
Live View
All online clusters, active kubectl sessions, access requests are visible with a single CLI command or in a browser.
Demo Video

Works with everything you have

Teleport Kubernetes Access is open source and it relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary, it seamlessly integrates with the rest of your stack.
puppet
Puppet
gcloud
Google Cloud
aws
Amazon
linux
Linux
azure
Azure
chef
Chef
okta
Okta
ansible
Ansible
oneLogin
One Login
auth0
Auth0
windows
Active Directory
k8s
Kubernetes

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.
  1. The tsh client allows users to login to retrieve short-lived certifcates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
Terminal
# on a client
$ tsh login --proxy=example.com

# on a server
$ apt install teleport

# in a Kubernetes cluster
$ helm install

Our vision for the future

We are trying to solve the problem every company has - how to run and access software running anywhere in a secure and compliant manner. We call this environment-free computing.
Learn more

Try Teleport today

In the cloud, self-hosted, or open source
Get startedView developer docs