Teleport Access Plane
Teleport Kubernetes Access
Consolidate identity-based access to Kubernetes clusters across all environments, meet compliance requirements, and have complete visibility into access and behavior.
Easily secure your Kubernetes clusters using security best practices
Move away from admin accounts with just-in-time Kubernetes privilege escalation for administrative tasks. Access requests can be approved via Slack or other supported plugins.
Extend identity-based access to IT infrastructure and applications with Teleport Machine ID. It's the easiest way to issue, renew and manage X.509 certificates for applications and automation that need access to Kubernetes.
Implement multi-factor authorization of privileged operations for already logged in users.
Meet compliance requirements
Use the authorization mechanism best suited for your compliance requirements such as RBAC, per-session MFA, and dual authorization for privileged operations.
Avoid human errors using Teleport FIPS mode which rejects configuration options unless they are compliant with FIPS 140-2, also known as the Federal Information Processing Standard.
Implement moderated sessions, enforce concurrent session restrictions, proactive session termination and identity locking across your entire infrastructure footprint.
Complete visibility into access and behavior
kubectl session by an engineer or service account is recorded for future replay and can be analyzed by other tools for behavior anomalies.
Consolidate all security events across all clusters in a single source of truth for engineers and service accounts and export them into a SIEM solution of your choice.
All online clusters, active
kubectl sessions, and access requests are visible with a single CLI command or in a browser.
Secure access that doesn't get in the way
List all available Kubernetes clusters across all environments with a single CLI command or via a web browser.
Automate access provisioning and request approvals across all clusters using your favorite programming language.
Save time with the superpowers of Teleport’s remote-first terminal app for interacting with cloud-native CLI environments like
Give an identity to all your microservices, CI/CD automation, and service accounts
Teleport Machine ID vastly simplifies certificate management for IT infrastructure and applications, just like Let’s Encrypt simplified TLS certificate management for websites.
Teleport Machine ID unifies access policies for people and machines, reducing operational overhead and increasing security and compliance.
Teleport Machine ID automatically implements least privilege for all machine users so you don’t have to worry about a compromised service taking over your infrastructure.
Works with everything you have
Teleport Kubernetes Access is open source and relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single binary, it seamlessly integrates with the rest of your stack.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
# on a client $ tsh login --proxy=example.com # on a server $ apt install teleport # in a Kubernetes cluster $ helm install
Learn more about Teleport Kubernetes Access
Key feature listing and details
Nearly all Teleport features are available in the open source package.
Five-minute demo of Teleport
This short video shows the basic capabilities of Teleport. Quickly access any computing resource anywhere.
Teleport Quick Start Guide
Developer Documentation for using Teleport. This tutorial will guide you through the steps needed to install and run Teleport on Linux machines.
HOW IT WORKS
Deep dive into how Teleport works
Learn the fundamentals of how Teleport works. The following is a series of articles describing key Teleport concepts.