Privileged Access Management (PAM) for Kubernetes
Privileged Access Management (PAM) for Kubernetes
Kubernetes is arguably the default container orchestration service across Enterprise IT today. As organizations deploy Kubernetes, they encounter challenges related to "day-two" operational task, such as managing usage, training users and securing clusters. Securing this infrastructure is a top concern as unmanaged access to Kubernetes can lead to critical vulnerabilities throughout an organization’s private infrastructure.
Teleport can be used as a proxy into your Kubernetes clusters, securing access to infrastructure and improving visibility and audit. It also consolidates access into a single control plane to manage a range of infrastructure types, reducing team's operational overhead.
Who can Benefit from Teleport's Kubernetes PAM?
Company-wide compliance teams overseeing multiple infrastructure and engineering groups who use both Kubernetes and SSH.
Manage service providers (MSPs) who manage remote Kubernetes and Linux-based server clusters for clients.
Remote support teams from software vendors who wish to manage remote on-site Kubernetes clusters.
Internet-of-Things (IoT) edge cloud management from managed or unmanaged public networks.
PAM for Kubernetes Highlights
Unified cluster level permissions. Teleport seamlessly integrates with Kubernetes role based access controls ("RBAC") so you can connect permission from your identity provider ("IdP") with permissions for your Kubernetes clusters (these permissions are enforced for SSH access as well). This makes it impossible to "bypass" Kubernetes RBAC via SSH or vice versa.
Audit log and session recording. Teleport's strong audit and compliance features also apply to Kubernetes clusters. Interactive sessions or remote commands launched via kubectl are recorded and can be replayed for compliance, knowledge sharing, or root cause analysis.
Federate trust across Kubernetes clusters. Teleport's Trusted Cluster feature allows you to extend trust to remote Kubernetes clusters. This is useful to manage permissions and access across teams and organizations.
A bridge from legacy workflows. Using the Teleport Platform to manage both SSH access to your servers and to Kubernetes API endpoints allows you to seamlessly support both modern and legacy workflows as your organization transitions to cloud-native operations.