Teleport Access Plane
Teleport Application Access
Identity-based access to CI/CD pipelines, AWS console, monitoring dashboards, code repositories, and other internal web applications across all environments.
Easily enforce security for your entire DevOps toolkit
Teleport brings security best practices and compliance controls to all internal web apps, including SSO and MFA, with auto-expiring certificates tied to a user identity.
Easily implement unified role-based access controls (RBAC) across all internal web applications using JWT tokens.
Certificate-based protocol negotiation shrinks the network attack surface area of all your web applications to a single public DNS endpoint with a single TCP/IP port.
Meet compliance requirements
Use the authorization mechanism best suited for your compliance requirements such as RBAC, per-session MFA, and dual authorization for privileged operations.
Avoid human errors using Teleport FIPS mode which rejects configuration options unless they are compliant with FIPS 140-2, also known as the Federal Information Processing Standard.
Implement moderated sessions, enforce concurrent session restrictions, proactive session termination, and identity locking across your entire infrastructure footprint.
Reduce operational overhead of securing internal web applications
Teleport Application Access automatically configures DNS, manages x.509 certificates and network ports, making it painless to self-host a large number of internal web apps.
Cloud infrastructure is elastic, and so are engineering teams. Provisioning and deprovisioning access to internal DevOps tooling to new team members or new cloud environments is instant with Teleport Application Access.
Modern engineering teams use dozens of tools to build, ship and run their applications. Teleport Application Launcher puts the entire DevOps toolbox at your fingertips without having to deal with numerous login prompts.
Complete visibility into access and behavior
Teleport Application Access maintains the detailed audit log of the humans and machines who are accessing your private applications. The audit can be expired to a SIEM solution of your choice.
All live user sessions across all internal web applications and cloud environments always go through Teleport, making it easy to see what is happening and maintain compliance.
Teleport automatically registers internal applications with the live application catalog, providing a live view of all active endpoints across all environments.
Works with everything you have
Teleport Application Access is open source and relies on open standards such as SSH, HTTPS, SAML, OpenID connect and others. Deployed as a single binary drop-in replacement for OpenSSH, it seamlessly integrates with the rest of your stack.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
# on a client $ tsh login --proxy=example.com # on a server $ apt install teleport # in a Kubernetes cluster $ helm install
Learn more about Teleport Application Access
Key feature listing and details
Nearly all Teleport features are available in the open source package.
Five-minute demo of Teleport
This short video shows the basic capabilities of Teleport. Quickly access any computing resource anywhere.
Teleport Quick Start Guide
Developer Documentation for using Teleport. This tutorial will guide you through the steps needed to install and run Teleport on Linux machines.
HOW IT WORKS
Deep dive into how Teleport works
Learn the fundamentals of how Teleport works. The following is a series of articles describing key Teleport concepts.