Teleport Access Plane

Teleport Kubernetes Access

Consolidate identity-based access to Kubernetes clusters across all environments, meet compliance requirements, and have complete visibility into access and behavior.
Get Started
tsh login k8s-proxy
Single Sign On
Single Sign On
an enter password screen
Multi Factor Authentication
a biometric verification screen
Security Key or Biometric Authenticator
Multi Factor Authentication
a multi-factor authentication screen
Authentication Successful
For DevSecOps

Secure Kubernetes & meet compliance requirements

Implement industry best practices for Kubernetes access with minimal configuration. Easily enforce MFA, RBAC, and SSO using identity-based short-lived X.509 certificates.
a diagram of server architecture
miniature diagram
Access Controls

Teleport offers all required server access controls to implement compliance standards such as SOC2, PCI, and FedRAMP.

miniature diagram
Access Requests

Move away from root accounts with just-in-time privilege escalation for administrative tasks.

miniature diagram
Per Session MFA

Easily implement multi-factor authentication across your organization without relying on device management systems.

For Developers

Access that doesn't get in the way

A single sign-on gives engineers instant Kubernetes access across all environments. Leave behind configuration complexity, juggling of shared keys, hopping between VPNs and bastion hosts.
a diagram of server architecture
miniature diagram
Session Sharing

Invite colleagues to collaborate in a shared terminal session. Record sessions for knowledge sharing purposes.

miniature diagram
Live Server Catalog

List servers across all environments and see which servers are online with a single CLI command or via a live view in a browser.

miniature diagram
Plugins and API

Automate access provisioning and request approvals using your favorite programming language.

For Security Professionals

Complete visibility into access and behavior

Teleport provides a live view and the audit log of kubectl sessions and access events for all Kubernetes clusters across all environments, making it easy to see what’s happening and who is responsible.
a diagram of server architecture
miniature diagram
Session Recording

Every interactive session is recorded for future replay and can be analyzed by other tools for behavior anomalies.

miniature diagram
Audit Log

All kubectl sessions and security events are logged and exported to SIEM solutions as a single source of truth.

miniature diagram
Live View

All online clusters, active kubectl sessions, access requests are visible with a single CLI command or in a browser.

Demo Video

Works with everything you have

Teleport Kubernetes Access is open source and it relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary, it seamlessly integrates with the rest of your stack.

Google Cloud
One Login
Active Directory

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.
  1. The tsh client allows users to login to retrieve short-lived certifcates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
Download Teleport
# on a client
$ tsh login

# on a server
$ apt install teleport

# in a Kubernetes cluster
$ helm install

Our vision for the future

We are trying to solve the problem every company has - how to run and access software running anywhere in a secure and compliant manner. We call this environment-free computing.

Learn more

Try Teleport today

In the cloud, self-hosted, or open source
Get startedView developer docs