Improve Security & Compliance for AWS Infrastructure
Unique challenges faced by AWS customers
You need to control who can provision infrastructure to control costs and prevent sprawl.
Different teams require different levels of identity-based access for different resources.
You need to lock down who can provision & access your AWS infrastructure and keep detailed audit logs.
Why AWS customers big and small trust Teleport
Our unique approach to AWS infrastructure access is not only more secure — it actually improves developer productivity. By providing an identity-aware AWS infrastructure access solution that developers love to use, you can easily implement security and compliance without worrying about backdoors that outmoded solutions encourage.
Control who can provision AWS resources
Teleport provides connectivity, authentication, authorization and audit for AWS Management Console & CLI.
Enforce the same controls for AWS Console at the AWS CLI level.
Teleport ensures all AWS Console activity is logged in CloudTrail for complete visibility into access & behavior.
Easily enforce granular controls for AWS resources
Integrate and extend your corporate identity roles with Teleport access for EC2. New EC2 instances automatically join your Teleport cluster. Supports Linux & Windows.
Get table-level controls for your databases running on AWS and complete visibility to the queries your team are running.
Specify separate permissions for Kubernetes pods running on EKS than the underlying EC2 instance.
Teleport uses AWS services for the most integrated experience
The Teleport Cloud is hosted across multiple AWS regions so you can run your AWS workloads close to your Access Plane.
Purchase Teleport directly via the AWS Marketplace or use AWS credits to pay for Teleport usage. Private offers available for enterprise customers.
For added security protecting the Teleport Certificate Authority (CA) running on AWS, we support AWS CloudHSM.
Works with everything you have
Teleport is open source and it relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary, it seamlessly integrates with the rest of your AWS stack.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
tshclient allows users to login to retrieve short-lived certifcates.
teleportagent can be installed on any server or any Kubernetes cluster with a single command.
# on a client $ tsh login --proxy=example.com # on AWS Linux 2 $ yum install teleport # in a Kubernetes cluster $ helm install