Enrolling Teleport Resources
You can use Teleport to protect infrastructure resources like servers, databases, and Kubernetes clusters. Once an infrastructure resource is protected by Teleport, you can restrict access to the resource using the Teleport role-based access controls system and use Teleport features like session recordings and audit events to understand how your users interact with the resource.
To enroll a resource with Teleport, you deploy a Teleport Agent, an instance of
the teleport binary configured to run certain services, such as the Teleport
SSH Service and Teleport Database Service. You then configure the Agent to proxy
a resource by querying a service discovery API (Auto Discovery), using a
dynamic Teleport
resource, or
naming the resource in the Agent's configuration file. Read more about Teleport
Agent architecture.
You can also create a Teleport bot user and set up Machine ID to enable service accounts to access Teleport-protected resources.
Read the following documentation for more information on enrolling infrastructure resources with Teleport:
- Applications: Guides to using Teleport to protect web applications, cloud provider APIs, and more.
- Databases: Teleport database access introduction, demo and resources.
- Kubernetes Clusters: Guides to protecting Kubernetes clusters with Teleport
- Linux Servers: Guides to protecting Linux servers with Teleport, including OpenSSH servers.
- Machine ID: Guides to using Machine ID, which allows you to provide secure access to your infrastructure from automated services.
- Teleport Auto-Discovery: Learn how to use the Teleport Discovery Service, which automatically enrolls resources by query APIs
- Using Teleport Agents: How to use Teleport Agents, which allow you to enroll infrastructure resources with Teleport
- Windows Desktops: Guides to protecting Windows desktops with Teleport
- Workload Identity: Securely issue flexible short-lived identities to your workloads