Williams: That’s really core to the Teleport story is that are those short-lived certificates.Īrent: I’m now on my playbook, and here are my active sessions. And if I have teammates that come and go, I don’t have to worry about it because whatever credentials they obtained automatically expires after 30 hours. Once I have that cube configuration, I can go about my business, but in 30 hours’ time, I need to re-authenticate again. It only provides access for whatever you’ve defined - for example, minus 30 hours. The cube configuration that you get is like a native cube configuration. What have you done with the architecture to allow for more abstractions that Kubernetes users would not have been able to do a year or two?Īrent: If I go to my role where we select the default Kubernetes groups and Kubernetes users in the background, this is all backed by short-lived certificates. Williams: A lot of work has been done on the backend. It feels very familiar, and we try not to kind of get in your way. Once you’ve accessed those, you can use the standard like Psql or Redis CLI.
You can access everything using your terminal and your command-line tools. But we also have instructions to access Kubernetes clusters using your terminal, and it’s the same with our database support.
You can access Kubernetes clusters through the command line. One other interesting addition, we’ve added support for AWS Management Console so you can define people a specific IAM role. You can protect your Jenkins server or wiki behind Teleport in the same SSO flow. We also have traditional application support that are protected behind Teleport. There’s also the ability to join active sessions and add other teammates, so you can debug together. It’s like a TiVo for your terminal.Īrent: Yes. If you’re accessing your home lab, it can be helpful to know what exactly you did and you can go back. We have community users who see this like a journal. Williams: Where does this become useful for people?Īrent: Some say it’s all about like compliance auditing. You can also see the enhanced session recording and detailed information about what happened during the session.
Teleport apps full#
The other benefit is a full audit log of what’s happening during those runs. If there is a compromise on your machine, you can easily lock those credentials. You can set up tbots which will automatically retrieve new short-lived certificates every 20 minutes. Watch our recap here and our lightly edited transcript of the video.Īlex Williams (host): What is Teleport Machine ID?īen Arent, Teleport: This preview is our first release of Machine ID that lets customers enroll robots into their clusters. In this podcast, Ben Arent, developer relations manager, Teleport showed us a preview of Teleport Machine ID and how security and compliance can be implemented using automatically retrieved, short-lived certificates from tbots. The new feature aims to close the security loopholes that stem from the complexity of accessing the cloud infrastructure at scale. Teleport is under common control with TNS.Īs part of Teleport 9.0, a new feature, Teleport Machine ID was released to help bridge human and machine access which consolidates identity-based credentials for engineers and the IT applications they use.
0 kommentar(er)
