Hardening Infrastructure Security Against SSO Identity Provider Compromise
Jul 11
Register Today
Teleport logoTry For Free
Fork me on GitHub


Database Access

Teleport can provide secure connections to your databases while improving both access control and visibility.

Some of the things you can do with database access:

  • Enable users to retrieve short-lived database certificates using a Single Sign-On flow, thus maintaining their organization-wide identity.
  • Configure role-based access controls for databases and implement custom Access Request workflows.
  • Capture database activity in the Teleport audit log.

Teleport protects databases through the Teleport Database Service, which is a Teleport agent service. For more information on agent services, read Teleport Agent Architecture. You can also learn how to deploy a pool of Teleport agents to run multiple agent services.

Get started

Connect your database

Learn how to set up secure access to databases in your infrastructure.

Manage the Teleport Database Service

The Teleport Database Service proxies connections to databases protected by Teleport. Read more about deploying the Teleport Database Service and enrolling databases:

  • High Availability: Learn how to deploy multiple instances of the Teleport Database Service to proxy the same set of databases.
  • Dynamic Registration: Learn how to enroll databases without re-deploying the Teleport Database Service.

Learn more

To learn more about configuring role-based access control for database access, check out the RBAC section.

Learn how to configure automatic user provisioning, which removes the need for creating individual user accounts in advance or using the same set of shared database accounts for all users.

See Reference for an overview of database access-related configuration and CLI commands.

If you hit any issues, check out the Troubleshooting documentation for common problems and solutions.


Finally, check out Frequently Asked Questions.