“Who has root access in your org?”

Imam Bashir Abdulwahab (Twenty4)Imam Bashir Abdulwahab (Twenty4)
3 min read

I walked through this in my demo at CNCF Abuja last month, showing how modern, identity-first access makes that question easy to answer.

Now be honest, are you still babysitting SSH keys, bouncing through hosts, and praying your audit logs tell the full story? Yeah… been there. That’s why I wanted to show you something different: Teleport.

So, what’s Teleport?

Think of it as an identity-native access superpower that makes your DevOps life a little less chaotic:

  • SSH servers ✅

  • Kubernetes clusters ✅

  • Databases ✅

  • Internal apps ✅

  • Even Windows desktops lol (because yes, those still exist) ✅

One way in. One audit trail. Nothing left sitting around on disk for bad actors to scoop up.

Why you (and your team) might actually love this:

  • No more passing around shared keys like it’s 09’s

  • Access expires by default (because eternal credentials are a horror story)

  • Full session recording + audit logs for the “what just happened” moments

  • Plug into GitHub, Okta, Google, whatever you already use for login

  • Bye-bye VPNs and sketchy tunnels

Security, but with common sense

Teleport doesn’t wrap your infra in duct tape. It enforces identity-based, short-lived certs. No passwords, no long-lived keys, no “oops I left that open.”

  • Everything logs.

  • Everything has a policy.

  • Everything expires. (…kind of like milk, but way more useful).

Wanna try it out right now?

Here’s the fun part:

This is Teleport on my EC2 Instance for Demo

  1. Launch the open-source version with Docker or host cloud-based on your server.

  2. Wire up a test cluster and local SSH.

  3. Hook in GitHub or OIDC SSO.

  4. Write some RBAC rules in YAML (don’t panic, it’s actually neat).

  5. Watch your own session recordings in the web UI, creepy but powerful.

Pick your flavor from what’s available!

TierBest forIncludes
Teleport Community (OSS)Indie DevOps, startups or side projectsBasic access for SSH, K8s, DBs
Teleport EnterpriseRegulated orgs, large teamsSSO, session replay, RBAC, audit
Teleport CloudTeams that want SaaS setup (I don’t want to host it, just make it work)No self-hosting, auto-upgrades
Teleport TeamMid-size orgs (like SaaS but want control)Cloud-hosted with most features

If you’re still unsure where to start? Use this cases to steal:

An onboarded Amazon server onboarded as a resource on teleport

  • Secure SSH across multi-cloud setups

  • Jump into K8s clusters without juggling kubeconfigs

  • Lock down your DBs (Postgres, MongoDB, MySQL)

  • Retire that poor bastion host that’s been clinging to life

  • Impress compliance folks (SOC2, PCI-DSS, FedRAMP)

👉 teleport.dev/pricing

💡 Pro tip: Engineers can request just-in-time access and managers approve right inside Slack, PagerDuty, or even CLI. No tickets, no back-and-forth emails, just “yes” or “no” in real-time.

Bonus: Plays nice with others

Already using GitHub Actions, Vault, Terraform, AWS/GCP? Teleport slots right in without making you rethink your stack.

🎤 My takeaway from demoing this at CNCF last month?
If your infra is scaling but your access model still looks like “static IAM roles + ancient SSH keys,” Teleport is the glow-up you didn’t know you needed.

11
Subscribe to my newsletter

Read articles from Imam Bashir Abdulwahab (Twenty4) directly inside your inbox. Subscribe to the newsletter, and don't miss out.

TeleportpamSecurityOpen SourceAWS

Written by

Imam Bashir Abdulwahab (Twenty4)
Imam Bashir Abdulwahab (Twenty4)

An open Source Security Advocate