Self-Hosting Teleport Enterprise
These guides show you how to run a self-hosted Teleport Enterprise cluster in production.
Getting started
Self-hosted Teleport Enterprise subscriptions require a valid license. We recommend reaching out to us directly to learn more about getting started with this deployment option and start planning your approach. Self-hosted Teleport Enterprise deployments typically take place in conversation with the team at Teleport.
While designing a deployment, you can consult the High Availability guide for the components of a production Teleport cluster.
Dedicated account dashboard
Teleport Enterprise subscriptions include a dedicated account dashboard with their preferred subdomain of teleport.sh. The dedicated account dashboard provides subscription administrators access to the license file, support links and Teleport Enterprise binary downloads.
Guides to self-hosting Teleport
- AWS KMS: Configure Teleport to store CA private keys in the AWS Key Management Service
- Deploying a High Availability Teleport Cluster: Deploying a High Availability Teleport Cluster
- Enterprise License File: How to manage your Teleport Enterprise license file.
- Google Cloud KMS: Configure Teleport to store CA private keys in the Google Cloud Key Management Service
- Guides for running Teleport using Helm (section): How to install and configure Teleport in Kubernetes using Helm
- HSM Support: How to configure Hardware Security Modules to manage your Teleport CA private keys
- Multi-region Blueprint: Blueprint describing how to deploy a multi-region Teleport Enterprise cluster using CockroachDB.
- Reference Deployment Guides (section): Teleport Installation and Configuration Reference Deployment Guides.
- Separate Internal and External Proxy Service Traffic: Explains how to set up the Teleport Proxy Service to isolate traffic from the public internet from internal client traffic.