Kubernetes Access FAQ
This page offers answers to frequently asked questions about Teleport's Kubernetes feature.
Can a single kubernetes_service
serve multiple Kubernetes clusters?
Yes, a single kubernetes_service
can serve multiple Kubernetes clusters. This
is useful when the Kubernetes clusters' nodes can be downsized to zero, but you
still want to be able to access the Kubernetes API.
Check out the Kubernetes Service Standalone Guide.
Can Teleport be used to restrict access to Kubernetes resources?
Yes. Teleport can be used to restrict access to individual Kubernetes resources.
Check out the Teleport Kubernetes Access Controls Guide for more information and examples.
Can Teleport automatically discover my Kubernetes clusters on cloud providers (AWS, GCP, Azure)?
Since version 11, Teleport can discover your Kubernetes clusters on AWS, GCP, and Azure.
Check out the Kubernetes Service Discovery Guide for more documentation and examples.
Does Teleport work with Kubernetes desktop UI applications?
Yes, Teleport generates a kubeconfig file (default ~/.kube/config
) when a user
logs in to a Kubernetes cluster. GUI tools such as Lens can
interact with the Kubernetes cluster through Teleport as with any other standard kubeconfig.