Skip to main content

Kubernetes Access FAQ

This page offers answers to frequently asked questions about Teleport's Kubernetes feature.

Can a single kubernetes_service serve multiple Kubernetes clusters?

Yes, a single kubernetes_service can serve multiple Kubernetes clusters. This is useful when the Kubernetes clusters' nodes can be downsized to zero, but you still want to be able to access the Kubernetes API.

Check out the Kubernetes Service Standalone Guide.

Can Teleport be used to restrict access to Kubernetes resources?

Yes. Teleport can be used to restrict access to individual Kubernetes resources.

Check out the Teleport Kubernetes RBAC Guide for more information and examples.

Can Teleport automatically discover my Kubernetes clusters on cloud providers (AWS, GCP, Azure)?

Since version 11, Teleport can discover your Kubernetes clusters on AWS, GCP, and Azure.

Check out the Kubernetes Service Discovery Guide for more documentation and examples.

Does Teleport work with Kubernetes desktop UI applications?

Yes, Teleport generates a kubeconfig file (default ~/.kube/config) when a user logs in to a Kubernetes cluster. GUI tools such as Lens can interact with the Kubernetes cluster through Teleport as with any other standard kubeconfig.