Teleport (ex-Gravitational) is the startup with open source infrastructure solutions that enable businesses to run, access, and distribute their cloud-native applications in restricted environments based on Kubernetes clusters, hybrid private clouds, or secure on-premise infrastructures. Martians’ duty was to design and implement some approval workflow plugins for these enterprise customers.
Evil Martians implemented and documented five plugins for the Teleport privileged access management system: integrations with Slack, Jira, Mattermost, GitLab, and PagerDuty to approve access requests fast and secure in these environments. In this project, we started to shape the ecosystem of integrations to let the startup’s customers adjust their permission systems to their corporate and legislation requirements.
Teleport is written in Go. It was also a great match as Martians have a great experience with our own open source projects in Go—such as imgproxy, Overmind, and Lefthook.
Teleporting to clouds
In the age of SaaS, with tons of cloud applications for every single business process, cloud security is still the biggest concern for enterprise customers. For the sake of compliance, they should take into account government policies like storing data in local areas or legal and corporate standards of avoiding public clouds for sensitive information. The business rules also necessitate keeping clear of “vendor lock-in”.
That’s where Teleport comes in to give a hand. They are working to help technology startups with packaging, deploying, and running their SaaS on private clouds of their enterprise customers to securely facilitate app deployments. Having a strong cloud computing background, the team chose Kubernetes to ease cloud deployment and run cloud applications across environments while meeting security and compliance requirements. Teleport has been a long-standing supporter for Kubernetes, believing that building software with Kubernetes instead of building in the cloud dependencies upfront will break the dependency on the individual cloud providers.
Gravitational, recently rebranded as Teleport, was founded in 2015. In 2019, the project has raised $25M in Series A rounds in 2019 with over $29M in total to date from many leading investors, including Y Combinator, CrunchFund, Spectrum 28, Zillionize, SV Angel, Kleiner Perkins, and Fort Ventures. It has around 100 enterprise customers, including NASDAQ, Samsung, Splunk, Ticketmaster, Telefonica, Sumo Logic, Snowflake Computing, and Epic Games.
Martians enjoyed the privilege of helping with Teleport. The problem tackling by Teleport is—unfortunately—not a physical teleporting feature, but equally important authorization and access requests automation. It started as an internal tool and became more popular as a single point to configure accesses in cutting-edge network cloud environments with authorization tied to internal enterprise services. For instance, if a company has a corporate Windows environment for all employees and a deployment environment like Kubernetes for engineers, they need to work bundled.
To simplify administration, Teleport wanted to extend and customize permission elevation workflow to grant or deny access in real time through messengers and collaboration applications. The idea was to move away from root accounts and let engineers do it on the fly via Slack or other supported platforms.
Approval workflow in Slack (video from Teleport)