Teleport Support

Gravitational’s Teleport is a tool that helps you securely access servers, applications, and various resources while maintaining a zero-trust approach to security.

Secrets.env complements Teleport by allowing you to fetch certificates from the Teleport client and utilize them to authenticate with different services.

Enabling

In addition to optional dependencies, using this feature necessitates having the Teleport client (tsh) installed on the same machine where secrets.env is operating.

1. To set up the Teleport client, refer to the official installation guide for detailed instructions:

   https://goteleport.com/docs/installation/

2. Installing secrets.env with the extras teleport:

   pipx

   # for the first time installation
   pipx install 'secrets.env[teleport]'
   
   # if you have already installed secrets.env
   pipx inject secrets.env 'secrets.env[teleport]'
   

   pip

   pip install 'secrets.env[teleport]'
   

   poetry

   pipx inject poetry 'secrets.env[teleport]'
   

Certificate provider

Teleport acts as a secure gateway to access servers and applications. Occasionally, you might need to connect local applications to remote services. In such cases, you’ll utilize the Teleport client to retrieve certificates and integrate them into your application.

Secrets.env includes a Teleport Provider that interacts with the Teleport client to obtain certificates and deliver them to the application.

TLS adapter

This feature is used by Vault KV Provider for fetching certificates from Teleport.