Vitess(MySQL 프로토콜)를 사용한 데이터베이스 접근

Vitess(MySQL 프로토콜)에 대한 Teleport 데이터베이스 접근 구성 방법

Teleport can provide secure access to Vitess (MySQL) via the Teleport Database Service . This allows for fine-grained access control through the Teleport RBAC system . The Teleport Database Service proxies traffic from database clients to self-hosted databases in your infrastructure. Teleport maintains a certificate authority (CA) for database clients. You configure your database to trust the Teleport database client CA, and the Teleport Database Service presents certificates signed by this CA when proxying user traffic. With this setup, there is no need to store long-lived credentials for self-hosted databases. Meanwhile, the Teleport Database Service verifies self-hosted databases by checking their TLS certificates against either the Teleport database CA or a custom CA used with the database. In this guide, you will: Configure your Vitess (MySQL) database for Teleport access. Add the database to your Teleport cluster. Connect to the database via Teleport. 동작 원리 # The Teleport Database Service authenticates to your self-hosted Vitess database using mutual TLS. Vitess trusts the Teleport certificate authority for database clients, and presents a certificate signed by either the Teleport database CA or a custom CA. When a user initiates a database session, the Teleport Database Service presents a certificate signed by Teleport. The authenticated connection then proxies client traffic from the user. Self-Hosted Teleport Enterprise Cloud Note gRPC 프로토콜을 사용하는 Vitess 접근은 현재 Telepo