search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
16.97k stars 1.7k forks source link

Support enabling enhanced session recording via `teleport node configure` #32845

Open webvictim opened 9 months ago

webvictim commented 9 months ago

What would you like Teleport to do?

The teleport node configure command does not currently support enabling the enhanced_recording directive, making it more difficult to deploy nodes with enhanced recording enabled using automation.

We should support a CLI flag like --enhanced-recording to enable users to run teleport node configure --proxy=teleport.example.com:443 --enhanced-recording and automatically generate the correct config file.

What problem does this solve?

Allows for easier rollout of Teleport agent binaries to SSH nodes.

If a workaround exists, please include it.

Manually script or edit the config file after generation to add the enhanced_recording configuration directive and restart Teleport.

webvictim commented 9 months ago

This would also allow us to streamline the instructions here: https://goteleport.com/docs/server-access/guides/bpf-session-recording/#create-a-configuration-file