Size Teleport Self-Hosted on Google Cloud

Extra Small — starter self-hosted control plane for smaller Teleport estates

Monthly cost

$302.41

Annual cost

$3,629/year

Line-item breakdown

Compute	$276.91
Storage	$25.50
Other	$0.00

Components provisioned

Role	Instance	vCPU	GB RAM	Storage
Auth Service	1 × n2-standard-8	8	16	100 GB
Proxy Service	1 × n2-standard-4	4	8	50 GB

Why this sizing

This Extra Small sizing provides a starter self-hosted Teleport control plane suitable for smaller Teleport estates. The primary cost driver is compute, accounting for over 95% of the $612 monthly total. This configuration uses a single control plane instance and a single auxiliary instance, meaning high availability is disabled and there is no redundancy for critical services.

Export

Share the current URL or copy the launch Terraform baseline.

Open generic Google Cloud calculator

Google Cloud Terraform baseline

terraform {
  required_version = ">= 1.6.0"

  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 6.0"
    }
  }
}

variable "project_id" {
  description = "Google Cloud project ID for this deployment."
  type        = string
  default     = "replace-with-project-id"
}

provider "google" {
  project = var.project_id
  region  = "us-central1"
  zone    = "us-central1-a"
}

# Generated for Google Cloud from the current estimate state.

resource "google_compute_disk" "auth_service_1_data" {
  count = 1
  name  = "teleport-auth-service-1-data-${count.index + 1}"
  type  = "pd-ssd"
  zone  = "us-central1-a"
  size  = 100
}

resource "google_compute_instance" "auth_service_1" {
  count        = 1
  name         = "teleport-auth-service-1-${count.index + 1}"
  machine_type = "n2-standard-8"
  zone         = "us-central1-a"

  boot_disk {
    initialize_params {
      image = "projects/debian-cloud/global/images/family/debian-12"
      size  = 50
      type  = "pd-balanced"
    }
  }

  network_interface {
    network = "default"
    access_config {}
  }
  attached_disk {
    source = google_compute_disk.auth_service_1_data[count.index].id
    mode   = "READ_WRITE"
  }

  labels = {
    app  = "teleport"
    role = "auth-service"
  }
}


resource "google_compute_disk" "proxy_service_2_data" {
  count = 1
  name  = "teleport-proxy-service-2-data-${count.index + 1}"
  type  = "pd-ssd"
  zone  = "us-central1-a"
  size  = 50
}

resource "google_compute_instance" "proxy_service_2" {
  count        = 1
  name         = "teleport-proxy-service-2-${count.index + 1}"
  machine_type = "n2-standard-4"
  zone         = "us-central1-a"

  boot_disk {
    initialize_params {
      image = "projects/debian-cloud/global/images/family/debian-12"
      size  = 50
      type  = "pd-balanced"
    }
  }

  network_interface {
    network = "default"
    access_config {}
  }
  attached_disk {
    source = google_compute_disk.proxy_service_2_data[count.index].id
    mode   = "READ_WRITE"
  }

  labels = {
    app  = "teleport"
    role = "proxy-service"
  }
}

Sources

Reference architecture: Teleport Self-Hosted for starter-control-plane, version Teleport 18.x scaling guidance, retrieved April 13, 2026.

https://goteleport.com/docs/reference/deployment/scaling/

Pricing: Google Cloud pricing snapshot, retrieved May 6, 2026.

Commercial pricing only. GovCloud, sovereign cloud, and discounts beyond those shown are not modelled.

Not included in this estimate

Vendor licensing and support
Professional services
Network egress
Compliance controls
Backup storage
Monitoring

Based on Teleport's official architecture and scaling guidance, translated into VM-based planning tiers.

Estimate excludes the infrastructure resources protected by Teleport, session recording object storage, external identity providers, and network transfer.