Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

GIF of CLI using Beam
🔗  Beam on GitHub

What is Beam?

Beam is an open-source solution that stands as the answer to secure and user-friendly access within the confines of non-public VPC landscapes. It replaces the traditional bastion host approach with AWS Systems Manager (SSM) for access.

Why do you need Beam?

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Exposed infrastructures is not a good security practice and poses risks.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

SSH through jump servers brings operational complexities like cert rotation.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

ZTNAs or VPNs come with a costly price tag and can introduce 3rd-party risks.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Native Proxies like Google's IAP or Azure Bastion are promising but complex to set up.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Beam offers a breakthrough

Beam is designed to simplify and secure connectivity to AWS resources, harnessing the power of AWS SSM Session Manager.

Features & Benefits

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Direct & Secure Access: Easily connect to resources like EKS clusters and RDS instances effortlessly while maintaining best security practices.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Easy Configuration: No more daunting SSM setup processes. Beam simplifies it all.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Dynamic Compatibility: Designed to stay efficient amidst changing and immutable infrastructure.

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Future-Ready: While AWS (SSM) is the starting point, we're extending support to platforms like Google's IAP soon.

Getting Started with Beam

Beam - Secure, Seamless, Bastion-Free Infrastructure Access with AWS SSM

Prerequisites

  • AWS SSO (single or multiple accounts).
  • Individual VPC for each environment.
  • Infrastructure in the private subnet.
  • Active EC2 instance in the subnet with an SSM agent.

Quick Setup

  • Launch with beam configure and proceed as directed.
  • Team-wide configuration sharing enabled.
  • Execute beam run will scan the infra and port forwarding EC2 remote port to localhosts, to RDS and EKS
  • Modify the host file to link the remote Kubernetes API/database to localhost for a valid SSL handshake and tool compatibility.
  • Print the database connection string.
  • Modify the kubeconfig to point to the local ports of the tunnel.

Don't compromise
on infrastructure security.

Check out Beam for simplified and secure infrastructure access.

🔗 Explore Beam on GitHub

Beam by

Automated Access Management Platform - Entitle - Limit cloud access without pushback