35 minutes
JIT Network Access: Demo and Q&A
JIT Network Access: Demo and Q&A
Just-in-time (JIT) Network Access is an API-first solution to provide temporary, time-bound, and audited elevated access to resources within your Tailscale network (tailnet). Up until this point, JIT access with Tailscale has required the purchase of an additional dedicated 3rd party JIT solution to manage, or meant cobbling together different parts of the product to build a very manual version of JIT access.
That's no longer the case. Join Alex and Allen as they demo how to use our API to set up Just-in-time access and then answer your questions.
JIT Network Access and Tailscale
There is the primary API component which can be used stand alone to integrate with existing access systems, as well as, two initial access bot projects in Tailscale Community Projects that can be used as a more turn-key solution:
- Expiring Posture Attributes API: Temporarily elevate a device's access based on custom posture attribute with an automatic expiration.
- Slack Workflow Integration: A streamlined approval workflow for requesting and granting JIT access via Slack.
- Github Action: A deployable GitHub Action allowing Tailscale users to request and approve just-in-time access to Tailnet resources.
Hosted By
AVAllen Vailliencourt
Solutions Engineer at Tailscale
Allen Vailliencourt
Solutions Engineer at Tailscale
Allen Vailliencourt is a Solutions Engineer at Tailscale.
AKAlex Kretzschmar
Head of Developer
Relations at Tailscale
Alex Kretzschmar
Head of Developer Relations at Tailscale
Head of Developer Relations at Tailscale
More webinars
Moving Beyond the Honor System: How to Use Fleet Device Health to Control Tailscale Access
Most organizations have the data to know if a laptop is unencrypted or out of date. The problem? That data often lives on a dashboard, while your network access remains wide open. The only way to secure access is to stop trusting devices by default.
Join Allen Valliencourt (Tailscale) and Zach Wasserman (Fleet) to see how Fleet device data can directly control access in Tailscale. We’ll show how to turn device health signals into enforcement so access is earned.
If you’re already using Fleet to monitor your fleet and Tailscale to connect it, you’re ready to enforce device-level access. In this session, we’ll walk through:
- How Fleet device state (via osquery) feeds into Tailscale posture checks
- How device signals—like disk encryption, OS version, and MDM enrollment—map to Tailscale ACLs
- How access is revoked in real time when a device falls out of compliance
Tailscale & AWS: Enterprise Cloud Networking Simplified
In this webinar, we will cover how to connect to your AWS resources easily and securely with Tailscale modernized networking, powered by WireGuard®
With Tailscale + AWS, you can:
- Simplify AWS Connectivity by using Tailscale to reduce the complexity of managing secure remote access to the Amazon resources that power your organization.
- Increase Security for AWS Access by enabling secure remote access from AWS VPC to EC2 instances, IP-based connectivity via subnet routing, exposing services in your EKS clusters and control plane to your tailnet.
- Achieve high-availability failover, seamlessly connect across availability zones, and deliver persistent resource monitoring and session recording to support compliance goals.
Kubernetes & Tailscale: Simplified Cluster Connectivity
Kubernetes networking can be a black box. The myriad options around API servers, pod networks, service networks, loadbalancers and ingresses can mean dramatic expense and increase complexity.
Tailscale and the Tailscale operator can dramatically simplify your Kubernetes networking needs by:
- Securing access to your Kubernetes control plane
- Providing access to services and pods in your Kubernetes cluster
- Enabling simple networking between clusters
In this webinar we’ll explore these use-cases and investigate how Tailscale can make your life alongside Kubernetes hassle-free.