Secure Infrastructure Access

API-first approach to integrate with your existing platform

Infra takes on an API-first approach that's meant to integrate with what your team already uses. You don't have to rip out your existing internal platform.

$ curl https://api.infrahq.com/v1/creds \ -X POST \ -d destination=production { "host": "engine-a19.infrahq.com", "jwt": "eyJhbGciOiJIUz...k6yJV_adQssw" }
SOURCES & DESTINATIONS

Integrate with where your users are today

Infra connects with your existing identity providers, and maps your users/groups directly to your infrastructure destination(s) with the necessary permissions.

CONFIGURATION

Infrastructure as Code
(GitOps friendly)

Declare the configuration in code. Version. Backup. Recover. Audit. All in your source code repo.

PERMISSIONS

Fine-grained access control

Most tools provide all or nothing access. Infra is designed from the ground up to deeply integrate with each infrastructure tool to provide fine grained access control. Some teams want to have write access to a particular namespace in Kubernetes, but not another; Infra helps solve this problem.

We don't just lock your infrastructure at the network level. We complement your existing VPC or zero trust solutions to add an additional protection while making access easy for your teammates.

SEAMLESSNESS

Discovery via one command

infra login allows you to synchronize all your infrastructure access to your laptop. For Kubernetes, Infra will automatically maintain your kubeconfig file, so you never have to fumble to find that cluster again.

AUDITING

Sensible audit logs

When an incident happens, you want to quickly understand who did what and when. Infra is designed to provide understandable logs to answer these exact questions.

REDUNDANCY

No single point of failure

Infra is designed with redundancy in mind without a single point of failure. If and when Infra Registry ever has downtime, users will have direct connection to the Infra Engine, where configuration is replicated.

ACCESSIBILITY

Quick access for your team (custom domain)

Need a wiki to document your endpoints? Can never remember that login address at 3am when PagerDuty is off? Use your custom domain for your team so it's easy to remember. An example could be infra login infra.docker.com and your teammates can get their access.