←back to thread

Tailscale raises $100M

(tailscale.com)
854 points gmemstr | 4 comments | 04 May 22 13:17 UTC | HN request time: 1.528s | source
Show context
Lightbody ◴[04 May 22 13:46 UTC] No.31260320[source]
We love Tailscale. Everyone employee has it, and we use it to provide access to dev, staging, and prod environments as well.

Fun little thing we did with it: nobody can access the prod network without requesting access via a Slack bot (powered by https://indent.com/). So somebody requests access, another authorized person approves it, and the Tailscale ACLs are updated for X minutes and then reset.

Access to secure environments is super low friction but more secure (with fantastic audit trails) than ever.

replies(2): >>31260539 #>>31265499 #
fwip ◴[04 May 22 14:01 UTC] No.31260539[source]
That's gonna be exciting next time Slack is down.
replies(2): >>31260580 #>>31263940 #
1. dx034 ◴[04 May 22 14:04 UTC] No.31260580[source]
I'd assume they have a fallback option to provide access.
replies(2): >>31260789 #>>31261471 #
2. VWWHFSfQ ◴[04 May 22 14:18 UTC] No.31260789[source]
I wouldn't assume anything
3. Lightbody ◴[04 May 22 15:02 UTC] No.31261471[source]
It's a very safe assumption: we're just automating Tailscale ACLs. Tailscale admins (3 of us) can still come in and manually change them.
replies(1): >>31263828 #
4. fwip ◴[04 May 22 18:05 UTC] No.31263828[source]
That's reassuring, the phrasing of "nobody can access prod without a Slack bot" was worrying.