If you’re anything like me, you appreciate DigitalOcean for its simplicity, cost-effectiveness, and ease of use. It’s an ideal platform for personal projects and smaller work-related tasks. However, as great as DigitalOcean is, it doesn’t offer some of the advanced features that larger cloud environments provide, like granular access control and integrated security with Single Sign-On (SSO) systems. These are the IAM and SSM capabilities that AWS users have come to rely on. But what if you could bring these powerful features to DigitalOcean without the added complexity or cost? That’s where Border0 comes in.
The Challenge: Bridging the Gap Between Simplicity and Security
DigitalOcean excels in user-friendliness and affordability, but when it comes to robust Identity and Access Management (IAM) and security controls, it falls short compared to giants like AWS and Google Cloud. Without built-in IAM, managing access to your Droplets (SSH), databases, or Kubernetes clusters using SSO credentials can be a bit of a headache. This often forces users to keep services more exposed than they’d like — especially in production environments where security is key.
The Solution: Bringing AWS-Like IAM and SSO Magic to DigitalOcean
That’s where Border0 steps in. With Border0, you can elevate your DigitalOcean workloads to meet the same security and access management standards that you’d expect from AWS or GCP — minus the headaches. Border0 provides you with the tools to control access to your DigitalOcean resources, whether it’s SSH access to Droplets, database connections, or Kubernetes clusters, all using your SSO credentials. Even better, this works seamlessly with resources in a private DigitalOcean VPC, giving you secure access without the need for a VPN.
Demo Time! 🚀
Sounds too good to be true? The best part is that it’s incredibly straightforward to set up and use. In the video below, we’ll guide you through an example that shows just how easy it is.
Setup in Minutes ⏱️
In the video, we kick things off by installing the Border0 connector from the DigitalOcean Marketplace as a 1-click Droplet. The entire setup takes about a minute — just enough time for the Droplet VM to boot and for you to click the Border0 login link. It’s fast, it’s simple, and it’s ready to go.
Once the connector is deployed, we can start securing access to a Droplet (SSH), a MySQL database, and a Kubernetes cluster. These resources are safely tucked away in a private VPC, shielded from the public internet. And yet, thanks to Border0, you can access them effortlessly using your SSO identity — no need to configure complex VPNs or jump through hoops.
SSH Access Example 🔐
In the demo, you’ll see how we access a DigitalOcean Droplet VM that’s been deployed in a private VPC. No VPN required — I’m logging in using my existing SSO account. This approach isn’t just convenient; it’s also secure, with all access tied directly to your identity, whether that’s a Gmail, GitHub, Azure, or even your corporate Okta account.
Fine-Grained SSH Control 🛡️
But wait, there’s more! Border0 doesn’t just give you access; it lets you control access with precision. You can enforce detailed SSH-specific access policies, such as allowing SSH access only as the ubuntu user while disallowing SFTP and TCP port forwarding. This keeps your environment secure by limiting access to only what’s necessary, minimizing potential attack surfaces.
Database Access Example 🗄️
Next up in the demo, we’ll show you how to securely access a DigitalOcean-managed MySQL database using your SSO credentials. This database is hosted within the same private VPC, ensuring it remains isolated from the internet while still allowing seamless access. It’s like having the database right under your desk — without the risk of being wide open to the world.
And here’s a bonus: with Border0, any database becomes accessible through our web-based database client. This WebAssembly-based client runs entirely in your browser, so you can access your databases from anywhere, on any device, without needing to install extra software. All you need is your SSO account.
Identity-Based Database Policies 🎯
Just like with SSH, Border0 lets you enforce fine-grained access control for databases. You can define who has access to specific database schemas, what types of queries they can run, and even set conditions based on identity, network location, or time of day. It’s like having an SSO-based database firewall and VPN rolled into one, complete with full query recording for that extra layer of security.
Kubernetes Access Example 📦
Finally, we take a look at Kubernetes access. The video demo shows how to connect to your DigitalOcean Kubernetes cluster using kubectl. Even though the Kubernetes API is isolated from the internet, Border0 makes it feel like it’s right there at your fingertips, securely accessible with your SSO credentials.
As with the other examples, you can create policies specifying who has access to which Kubernetes namespaces and what actions they can perform. For instance, you can control who has permission to use kubectl exec. And with full session logs, you can see exactly what actions were performed on which resources, and for kubectl exec, you even get session recordings—perfect for keeping tabs on what’s happening in your clusters.
Wrap Up 🎯
With Border0, you get the best of both worlds: the simplicity and user-friendliness of DigitalOcean combined with the enterprise-grade security and access management features you expect from AWS or GCP. And the best part? You can set it all up in just a few minutes, thanks to the ease of a 1-click Droplet deployment. No complex VPNs or advanced configurations — just secure, streamlined access to your Droplets, databases, and Kubernetes clusters.
Whether you’re managing Droplets, databases, or Kubernetes clusters, Border0 makes it effortless to use your SSO credentials for secure access. You retain the simplicity and ease of use that makes DigitalOcean so popular, while gaining the advanced security controls typically found in more complex cloud environments.
You don’t need to be a security expert — Border0 and DigitalOcean together make it easy and pleasant to secure and manage your cloud infrastructure. Ready to enhance your DigitalOcean experience with Border0? Get started today for free and enjoy the best of both worlds: simplicity and security.
Top comments (0)