MinIO hits it out of the Boundary
As enterprises in critical industries such as banks, healthcare, oil and gas repatriate their data from the cloud, there are sometimes some things they need to do the “old school” way because there is simply no other way. One of these is Bastion hosts. It doesn’t matter whether you have all 100% of your AI data infrastructure and your AI/ML models stored in an Airgapped Environment, it needs to be accessed by your own engineers and BI folks using a Bastion host. But Bastion host is the wild wild west, so to speak, so you need a way for the actions on those bastion hosts to be recorded and audited in some way.
This is where HCP Boundary comes into play. It helps industries record SSH sessions to meet compliance and improve security requirements. These sessions are then stored on MinIO for fast retrieval for auditing purposes in case of a data breach incident. Also in general it deters users from performing malicious commands adverse to the system’s performance.
We will perform the following steps in the course of this post
- Create a bucket in MinIO where the session data will be stored
- Connect HCP Boundary to MinIO bucket to store session data
- Login to SSH and playback a recorded session
- Visualize session data in MinIO bucket
Create MinIO Bucket
We’ll go through how to create a MinIO bucket using our online playground play.min.io.
Connect Boundary to MinIO
Next, we’ll connect the above bucket we created in MinIO to Boundary by creating a couple of access credentials.
Once MinIO storage configuration has been created, we’ll attach this by Enabling the Session so the Session Recording uses MinIO to store its data.
Login to SSH and Playback
In order to test this lets log in to one of our test SSH instances and playback a session recording.
Session Data in MinIO
Last but not least, this is where the rubber meets the road. We’ll see where our session data is stored for fast retrieval.
A Double Entendre
The title of this post is a double entendre of sorts. Originally it's a reference in cricket when you score 4 or 6 runs (when you hit the ball past the boundary line). The term you might be more familiar with is “hitting it out of the park”, a reference in Baseball. By supporting HCP Boundary, MinIO hits it out of the park by not only being a single unified storage for your AI/ML infrastructure storage needs from storing your AI/ML Models, the raw data to store and consume to be able to train these models, your Snowflake and SQL Server external tables, but now it can even store your AI infrastructure access logs and replay them back for auditing purposes.
This allows you to streamline your tools and processes in a single unified AI data storage backend to access your data while you focus on building and scaling your applications while leaving the storage to MinIO. If you have any questions on MinIO or Boundary or anything AI/ML related be sure to Slack!