Integration Showcase Border0 ➕ PagerDuty

Dynamic access control to your servers based PagerDuty schedules

In yesterday's blog, we introduced our newly launched support for integrations in Border0. Integrations allow Border0 administrators to extend their Border0 organization's capabilities to use third-party tools and services for policy evaluations (service access) and event notifications. In today's blog, we'll look closer at our integrations withPagerDuty, a popular real-time incident response platform.

Border0’s PagerDuty integrations enable many powerful use cases, including the following:

➕ Allow access to your production server only to the on-call engineer

➕ Allow access to your production server only while there is an ongoing incident

➕ Alert the on-call engineer of unexpected access (e.g. someone SSH’d to one of your production servers)

➕ Alert the on-call engineer of unexpected administrative changes to your Border0 organization (e.g. someone created an API access token or modified identity provider settings)

Don’t like reading? Here’s an in-depth video demo of our PagerDuty integrations!

PagerDuty OnCall Integration

Using integrations the Border0 policy engine can call external APIs, like PagerDuty, and use this information to make policy decisions. The PagerDuty OnCall integration enables Border0 Organization administrators to define clauses in their policies to require users connecting to your services behind Border0 to be on-call for a PagerDuty service or require an ongoing incident as a prerequisite for granting access.

An example use-case could be your production Database. Since this is a sensitive service, you may only want users to access it when they're on-call. Or perhaps you want to allow access to your SSH bastion host  only when there's an ongoing incident. These are all things that are now super easy to implement.

Setting up the integration requires you to get an API key from the PagerDuty console. Border0 requires only read permissions into your PagerDuty account – be sure to tick the “Read-only API Key” box!

Once you have an API key, you can configure the new PagerDuty On-Call integration like below.

And once you have a PagerDuty On-Call integration configured, you can use it within your Border0 policies! Notice how the administrator has a few options to configure PagerDuty specific rules, such as "require_incident", which means this policy will only allow access when there's an ongoing incident. Similarly, with "require_be_oncall" you can enforce the authenticating user to be on-call before access is granted.

Configure the PagerDuty Policy rules

After modifying a policy as shown above, it will begin evaluating against your PagerDuty on-call integration’s conditions! Next, we can use Border0’s built-in policy tester to play around with our new condition(s) and validate things are working as expected.

Border0 Policy tester

From now on, any services with the PagerDuty policy attached will include the evaluation results of the PagerDuty integration we added earlier. Note how we show the policy evaluation results for each session listed on the sessions page. Showing you exactly what policy rules were consulted and why access was granted (or denied).

🚀 Sweet - access to my SSH servers is now restricted to my on-call engineer!

PagerDuty Events Integration

The second Integration with PagerDuty is for notifications. The PagerDuty Events integration enables Border0 Organization administrators to configure notification rules for sending critical alerts to a PagerDuty service.

Setting up the integration takes only a few seconds! Upon selecting the PagerDuty Events option from the “add new integration” page, a link in the integration guide within the Border0 portal takes you directly to the PagerDuty console, where you can allowlist PagerDuty services to grant Border0 the ability to push critical alerts against.

Just follow the wizard; super easy to configure the PagerDuty integration.

From there, you can create a new notification rule referencing our newly added integration and the PagerDuty service you’d like to push alerts to with this notification rule. With a notification rule configured to notify your PagerDuty service on any new sessions, Border0 will send PagerDuty alerts that look like the image below:

Upon getting paged, your on-call engineer can take action promptly as needed. Notifications include a link to the relevant section of the Border0 portal, where more information regarding the original event can be found.

Wrap Up

Integrating your Border0 organization with a PagerDuty account adds incident response capabilities to Border0, enhancing your organization’s efficiency and security. By bridging these two powerful platforms, organizations can now leverage real-time notifications and refined access control. Using the PagerDuty Integration, you can ensure that the right person is alerted to and able to promptly address any unexpected incidents, unexpected access, or administrative changes to your Border0 organization. The ability to dynamically control access to resources based on whether there's an ongoing incident or if the user is on-call takes fine-grained access control to the next level!

Stay tuned for more integrations in the future!  The PagerDuty integration is available for both free and Premium accounts, so sign up today and give it a spin! Try out our fully featured free community edition, or schedule a demo and let us walk you through a custom demo, Let’s geek out together 🤓

Ready to level up your security?