tking/bascule-oss
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
bascule-oss/docs/comparison.md
Tyler King 6eb2de5dc0 docs: update all documentation for management API + dashboard 
Updated 9 files to reflect:
  Management API (axum, port 9090) — embedded in bascule-server
  Dioxus dashboard components (WASM web target)
  6 crates in workspace (was 4)

README.md:
  Added Management API + Dashboard features section
  Added dashboard row to comparison table

docs/architecture.md:
  Updated diagram showing dual-listener architecture
  Added Management API section explaining Arc<SessionStore> sharing
  Updated crate table (6 crates)

docs/configuration.md:
  Added [dashboard] config section reference

docs/observability.md:
  Added Management API monitoring section with curl examples

docs/quickstart.md:
  Added Management API quick start section

docs/comparison.md:
  Added dashboard and TPM attestation rows

CLAUDE.md + CONTRIBUTING.md:
  Updated crate lists and feature flags

config/bascule.example.toml:
  Added [dashboard] section

All 17 README links verified valid. Build clean.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-05 17:17:18 -04:00

42 lines
1.8 KiB
Markdown
Raw Blame History

# Comparison
| Feature | Bascule | Teleport | Boundary | StrongDM |
|---------|---------|----------|----------|----------|
| License | Apache 2.0 | AGPL / Commercial | MPL / Commercial | Commercial |
| Agents required | No | Yes | Yes | Yes |
| Control plane | No | Required | Required | SaaS |
| Container sessions | Native | Via agents | No | No |
| AI Agent Identity | Native (Entra Agent ID) | No | No | No |
| Binary size | ~7MB | ~150MB | ~100MB | N/A (SaaS) |
| Auth | SSH keys, Entra Agent ID | OIDC, SAML, GitHub | OIDC, LDAP | SAML, OIDC |
| Session recording | Via SessionHandler | Built-in | Built-in | Built-in |
| Kubernetes | Any (pod) | Requires agent | Requires worker | SaaS |
| Extensibility | SessionHandler trait | Plugin system | No | No |
| Proxy mode | Built-in | Built-in | Built-in | SaaS |
| Config | Single TOML file | Complex YAML | Complex HCL | Web UI |
| Built-in dashboard | Yes (port 9090) | Yes | No | Yes (SaaS) |
| TPM attestation | Yes (bascule-shell) | No | No | No |
## When to choose Bascule
- You want a lightweight SSH proxy without a control plane
- You need ephemeral container sessions per connection
- You need AI agent identity (Entra Agent ID) alongside human SSH
- You want to extend the proxy with custom policy via a Rust trait
- You want Apache 2.0 licensing without AGPL constraints
- You want a single binary under 10MB
## When to choose Teleport
- You need a full access management platform (SSH + K8s + DB + Web)
- You need built-in session recording with search
- You need desktop application access
- You have a large team and need role-based access at scale
- AGPL licensing is acceptable for your use case
## When to choose Boundary
- You're fully invested in the HashiCorp ecosystem
- You need dynamic credential injection
- You need multi-hop proxy chains
- MPL licensing works for your organization
Reference in a new issue View git blame Copy permalink