Great work, few questions from my perspective How is access to the jump box controlled? API needs to be authenticating calls and checking for authorization for every fetch from database. Where are the firewalls? Ssh needs to be V2, secured authorized keys. What symmetric key size and algorithm is the VPN using? Just food for thought as security is paramount which I'm sure you guys are aware :-)