Comment by stopachka
7 hours ago
Another reason they could have built this was by listening to their users. I do believe lots of people are spinning up agents in their workplaces, and managing yet another set of api keys is probably annoying for Tailscale's customers. This feels like a great solution to me.
Pressure to service larger customers to capture higher revenues is inevitable for Tailscale given the scale of VC funding, valuation, and operating costs involved.
Trying to be all things to all people will inevitably dilute focus, and it’s understandable that OP might be looking at this sub-product and wondering where the value is for their use cases.
They’re probably not the only ones questioning whether they’re still part of Tailscale’s core ICP (ideal customer profile), either.
Edit: expanded ICP for clarity.
yes this inevitably happens to companies that can't grow infinitely, you pivot to enterprise because you can sell to one person that has the equivalent spend of thousands... it really is unfortunate for the individuals
I have a secret manager, why would I want tails ale involved in the management of secrets, they are a networking company
Tails ale is not a company I see being involved in my core AI ops. I don't need their visibility tools, I already have LGTM.
Tailscale should focus on their core competency, not chase the gilded Ai hype cycle. I have sufficient complaints about their core product that this effort is a red flag for me. To do this now, instead of years ago, shows how behind the times they are
They're not a networking company, they're an access control company. Their original product is based around networking, and now this new one is based around AI access and metrics.
This product isn't about managing and distributing API keys, it's about managing and distributing access to these services throughout the org. In fact, it's more about being able to avoid managing and distributing API keys, which is IMHO even better.
The first I heard of them was they were the company around WireGuard, a networking technology.
We recently brought them into the stack to manage said access, it has been painful, aiui their configuration is not intuitive (not the one working on it). I suspect any further expansion will be a big ask after the dismal experience. I certainly don't trust them to manage my secrets and access afterwards. I haven't even found an enjoyable DX talking point in either my personal or professional usage either
> They're not a networking company, they're an access control company.
This is like Ripping saying they are not an HR company, they are an access control company. I got into this very argument with them on a sales call looking for a payroll provider. They wanted to manage the keys to everything, I don't trust them to safely guard access to my cloud projects, nor is it something I even want my HR/payroll company even considering doing. This new product sounds like TailScale was the keys to the kingdom and I sure as hell am not giving it to them after the disappointing rollout of their established networking technology
Not to mention that storing the API keys on a developer machine (or distributing them to a developer machine) is the first step towards a developer's API keys getting leaked or exfiltrated. With this approach, the developer never has the API key on their machine at all (and you don't have to rotate or invalidate the key when they leave).
This ^^
There's a set of common needs across these gateways, and everyone is building their own proxies and reinventing the wheel, which just feels unnecessary.
~All of our customers at Oso (the launch partner in the article) have been asking us how to get a handle on this stuff...bc their CEO/board/whatever is asking them. So to us it was a no-brainer. (We're also Tailscale customers.)