Capabilities

The full picture of what vSupport can do.

A control plane that handles execution, results, inventory, access, and the agent that ties it to your network.

ssh · web-prod-1● REC
host key verifiedsession recorded

Secure terminal

  • Full session recording. Every keystroke and all output captured, timestamped, and replayable for audit and compliance.
  • Host-key verification. Connections are checked against known host keys and refused on mismatch — no trust-on-first-use.
  • Single-use tokens. Each session is authorized by a one-time, time-boxed, agent-scoped token.
audit · hash chainverifying…

Tamper-evident audit log

  • Hash-chained integrity. Each entry is linked to the previous by a SHA-256 chain; tampering is provable.
  • Everything privileged. Runs, credential reveals, key access, terminal sessions, agent changes — all recorded.
  • One-click verification. Verify the entire chain's integrity from the audit viewer at any time.
launch · site.ymlrunning
0
ok
0
changed
0
failed

Fleet automation

  • Scope precisely. Target a project, a host group, or an ad-hoc selection. The run only touches what you choose.
  • Engine-ready. Ansible today, with Terraform, OpenTofu, and SaltStack on the same launch flow.
  • Built for scale. Structured per-host results stay readable whether you run on 3 hosts or 3,000.
template library

Template library

  • Vetted and categorized. Every built-in template is validated; browse by engine and category.
  • Check vs. change gating. Read-only checks for all; state-changing templates restricted to admins.
  • Custom templates. Create your own and deploy them to agents with safe upsert semantics.
edit · deploy.ymlvalid YAML

Validated editors

  • Live YAML linting. Syntax errors surface as you type, with a clear validity indicator.
  • Validate on agent. Run a real --syntax-check on the control node, not just client-side guesses.
  • Role-gated. Editing is restricted to infrastructure admins and above.
discover · multi-cloudscanning…

Cloud onboarding

  • Multi-cloud. AWS, Azure, GCP, Proxmox, VMware, Nutanix, and Virtualizor from one wizard.
  • Agent-side discovery. Credentials stay in the vault; discovery runs through the agent, not the browser.
  • Import as hosts. Turn a discovered instance into a managed host in a couple of clicks.
access & secrets
vieweroperatorinfra adminorg admin
••••••••••••••••

Access & secrets

  • Least privilege. Viewer, operator, infra admin, org admin — assignable per project.
  • Per-host secrets. Scope credentials to a tenant, project, or a single host; host secrets are admin-reveal only.
  • SSH key vault. Store and inspect SSH keys with fingerprint and passphrase detection, never exposed in plain text.
reports · last 30 days

Reporting & insight

  • Run health at a glance. Success rate, failures, and activity trends over your chosen window.
  • Activity breakdowns. See what's happening by action type and which projects are busiest.
  • Real data. Every figure is computed from your own tenant's runs and audit activity.
security audit
0

Security audit

  • Scored findings. Pass / warn / fail checks weighted by severity into a clear score and grade.
  • Actionable remediation. Every finding comes with a specific fix, not just a flag.
  • Host checks. Run safe, read-only security checks against your hosts through the agent.
agent · outbound only
portal
agentcontrol node
firewall · no inbound

Remote agent

  • Firewall-friendly. The agent dials out. Nothing needs to be exposed to the internet.
  • Sandboxed execution. Runs are confined to an approved playbook directory on the agent host.
  • Self-updating. Agents update from a source you pin, with host allow-listing and version gating.

Technical specifications

Automation engines
Ansible, Terraform, OpenTofu, SaltStack
Scale
Thousands of hosts per project; structured results at any size
Agent connectivity
Outbound polling over HTTPS — no inbound ports or VPN
Agent platform
Runs on your Ansible control node; Python 3.6+
Terminal access
Recorded SSH sessions via the agent, with host-key verification
Audit trail
Append-only, SHA-256 hash-chained, integrity-verifiable
Access control
Built-in roles (viewer → org admin), scoped per project
Secrets
Encrypted credential & SSH key vault, scoped per host; admin-reveal
Cloud providers
AWS, Azure, GCP, Proxmox, VMware, Nutanix, Virtualizor
Reporting
Run, activity, and fleet dashboards over 7 / 30 / 90 days
Multi-tenancy
Isolated tenants with white-label branding
Results
Per-host, per-task outcomes parsed from JSON output