Entitle Beam is an open-source CLI tool that provides secure, bastion-free access to AWS infrastructure resources within private VPC environments. It replaces traditional bastion host setups by leveraging AWS Systems Manager (SSM) Session Manager to establish connections to AWS resources without exposing infrastructure to the public internet. Beam addresses several common infrastructure access challenges: - Eliminates the need for exposed infrastructure or publicly accessible endpoints - Removes the operational complexity of SSH jump servers and certificate rotation - Provides an alternative to costly third-party ZTNAs or VPNs - Simplifies setup compared to native proxies such as Google IAP or Azure Bastion The tool is designed to connect users to AWS resources such as EKS clusters and RDS instances through SSM, without requiring a bastion host or complex network configuration. Beam handles SSM configuration automatically, reducing the setup burden typically associated with SSM Session Manager. It is built to remain compatible with dynamic and immutable infrastructure environments. Future support for additional platforms such as Google IAP is planned. The project is available on GitHub under an open-source license.