HashiCorp Boundary enables simple and secure access to dynamic infrastructure by:
Identity-based access controls: Streamline just-in-time access to privileged sessions (e.g. TCP, SSH, RDP) for users and applications. Tightly control access permissions with extensible role-based access controls.
Access Automation: Define your perimeter of resources, identities, and access controls as code through Boundary's fully-instrumented Terraform Provider, REST API, CLI, and SDK. Automate the discovery of new resources and enforcement of existing policies as resources are provisioned.
Session Visibility: Security administrators gain monitor and managed the privileged sessions established with Boundary. Export session logs to your analytics tool of choice.
Getting Started with Boundary
Start a Development Environment
Boundary can run in a dev mode which is an all-in-one installation method for getting started with Boundary quickly. The dev mode is not a production installation but useful for experiment with Boundary locally.
Boundary dev mode starts:
- A controller server
- A worker server
- A Postgres database
Check the help message for
boundary dev command.
boundary dev -h
There are a number of optional parameters available, but for now, start a dev server with default configurations.
boundary dev -api-listen-address=0.0.0.0:9200
==> Boundary server configuration: [Controller] AEAD Key Bytes: MLOunPBTyqFIrfvuftSFKYns+7d1OJIvYh3x3+vajXc= [Recovery] AEAD Key Bytes: rUoYQrfgqBPpcsBm1C175oH3kGtq7q1ICVpFWGfrvGo= [Worker-Auth] AEAD Key Bytes: qBoyf0BqflM9rA/v+wGosGloM6xI+6UlsDaiBjKVCEY= [Recovery] AEAD Type: aes-gcm [Root] AEAD Type: aes-gcm [Worker-Auth] AEAD Type: aes-gcm Cgo: disabled Dev Database Container: epic_satoshi Dev Database Url: postgres://postgres:[email protected]:32768?sslmode=disable Generated Auth Method Id: ampw_1234567890 Generated Auth Method Login Name: admin Generated Auth Method Password: password Generated Host Catalog Id: hcst_1234567890 Generated Host Id: hst_1234567890 Generated Host Set Id: hsst_1234567890 Generated Org Scope Id: o_1234567890 Generated Project Scope Id: p_1234567890 Generated Target Id: ttcp_1234567890 ...snip...
Notice the following default configurations:
- Generated Auth Method Id:
- Generated Auth Method Login Name: admin
- Generated Auth Method Password: password