What is HCP Boundary?
HashiCorp Boundary provides an easy way to securely access critical systems with fine-grained authorizations based on trusted identities. Boundary on the HashiCorp Cloud Platform provides a fully managed, single workflow to securely connect to hosts and critical systems across Kubernetes clusters, cloud service catalogs, and on-premises infrastructure.
Identity-based access controls for dynamic environments
Use SSO to manage on- and off-boarding users and IDP integrations to streamline access controls
Secure remote access beyond the traditional network perimeter
Automated workflows to discover targets and proxy access and broker credentials to infrastructure wherever it resides
Compliance without the overhead
Ensures access control, visibility, and session control capabilities regardless of user or operators’ infrastructure
How it works
Authenticate & authorize based on trusted identities
Authenticate into Boundary with any trusted identity provider and authorize access based on granular, logical roles and services.
Scale secure remote access in minutes with Terraform
Get up and running quickly with Boundary Terraform provider to configure logical permission boundaries, users, and targets.
Securely connect to infrastructure targets no matter where they reside
Manage dynamic infrastructure and integrate service registries so hosts and service catalogs are kept up-to-date.
Manage host catalogs and targets across clouds for users to access
At runtime, Boundary ensures that all targets are updated from configured providers or service registries and then serves as a proxy for users.
Access targets without exposing the network or secrets
Reduce risk of leaking credentials with dynamic secrets and just-in-time credentials for credential brokering via Vault.
Short-lived credentials for sessions through Boundary with Vault
Integrate with Vault to check out short-lived credentials, revoke them once a session is terminated, and rotate dynamic secrets.
Fully-managed secure access made easy
Get up and running on HCP Boundary on day 1 and leave hosting, software updates, resiliency, and on-call support, to us.
Scale secure access in dynamic environments
Automate and scale secure remote access by defining access controls around logical services instead of IP-based access policies.
Best-in-class developer experience
Standardized access workflows, streamlined user experience, automated target discovery, and integration with Vault.
Access critical infrastructure without exposing the network
Boundary is an identity-aware proxy so that users can authenticate into Boundary to access critical target systems without needing to expose credentials or the network