Boundary Home

Boundary Documentation

Boundary is designed to grant access to critical systems using the principle of least privilege, solving challenges organizations encounter when users need to securely access applications and machines. This documentation covers the main concepts of Boundary and its architecture.

  • API

Fundamentals

  • Deploy HCP Boundary
    How to deploy HCP Boundary services and login for the first time.
  • Connect to a Target
    Connecting to a target securely through Boundary.
  • Boundary Domain Model
    Understand the Boundary's domain model that allows administrators to organize IAM (Identity and Access Management) and target resources.
  • Boundary Configuration
    Use HashiCorp Configuration Language (HCL) to configure Boundary controllers and workers.

Boundary Security Model

Understand Boundary's security norms. Learn how permissions, identity, and target security are handled within the Boundary product.

  • Permissions
    Boundary's permissions model is a composable, RBAC, allow-only model that attempts to marry flexibility with usability.
  • Data Security
    Boundary secures data at rest.
  • Connections
    Boundary ensures its connections are secure via TLS.

Filtering

A quick reference to the filtering syntax used in Boundary.

  • OIDC Managed Groups
    Configure filters for managed groups within the OIDC auth method.
  • Resource Listing
    Use filters to list resources to further narrow down the list operation.
  • Worker Tags
    Use worker tags and filters to control which workers are allowed to handle a given target.
  • Event Filtering
    Learn how to filter events emitted by Boundary.