Boundary
Create a static credential store
You can manage credentials in Boundary using credential stores, which are resources that store credentials for various targets.
Static credential stores are built into Boundary and store static credentials like username password, username password domain, or keypairs.
Requirements
Ensure that you have an Org scope and a project scope created in your Boundary instance.
Configuration
Complete the following steps to create a static credential store:
Log in to Boundary
Select Orgs on the navigation pane.
Select your desired org.
Select the project to which your static credential store should belong.
Select Credential Stores on the navigation pane.
Select New Credential Store.
Provide a name for your credential store and select type Static.
Click Save. You now have a static credential store where you can store static credentials.
(Optional) If you have a static credential, you can add it into the static credential store. Static credential types can be a username password, username password domain, username private key, or JSON blob.
a. In your static credential store, click on the Credentials tab.
b. Click Manage, and then select New Credential from the pull down menu.
c. Complete the following fields to add static credentials to your static credential store:
- Name (optional) - The name is optional, but if you enter a name, it must be unique.
- Description (optional) - An optional description of the credential for identification purposes.
- Type - The type of static credential you want to add. Select between username password, username keypair, username password domain, or a JSON blob.
- Credential data - Depending on the credential type selected, enter the credential data.
d. Click Save.
Next steps
Once you have created a credential store, you can configure targets for credential brokering or credential injection. When you use credential brokering, Boundary centrally manages credentials and returns them to the user when they attempt to connect to a target. Credential injection requires HCP Boundary or Boundary Enterprise, and it provides end users with a passwordless experience when they connect to targets.
To learn more about what is supported for the RDP credential injection beta and to view known issues, refer to RDP credential injection compatibility.