HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Boundary Home

App Developer

App Developers typically require view only or limited access to Boundary. They use the Boundary Desktop Client or CLI to access targets and databases.

Responsibilities

App Developers may be responsible for some or all of the following tasks.

Access targets

Tasks may focus on onboarding and local environment configuration to access targets:

  • Authentication - Sign in to specific org scopes using the Desktop Client or CLI to view the authorized resources.
  • Target selection - Browse or query the list of available targets within the assigned projects using the Desktop Client or CLI.
  • Connection - Initiate a connection to a remote target through Boundary to work on the resource.
  • Session management - Monitor or list active connections and disconnect.
  • Alias - List aliases that point to resources that use transparent sessions.

Example role

Boundary's permissions model lets you create custom roles and permissions tailored for your organization's specific needs. The following example role is based on common Boundary use cases and management needs for App Developers.

You can use the permissions below to create a role, or you can use them as a starting point and modify them to meet your specific needs.

User

The User can connect to targets by creating sessions. They have the ability to view and cancel their own sessions. This role is a basic-end user role intended for accessing protected resources. Users are frequently developers, database administrators, end users requiring server access, or support staff.

Use cases include:

  • Connecting to targets
  • Viewing session information
  • Canceling sessions

We recommend the following permissions for Users, assigned at the org or project scope level.

ids=*;type=target;actions=authorize-session,read,list

ids=*;type=session;actions=read:self,cancel:self
DescriptionGrants
Authorize a session, read and list targets
Read and cancel sessions associated with the user

More information

To view other example roles based on common Boundary use cases, refer to Example roles.

Next steps

  1. To create scopes that logically group your resources, refer to Create scopes to group resources.
  2. To configure roles and grant scopes for users and groups, refer to Manage access with roles.
  3. To manage access to resources dynamically, refer to Manage principals and Filter managed groups.
Edit this page on GitHub