The release notes below contain information about new functionality available in the Boundary v0.10.0 release. To see a granular record of when each item was merged into the Boundary project, please refer to the Changelog. To learn about what Boundary consists of, we highly recommend you start at the Getting Started Page.
Lastly, for instructions on how to upgrade an existing Boundary deployment to v0.10.0, please review Boundary's general upgrade guide.
Boundary v0.10.0 Highlights
Credential Management of SSH Keys: Boundary 0.10 includes enhancements to credential management, including added support for management of SSH private keys.
SSH Brokering Helper Function: We’ve expanded support for the SSH brokering helper function that allows users to seamlessly connect to machines remotely without having to manually enter their brokered credentials.
Enhanced IAM Workflows in the Boundary Admin UI: Boundary 0.10 introduces enhanced IAM associations to Boundary’s Admin UI, allowing users to expand IAM associations in a project scope to resources such as group members and principals that reside in other scopes.
SSH Credential Injection via Password and Public Key Authentication: HCP Boundary now supports SSH Credential Injection, an active method of injecting credentials into an established connection, so that credentials are never exposed to users. Learn more here.
sshTarget Type With Credential Injection (HCP Boundary only): Boundary has gained a new
sshtarget type. Using this type, username/password or SSH private key credentials can be sourced from
vaultcredential libraries or
staticcredentials and injected into the SSH session between a client and end host. This allows users to securely SSH to remote hosts while never being in possession of a valid credential for that target host.
- SSH Private Key Credentials: There is now an
ssh_private_keycredential type that allows submitting a username/private key (and optional passphrase) to Boundary for use with credential injection or brokering workflows.
boundary connect sshCredential Brokering Enhancements: we have extended support into the
boundary connect sshhelper for brokered credentials of
ssh_private_keytype; the command will automatically pass the credentials to the
boundary accounts: Enables use of
file://syntax to specify location of a password
For more detailed information of all changes since 0.9.0, please refer to the Changelog