Introduction to HCP Boundary
The Getting Started tutorials gave you a tour of the Admin Console UI and examined different Boundary resources.
This sequence of tutorials demonstrates common resource management operations for HCP Boundary. Complete the tutorials in sequential order to create the complete set of resources shown in the diagram below.
To complete this collection of tutorials, you need:
A Boundary binary in your
PATH. This tutorial uses the 0.9.0 version of Boundary.
Terraform 0.13.0 or greater provides an optional workflow for these tutorials. The binary must be available in your
Access to an HCP Boundary instance.
A publicly accessible Ubuntu instance (for use as a target).
An ssh key-pair that can be used to authenticate with the Ubuntu instance.
Ubuntu is used in this tutorial for demonstration purposes only. You can follow this guide to create a publicly accessible EC2 instance to use for this tutorial.
To perform the tasks described in this collection, you need to have an HCP Boundary environment. Refer to the Getting Started tutorial to set up HCP Boundary.
Start by authenticating to Boundary using the Cluster URL copied from HCP, and the Auth Method ID copied from the Admin Console UI. Export these values as environment variables, and then log in.
First, open a shell session and export the
BOUNDARY_ADDR environment variable.
Visit the Create a Boundary Instance on HCP
tutorial if you need to locate this value.
$ export BOUNDARY_ADDR=<HCP-CLUSTER-URL>
Now export the
BOUNDARY_AUTH_METHOD_ID environment variable. Visit the Getting Started
with the Admin Console tutorial if you
need to locate this value.
$ export BOUNDARY_AUTH_METHOD_ID=<PASSWORD-AUTH-METHOD-ID>
Now log in to Boundary by specifying the login name and password for the
admin user for the HCP Boundary cluster. Visit the Getting Started on
HCP tutorial for a reminder of how this
user was set up. In the example below, the login name is
Please enter the password (it will be hidden): prompt.
$ boundary authenticate Please enter the login name (it will be hidden): Please enter the password (it will be hidden): Authentication information: Account ID: acctpw_VOeNSFX8pQ Auth Method ID: ampw_wxzojlKJLN Expiration Time: Mon, 13 Feb 2023 12:35:32 MST User ID: u_1vUkf5fPs9 The token was successfully stored in the chosen keyring and is not displayed here.
Next, the Manage Scopes tutorial demonstrates basic resource management and permissions modeling.