HashiCorp Boundary 0.14, with an embedded terminal in the desktop client and LDAP GA support, is now available for download as well as for use on HCP Boundary.
HashiCorp Boundary, a modern privileged access management (PAM) offering for cloud-driven environments, provides just-in-time access to infrastructure without requiring end users to manage IP addresses or credentials. Boundary also ensures an organization’s infrastructure is secure and compliant by using identity driven controls and ensuring least-privilege access, session and credential expiration, and session recording. These new capabilities help organizations streamline their user workflow as they leverage a cloud operating model for secure remote access.
Boundary 0.14, which we are announcing today at HashiConf, adds important new functionality, including:
Here’s a closer look at the new capabilities:
Almost two years ago, we launched Boundary Desktop, an easy way for end users to securely establish sessions to machines across their environment. Since then, we’ve been working hard to add important new features, like SSH credential injection and session recording.
Boundary 0.14 includes our biggest update yet to Boundary Desktop: an embedded terminal. Our goal with Boundary Desktop is to centralize the experience of connecting to a resource for any type of user. The embedded terminal provides a seamless, end-to-end experience that guides users into securely establishing sessions. This new experience reduces steps and decreases the risk of human error when connecting to desired resources.
If your users prefer to use their own clients to establish connections rather than the embedded terminal in the Boundary Desktop, you can still establish sessions just as you did before, but now there’s additional helper information available directly in Boundary Desktop.
We’re excited to share the embedded terminal with the Boundary community. The embedded terminal works with any edition of Boundary and can be used with both TCP and SSH targets. To get started, download the latest Boundary Desktop binary.
Boundary 0.13, released in June, included an LDAP auth method in beta supported in the CLI, API, and HashiCorp Terraform provider. This allows users to set up and manage LDAP-based auth methods, adding a third auth method to the existing username/password and OIDC authentication options.
In Boundary 0.14, we are bringing full admin UI and Boundary Desktop client support for LDAP auth methods, allowing users to more seamlessly log in with LDAP as their primary auth method. To get started with LDAP authorization, check out our documentation.
With the release of SSH session recording in Boundary 0.13, we introduced storage buckets, a Boundary resource used for securely storing recorded sessions, scoped to support Amazon S3 with access keys. In Boundary 0.14, we're enhancing storage bucket support by allowing AWS administrators to utilize AssumeRole authentication when configuring their storage bucket, strengthening security by removing the need for static, potentially long-lived credentials in your Boundary environment.
We are excited for users to try the new Boundary features landing in 0.14, which make it even easier for users to securely connect to their resources. Administrators have the option to deploy a HashiCorp-managed Boundary cluster using the HashiCorp Cloud Platform (HCP) or a self-managed Boundary cluster. Here’s how to get started:
If you’re attending AWS re:Invent in Las Vegas, Nov. 27 - Dec. 1, visit us for breakout sessions, expert talks, and product demos to learn how to accelerate your adoption of a cloud operating model.
See a potential method for securing application content and components hosted within Kubernetes using Boundary as an alternative to ingress controllers.
From AI to the edge, HashiCorp Co-Founder and CTO Armon Dadgar shares his insights on where the cloud is headed, and what that means.