HashiCorp Boundary 0.7 Brings New Automated Host Discovery

We are pleased to announce the release of HashiCorp Boundary 0.7 and the release of Boundary Desktop 1.4. Boundary provides identity-based secure remote access for dynamic infrastructure. Key features and improvements added since the release of Boundary 0.6 in September include:

• Dynamic host catalogs: Dynamically connect any service registry (first supported for Microsoft Azure and Amazon Web Services) so that hosts and host catalogs are always up-to-date.
• Plugin support: Initial support for partner plugins via go-plugin.
• Managed groups in admin console: Managed groups are a special type of IAM group based on external identity provider (IdP) metadata. Managed groups are now automatically populated using an administrator-defined filter.
• Resource filtering UI: Users may now filter auth method and session resources in the admin console and Boundary Desktop.

»Dynamic Host Catalogs

Release 0.7 realizes a key component of our vision for Boundary by enabling automated discovery of target hosts and services. This release of Boundary includes the ability to dynamically connect any service registry (currently supported for Azure and AWS) so that hosts and host catalogs are up-to-date.

Secure and simple remote access with Boundary

This critical workflow offers access-on-demand and eliminates the need to manually configure targets for dynamic, cloud-based infrastructure. The ability to dynamically update host catalogs for connecting to targets is an important differentiator from traditional access methods that rely on manual configurations. Check out our dynamic host catalog learn guide to get started.

»Initial Plugin Support for Private Partners

Dynamic host catalogs are especially significant because they are Boundary’s first editions of partner plugin integrations, enabled via go-plugin. While this initial release of Boundary plugins is limited to dynamic host catalogs, the new functionality opens the door to a future ecosystem of pluggable partner-and-community-contributed integrations across each step in the Boundary access workflow. Our initial support for dynamic host catalog plugins is limited to private contributions from partners. You can learn more about configuring plugins for your Boundary environment here.

»Admin Console Support for Managed Groups and Resource Filtering

Managed groups allow the population of Boundary groups based on external identity provider (IdP) metadata. This feature allows users of our Open ID Connect (OIDC) authentication method to automatically create groups based on user permissions maintained by an OIDC IdP.

Boundary 0.7 introduces the ability to create and manage managed groups via Boundary’s administrator console. This is in addition to existing CLI and HashiCorp Terraform support for managed groups. To learn more about OIDC authentication methods and creating OIDC managed groups, see these two Boundary Learn guides: OIDC Authentication and Managing OIDC IdP Groups.

In addition to our managed group UI enhancements, Boundary’s admin console now supports resource filtering for sessions and auth methods, and Boundary Desktop supports resource filtering for sessions. This simplifies the experience of navigating your identity resources, especially when using Boundary at scale. Future releases will further enhance UI filtering capabilities for other resource types.

Session filtering in Boundary Desktop

Creating managed groups in the Boundary admin console

»Upgrade Details

Boundary 0.7 introduces significant new functionality. Please review Boundary’s general upgrade guide and release notes for details.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any issues, please report them on the Boundary GitHub issue tracker or post to the Boundary discussion forum. As a reminder, if you believe you have found a security issue in Boundary, please responsibly disclose it by emailing security@hashicorp.com — do not use the public issue tracker. Our security policy and our PGP key can be found on the HashiCorp security page.

We hope Boundary 0.7 simplifies access management for your team!