Announcing HashiCorp Boundary 0.3
The latest release of HashiCorp Boundary includes managed groups and OIDC configuration improvements, while Boundary Desktop is now available on Windows.
We are pleased to announce the release of HashiCorp Boundary 0.3 and the Windows release of Boundary Desktop 1.1. Boundary provides identity-based access management for dynamic infrastructure. Boundary 0.3 includes several key features and improvements:
- Boundary Desktop for Windows: Boundary Desktop gives users the ability to connect to remote targets and view active session details. Boundary Desktop is now available for both Windows and MacOS.
- Managed groups: Allows Boundary group memberships to be managed based on external identity provider (IDP) metadata.
- OIDC configuration improvements: Administrators can now configure Boundary authentication from OIDC identity providers in the Boundary admin console.
» Boundary Desktop for Windows
Boundary 0.3.0 includes a new variant of our desktop client that is compatible with Microsoft Windows operating systems. This variant is exactly the same in terms of feature parity with our existing macOS desktop client, and provides our Windows users the same ease-of-use for starting, stopping, and observing sessions from one easy graphical interface.
To download the new Boundary Desktop client for Windows, navigate to our releases page to download our Windows-specific installation. Documentation for installing on Windows has also been added to our documentation site.
» OIDC Workflows in the Administrator Console
In Boundary 0.2.0 we released a new OIDC (OpenID Connect) authentication method. This authentication method allows users to integrate Boundary with existing identity systems such as Microsoft Azure Active Directory, AWS Identity and Access Management (IAM), and popular single sign-on services like Okta and Auth0. Configuration of the OIDC authentication method had been available only via the command line or through our Terraform provider. Boundary 0.3.0 includes the ability to configure OIDC authentication methods through our graphical administrator interface. This provides another option when setting up OIDC authentication methods for users.
» Managed Groups
Managed groups allow the population of Boundary groups based on external IdP metadata. This feature allows users of our OIDC authentication method to automatically create groups based on the IdP they’re integrating with over OIDC.
We’re working hard on a new Learn guide for the managed groups resource, but in the meantime, you can read about how it fits into our domain model in our docs. Along with the Learn guide, be on the lookout for a new release of our Terraform provider that will include the managed groups resource in the next couple of weeks.
» Upgrade Details
Boundary 0.3 introduces significant new functionality. Please review Boundary’s general upgrade guide and Release Notes for details.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any issues, please report them on the Boundary GitHub issue tracker or post to the Boundary discussion forum. As a reminder, if you believe you have found a security issue in Boundary, please responsibly disclose it by emailing security@hashicorp.com — do not use the public issue tracker. Our security policy and our PGP key can be found on the HashiCorp security page.
We hope you enjoy Boundary 0.3.
Sign up for the latest HashiCorp news
More blog posts like this one
HashiCorp at re:Invent 2024: Security Lifecycle Management with AWS
A recap of HashiCorp security news and developments on AWS from the past year, for your security management playbook.
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.
Secure remote access to private HTTPS targets with HashiCorp Boundary
Learn how Boundary can act as a true VPN replacement by securing remote access to private HTTPS endpoints with transparent sessions.