Credential Injection with Boundary and Vault

If you are standing up infrastructure and want to provide access to workloads, traditionally you do it through VPN, then once you are in the network, in many cases it is wide open. Sometimes you will have to get on a bastion host. Someone has to manage that host, secure it and separate credentials to access internal databases running in a private network. In a dynamic env, where infrastructure is created dynamically, how do you keep up with firewall policies to access those endpoints? Lastly, we want the connection to happen automatically to the endpoint service without necessarily giving the user the credentials underneath the hood. This has a number of advantages — if we can do this. To solve this, Boundary integrates with Vault for credential injection. In a zero trust world, it is the idea of moving towards identity-based controls as the source of all security.

If you are standing up infrastructure and want to provide access to workloads, traditionally you do it through VPN, then once you are in the network, in many cases it is wide open. Sometimes you will have to get on a bastion host. Someone has to manage that host, secure it and separate credentials to access internal databases running in a private network.

In a dynamic env, where infrastructure is created dynamically, how do you keep up with firewall policies to access those endpoints? Lastly, we want the connection to happen automatically to the endpoint service without necessarily giving the user the credentials underneath the hood. This has a number of advantages — if we can do this. To solve this, Boundary integrates with Vault for credential injection. In a zero trust world, it is the idea of moving towards identity-based controls as the source of all security.