Skip to main content
HashiTalks 2025 Learn about unique use cases, homelab setups, and best practices at scale at our 24-hour virtual knowledge sharing event. Register

Features

Boundary grows with your evolving needs

Boundary product image

Manage user access with a cloud-centric, DevOps approach

Whether you’re starting with securing user access to infrastructure and leveraging static secrets, or are ready to provide more advanced session and credentials management, Boundary helps you grow and scale infrastructure across any environment.

Adopt secure user access workflows

Simplify user access workflows and provide least privileged access to resources and systems.

  • Authenticate and authorize using trusted identities

    Leverage trusted identity providers such as OKTA, Ping, and Azure Active Directory to enable single sign-on access and authorize access based on roles and logical services.

  • Secure and automate user access

    Streamline end-user access to infrastructure endpoints (i.e. SSH, RDP, databases, and kubectl) through a secure TCP/IP connection. Establish least privilege access to target systems for each user or group based on roles.

  • Session management

    Gain visibility into all active sessions accessed by each identity. Use administrative control to automatically or manually terminate sessions.

  • Self-managed workers via secure proxy

    Reduce your attack surface by sending remote user connections through proxies residing within a secure network.

  • Simplify remote user access

    [Public beta] Transparent sessions let teams securely connect to infrastructure resources without changing their workflows or client tools. No need to learn new tools or processes, or choose between security and speed: authorized users can securely connect to their desired target resources in one step.

  • Credential management

    Centrally store, access, and deploy key/value credentials across applications, systems, and infrastructure.

Standardize best practices across your organization

Provide shared services for your teams and enhance compliance and governance.

  • Automate with Terraform

    Deploy and configure Boundary resources provisioned by Terraform using existing Terraform workflows.

  • Advanced credential management using Vault and Boundary

    Integrate with Vault secrets engines to generate, store, access, and expire credentials on demand. Use Boundary to inject single-use, dynamic credentials into remote hosts without exposing them to end users.

  • Audit logs

    Enable visibility into configuration changes, logs, and traces with the ability to export data to business intelligence and event monitoring tools.

  • Session recording

    Record all activities within a user session and play back sessions in the event of a threat incident.

  • Approvals workflow

    Integrate with partners to allow just-in-time requests and approvals for time-bound access using popular platforms like PagerDuty, Service Now, and Slack.

  • Enable key lifecycle management

    Supports various key management systems to secure and encrypt data at rest. Manage encryption key lifecycles with key rotation and versioning features.

Enhance your security posture to limit your security risk

Scale for self-service, visibility, and adoption.

  • Multi-hop sessions

    Connect into complex network topologies through reverse-proxies that allow users to securely access locked-down resources on a time-limited basis.

  • Dynamic host catalogs

    Integrate with AWS and Microsoft Azure to automatically update and maintain a consistent list of available hosts in Boundary’s catalog.

  • Multi- and hybrid cloud

    Provide the same consistent user workflow connecting to target systems in any private or public cloud.

Integrate with your existing workflows

OktaAzure

Integrate with IDP of choice

Boundary easily integrates with your IDP, including Azure AD, Okta, and many others that support OIDC.

Vault

Integrate with Vault secrets management

Leverage Vault to broker short-lived secrets to Boundary targets for use in sessions.

Common use cases for Boundary

  • SSH access

    Simplify, secure, and streamline remote SSH access based on a user’s identity through your IDP. Remote user access is provided only to machines authorized by administrators rather than the entire network. Automated time-bound credentials on the remote users’ behalf provide a seamless and passwordless experience.

  • Windows RDP access

    Secure remote access on any TCP connection, including access to Windows machines over Remote Desktop Protocol (RDP). This gives remote users just-in-time access with time-bound credentials that don’t need to be stored on their local machines. All sessions can be monitored, logged, and terminated by a central administrative team.

  • Database access management

    Keep remote user access consistent, secure, time-bound, and least-privileged. Use single sign-on to minimize risks associated with storing long-lived credentials across different databases, machines, and clouds. Plus, improve governance by monitoring and auditing all sessions.

Get started with Boundary

Boundary uses identity to secure remote access to hosts and services across any environment. Get started for free and pay only for what you use.