Skip to main content
Demo

Demo: A self-service access management solution with GitHub and Boundary

Published 2:00 PM UTC Nov 18, 2024

See a working solution that can unified access management for all resources, abstracting away network architecture and secrets management.

Mattias Fjellström, a Cloud Architect from Solidify and prolific blogger, rightly believes that the IT world (and the world in general) has a cognitive overload problem with regard to access management.  It comes in two forms:

  1. Portals: Chat, wikis, ticketing, cloud portals, secrets management

  2. Networks: Multiple on-premises environments, multiple cloud vendors and services, requesting ports for specific firewalls

A solution needs to give unified access to all or most of these things while improving security.  One of the big issues in access management is that sometimes people are managing their own credentials and passwords badly or manually. Credentials are too long-lived because it's a pain to rotate them.

Traditional access solutions like VPNs, bastion servers, jumpboxes, or bloated PAM solutions built before the era of cloud, either give too much access or aren’t nimble enough to automate access path generation at the scale and frequency that’s needed in modern, ephemeral, immutable infrastructure environments.

»The ideal solution

The ideal solution for these issues should

  • Unify access management: Many portals and networks, one access workflow

  • Allow self-service: Access requests should be fast and automated, and faster after the first time when the user has a granular profile for what they should and shouldn’t access.

  • Abstract away the network architecture: The user shouldn’t need to know how things are connected around the network in order to access the right things.

  • Abstract away secrets: Users shouldn’t have to dig through a password vault or key vault to find the right credentials for access to a particular item.

»A self-service access management solution using HashiCorp Boundary

In this video, Mattias will walk through a real workflow using a solution he’s built with GitHub as the frontend and HCP Boundary as the remote access backend platform. The demo will also use HashiCorp Terraform for provisioning infrastructure related to this solution and HashiCorp Vault will handle the automated secrets management and encryption.

See the blog version of this demo with a few more details to go with the visuals in the video.

More resources like this one

1/20/2023FAQ

Introduction to Zero Trust Security

12/31/2022Presentation

Development Labs on Multi-Arch and Multi-OS environments

12/31/2022Presentation

Acesso Seguro e Unificado a ambientes de dados com Boundary

12/20/2022Presentation

Secure Remote Access with HCP Boundary

View all resources