Documentation

Hashicorp Boundary

Suggest Edits

Overview

HashiCorp Boundary is an open-source solution that provides automated, secure, and identity-based user access to hosts and services across environments. It allows centralized administration and reduces the need for distributed, long-lived credentials by providing just-in-time access.

Entitle can manage roles and groups in HashiCorp Boundary organizations.

This page will provide you with instructions on how to integrate Entitle and HashiCorp Boundary.

General guidelines

👉🏼 In order to integrate HashiCorp Boundary with Entitle, you will need to set the following:

  • Provide Entitle with an admin's credentials.
  • Provide Entitle with your HashiCorp Boundary cluster URL.
  • Generate a password for the project you choose to integrate with Entitle.

Prerequisites

  • An admin account for HashiCorp Boundary.

Set up HashiCorp Boundary to work with Entitle

Stage 1: Get the server URL and admin credentials

  1. Log in to your HashiCorp Boundary cluster with an admin account.
  2. Copy the admin's username, password, and the cluster URL, as you will use it later.

Stage 2: Generate a password method ID

📘

Note

If you already have configured an authentication method in your Boundary tenant - you can skip this step and use the preconfigured password ID.

The password ID can be found in step 4 of this Stage.

  1. Within the selected org, click on the Auth Methods button.
  1. Click on the New button to the right, and then choose the Password auth method.
  1. Add an indicative name under the Name field, and click Save.
  1. Click on the newly created auth method, and copy the password ID, as you will use it later on.

Creating the integration in Entitle

All that is left to do is create an integration on the Entitle application.

  1. Log into Entitle and navigate to the ‘Integrations’ page.
  2. After clicking the ‘Add Integration’ button, type 'Hashicorp Boundary' in the Application field.
  3. Don’t forget to set ‘Save on’ correctly on your agent or Entitle’s cloud.
  1. Paste the admin's account username copied at Stage 1, step 2 into the admin field.
  2. Paste the admin's account password copied at Stage 1, step 2 into the password field.
  3. Paste your Boundary cluster URL copied at Stage 1, step 2 into the server field.
  4. Paste the password you created at Stage 2, step 4 into the generated_passed_method_id field.
  5. Example Configuration JSON: 
{
  "admin": "<ADMIN_ACCOUNT_USERNAME>",
  "password": "<ADMIN_ACCOUNT_PASSWORD>",
  "server": "http://BOUNDERY_DOMAIN>:<PORT>",
  "generated_passwd_method_id": "<PASSWORD_METHOD_ID>"
}
  1. Click ‘Save’, you are done!🎉

Updated about 1 month ago

What’s Next