Boundary
Create a static credential store
You can manage credentials in Boundary using credential stores, which are resources that store credentials for various targets. Static credential stores are built into Boundary and only store static credentials like username and password or keypairs.
Requirements
Ensure that you have an Org scope and a project scope created in your Boundary instance.
Configuration
Complete the following steps to create a static credential store:
Log in to Boundary
Select Orgs on the navigation pane.
Select your desired org.
Select the project to which your static credential store should belong.
Select Credential Stores on the navigation pane.
Select New Credential Store.
Provide a name for your credential store and select type Static.
Click Save. You now have a static credential store where you can store static credentials.
(Optional) If you have a static credential, you can add it into the static credential store. Static credential types can be a username and password, username and private key, or JSON blob.
a. In your static credential store, click on the Credentials tab.
b. Click Manage, and then select New Credential from the pull down menu.
c. Complete the following fields to add static credentials to your static credential store:
- Name (optional) - The name is optional, but if you enter a name, it must be unique.
- Description (optional) - An optional description of the credential for identification purposes.
- Type - The type of static credential you want to add. Select between username and password, username and keypair, or a JSON blob.
- Credential data - Depending on the credential type selected, enter the credential data.
d. Click Save.
Next steps
Once you have created a credential store, you can configure targets for credential brokering or credential injection. When you use credential brokering, Boundary centrally manages credentials and returns them to the user when they attempt to connect to a target. Credential injection requires HCP Boundary or Boundary Enterprise, and it provides end users with a passwordless experience when they connect to targets.