HashiConf 2024 Now streaming live from Boston! Attend for free
Boundary
HCP administration

Introduction to HCP Boundary

  • 3min
  • |
  • HCP
  • Boundary
  • Terraform

The Getting Started tutorials gave you a tour of the Admin Console UI and examined different Boundary resources.

This sequence of tutorials demonstrates common resource management operations for HCP Boundary. Complete the tutorials in sequential order to create the complete set of resources shown in the diagram below.

Resources

Prerequisites

To complete this collection of tutorials, you need:

  • A Boundary binary in your PATH. This tutorial uses the 0.12.0 version of Boundary.

  • Terraform 0.13.0 or greater provides an optional workflow for these tutorials. The binary must be available in your PATH.

  • Access to an HCP Boundary instance.

  • A publicly accessible Ubuntu instance (for use as a target).

  • An ssh key-pair that can be used to authenticate with the Ubuntu instance.

    Ensure that you have a local copy of the private key. This tutorial collection references the private key stored at an example path of /Users/myuser/.ssh/ubuntu-private-key.pem

Note

Ubuntu is used in this tutorial for demonstration purposes only. You can follow this guide to create a publicly accessible EC2 instance to use for this tutorial. Ensure that you have access to the key pair used to provision the instance. This key will be used later on to access the instance.

To perform the tasks described in this collection, you need to have an HCP Boundary environment. Refer to the Getting Started tutorial to set up HCP Boundary.

Get setup

Start by authenticating to Boundary using the Cluster URL copied from HCP, and the Auth Method ID copied from the Admin Console UI. Export these values as environment variables, and then log in.

First, open a shell session and export the BOUNDARY_ADDR environment variable. Visit the Create a Boundary Instance on HCP tutorial if you need to locate this value.

$ export BOUNDARY_ADDR=<HCP-CLUSTER-URL>

Now export the BOUNDARY_AUTH_METHOD_ID environment variable. Visit the Getting Started with the Admin Console tutorial if you need to locate this value.

$ export BOUNDARY_AUTH_METHOD_ID=<PASSWORD-AUTH-METHOD-ID>

Now log in to Boundary by specifying the login name and password for the admin user for the HCP Boundary cluster. Visit the Getting Started on HCP tutorial for a reminder of how this user was set up. In the example below, the login name is admin. Enter password at the Please enter the password (it will be hidden): prompt.

$ boundary authenticate
Please enter the login name (it will be hidden):
Please enter the password (it will be hidden):
Authentication information:
  Account ID:      acctpw_VOeNSFX8pQ
  Auth Method ID:  ampw_wxzojlKJLN
  Expiration Time: Mon, 13 Feb 2023 12:35:32 MST
  User ID:         u_1vUkf5fPs9
The token was successfully stored in the chosen keyring and is not displayed here.

Next, the Manage Scopes tutorial demonstrates basic resource management and permissions modeling.

Collection Overview

HCP administration

 Next

Manage scopes with HCP