Manage Boundary Community Edition resources
The Get started tutorials gave you a tour of the Admin Console UI and examined different Boundary resources.
This sequence of tutorials demonstrates common Boundary resource management operations. Complete the tutorials in sequential order to create the complete set of resources shown in the diagram below.
Prerequisites
To complete this tutorial, you need:
A Boundary binary in your
PATH
. This tutorial uses the 0.8.1 version of Boundary.Terraform 0.13.0 or greater provides an optional workflow for these tutorials. The binary must be available in your
PATH
.
To perform the tasks described in this collection, you need to have a Boundary
environment. Refer to the Getting
Started tutorial to install and
start Boundary in dev
mode.
Get setup
Start by running Boundary in dev
mode:
$ boundary dev==> Boundary server configuration: [Controller] AEAD Key Bytes: cXte2+fkVq/mnQ/VKO3cOL0bYQZKqJsQhWgPLvX9VsY= [Recovery] AEAD Key Bytes: XGcczs8FJ7lIwd8PQJaP34go/ILiPIeMs+7anHkK+vE= [Worker-Auth] AEAD Key Bytes: Y9A1Gw4Ja+IJbFtuGTSXLIw3L+aEPcwEpN+/lRqvWIQ= [Recovery] AEAD Type: aes-gcm [Root] AEAD Type: aes-gcm [Worker-Auth] AEAD Type: aes-gcm Cgo: disabled Controller Public Cluster Addr: 127.0.0.1:9201 Dev Database Container: bold_heisenberg Dev Database Url: postgres://postgres:password@localhost:55001/boundary?sslmode=disable Generated Admin Login Name: admin Generated Admin Password: password Generated Host Catalog Id: hcst_1234567890 Generated Host Id: hst_1234567890 Generated Host Set Id: hsst_1234567890 Generated Oidc Auth Method Id: amoidc_1234567890 Generated Org Scope Id: o_1234567890 Generated Password Auth Method Id: ampw_1234567890 Generated Project Scope Id: p_1234567890 Generated Target Id: ttcp_1234567890 Generated Unprivileged Login Name: user Generated Unprivileged Password: password Listener 1: tcp (addr: "127.0.0.1:9200", cors_allowed_headers: "[]", cors_allowed_origins: "[*]", cors_enabled: "true", max_request_duration: "1m30s", purpose: "api") Listener 2: tcp (addr: "127.0.0.1:9201", max_request_duration: "1m30s", purpose: "cluster") Listener 3: tcp (addr: "127.0.0.1:9203", max_request_duration: "1m30s", purpose: "ops") Listener 4: tcp (addr: "127.0.0.1:9202", max_request_duration: "1m30s", purpose: "proxy") Log Level: info Mlock: supported: false, enabled: false Version: Boundary v0.8.0 Version Sha: 9b48dbc2fd4f9a9f0bda4ca68488590f681dbd9e+CHANGES Worker Public Proxy Addr: 127.0.0.1:9202 ==> Boundary server started! Log data will stream in below: { "id": "QH3NNVS84T", "source": "https://hashicorp.com/boundary/dev-controller/boundary-dev", "specversion": "1.0", "type": "system", "data": { "version": "v0.1", "op": "github.com/hashicorp/boundary/internal/observability/event.(*HclogLoggerAdapter).writeEvent", "data": { "@original-log-level": "none", "@original-log-name": "aws", "msg": "configuring client automatic mTLS" } }, "datacontentype": "text/plain", "time": "2022-04-19T13:38:37.377958-06:00"} ...... More output ......
Note
If you plan on using Terraform to configure Boundary, copy the
[Recovery]
key generated by boundary dev
. In the example above this key is
XGcczs8FJ7lIwd8PQJaP34go/ILiPIeMs+7anHkK+vE=
.
Next, the Manage Scopes tutorial demonstrates basic resource management and permissions modeling.