In provisioning infrastructure for any environment, there is a need for users to securely access dynamic hosts and services – this is where the hashicorp boundary takes a great task up. Hashicorp is an open-source solution and has had several things that have made it evolve in the past years and boundary has to be one of them. It combines secure networking and identity management capabilities needed for brokering access to hosts and services all in one place across a mix of cloud and several on-premise resources. It is an open-source solution and helps with security management for several environments.
At this point, Flugel provides you with the best strategies for approaching cloud challenges and activities. By the end of this tutorial, you will understand the best way of setting up a boundary on development mode while using terraform. Enough of the theoretical banter, let’s get our hands a bit in the dirt.
Prerequisites
Launch The Steps
1.Start boundary development mode with necessary authentication details (you can use any details that suit you for your use case). It takes at least 3 minutes to be up and running; endeavour to use your own name and password.
2.Access another tab or a new terminal window before doing this. Authenticate the boundary dev access with the command below:
Note: This step should create a special token, endeavour to keep it safe for future use.
3.Access the Admin console via this URL http://localhost:9200/
Setting Up Production Environment
This begins the installation of the production environment and should be taken with care because it has great effects on the overall infrastructure.
4.Get to the terminal and Install go 1.15 or later with the command below
Note: You may be required to put in your machine password as the root user, please respond accordingly.
5.Install terraform environment in your local machine but for the purpose of this tutorial, I’d install homebrew on my Ubuntu. To check more details on homebrew, look here while for the terraform installation, check here.
6.Download the binary and place it on the default location that the installed terraform environment expects to be stored. The command for this is:
7.Clone the boundary reference repository.
8.You need to access the aws environment.
9.Execute the terraform operations with the following commands:\
Meanwhile, this may take about 16-20 minutes so get a cup of coffee and watch your infrastructure provision on AWS.
10.Check if the controller and worker are running by doing ssh access into the different EC2 instances created via Terraform.
Boundary Authentication and Access
11.Next, you need to authenticate to the boundary environment using the CLI via the format below:
12.Access the web interface using the boundary address assigned in step 11 then login with the created user.
13.Create a project called “Infrastructure-Project”.
14.Create a host catalog that contains a hostset. Assuming we say the hostset is a set of relational databases, we intend to access an external user.
15. Add some hosts to the host set through the hostset tab.
16. Create a target that points to the hostset created in the previous step. In case you need to generate some sort of report, this would help in getting that done.
17. Copy the target ID for future use.
18. Remotely connect to the target using the required details in the syntax shown:
19.Optional (Should in case you want to pass the usual flags like boundary connect ssh then you can add “–” to the end of the command used in the previous step. In clear face:
Now, remember, this article is not only for experts in the software space, even newbies could hop in and learn a lot and that is why I try to make everything clear both in layman and professional terms, so if you have any questions, shoot or you can also reach out to us.
<iframe src=”https://giphy.com/embed/BASTl8qVYWZnG” width=”480″ height=”266″ frameBorder=”0″ class=”giphy-embed” allowFullScreen></iframe><p><a href=”https://giphy.com/gifs/yey-BASTl8qVYWZnG”>via GIPHY</a></p>
The road to setting up a boundary development environment as well as testing is not for the faint of heart. However, it is pretty easy following the how-to guide shown above. It is one of the best ways to become more secure and compliant and a very good place to start your journey. Once you have completed the setup not only will you be able to assure your customers, clients, and your own stakeholders that their data is secure, but you will be on your way to compliance.
2018, Cryptoland Theme by Artureanec - Ninetheme