What is our primary use case?
My main use case for HashiCorp Boundary is gaining access using a reverse proxy tunnel to all kinds of hosts and instances that I don't have a direct public connection to, mostly hosts and servers in my private office network and some cloud instances.
A quick specific example of how I use HashiCorp Boundary is that I have a local private VMware in my private office network with some lab servers, a domain controller, and all types of servers. I prefer the Boundary approach when I want to work from home or from a remote location rather than using the traditional VPN.
My main use case focuses on gaining access to private instances. I have multiple hosts and targets that I use, but they all share the same common logic.
What is most valuable?
The best features HashiCorp Boundary offers, in my opinion, include the reverse proxy approach, the relative ease of use, and the lightweight architecture. The fact that it supports both CLI and a desktop application is valuable. You can map targets to static ports and then use them with the connection managers for ease of use.
I find myself using the desktop application the most in my HashiCorp Boundary usage since I'm working on a Windows laptop, so the desktop application is the most convenient for me. The entire reverse proxy architecture allows me to use these use cases and gain the connections I need.
HashiCorp Boundary has positively impacted my organization by allowing me to give myself access in a more elegant and easier way to work, which also includes native SSH. I have the traditional VPN available, but I find that too much for what I need, and it locks my local internet connection and provides access to many other instances that I don't really need. HashiCorp Boundary is lightweight and very focused for my use.
Using HashiCorp Boundary has saved me time and made my workflow more efficient in the specific way that I can gain access to these private instances from anywhere. I use it daily because of this significant benefit. There are some missing or hopefully close roadmap items or features that will be added, but it is good enough for me at this point.
What needs improvement?
HashiCorp Boundary can be improved in a few ways. The RDP session connection was recently introduced, which was a long-time feature that everyone was waiting for. Improving the desktop client and making it more elegant, fast, and optimized would be beneficial. I saw that there are new features allowing credential injection to RDP sessions and other useful functionalities that were among the top features I was looking for. I haven't had the chance to try them yet, but I saw demos that they already exist. The role-based access and permission granting is a bit complex and not intuitive. I work by myself and don't have many users to manage, but when it comes to scale, there might be a better way to manage access.
The desktop app can be improved since it is slower than I would prefer, and session timeouts are a bit opaque. You don't really know how it's handling the session; sometimes the session ends and sometimes it's still alive. I find myself reactivating a session or needing to reconnect often. It could be more organized in that sense. A feature to close all active connections would help because currently, you have to go one by one and use the mouse to click on disconnect. If you have multiple sessions open, it might take some time because once you press cancel, you have to wait for a few seconds.
For how long have I used the solution?
I have been using HashiCorp Boundary since the first day it was launched, and I may have played with the beta as well, but I have been using it ever since it became available.
What other advice do I have?
The advice I would give to others looking into using HashiCorp Boundary is that if you're a developer or a technical person or use mostly Linux machines and terminals, HashiCorp Boundary can be a game changer in the remote access context. Recently, with the RDP recordings and other features, it might be a game changer for Windows users too. Even though if you're mostly in a Windows-based ecosystem, HashiCorp Boundary is still not fully designed for that. However, for a CI/CD environment that is always changing, growing, and scaling, HashiCorp Boundary is a real game changer.
Some users mention AI-driven governance such as automated policy enforcement or intelligent threat detection, but I mostly use the standard access management and security controls. AI agents and agentic workflows can utilize external connections via HashiCorp Boundary, which sounds interesting, but I can't really think of an easy way to set this up at this stage.
I haven't heard about any AI features built into HashiCorp Boundary, and it sounds really interesting. I would love to learn more about that. I think I have pretty good knowledge of this product, and I have never heard about specific AI capabilities that are built into the product.
I really believe in HashiCorp Boundary. I really appreciate it and have been working with it for some time now. Every time there is a new update or feature, I really take the time to investigate and learn about it. I think there is huge potential for this product. It's not fully implemented at this point, but I think it is going in the right direction, and the recent update with the RDP recording and other additions is a huge step forward. I would rate this product a seven out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?