Hashicorp, makers of Terraform, Consul and Nomad among others, have released version 0.1 of Boundary, a new software the implements zero trust access control. Promoted by Google under the name Beyond Corp the zero trust model does away with the classic concept of perimeter security and takes into account corporate users that need secure access from outside the corporate network.
With Boundary and similar solution access to systems and services is granted not based on the location of the user but their trusted identity. After connecting and authenticating against the Boundary service the user can connect to available resources based on the granted roles.
Boundary 0.1 enables authenticated and authorized TCP sessions to applications with role-based access controls (RBAC). Users can automate access management to dynamic targets with the Boundary Terraform provider, the API, or SDK. Boundary also supports monitoring and logging of session metadata. It can run on-premises, in the cloud, or in secure enclaves, and it does not require you to install an agent on target hosts.
Boundary is developed as an open source project. Next steps, according to Hashicorp, are adding OIDC authentication, Vault integration, and dynamic target catalogs pulled from HashiCorp Consul, AWS, Azure, and GCP.