I’ve gone through the excellent tutorial to demo Boundary.
I also see on the roadmap the following about “Just-in-time access”:
A just-in-time access posture will be enforced at multiple levels within Boundary. Upcoming releases will offer integration with Vault or your preferred secret management solution of choice to generate ephemeral credentials for Boundary sessions.
It seems that leveraging Vault’s SSH Signed Certificates (for both host key signing and client-side host verification) so that not only do I not need to push around individual SSH certificates but I can use the zero trust model that Boundary provides would be really powerful.
Am I reading your roadmap correctly in that this is just the sort of Vault integration you’re planning?
If so, is there any published timeline as to when we can take this for a spin?