Understanding Infrastructure Deployment

I’m having a little bit of a hard time understanding how the infrastructure is supposed to be set up.

Let’s say I have one AWS account with Boundary, and I want to use that Boundary deployment to connect to some remote AWS account.

From my understanding, this is how a very very basic deployment might look like, right?

Boundary_basic771×611 20.6 KB

Basically the client connects to a controller in a public subnet, which does identify verification, and establishes a connection with a worker in the other AWS account in a public subnet. That connection is returned to the client who uses it to connect directly to the worker and to the target.

I’m a little uneasy on this, as you would need to put both the controller and workers in public subnets open completely to the public. You wouldn’t be able to protect them with any sort of Layer 4 Security Groups since the client can be any IP. Is this really secure?

Is Boundary essentially just a jump box with an identity provider and specific session management? That’s my understanding so far.

Hi Brandon,

Yes, your architecture looks correct to me (as someone who is also experimenting right now).

I understand your hesitance, but accepting 0.0.0.0/0 inbound would also be required for a traditional jump box or a VPN server - if the users of these access methods could be anywhere in the world.

Whilst Boundary can easily be made more secure than a traditional jump box (yes, I see the similarity too), there’s no magic for getting around a global user base requiring access from global IPs.

Thanks,
Chris.