Skip to content

README.md

Latest commit

 

History

History
175 lines (119 loc) · 3.39 KB

README.md

File metadata and controls

175 lines (119 loc) · 3.39 KB

bndry

A friendly CLI for HashiCorp Boundary that makes SSH access simple. Connect to targets using friendly names instead of IDs, with Teleport-style user@target syntax.

bndry ssh kmendell@webserver-01

Features

  • Teleport-style SSHuser@target syntax for easy connections
  • Name-based access — no more hunting for ttcp_... IDs
  • One-command setupbndry add 10.0.0.5 creates everything automatically
  • Interactive workflows — smart prompts when you need them
  • Zero dependencies — uses the official Boundary Go SDK (no boundary CLI or jq required)

Installation

Homebrew

brew install ofkm/tap/bndry

Go Install

go install github.com/ofkm/bndry/cmd/bndry@latest

From Source

git clone https://github.com/ofkm/bndry.git
cd bndry
go build -o bndry ./cmd/bndry

Pre-built Binaries

Download from GitHub Releases

Quick Start

# 1. Login
bndry login

# 2. Add a target
bndry add 192.168.1.100 -n my-server

# 3. Connect
bndry ssh kmendell@my-server

Commands

bndry login

Authenticate with Boundary via OIDC.

bndry add <ip> [flags]

Quickly create an SSH target.

Flags:

  • -n, --name — Target name (auto-generated if omitted)
  • -p, --port — SSH port (default: 22)
  • -g, --group — Host set name
  • --no-connect — Don't auto-connect after creation

Example:

bndry add 10.0.0.5 -n webserver -p 22

bndry setup

Interactive guided setup for creating targets.

bndry setup

bndry ssh [user@]target

Connect to a target via SSH.

# Teleport-style with username
bndry ssh kmendell@webserver-01

# Use Boundary credentials
bndry ssh webserver-01

# Interactive selection
bndry ssh

# List all targets
bndry ssh list

# Inspect target
bndry ssh inspect webserver-01

bndry config

Manage configuration.

bndry config show  # Show config
bndry config path  # Show config file location
bndry config init  # Create new config

Configuration

Config file: ~/.config/bndry/config.yaml (or set BNDRY_CONFIG)

Create config:

bndry config init

Example config:

boundary_addr: https://boundary.example.com
oidc_auth_method_id: amoidc_1234567890
auth_token: at_token_here
default_project_scope_id: p_prod01
default_catalog_name: Homelab Static Hosts
default_host_set_name: linux-servers
default_role_name: linux-ssh-users
default_target_port: 22
default_create_role: true
default_connect_after_create: true

Environment variables (override config with BNDRY_ prefix):

export BNDRY_BOUNDARY_ADDR=https://boundary.example.com
export BNDRY_DEFAULT_TARGET_PORT=2222

Troubleshooting

  • "No host sources found"bndry ssh inspect <target> to check target configuration
  • "Authentication failed"bndry login to refresh token
  • "Permission denied" → Check Boundary role grants for authorize-session permission
  • Can't find configbndry config path to verify location, or bndry config init to create

Development

# Build
go build -o bndry ./cmd/bndry

# Test
go test ./...

# Or use just
just build
just test

Release: Tag with git tag v1.0.0 && git push origin v1.0.0. GoReleaser builds binaries and updates Homebrew tap.

License

Apache 2.0