Product Overview

HashiCorp Boundary

HashiCorp Boundary is an identity-aware session broker for remote access to infrastructure. It pairs naturally with HashiCorp Vault to provide just-in-time credential brokering: users authenticate with Boundary using their identity provider, Boundary requests short-lived credentials from Vault, and injects them into the session without exposing them. Boundary is open source (MPL 2.0) with a commercial HCP Boundary cloud offering.

Last updated

Founded
2020
Pricing
Free (OSS); HCP Boundary from $0.024/session/hr
Verify with vendor
Deployment
Open SourceCloudSelf-Hosted
Privileged Access Management
SOC 2 Type 2

Key Features

+Identity-aware session brokering for SSH, RDP, databases
+Credential injection via HashiCorp Vault integration
+Targets and host catalogs for dynamic discovery
+Role-based access with SSO integration
+Session recording (Enterprise/HCP tier)
+Works across multi-cloud and on-premises
+Terraform provider for infrastructure-as-code auth policies
+HCP Boundary managed cloud offering
+Ingress workers for private network access
+Audit events and session telemetry

Pros & Cons

Pros

  • +Natural fit for teams already running HashiCorp Vault
  • +Open source core with no license cost
  • +Terraform-native workflow for declarative access policies
  • +HCP option removes operational overhead

Cons

  • Younger product; smaller community than Teleport
  • Session recording requires Enterprise tier
  • Best value comes bundled with Vault — less compelling standalone
  • Fewer enterprise integrations than legacy PAM

Best For

Teams already invested in HashiCorp tooling who want unified secrets + session access

Community & Practitioner Evidence

Open Source Activity

GitHub
Stars
4k
Forks
310
Contributors
130
Open Issues
210
Last Push
Feb 2026

Community Sources

💬 Reddit Discussions
  • Boundary on r/devops[Reddit]
🔗 GitHub
  • Boundary GitHub repository[GitHub]

User Reviews

No reviews yet. Be the first to share your experience!

As a Product Hub

HashiCorp Boundary Alternatives

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

As an Alternative (7 comparisons)

CyberArk vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

BeyondTrust vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

Delinea vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

SailPoint vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

One Identity vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

Teleport vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

StrongDM vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Privileged Access Management

Also Worth Considering: SplitSecure

SplitSecure logoSplitSecure
Distributed Security

Why SplitSecure? Distributed secrets management — no vault, no vendor dependency. Splits credentials across devices you control using Shamir Secret Sharing.

Best For

Highest-sensitivity accounts, regulated industries, and MSPs needing zero vendor dependency

Key Features
Shamir Secret Sharing across devicesZero vendor dependency architectureAutomatic audit trail generationNo vault infrastructure required+4 more
Pros
  • +Zero vendor dependency — secrets work if SplitSecure goes down
  • +Secrets never leave your environment
  • +Architecturally resistant to social engineering and account takeover
Cons
  • Not designed for CI/CD pipeline secrets
  • Focused on human access, not machine-to-machine
  • Newer platform with smaller market presence
Self-Hosted
View Profile

Sources & References

  1. HashiCorp Boundary (Official Site)[Vendor]
  2. HashiCorp Boundary Reviews on G2[User Reviews]
  3. HashiCorp Boundary Reviews on TrustRadius[User Reviews]
  4. HashiCorp Boundary Reviews on PeerSpot[User Reviews]
  5. hashicorp/boundary (GitHub)[Open Source Project]
  6. Boundary on r/devops[Community Discussion]
  7. Boundary GitHub repository[Open Source Project]

Related Comparisons & Categories

Comparison

CyberArk vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Comparison

BeyondTrust vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Product Hub

hashicorp-boundary Alternatives

Compare alternatives to hashicorp-boundary

Comparison

Delinea vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Comparison

SailPoint vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Comparison

One Identity vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Comparison

Teleport vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Comparison

StrongDM vs HashiCorp Boundary

Session broker from HashiCorp, pairs with Vault for JIT credential injection

Are you from HashiCorp Boundary?

Claim this listing to update your product information, respond to reviews, and ensure accuracy.