Overview

Boundary has a rich domain model consisting of resources that represent IAM principals, infrastructure, and the means to tie them together. This section contains information about the various resources within the domain and how they relate to each other.

Overview - 图1

Resources

A resource is any element in Boundary to which principals may be granted permissions. All resources have an ID which is unique within Boundary.

Summary of Resources

  • Account : An account is a resource that represents a unique set of credentials issued from a configured authentication method which can be used to establish the identity of a user.

  • Authentication Method : An authentication method is a resource that provides a mechanism for users to authenticate to Boundary.

  • Group : A group is a resource that represents a collection of users which can be treated equally for the purposes of access control.

  • Host : A host is a resource that represents a computing element with a network address reachable from Boundary.

  • Host Catalog : A host catalog is a resource that contains hosts and host sets.

  • Host Set : A host set is a resource that represents a collection of hosts which are considered equivalent for the purposes of access control.

  • Role : A role is a resource that contains a collection of permissions which are granted to any principal assigned to the role.

  • Session : A session is a set of related connections between a user and a host.

  • Scope : A scope is a permission boundary modeled as a container.

  • Target : A target is a resource that represents a networked service a user can connect to and interact with through Boundary by way of a session.

  • User : A user is a resource that represents an individual person or entity for the purposes of access control.

Next Steps

When getting started with Boundary, the first resource to look at should probably be Scopes. Every other resources is either contained within a scope, or contained within another resource that is itself contained within a scope. That page can help you understand the structure of resources within Boundary.