--- layout: docs page_title: v0.10.0 description: |- Boundary release notes for v0.10.0 --- # Boundary v0.10.0 The release notes below contain information about new functionality available in the Boundary v0.10.0 release. To see a granular record of when each item was merged into the Boundary project, please refer to the [Changelog](https://github.com/hashicorp/boundary/blob/main/CHANGELOG.md). To learn about what Boundary consists of, we highly recommend you start at the [Getting Started Page](/boundary/docs/getting-started). Lastly, for instructions on how to upgrade an existing Boundary deployment to v0.10.0, please review Boundary's [general upgrade guide](/boundary/tutorials/oss-configuration/upgrade-version). ## Boundary v0.10.0 Highlights **Credential Management of SSH Keys:** Boundary 0.10 includes enhancements to credential management, including added support for management of SSH private keys. **SSH Brokering Helper Function:** We’ve expanded support for the SSH brokering helper function that allows users to seamlessly connect to machines remotely without having to manually enter their brokered credentials. **Enhanced IAM Workflows in the Boundary Admin UI:** Boundary 0.10 introduces enhanced IAM associations to Boundary’s Admin UI, allowing users to expand IAM associations in a project scope to resources such as group members and principals that reside in other scopes. **SSH Credential Injection via Password and Public Key Authentication:** HCP Boundary now supports SSH Credential Injection, an active method of injecting credentials into an established connection, so that credentials are never exposed to users. [Learn more here](/boundary/tutorials/hcp-administration/hcp-ssh-cred-injection). ## What's Changed * `ssh` Target Type With Credential Injection (HCP Boundary only): Boundary has gained a new `ssh` target type. Using this type, username/password or SSH private key credentials can be sourced from `vault` credential libraries or `static` credentials and injected into the SSH session between a client and end host. This allows users to securely SSH to remote hosts while never being in possession of a valid credential for that target host. * SSH Private Key Credentials: There is now an `ssh_private_key` credential type that allows submitting a username/private key (and optional passphrase) to Boundary for use with credential injection or brokering workflows. * `boundary connect ssh` Credential Brokering Enhancements: we have extended support into the `boundary connect ssh` helper for brokered credentials of `ssh_private_key` type; the command will automatically pass the credentials to the `ssh` process ([PR](https://github.com/hashicorp/boundary/pull/2267)). * `boundary authenticate`, `boundary accounts`: Enables use of `env://` and `file://` syntax to specify location of a password **For more detailed information of all changes since 0.9.0, please refer to the [Changelog](https://github.com/hashicorp/boundary/blob/main/CHANGELOG.md)**