aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bumped-ui-commit-95f72e1'
${ noResults }
boundary/website/content/docs/hcp/get-started/connect-to-target.mdx

138 lines
5.3 KiB
Raw Permalink Blame History

---
layout: docs
page_title: Connect to a target
description: >-
Understand how to connect to targets using HCP Boundary. Learn how to select targets and use your choice of client and connect helpers to facilitate connections.
---
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
> [!IMPORTANT]
> **Documentation Update:** Product documentation previously located in `/website` has moved to the [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs) repository, where all product documentation is now centralized. Please make contributions directly to `web-unified-docs`, since changes to `/website` in this repository will not appear on developer.hashicorp.com.
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
# Connect to your first target
The [Quick setup
wizard](/boundary/docs/hcp/get-started/deploy-and-login#log-in-to-hcp-boundary)
is the fastest way to onboard a target to HCP Boundary.
![Setup Wizard](/img/setup-wizard-address-target.png)
The Quick setup wizard creates a default `tcp` target with the address `127.0.0.1` and the port `22` (the default SSH port using TCP).
When you execute `boundary connect` against this target, Boundary establishes a local, authenticated proxy to the address on the target's default port (`127.0.0.1:22`.)
![Setup Wizard](/img/quick-start-targets.png)
## Connect using the CLI
To connect to the initial EC2 Instances target:
1. Copy the **EC2 Instances** target ID (such as `ttcp_ZnHEU9h8qX`).
1. Open a terminal session. Export the Boundary **Cluster URL** as an environment
variable.
```shell-session
$ export BOUNDARY_ADDR=<boundary-cluster-url>
```
1. Connect to the target.
```shell-session
$ boundary connect -target-id ttcp_eTcZMueUYv
```
The output displays the address and port that your SSH client must use.
The `boundary connect` command has a number of notable options, such as
`-listen-port` to choose the port on which the connect command will listen for
an incoming connection. This is convenient for allowing Boundary to work with
applications that allow you to select the connection address, but not the port.
For some applications there are still some extra hurdles that can exist, which
is why connect helpers can be useful.
The dev-mode default target allows you to make as many connections as you want
within the authorized session. When you finish making connections, a
`Ctrl-C/Command-C` to the `boundary connect` process shuts down the session.
## Select targets
When you use `boundary connect`, you must identify the target used for connecting.
The convention in this documentation is to use the target ID because it refers to a
single explicit value.
Other supported flags include:
- `target-name`: The name of the target
- `target-scope-id`: The ID of the scope in which the target lives
- `target-scope-name`: The name of the scope in which the target lives
Note however that these other flags are not uniquely identifying, as you may reuse names
across scopes. Therefore, if you don't use the target ID, you must use the target's name in conjunction with the scope name or scope ID so that Boundary can identify the correct target.
Here is an SSH example in dev-mode:
```shell-session
$ boundary connect ssh -target-name "Generated target" -target-scope-name "Generated project scope"
```
## Connect helpers
Connect helpers automatically accept host SSH key prompts for you.
The connect helper format is `boundary connect <subcommand>`.
Boundary includes connect helpers for the following connection types:
- HTTP
- Kubernetes
- PostgreSQL
- RDP
- SSH
Refer to the [Connect helpers](/boundary/docs/targets/connections/connect-helpers) documentation for more information.
## Exec flag
In addition to the built-in connect helpers, `boundary connect`
can accommodate executing clients even when there is no built-in support
for a specific client using `-exec`. The `-exec` flag is a powerful
tool, allowing you to wrap Boundary TCP sessions in your preferred
client. You can use this flag to create an authenticated proxy to almost
anything.
Refer to the [Exec flag](/boundary/docs/targets/connections/exec-flag) documentation for more information.
## SSH ProxyCommand
SSH `ProxyCommand` lets you proxy an SSH connection to a target according to a configuration file that you create.
It can help simplify common developer and operator workflows.
You can configure the file to connect to the target ID or the target domain.
Refer to the [SSH ProxyCommand](/boundary/docs/targets/connections/workflow-ssh-proxycommand) documentation for more information.
## Desktop client
While you use the desktop client, choose the target and connect to retrieve local
proxy details.
<video
muted
playsInline
autoPlay
loop
className="boundary-clickthrough-video boundary-clickthrough-desktop-video"
>
<source
type="video/mp4"
src="https://www.datocms-assets.com/2885/1613612836-boundary-desktop-clickthrough-connect-target-v1-0-0.mp4"
/>
</video>
## Tutorial
Refer to the [Connect to your First Target](/boundary/tutorials/hcp-getting-started/hcp-getting-started-connect) tutorial for steps on how to create a host catalog, host set, and a target in Boundary.
## Next steps
Refer to the [basic administration
workflows](/boundary/tutorials/hcp-administration) tutorial series
for in depth discussions on managing scopes, targets, identities, and sessions.
Reference in new issue View Git Blame Copy Permalink