mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/go_modules/go-security-10bccadfea
backport-pr-6235
bgajjala-nonce-csp-encoding
release/0.20.x
release/0.21.x
dependabot/go_modules/go-eae1d233e6
main
moduli-e2e-enos-vars
moduli-hashicorppreview
release/0.19.x
dependabot/github_actions/actions-bb241a35d5
clean-up-loop-captures
feat/test-security-scan
moduli-e2e-admin-ui
rderr-boundary-docker-db-update
backport/wongtonyb-tcp-pending-test-fix/subtly-moved-bee
irindos-update-postgres
backport/irindos-kms-bump/actually-loyal-bluegill
backport/irindos-kms-bump/easily-fit-mallard
backport/irindos-grpc-sdk-api-bump/precisely-quick-tarpon
backport/irindos-grpc-sdk-api-bump/vertically-wise-colt
backport/irindos-grpc-sdk-api-bump/directly-maximum-monkey
backport/irindos-kms-bump/endlessly-tops-anchovy
moduli-github-node24
backport/irindos-grpc-bump/unduly-hopeful-muskrat
backport/irindos-grpc-bump/personally-elegant-condor
backport/irindos-grpc-bump/blatantly-amused-pangolin
backport/irindos-bump-go-dbw-version/instantly-quality-bluegill
backport/irindos-bump-go-dbw-version/currently-mint-stork
backport/irindos-bump-go-dbw-version/poorly-included-hornet
moduli-e2e-loglevel-debug
jefferai-proxyv2-test-1-rebase
jefferai-proxyv2-test-1-merge
backport/dependabot/go_modules/go-security-812415d43e/curiously-master-cougar
backport/dependabot/go_modules/go-security-812415d43e/initially-sweeping-lacewing
backport/dependabot/go_modules/go-security-812415d43e/barely-accurate-ibex
backport/dependabot/go_modules/go-security-812415d43e/directly-unbiased-antelope
chore/dependency-bump
bgajjala-bexpr-poc
dkanney-get-token
llb-app-token
backport/aditya2548-update-cve-changelog-0.21/adequately-careful-gobbler
backport/aditya2548-update-cve-changelog-0.19/evidently-clear-gopher
backport/moduli-bats-alias-flake/luckily-keen-ghoul
backport/moduli-bats-alias-flake/privately-flowing-hare
bgajjala-type-confusion-fix
ddebko-skip-iputils
bgajjala-bexpr-fix
llb-desktop-client-sort-backup
improve-testoutput
backport/irindos-bump-go/externally-champion-kid
rand-read-reverting
bosorawis-stop-revoking-expired-vault-creds
bosorawis-stop-renewing-and-revoking-expired-vault-lease
bosorawis-stop-renewing-expired-vault-token
backport/bosorawis-stop-renewing-expired-vault-token/properly-striking-aardvark
test_crypto_rand
bumped-ui-commit-95f72e1
update-ui-changelog
backport/update-ui-changelog/ideally-eternal-doberman
bump-ui-commit-4fc3244
wongtonyb-connectcli-stdoutpipe-ff
llb-password-credential-type-clean
recovered-work
llb-password-credential-fix
llb-password-credential-type-backup
mikemountain-sql-schema-and-pgtap
backport/dkanney-add-plugin-ibm-key-protect-kms/terminally-vocal-duckling
stable-website
backport/dheath-fix-redirects-2/extremely-gorgeous-troll
backport/am-add-winrdp-err/barely-bold-jaybird
app-token-prototype
dheath-worker-config-name
ICU-17720-storage-protobufs
backport/rdp-docs/actively-classic-adder
backport/ICU-14484-redis-connect/greatly-immortal-cardinal
bump-ui-commit-39dedc6
scc/backport-content-change
drohan-rdp-beta-doc-updates
scc/backport-redirects
dheath-spe-1219-controller-config
style-nonce
irindos-fix-nz-tests
manjeet-04-recovery-plugin-proto
llb-recovery
dkanney-expose-warehouse-tables-over-mcp-server
backport/dheath-clarify-known-issue-message/especially-fun-lioness
louis-tests
louis-testing
backport/bosorawis-add-test-to-migration-fix/surely-relevant-tiger
backport/bosorawis-add-test-to-migration-fix/hardly-optimal-ape
mikemountain-fix-rollback-bug-on-hook-failures
llb-normalized-grants-tests-only
dkanney-merge-main-into-release/0.19.x
dkanney-release/0.19.x-rebase-on-c97605b
dkanney-make-gen-release/0.19.x
mikemountain-add-create-default-and-admin-role-options
mikemountain-fix-migration-drop-cascade
backport/pnpm-migration/socially-star-sponge
backport/bump-ui-commit-2d34717/uniquely-amazing-gnat
backport/dheath-add-client-agent-commands/preferably-lenient-marten
backport/dheath-add-client-agent-commands/presumably-moved-bluejay
mikemountain-fix-makefile-sed-issue
mikemountain-add-createdefaultrole-and-createadminrole-options
backport/boundry/mini-doc-day-2/informally-mutual-poodle
anwittin-changelog-update-1-19-3
backport/dkanney-cve-suppression-for-0.19.2/secondly-unified-terrier
backport/add-ui-entries-changelog/suitably-large-puma
release/0.18.x
release/0.17.x
bosorawis-domain-iam-implement-role-grant-scopes
bosorawis-domain-iam-implement-list-role-grant-scopes
backport/ddebko-update-changelog/previously-adapting-hare
backport/ddebko-update-changelog/initially-whole-bison
tsccr-auto-pinning/trusted/2025-04-01
bosorawis-domain-iam-create-role
elimt-auth-tokens-grants-test
backport/vanphan24-patch-1---public_addr-note/poorly-smiling-dingo
backport/vanphan24-patch-1---public_addr-note/forcibly-proven-pheasant
backport/vanphan24-patch-1---public_addr-note/eminently-renewed-pika
mikemountain-changelog-0.19.1
boundry/mini-doc-day
elimt-grants-data-migration
jbrandhorst-prevent-enourmous-estimated-counts
backport/jbrandhorst-update-azure-plugin/largely-amused-tetra
judith/edu-web-codeowners
backport/docs/config-examples-fix/suddenly-eternal-rat
backport/docs/config-examples-fix/rationally-immortal-kangaroo
jbrandhorst-prototype-db-iface-changes
bumpui-commit-835b302c1
bump-commit-835b302c1
irindos-test
backport/bump-ui-commit-ae1e6d2/notably-secure-malamute
bosorawis-grants-tests-for-accounts-resource
release/0.16.x
jbrandhorst-remove-dependabot-actions
elimt-gcp-multiple-targets
backport/artifact-manifest/main/mainly-proven-snake/vaguely-next-foal
jimlambrt-cache-refresh-win
ddebko-optimize-cluster-tests
jbrandhorst-revert-awssdk-update
ddebko-revert-awskms
moduli-vgt
backport/ryan/ICU-15359/steadily-content-finch
jbrandhorst-remove-wget
backport/ci/update-security-scanner-token/strangely-sweeping-wildcat
dheath-telemetry-doc
bosorawis-labweek-per-authmethod-ttl
backport/jbrandhorst-clarify-ts-configuration-reload/lately-quiet-civet
fix-security-scanner
jimlambrt-cache-soft-delete-user
jimlambrt-cache-speedup-refresh
hugo-dhc-manual-tests
backport/irindos-update-changelog-0.17.2/gently-grand-titmouse
jbrandhorst-context-cause
jbrandhorst-go-api-paging
backport/irindos-update-changelog/horribly-super-crayfish
jbrandhorst-fix-security-scanner
uruemu/app-token-service
dheath-IA-POC
llb-app-tokens
jefferai-rbac-caching
release/0.15.x
irindos-custom-cli-dump
jefferai-proxyv2-test-2
jefferai-proxyv2-test-1
llb-worker-storage-bucket-state
dmiu_vault-response-wrapping
release/0.14.x
release/0.13.x
single-write-errors
elimt-release-0.16.1-mod-update
backport/alanknight_update_dependencies/personally-champion-robin
irindos-cause-split-brain
backport/uruemu/session-recording-observation-events/plainly-tender-guinea
labweek/event-streaming
alanknight_sessions_includeterminated
jbrandhorst-node-enrollment-test
alanknight_labweek_search_tui
jbrandhorst-help-api
flakey-test-TestRotationTicking
lab-week/event-streaming
dheath-docsdays-multi-hop-concept
irindos-update-apisdk
jefferai-random-reader-through-nodee
dgreeninger-vault-integration-howto
backport/dheath-ICU-12878/obviously-intense-calf
backport/irindos-update-bsr-detail/publicly-merry-kangaroo
carlos
dgreeninger-vault-integrations2
SMRE-7-release-pipeline
tmessi-cp-monthly-active-users
backport/jbrandhorst-update-runc/carefully-supreme-mole
jefferai-proxy-in-api
jbrandhorst-fuzz-dns-validator
syncing-file-buffer
jefferai-initial-resources-test
moduli-e2e-fast
tmessi-target-list-reduce-query-params
elimt-oidc-prompts-changelog
tmessi-rate-limit-sys-event
tmessi-rate-limit-unlimited
DoNotDelete-plugin-sdk-0.3.0
app-token-read
moduli-e2e-logout-test
mikemountain-iam-groups-list-pagination
jimlambrt-more-multierror-bits
llb-worker-local-storage-state
moduli-e2e-authorize-session-scope-test
mikemountain-iam-user-list-pagination
mikemountain-iam-role-list-pagination
mikemountain-auth-handlers-pagination
mikemountain-auth-domain-pagination
AdamBouhmad-patch-1
mikemountain-managed-groups-list-pagination
mikemountain-sessions-list-pagination
mikemountain-refactor-auth-methods-domain-layer
mikemountain-auth-token-domain-list-pagination
mikemountain-refactor-accounts-domain-layer
backport/jimlambrt-ldap-mtls-fix-changelog/forcibly-cunning-katydid
backport/dmiu_add-valid-principals-ssh-cert/manually-stirred-mutt
elimt-cpu-consumption-changelog
backport/jimlambrt-fix-oplog-keys/gladly-included-aardvark
elimt-worker-local-storage-proto
release/0.14.1
alanknight_warnings
jimlambrt-go-version
jbrandhorst-experimenting
mikemountain-refactor-accounts-base-repo
releng-test-cgo-enabled
readme-update
rab-permissions-docs-rebase
jimlambrt-make-gen
jimlambrt-auth-ldap-fixes
jimlambrt-drop-oplog-scopeid-fk
backport/jefferai-icu-10786/subtly-legal-chigger
ajayreshc-plugin-proto-observability
backport/dheath-elur-edits/humbly-comic-hornet
compliance/license-update
mikemountain-purge-pagination-tables
mikemountain-prototype-table-trigger-job
dmiu_client-connection-via-unix-socket
dmiu_plugin-error-handling
backport/danny-knights-documentation/hopefully-giving-goat
backport/xw-worker-docs/mildly-talented-newt
backport/irindos-bsr-check-nano-decode/implicitly-hip-turkey
jimlambrt-update-cap
backport/xw-worker-docs/honestly-composed-minnow
backport/dheath-reorg-session-recording-operations/terribly-alert-bug
backport/docs/cli-commands/internally-bursting-condor
backport/docs/cli-commands/eagerly-chief-yeti
backport/dheath-fix-toc-typo/overly-funky-gelding
backport/dheath-fix-headings-1/mistakenly-mint-panther
backport/edorion-patch-3/entirely-direct-barnacle
backport/edorion-patch-2/amazingly-inspired-prawn
backport/edorion-patch-1/properly-desired-mastiff
backport/dheath-host-discovery/gradually-dominant-bunny
backport/irindos-fix-mlock-typo/preferably-enormous-mustang
backport/dheath-update-target-client-port/mainly-loving-heron
backport/irindos-0130-release-notes/actually-unbiased-bunny
jimlambrt-gldap-dep
jimlambrt-cache-poc
backport/dheath-fix-spacing-bullets/code/severely-decent-walleye
llb-jefferai
backport/dheath-bsr-key-req/adversely-great-teal
backport/Postgres-version-recommendation/badly-major-goshawk
backport/irindos-update-storage-bucket-docs/shortly-worthy-foal
backport/dheath-fix-code-blocks/endlessly-closing-alpaca
backport/what-is-boundary-changes/terminally-famous-goshawk
xinglu-permissions-docs
release/0.12.x
hz-cli-print-cert
jefferai-test-stream-interceptor
manthony-controller-led-auth
tmessi-interface-to-any
zs.test-api-docs-preview
tmessi-fix-ui-build
jefferai-unsettable-bools
test-gh-fix
dmiu_plugin-restructure
sarah-test-transient
ahuang/test-mod-cache
test-changing-nofile-limit
try-test-splitting
tmessi-ci-gh-actions-mariano
jimlambrt-ldap-changelog
backport/alanknight_pkiworkers_docs/clearly-driven-raptor
backport/alanknight_pkiworkers_docs/rapidly-rational-chamois
backport/alanknight_pkiworkers_docs/wholly-pumped-dinosaur
backport/rab-0_12_0_cve-link/partly-singular-bison
eneil/test-changes
test-rm-product-metadata
jimlambrt-ldap-wh
backport/bump-ui-commit-onboarding-update/firmly-flexible-mallard
jimlambrt-ldap-ongoing
release/0.5.x
release/0.6.x
release/0.7.x
release/0.8.x
release/0.9.x
release/0.10.x
release/0.11.x
backport/dheath-add-frontmatter-ref-arch/normally-smooth-werewolf
backport/dheath-release-notes-0.11/probably-legal-walrus
backport/dheath-release-notes-0.11/grossly-advanced-alien
tmessi-sqltest-postgres-versions
backport/ks.update-alert-docs/miserably-valued-seahorse
RELENG-305
daniellemiu_remove-session-id-from-retrieveCredential
release/0.11.2
backport/set-product-version/briefly-knowing-fowl
backport/dheath-template-params-rewrite/totally-thankful-buzzard
mktg-tf-999fc08cd5edb8632f8f6995f9998396
tmessi-sqllit
hz-active-conns-main
hugoamvieira-bud-update-changelog1
backport/dheath-vault-credential-templating/carefully-striking-jaybird
sam/set-product-version
hz-active-conns-cherrypick
backport/dheath-boundary-v-others/adequately-genuine-badger
backport/dheath-boundary-v-others/readily-rich-squirrel
backport/dheath-boundary-v-others/sadly-splendid-lion
hz-db-consistency-2
chore-bump-ui-commit
hz-active-connections-re
hz-active-connections
jefferai-eph-testing
kevin/boundary-ga-link-fixes
jefferai-skip-shared-lock-acquisition
jefferai-hosts-on-targets
jefferai-gen-add-set-remove
manthony/QTI-317
b/set-version-docker
chore-bump-ui
qti/nomad-deployment
jimlambrt-go-dbw-dep-update
rename_boundary_service
jimlambrt-worker-dag
qti-275
llb-project-scope-refactor
mgaffney-rename-catalog-column
jimlambrt-repo
jimlambrt-byow-create-ongoing
docs-install-dir
jimlambrt-yugabyte
release/0.8.1
jefferai-session-listing-style
new-metrics-doc
jimlambrt-kms-refactor
test-build-downloading-ui-artifact
jefferai-remove-alpnmux
test-workflow
plugin-error-code-conversion
add-desktop-vault-credential-clickthrough
test-kms
sarah-test
crt
release/0.7.3
vancluever-persisted-creds-maintenance-job
release/0.7.2
hostcatalog-updates-074
vancluever-persisted-creds-maintenance-job-abandoned-timestamponly
mgaffney-update-mappers2
brk.feat/mdx-v2
release_notes_07
build-abd695e5bc42d01e4412bf6c76211c3fc93a93d7-96b4bb6d1c841f3
jeff-windows-asset-embedding
build-bc27190474ad4863d3c7541f35467c84d8b17621-6e6387801f8e1b6e
jeff-ci-error-investigation
jimlambrt-update-db-docs
vancluever-plugin-hostcatalogs-catch-duplicate-name-early
vancluever-hostcatalogsecret-crud
backport/add-reference-architectures-docs-2/sadly-exotic-cattle
jeff-migrate-host-set-members
backport/nq.web.upgrade-analytics-package/factually-modern-mastodon
backport/nq.add-fathom-analytics/luckily-definite-fawn
jeff-shared-host-lookup
ac.homepage-refresh
build-07c5c00f557ccc6d58ac065fa6c267f576860ac2-b6d44bfa8919b067
zs.hero-video-tweaks
jeff-plugin-threadsafe-map
jimlambrt-events-inbound-interceptor
jimlambrt-events-no-default-stderr-sink
jimlambrt-gorm-v2
vancluever-plugin-hostcatalogs-manager-launch-and-hooks
vancluever-plugin-hostcatalogs-manager
build-7746916d59c46491d77b4381b9e0bfee7f2960c1-aa2e5699399125ec
vscode-customization
build-3fc2cf4df5820b2465e10a4fe12d03e563c9ea36-aa2e5699399125ec
vancluever-plugin-hostcatalogs
build-02c0764e1100301622a8cb916a7e3e6224fec79e-aa2e5699399125ec
build-02c0764e1100301622a8cb916a7e3e6224fec79e-7d2e41b4124999b9
vancluever-move-host-resoruce-address-up-to-top-level
christoff-event-api
christoff-event-storage-protobuf
jeff-add-migration-hooks
jeff-robbarnes-testing
christoff-db-prince
build-5f88243ddc6182db9c71ba84fd401040de4f5d41-ee438ecfea1e5f6d
jimlambrt-oidc-ctx
jimlambrt-remove-threshold
jimlambrt-event-logger-dep
vancluever-plugin-prototype
boundary-toc-draft
boundary-draft-toc
mdeggies-ui-build-fix-commit
christoff-fix-build-ui
jimlambrt-event-resource
build-0b66464a3a173d5cd28a41924fb661d9e68b33c5-7706fefd870195c1
build-48e55f156a0fbdcb4e1e711b04271e57bc8f952e-7706fefd870195c1
build-7f9bc768a02832ebfd96387f8ea48b56975ab391-7706fefd870195c1
build-14c7993c2cc5a9ad92025453c2dbe66651a98359-7706fefd870195c1
build-f48382828610d294361ee6630c11972d501678fb-7706fefd870195c1
jimlambrt-events-integration-updates
jeff-vault-target-sad-cli
origin/vancluever/worker-unit-testing
vancluever/worker-status-connection-close
vancluever/controller-session-cleanup
jimlambrt-hclog-sink-prototyping
jimlambrt-encrypt-node
build-407a21991aa7dc550967720466d4b10c2e02ee1c-af038697addc95f7
pw-prefix-docs
jimlambrt-dry-out-eventer
jimlambrt-events-eventer
jimlambrt-o11y-wip
jimlambrt-o11y-audit-encrypt-filter
build-95e6a736e5d92c824843675122618828c94b89d0-855628175bd6dd2b
build-ed5e34082c60ac49d2501f1ac68f6bd36925c169-96c1fa474bdc9213
build-79c1d90fa58c43e8bdbd1b3a27ea57b8329461d6-855628175bd6dd2b
build-a87fe5f803e2b28fa008158d8a080aa3fe65184e-6a9de274fa82c0d3
packagespec-0.2.6/main
build-3c994f66f877224fd1d75e6ce3ff4efb3aa9a0ad-f8da55a155fec372
build-b0fbd9b905aa8ef091936636d8d7463e728de64c-f8da55a155fec372
build-c3cbf23eaba7c37a4e7a2829c19e8bb2f63efc10-f8da55a155fec372
build-c3cbf23eaba7c37a4e7a2829c19e8bb2f63efc10-d2d108249f2b472e
build-f7e7e54fd8f07011fd36e71cca494d2621017aff-f8da55a155fec372
eventmvp
jimlambrt-oidc-user-name-email-with-scopes
build-7bf6fad7e235ff9ba8fa904904afd1b6deb40082-604d79ffd095ac1d
build-6c003c94f7a49dba6ae2ad524d4e830929c2a363-604d79ffd095ac1d
build-db29c83daf377602e31a5aaebb5252c10e6da4bd-604d79ffd095ac1d
feature-enable-ui-oidc
jimlambrt-oidc-wip
backport/br.stackmenu/thoroughly-tidy-jaybird
jimlambrt-oidc-primary-bool
jimlambrt-oidc-wip-primary-bool
jimlambrt-oidc-wip-disable-discovered
jimlambrt-oidc-wip-uniq-names
jimlambrt-oidc-wip-fix-migrations
jimlambrt-oidc-predictable-auth-oidc-acct-ids
build-c0f33f982c87c0eb4127cb16cf06b03a37b91dbd-ac2d26e9788a0ad5
jeff-update-tls-max-version
jimlambrt-oidc-op-state-changes
revert-937-jimlambrt-oidc-providers-and-repo-reads
jimlambrt-oidc-eff-dating
malnick/dt-client-videos
build-bc565922fbd3a18c9f6a22cd2e80a93df0d7cd45-8df1aef0cf650f
build-c45916918a4e71d3c9f3b47d058ce1e2075e8f5d-eee4aa2684a7d81e
build-9761f1deee3fceeb4e9a11696e3a15de813c6979-eee4aa2684a7d81e
docs-desktop
malnick/jeff-publicclusteraddr-env
mgaffney-ICU-1063-target-hosts
ICU-1063-target-hosts
binary-test-harness
build-ba6c0df8ca56eff0f01d9717da1b1435898408d3-1a2da1c180d096ae
build-f8577519b6fb152ddb19b2e4a7dcf8e9b1e82f58-33843d4ffce619b7
build-b5d84495a33b72a3139bd224d3cfcd4cbaad7b98-6d31fbde972f7762
fix-base-image-reference
jeff-websocket-netconn-framewrapping
build-d8020842ae8b6c742b94538baada313d7eb52809-96150adb9f0307e8
build-a39bad1ab0159ba4fe91365e9ddec93f04d795e3-96150adb9f0307e8
build-353360bbcf38badecbc8b2ebfaeae3597e704a6f-96150adb9f0307e8
jeff-dynamic-groups-exp
malnick-patch-1
build-eccd68d73c3edf14863ecfd31f9023063b809d5a-8bc67ea0caf8607a
build-3b9ef13f173683e82a68b7fb47ed491ac025518f-8bc67ea0caf8607a
build-be498b301567249e8b913e79591af378f0fa5cd6-8bc67ea0caf8607a
jeff-recovery-config-hcl-string
jeff-worker-unix-public-addr
issue-701
chlg-subheader
build-e08ab98a2b128ee202eae46551da23c831b4acfc-13facd1eb832bef
build-7b7fbfa2c1af4c7ee2f60857cedb22f19daffc4f-ccf4cf2f99886942
br.boundary-releases
build-ce40b69ffa93e0b68a045114847ca498732f18b9-19422f9faecfc500
br.download-boundary
nq.website.remove-auth
hashiconf
cli-data
chore-ui-v0.1.0
Docs-landing-page
jm.add-hashi-stack-menu
prefix-format-err
jeff-error-cli-update
malnick-err-cli-update
cli-printer
helpful-text
build-a1765d5838b0fe61ad80af4b3c2d5e514595d216-e4376ac9df46687f
integration-test
db_env_var
build-2647dd2d665b71b5da76a9964b4c272985d37ea0-748714d3a36e1911
build-44575137078a4c177fc9a16b16faf98494b49130-4344d637dfb974c4
build-ad364714b47113baf7e87e9a382d03b8f73b896a-93a6ac5d68844c75
admin-docs
cli-labels
jimlambrt-assoc-changes
build-be1555d9b0325d7d8078451c19df46d0aa514c40-77765297f95ba814
uniq-name
examples
jimlambrt-session-basics
rm-tribal
jimlambrt-targets-store
external-kms
kms-proto
jeff-migrate-debugging
e2e
docs-project-resource
mgaffney/wt-demo-1
iam-basics
revert-143-remove-projects-from-grants
jimlambrt-auth-additions
dev-test-db
mgaffney/static-hosts
mgaffney/make-tests-faster
apigen
mgaffney/db-init
v0.7.4
v0.7.3
v0.7.2
v0.7.1
v0.7.0
v0.6.2
v0.6.1
v0.6.0
v0.5.1
sdk/v0.0.7
v0.5.0
api/v0.0.15
v0.4.0
v0.3.0
v0.2.3
v0.2.2
v0.2.1
api/v0.0.10
v0.2.0
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
api/v0.0.1
api/v0.0.11
api/v0.0.12
api/v0.0.13
api/v0.0.14
api/v0.0.16
api/v0.0.17
api/v0.0.18
api/v0.0.19
api/v0.0.2
api/v0.0.20
api/v0.0.21
api/v0.0.22
api/v0.0.23
api/v0.0.24
api/v0.0.25
api/v0.0.26
api/v0.0.27
api/v0.0.28
api/v0.0.29
api/v0.0.3
api/v0.0.30
api/v0.0.31
api/v0.0.32
api/v0.0.33
api/v0.0.34
api/v0.0.35
api/v0.0.36
api/v0.0.37
api/v0.0.38
api/v0.0.39
api/v0.0.4
api/v0.0.40
api/v0.0.41
api/v0.0.42
api/v0.0.43
api/v0.0.44
api/v0.0.45
api/v0.0.46
api/v0.0.47
api/v0.0.48
api/v0.0.49
api/v0.0.5
api/v0.0.50
api/v0.0.51
api/v0.0.52
api/v0.0.53
api/v0.0.54
api/v0.0.55
api/v0.0.56
api/v0.0.57
api/v0.0.58
api/v0.0.59
api/v0.0.6
api/v0.0.60
api/v0.0.61
api/v0.0.7
api/v0.0.8
api/v0.0.9
sdk/v0.0.1
sdk/v0.0.10
sdk/v0.0.11
sdk/v0.0.12
sdk/v0.0.13
sdk/v0.0.14
sdk/v0.0.15
sdk/v0.0.16
sdk/v0.0.17
sdk/v0.0.18
sdk/v0.0.19
sdk/v0.0.2
sdk/v0.0.20
sdk/v0.0.21
sdk/v0.0.22
sdk/v0.0.23
sdk/v0.0.24
sdk/v0.0.25
sdk/v0.0.26
sdk/v0.0.27
sdk/v0.0.28
sdk/v0.0.29
sdk/v0.0.3
sdk/v0.0.30
sdk/v0.0.31
sdk/v0.0.32
sdk/v0.0.33
sdk/v0.0.34
sdk/v0.0.35
sdk/v0.0.36
sdk/v0.0.37
sdk/v0.0.38
sdk/v0.0.39
sdk/v0.0.4
sdk/v0.0.40
sdk/v0.0.41
sdk/v0.0.42
sdk/v0.0.43
sdk/v0.0.44
sdk/v0.0.45
sdk/v0.0.46
sdk/v0.0.47
sdk/v0.0.48
sdk/v0.0.49
sdk/v0.0.5
sdk/v0.0.50
sdk/v0.0.51
sdk/v0.0.52
sdk/v0.0.53
sdk/v0.0.54
sdk/v0.0.55
sdk/v0.0.56
sdk/v0.0.57
sdk/v0.0.58
sdk/v0.0.6
sdk/v0.0.8
sdk/v0.0.9
v0.1.0-beta.1
v0.1.0-beta.2
v0.1.0-beta.3
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.11.1
v0.11.2
v0.12.0
v0.12.1
v0.12.2
v0.13.0
v0.13.1
v0.14.0
v0.14.1
v0.14.2
v0.14.3
v0.14.5
v0.15.0
v0.15.1
v0.15.2
v0.15.3
v0.15.4
v0.15.5
v0.16.0
v0.16.1
v0.16.2
v0.16.3
v0.17.0
v0.17.1
v0.17.2
v0.18.0
v0.18.1
v0.18.2
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.20.0
v0.20.1
v0.21.0
v0.21.1
v0.21.2
v0.7.5
v0.7.6
v0.8.0
v0.8.1
v0.9.0
v0.9.1
${ noResults }
51 lines
1.9 KiB
51 lines
1.9 KiB
locals {
|
|
doormat_service_user_arn = "arn:aws:iam::397512762488:user/doormatServiceUser"
|
|
// "Github Actions Doormat repositories and qualifiers"
|
|
// see: https://docs.prod.secops.hashicorp.services/doormat/gha/
|
|
github_actions_doormat_rwqs = {
|
|
boundary-enterprise = "github.com/hashicorp/boundary-enterprise@event_name=workflow_dispatch+push:ref=refs/heads/main+refs/heads/release/0.8.x+refs/heads/release/0.10.x+refs/heads/release/0.11.x///event_name=pull_request:base_ref=main+release/0.8.x+release/0.10.x+release/0.11.x",
|
|
boundary-hcp = "github.com/hashicorp/boundary-hcp@event_name=workflow_dispatch+push:ref=refs/heads/main+refs/heads/release/0.8.x+refs/heads/release/0.10.x+refs/heads/release/0.11.x///event_name=pull_request:base_ref=main+release/0.8.x+release/0.10.x+release/0.11.x",
|
|
}
|
|
github_actions_doormat_assume_policy_name = "AssumeServiceUserPolicy"
|
|
boundary_gha_iam_role_name = "${var.repository}-GHA-ci"
|
|
}
|
|
|
|
// Doormat Github Actions assume policy
|
|
data "aws_iam_policy_document" "github_actions_doormat_assume" {
|
|
count = local.is_ent ? 1 : 0
|
|
|
|
provider = aws.us_east_1
|
|
|
|
statement {
|
|
actions = [
|
|
"sts:AssumeRole",
|
|
"sts:SetSourceIdentity",
|
|
"sts:TagSession"
|
|
]
|
|
principals {
|
|
type = "AWS"
|
|
identifiers = [local.doormat_service_user_arn] # infrasec_prod
|
|
}
|
|
}
|
|
}
|
|
|
|
# Doormat Github Actions roles
|
|
resource "aws_iam_role" "github_actions_doormat_role" {
|
|
count = local.is_ent ? 1 : 0
|
|
|
|
provider = aws.us_east_1
|
|
|
|
name = local.boundary_gha_iam_role_name
|
|
tags = {
|
|
hc-service-uri = local.github_actions_doormat_rwqs[var.repository]
|
|
}
|
|
max_session_duration = 43200
|
|
assume_role_policy = data.aws_iam_policy_document.github_actions_doormat_assume[0].json
|
|
|
|
inline_policy {
|
|
name = "AssumeServiceUserPolicy"
|
|
// Use the service user policy for now
|
|
policy = data.aws_iam_policy_document.combined_policy_document.json
|
|
}
|
|
}
|