HashiCorp Boundary combines the secure networking and identity management capabilities needed for brokering access to your hosts and services in one place and across a mix of cloud and on-premise resources if needed. Key management can be done by integrating the key management service of your choice, be it from a cloud vendor or something like HashiCorp Vault. HashiCorp Boundary supports a growing number of identity providers and can be integrated with parts of your service landscape to help define permissions, not just on host but also on a service level. For example, it enables you to control fine-grained access to a Kubernetes cluster, and dynamically pulling in service catalogs from various sources is on the roadmap. All of this stays out of the way of the engineering end users who get the shell experience they're used to, securely connected through Boundary's network management layer.