Close
logodocs

Add Resources with Secret Store Authentication

This feature is currently in closed-access beta. Functionality and documentation may change.

You can use credentials kept in Secret Stores to set up any type of resource in strongDM.

Adding Resources using Secret Stores

When adding a new resource, after you've selected a Secret Store option, all fields that it can reference from a Secret Store contain "(path)" in their label. These typically consist of a username and password, but can include other credentials such as keys or tokens.

Datasource - Secret Stores
Datasource - Secret Stores

Learn more by reading the Configure a Resource section of Secret Stores Settings.

SSH Authentication with Secret Stores

SSH resources support three different types of authentication with Secret Stores: Certificate-Based, Public Key, and Customer-Managed Key.

Certificate-Based Authentication

In the setup for a Certificate-Based SSH resource, you can use a username that is kept in a Secret Store. The certificate authority and the public key generated by it will continue to be managed by strongDM.

CA-Based - Secret Stores
CA-Based - Secret Stores

Public Key Authentication

In the setup for a Public Key SSH resource, you can use a username that is kept in a Secret Store. The private key and the public key generated by it will continue to be managed by strongDM.

Public Key - Secret Stores
Public Key - Secret Stores

Customer-Managed Key Authentication

In the setup for a Customer Managed Key SSH resource, you can use both a username and private key that are kept in a Secret Store. No keys will be stored or managed by strongDM.

Customer-Managed - Secret Stores
Customer-Managed - Secret Stores