Add Resources with Secret Store Authentication
This feature is currently in closed-access beta. Functionality and documentation may change.
You can use credentials kept in Secret Stores to set up any type of resource in strongDM.
Adding Resources using Secret Stores
When adding a new resource, after you've selected a Secret Store option, all fields that it can reference from a Secret Store contain "(path)" in their label. These typically consist of a username and password, but can include other credentials such as keys or tokens.
SSH Authentication with Secret Stores
SSH resources support three different types of authentication with Secret Stores: Certificate-Based, Public Key, and Customer-Managed Key.
In the setup for a Certificate-Based SSH resource, you can use a username that is kept in a Secret Store. The certificate authority and the public key generated by it will continue to be managed by strongDM.
Public Key Authentication
In the setup for a Public Key SSH resource, you can use a username that is kept in a Secret Store. The private key and the public key generated by it will continue to be managed by strongDM.
Customer-Managed Key Authentication
In the setup for a Customer Managed Key SSH resource, you can use both a username and private key that are kept in a Secret Store. No keys will be stored or managed by strongDM.