Add a TCP Connection

A TCP connection resource is unique in that the content of the TCP traffic is not recorded in our logs, only the traffic metadata (who accessed the resource, when, and how many bytes were transmitted and received). This behavior is different from what you experience with other strongDM resources that support logging and auditing of actions taken by a user. Logs of TCP traffic are located in the Queries page in the Admin UI and are recorded after the close of the session.

The TCP connection resource may be used for a variety of types of resources that will accept TCP connections, but are not currently supported by strongDM. It provides the ability to use strongDM to connect to unsupported resources, and have at least partial auditing support for them. Aerospike and Kafka are examples of the kinds of resources which might benefit from being set up as TCP connections in strongDM.

The TCP Connection resource supports TLS connections only if you are able to disable hostname verification or allow invalid hostnames on the client side when attempting to connect to the resource through strongDM. It also does not support resources which require connections over multiple ports at the same time.

Resource Configuration

Add a TCP Connection
Add a TCP Connection
  • Display Name (Required): Like other resource types, this is the name that is displayed in the CLI and GUI for any Users that are granted access.
  • Server Type (Required): Select TCP from the dropdown menu.
  • Hostname (Required): The IP/DNS address used to connect to the resource from your Gateway/Relay (e.g.,
  • Port (Required): The port on the target server that is listening for TCP connections. If you're unsure, leave this as the default: 49150.
  • Resource Tags (Optional): Assign tags to the Datasource by entering key-value pairs in the format <KEY>=<VALUE> (e.g., env=dev, region=us-east-1, etc.).

The TCP Connection settings do not include stored credentials. Any credentials your connection requires will need to be provided while connecting with the client.

Should you have any trouble or have general questions, please reach out to

Add an SSH Server with a Public Key
Add an SSH Server with a Customer-Managed Key