EC2 Gateways

Last modified on October 13, 2023

The StrongDM gateway works with any Linux distribution and any server with two CPUs and four gigabytes of memory.

  1. Launch an EC2 instance: we recommend a t3.medium (2 vCPU, 4 GB RAM) with any Linux distribution.

  2. Navigate to the StrongDM Admin UI.

  3. Select the Gateways tab and click add gateway.

Add Gateway
Add Gateway
  1. Copy the hostname or IP address from the EC2 instance and paste it into the advertised host. The hostname that you provide should be either the public IPv4 address or the external DNS hostname (which will resolve to the public IPv4 address).

  2. Enter the port that you left open for the gateway to interact with StrongDM clients (by default, 5000).

  3. Click create. This generates a token which is only shown to you one time that you’ll need to use later in the installation process. Carefully copy the token and save it somewhere for later use.

  4. Log in to the EC2 instance you created to host your gateway.

  5. Download the StrongDM binary:

    curl -J -O -L
  6. Unzip it (if this is a new server, you may need to install a package to unzip archives, such as with sudo apt-get install unzip on Ubuntu distributions):

  7. Install the gateway:

    sudo ./sdm install --relay

    You will be prompted for the token you created above; paste it in and hit enter. Note that the token won’t show in the terminal for security purposes, similar to the masking of a password.

  1. Switch back to the StrongDM Admin UI. In the Gateways tab, the gateway you created should appear to be online, and have a heartbeat. If it doesn’t appear online, perform a hard refresh of your browser. Within a couple of minutes, if it is still not online, verify that the StrongDM daemon is running by running ps aux|grep sdm on the server and looking for a line that says sdm relay.