Connect to Resources

About #

Your infrastructure may include various resources, such as databases, servers, clusters, or websites. When a StrongDM administrator configures these resources, you can use the application to authenticate and gain access to these tools.

For example, you can use StrongDM to connect to a database when completing a reporting task using a specific SQL client. StrongDM handles the exchange of credentials, so you do not have to remember them.

This section provides information to help you connect to the different resource types that make up your environment.

For an introduction, check the CLI and StrongDM Desktop tours. If you encounter any issues, you can consult the help center.

Connection #

To use the CLI to connect to your resources, run the command sdm connect; to disconnect, run sdm disconnect. To see what resources are available to connect, run sdm status.

If you are using the desktop app, you may connect to resources individually by clicking on them in the resource list, or you can use the Connect all option in desktop app’s Actions menu.

Auto-connect #

For specific resources, it is not necessary to run either the sdm connect or sdm disconnect commands because the connection is initiated automatically. Auto-connect is intended to enhance usability and decrease connection friction for users. It is available for the following resource types:

• Kubernetes clusters
• SSH servers
• Websites (HTTP)

All Virtual Networking Mode-enabled resources auto-connect by default, so there is no need to connect explicitly through the desktop app or CLI. If, however, you explicitly disconnect from a Virtual Networking Mode-enabled resource through the desktop app or CLI, it will not auto-connect again until the next restart of the desktop app or CLI, and an explicit connect is necessary.

If you attempt to manually disconnect from a resource that uses auto-connect functionality you will get the following error message: Cannot disconnect resources of this type. This reflects the fact that users do not need to manually connect or disconnect when using this resource type.

Limitations #

For resources configured to use Loopback Mode, operating system file descriptor limits may restrict the number of resources that you can connect to simultaneously.

Loopback Mode is a connectivity mode that allows the StrongDM client to connect to resources using the local loopback adapter in your operating system. When in Loopback Mode, the client can use ports on all 127.0.0.1 addresses (that is, localhost or loopback addresses) to support connections to resources. To learn more about connectivity modes, please see the Virtual Networking Mode documentation.

Connection to Multiple Cloud Resources #

If your organization has multiple AWS Console resources, and you are connected to both at once, you may specify a --name value in commands in order to specify which you intend to execute the command on. For example, sdm aws --name <RESOURCE_NAME> cli. The flag must come before the cli portion of the command in order to preserve the ability to use the command as normal with a single AWS Console resource connected.

You can find resources and information about the following StrongDM topics in this section:

• Datasources
• Kubernetes
• RDP Resources
• SSH Servers
• Websites
• Oracle User Guide