Last modified on October 12, 2022
StrongDM Desktop has been redesigned to enhance the user experience and add support for Multi-loopback mode. The desktop app is now easier to use and allows up to hundreds of thousands of resources to be connected concurrently.
Desktop App updates
StrongDM Desktop for macOS and Windows is a graphical component of the StrongDM client that can be installed on each StrongDM user’s machine. Formerly called the GUI, the desktop app is used for authentication to StrongDM and for visualizing and connecting to all resources that users can access. At a glance, the desktop app displays all available resources to logged-in users, as well as resource health, name, address, port, and connection status.
In addition to numerous UI improvements, the desktop app features Multi-loopback support and usability improvements, including powerful resource search and filtering capabilities, buttons to copy values to the clipboard, built-in diagnostics, versioning information, and more.
In the default mode of operation, the StrongDM client is limited in the number of resources it can serve. The default mode works by binding ports on the localhost interface and proxying the traffic to the target resource. The number of available ports, however, is limited on the local interface.
Multi-loopback mode allows the desktop app to use ports on all addresses and thus support connections to a greater number of resources.
Search and filter
The search bar supports partial string match and exact string match, making it faster to find specific resources when there are many. New filter buttons narrow search results according to resource type, health, or connection status.
Copy buttons for resource names, port numbers, and IP addresses make it easy to copy resource values and use them in CLI commands and client connections.
Diagnostic information may be copied in the same way from the Account menu.
Account menu options
The Account menu now includes diagnostic information, versioning information for the client and application, and an option to update kubectl configuration if cluster resources are available.
Diagnostic output delivers the same information that is available via the
sdm doctor CLI command. The new Account menu option provides a quick way to copy diagnostic output and email it to StrongDM Support, without having to open the CLI.
Admin UI updates
Bind Interface field on resource forms
To support operation in Multi-loopback mode with a high number of resource connections, resource forms for all datasources, servers, and clusters now include a read-only Bind Interface field.
The bind interface is the IP address to which the port override of a resource is bound (for example,
127.0.0.1). It is automatically generated for all datasource, server, and cluster resources upon creation.
The bind interface value may be overwritten any time after resource creation with a preferred value, as long as the specified value is in the
127.255.255.254 loopback IP address range.
Read-only port overrides on resource forms
On resource configuration forms, the Port Override field is read-only. Port overrides may be edited only after resources are created, from the Settings > Port Overrides page.
Bind address on Port Overrides page
The Settings > Port Overrides page adds a Bind Address field for each datasource, server, and cluster resource, allowing both port and bind interface values to be designated for resources.
The bind address is the full address of the resource, including the bind interface value and port (for example,
127.0.0.1:15432). Both the bind interface value and port may be edited on the Port Overrides page.
The new CLI binary now supports significantly higher resource counts.
Terraform Provider and SDK updates
To support operation in Multi-loopback mode, the Terraform provider and SDKs now include the following updates for bind interface values and port override values:
- Bind interface values in the StrongDM Terraform provider are now defined as optional computed.
- Port override values in the StrongDM Terraform provider are now defined as optional computed.
- If operating in Multi-loopback mode, specifying a bind interface value is mandatory. If unspecified, the bind interface value defaults to