Connect to Resources

About #

Your infrastructure may include various resources, such as databases, servers, clusters, or websites. When a StrongDM administrator configures these resources, you can use the application to authenticate and gain access to these tools.

For example, you can use StrongDM to connect to a database when completing a reporting task using a specific SQL client. StrongDM handles the exchange of credentials, so you do not have to remember them.

This section provides information to help you connect to the different resource types that make up your environment.

For an introduction, check the CLI and StrongDM Desktop tours. If you encounter any issues, you can consult the help center.

Connection #

To use the CLI to connect to your resources, run the command sdm connect; to disconnect, run sdm disconnect. For both commands, a port must be defined. To see if ports are listening or not, run sdm status.

If you are using the desktop app, you may connect to resources individually by clicking on them in the resource list, or you can use the Connect all option in desktop app’s Actions menu.

Connect on knock #

For specific resources, it is not necessary to run either the sdm connect or sdm disconnect commands. That is, connection is initiated automatically, which is known as “connect on knock.” Connect on knock is intended to enhance usability and decrease connection friction for users. It is available for the following resource types:

• Kubernetes clusters
• SSH servers
• Websites (HTTP)

If you attempt to manually disconnect from a resource that uses “connect on knock” functionality you will get the following error message: Cannot disconnect resources of this type. This reflects the fact that users do not need to manually connect or disconnect when using this resource type.

Limitations #

• If you have access to more than 500 resources, both connect on knock and the Connect all option are disabled. For more information, see StrongDM Desktop.

Connection to Multiple Cloud Resources #

If your organization has multiple AWS Console resources, and you are connected to both at once, you may specify a --name value in commands in order to specify which you intend to execute the command on. For example, sdm aws --name <YOUR_RESOURCE_NAME> cli. The flag must come before the cli portion of the command in order to preserve the ability to use the command as normal with a single AWS Console resource connected.

You can find resources and information about the following StrongDM topics in this section:

• Datasources
• Kubernetes
• RDP Resources
• SSH Servers
• Websites
• Oracle