AWS

Secrets Management

StrongDM integrates with the AWS Secrets Manager to allow your nodes to proxy access to resources using secrets that are added and maintained in your cloud-native secrets manager.

Node Management

When configuring gateways or relays to proxy client traffic to resources, the EC2 Nodes guide can be of use for setup.

Resources

Additionally, StrongDM offers proxied access to cloud resources using the following resource types.

Cloud Resources

• AWS (Instance Profile) - Proxy access to manage your Amazon Cloud via the aws command line tool, using EC2 instances for your nodes and Instance Profile access to authenticate the nodes to the cloud.

• AWS Cloud - Proxy access to manage your Amazon cloud via the aws command line tool, using Secret Access Keys to authenticate your nodes to the cloud.

• AWS Management Console - Proxy access to manage your Amazon Cloud for service accounts via the aws command line tool, using environment-loaded credentials on your nodes or Secret Access Keys to authenticate your nodes to the cloud.

Cluster Resources

When setting up Kubernetes, it's advisable to use a Helm chart and the Kubernetes (Pod Identity)resource type. If you're manually setting up a Kubernetes resource in the cloud, you can also use the EKS or EKS (Instance Profile) resource types.

Server Resources

Any of StrongDM's SSH resource types (listed on the Servers page) can be used to set up AWS server instances as resources in StrongDM.

Datasource Resources

Several of StrongDM's datasource resource types can be used to set up resources within AWS, but there are also several bespoke AWS resource types:

• Amazon Elasticsearch (IAM)

• Amazon Elasticsearch

• Amazon Neptune

• Amazon MQ AMQP

• Amazon MQ (AMQP 0.9.1)

User Management

StrongDM provides generic SSO With SAML and the StrongDM SCIM API Specification that can be used to integrate with the AWS Identity Center.