Help CenterGet A DemoTry It Free

AWS

The Amazon Web Services (AWS) cloud can be used to host StrongDM nodes and manage secrets. StrongDM can govern access to AWS CLI and many AWS resource types.

Secrets Management

StrongDM integrates with the AWS Secrets Manager to allow your nodes to proxy access to resources using secrets that are added and maintained in your cloud-native secrets manager.

AWS Secrets Manager

Node Management

When configuring gateways or relays to proxy client traffic to resources, the EC2 Nodes guide can be of use for setup.

EC2 Nodes

Resources

Additionally, StrongDM offers proxied access to cloud resources using the following resource types.

Cloud Resources

  • AWS (Instance Profile) - Proxy access to manage your Amazon Cloud via the aws command line tool, using EC2 instances for your nodes and Instance Profile access to authenticate the nodes to the cloud. See the AWS (Instance Profile) guide for more details.

  • AWS Cloud - Proxy access to manage your Amazon cloud via the aws command line tool, using Secret Access Keys to authenticate your nodes to the cloud. See the AWS Cloud guide for more details.

  • AWS Management Console - Proxy access to manage your Amazon Cloud for service accounts via the aws command line tool, using environment-loaded credentials on your nodes or Secret Access Keys to authenticate your nodes to the cloud. See the AWS Management Console guide for more details.

Cluster Resources

When setting up Kubernetes, it's advisable to use a Helm chart and the Kubernetes (Pod Identity) resource type. If you're manually setting up a Kubernetes resource in the cloud, you can also use the AWS-specific EKS and EKS (Instance Profile) resource types. See the following for more information:

Server Resources

Any of StrongDM's SSH resource types (listed on the Servers page) can be used to set up AWS server instances as resources in StrongDM.

Datasource Resources

Several of StrongDM's datasource resource types can be used to set up resources within AWS, but there are also several bespoke AWS resource types. See the guides for any of those resource types for more details:

User Management

StrongDM provides a generic SAML integration and the StrongDM SCIM API specification that can be used to integrate with the AWS Identity Center.

SSO With SAMLStrongDM SCIM API Specification

Last updated

Was this helpful?