# Microsoft

### Secrets Management

StrongDM integrates with the Azure Key Vault to allow your nodes to proxy access to resources using secrets that are added and maintained in your cloud-native secrets manager.

{% content-ref url="../../access/secret-stores/azure-key-vault" %}
[azure-key-vault](https://docs.strongdm.com/admin/access/secret-stores/azure-key-vault)
{% endcontent-ref %}

### Node Management

When configuring gateways or relays to proxy client traffic to resources, the Azure VM Nodes guide can be of use for setup.

{% content-ref url="../../networking/gateways-and-relays/azure-vm-nodes" %}
[azure-vm-nodes](https://docs.strongdm.com/admin/networking/gateways-and-relays/azure-vm-nodes)
{% endcontent-ref %}

### User Management

StrongDM provides an integration for SSO authentication with Entra ID as well as SCIM user provisioning with Entra ID.

{% content-ref url="../../principals/sso/entra-oidc" %}
[entra-oidc](https://docs.strongdm.com/admin/principals/sso/entra-oidc)
{% endcontent-ref %}

{% content-ref url="../../principals/provisioning/entra-provisioning" %}
[entra-provisioning](https://docs.strongdm.com/admin/principals/provisioning/entra-provisioning)
{% endcontent-ref %}

### Resources

Additionally, StrongDM offers proxied access to cloud resources using the following resource types.

#### Cloud Resources

* Azure Cloud - Proxy access to manage your Azure cloud via the Azure CLI. See the [Azure Cloud guide](https://docs.strongdm.com/admin/resources/clouds/azure) for more details.

#### Cluster Resources

When setting up Kubernetes, it's advisable to use a Helm chart and the Kubernetes (Pod Identity) resource type. If you're manually setting up a Kubernetes resource in the cloud, you can also use the Azure-specific AKS resource type.

* [Deploy Kubernetes via Helm chart](https://github.com/strongdm/charts/blob/main/deployments/sdm-relay/README.md)
* [Kubernetes (Pod Identity) resource guide](https://docs.strongdm.com/admin/resources/clusters/kubernetes-podidentity)
* [AKS resource guide](https://docs.strongdm.com/admin/resources/clusters/aks)

#### Server Resources

Any of StrongDM's SSH resource types (listed on the [servers](https://docs.strongdm.com/admin/resources/servers "mention") page) can be used to set up AWS server instances as resources in StrongDM.

#### Datasource Resources

Several of StrongDM's datasource resource types can be used to set up resources within Azure, but there are also several bespoke Microsoft resource types:

* [microsoft-sql-server](https://docs.strongdm.com/admin/resources/datasources/microsoft-sql-server "mention")
* [microsoft-sql-server-kerberos](https://docs.strongdm.com/admin/resources/datasources/microsoft-sql-server-kerberos "mention")
* [microsoft-sql-server-azure-ad](https://docs.strongdm.com/admin/resources/datasources/microsoft-sql-server-azure-ad "mention")
* [azure-postgresql](https://docs.strongdm.com/admin/resources/datasources/azure-postgresql "mention")
* [azure-mysql](https://docs.strongdm.com/admin/resources/datasources/azure-mysql "mention")


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.strongdm.com/admin/deployment/integrations/microsoft.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.