sdm admin clouds clone

NAME:
   sdm admin clouds clone - create a new cloud using an existing cloud as a template

USAGE:
   sdm admin clouds clone command [command options] [arguments...]

COMMANDS:
   aws                      clone AWS cloud
   awsConsole               clone AWS Management Console cloud
   awsConsoleStaticKeyPair  clone AWS Management Console (Static key pair) cloud
   awsinstanceprofile       clone AWS (Instance Profile) cloud
   azure                    clone Azure (Password) cloud
   azurecert                clone Azure (Certificate) cloud
   gcp                      clone GCP CLI/SDK (Service Account) cloud
   gcpConsole               clone GCP Web Console (Workforce Identity Federation) cloud
   gcpWIF                   clone GCP CLI/SDK (Workforce Identity Federation) cloud
   snowsight                clone Snowsight (Snowflake Web Console) cloud

OPTIONS:
   --help, -h  show help

aws

NAME:
   sdm admin clouds clone aws - clone AWS cloud

USAGE:
   sdm admin clouds clone aws [command options] <ID>

OPTIONS:
   --access-key-id value       (secret)
   --bind-interface value      bind interface (default: "127.0.0.1")
   --delete-all-tags           
   --delete-tags value         delete-tags e.g. 'key,...'
   --egress-filter value       apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --healthcheck-region value  Enter the AWS region healthcheck requests should attempt to connect to.
   --name value                datasource name
   --port-override value       port profile override (default: -1)
   --role-arn value            The role to assume after logging in. (secret)
   --role-external-id value    (secret)
   --secret-access-key value   (secret)
   --subdomain value, --bind-subdomain value           DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --tags value                tags e.g. 'key=value,...'
   --timeout value             set time limit for command

awsConsole

NAME:
   sdm admin clouds clone awsConsole - clone AWS Management Console cloud

USAGE:
   sdm admin clouds clone awsConsole [command options] <ID>

OPTIONS:
   --bind-interface value          bind interface (default: "127.0.0.1")
   --delete-all-tags               
   --delete-tags value             delete-tags e.g. 'key,...'
   --egress-filter value           apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --enable-environment-variables  Prefer environment variables to authenticate connection even if EC2 roles are configured.
   --http-subdomain value          This will be used as your local DNS address. (e.g. app-prod1 would turn into http://app-prod1.<your-org-name>.sdm.network/)
   --name value                    datasource name
   --port-override value           port profile override (default: -1)
   --region value                  The AWS region to connect to.
   --role-arn value                The role to assume after logging in. (secret)
   --role-external-id value        (secret)
   --session-expiry-seconds value  The length of time in seconds AWS console sessions will live before needing to reauthenticate. (default: 0)
   --tags value                    tags e.g. 'key=value,...'
   --timeout value                 set time limit for command

awsConsoleStaticKeyPair

NAME:
   sdm admin clouds clone awsConsoleStaticKeyPair - clone AWS Management Console (Static key pair) cloud

USAGE:
   sdm admin clouds clone awsConsoleStaticKeyPair [command options] <ID>

OPTIONS:
   --access-key-id value           (secret)
   --bind-interface value          bind interface (default: "127.0.0.1")
   --delete-all-tags               
   --delete-tags value             delete-tags e.g. 'key,...'
   --egress-filter value           apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --http-subdomain value          This will be used as your local DNS address. (e.g. app-prod1 would turn into http://app-prod1.<your-org-name>.sdm.network/)
   --name value                    datasource name
   --port-override value           port profile override (default: -1)
   --region value                  The AWS region to connect to.
   --role-arn value                The role to assume after logging in. (secret)
   --role-external-id value        (secret)
   --secret-access-key value       (secret)
   --session-expiry-seconds value  The length of time in seconds AWS console sessions will live before needing to reauthenticate. (default: 0)
   --tags value                    tags e.g. 'key=value,...'
   --timeout value                 set time limit for command

awsinstanceprofile

NAME:
   sdm admin clouds clone awsinstanceprofile - clone AWS (Instance Profile) cloud

USAGE:
   sdm admin clouds clone awsinstanceprofile [command options] <ID>

OPTIONS:
   --bind-interface value          bind interface (default: "127.0.0.1")
   --delete-all-tags               
   --delete-tags value             delete-tags e.g. 'key,...'
   --egress-filter value           apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --enable-environment-variables  Prefer environment variables to authenticate connection even if EC2 roles are configured.
   --name value                    datasource name
   --port-override value           port profile override (default: -1)
   --region value                  The AWS region to connect to.
   --role-arn value                The role to assume after logging in. (secret)
   --role-external-id value        (secret)
   --subdomain value, --bind-subdomain value               DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --tags value                    tags e.g. 'key=value,...'
   --timeout value                 set time limit for command

azure

NAME:
   sdm admin clouds clone azure - clone Azure (Password) cloud

USAGE:
   sdm admin clouds clone azure [command options] <ID>

OPTIONS:
   --app-id value          the application ID to authenticate with (secret)
   --bind-interface value  bind interface (default: "127.0.0.1")
   --delete-all-tags       
   --delete-tags value     delete-tags e.g. 'key,...'
   --egress-filter value   apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --name value            datasource name
   --password value        service principal password (secret)
   --port-override value   port profile override (default: -1)
   --subdomain value, --bind-subdomain value       DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --tags value            tags e.g. 'key=value,...'
   --tenant-id value       the tenant ID to authenticate to (secret)
   --timeout value         set time limit for command

azurecert

NAME:
   sdm admin clouds clone azurecert - clone Azure (Certificate) cloud

USAGE:
   sdm admin clouds clone azurecert [command options] <ID>

OPTIONS:
   --app-id value          the application ID to authenticate with (secret)
   --bind-interface value  bind interface (default: "127.0.0.1")
   --certificate value     service Principal certificate file, both private and public key (secret)
   --delete-all-tags       
   --delete-tags value     delete-tags e.g. 'key,...'
   --egress-filter value   apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --name value            datasource name
   --port-override value   port profile override (default: -1)
   --subdomain value, --bind-subdomain value       DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --tags value            tags e.g. 'key=value,...'
   --tenant-id value       the tenant ID to authenticate to (secret)
   --timeout value         set time limit for command

gcp

NAME:
   sdm admin clouds clone gcp - clone GCP CLI/SDK (Service Account) cloud

USAGE:
   sdm admin clouds clone gcp [command options] <ID>

OPTIONS:
   --bind-interface value  bind interface (default: "127.0.0.1")
   --delete-all-tags       
   --delete-tags value     delete-tags e.g. 'key,...'
   --egress-filter value   apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --name value            datasource name
   --port-override value   port profile override (default: -1)
   --scopes value          Space separated scopes that this login should assume into when authenticating
   --subdomain value, --bind-subdomain value       DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --svc-keyfile value     The service account keyfile to authenticate with (secret)
   --tags value            tags e.g. 'key=value,...'
   --timeout value         set time limit for command

gcpConsole

NAME:
   sdm admin clouds clone gcpConsole - clone GCP Web Console (Workforce Identity Federation) cloud

USAGE:
   sdm admin clouds clone gcpConsole [command options] <ID>

OPTIONS:
   --bind-interface value                       bind interface (default: "127.0.0.1")
   --delete-all-tags
   --delete-tags value                          delete-tags e.g. 'key,...'
   --egress-filter value                        apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --http-subdomain value                       This will be used as your local DNS address. (e.g. app-prod1 would turn into http://app-prod1.<your-org-name>.sdm.network/)
   --identity-alias-healthcheck-username value
   --identity-set-id value
   --identity-set-name value                    set the identity set by name
   --name value                                 datasource name
   --port-override value                        port profile override (default: -1)
   --proxy-cluster-id value                     proxy cluster id
   --session-expiry-seconds value               The length of time in seconds console sessions will live before needing to reauthenticate. (default: 0)
   --tags value                                 tags e.g. 'key=value,...'
   --timeout value                              set time limit for command
   --workforce-pool-id value                    The ID of the Workforce Identity Pool in GCP to use for federated SAML authentication.
   --workforce-provider-id value                The ID of the Workforce Identity Provider in GCP to use for federated SAML authentication.

gcpWIF

NAME:
   sdm admin clouds clone gcpWIF - clone GCP CLI/SDK (Workforce Identity Federation) cloud

USAGE:
   sdm admin clouds clone gcpWIF [command options] <ID>

OPTIONS:
   --bind-interface value                       bind interface (default: "127.0.0.1")
   --delete-all-tags
   --delete-tags value                          delete-tags e.g. 'key,...'
   --egress-filter value                        apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --identity-alias-healthcheck-username value
   --identity-set-id value
   --identity-set-name value                    set the identity set by name
   --name value                                 datasource name
   --port-override value                        port profile override (default: -1)
   --project-id value                           When specified, all project scoped requests will use this Project ID
   --proxy-cluster-id value                     proxy cluster id
   --scopes value                               Space separated scopes that this login should assume into when authenticating
   --session-expiry-seconds value               The length of time in seconds console sessions will live before needing to reauthenticate. (default: 0)
   --subdomain value, --bind-subdomain value                            DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.<your-org-name>.<sdm-proxy-domain>"). Only applicable to HTTP-based resources or resources using virtual networking mode.
   --tags value                                 tags e.g. 'key=value,...'
   --timeout value                              set time limit for command
   --workforce-pool-id value                    The ID of the Workforce Identity Pool in GCP to use for federated SAML authentication.
   --workforce-provider-id value                The ID of the Workforce Identity Provider in GCP to use for federated SAML authentication.

snowsight

NAME:
   sdm admin clouds clone snowsight - clone Snowsight (Snowflake Web Console) cloud

USAGE:
   sdm admin clouds clone snowsight [command options] <ID>

OPTIONS:
   --bind-interface value        bind interface (default: "127.0.0.1")
   --delete-all-tags             
   --delete-tags value           delete-tags e.g. 'key,...'
   --egress-filter value         apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
   --healthcheck_username value  The StrongDM user email to use for healthchecks
   --name value                  datasource name
   --port-override value         port profile override (default: -1)
   --saml-metadata value         The Metadata for your snowflake IDP integration (secret)
   --subdomain value, --bind-subdomain value             
   --tags value                  tags e.g. 'key=value,...'
   --timeout value               set time limit for command
   --tls-required                sdm must use TLS to connect

Last updated 2 months ago

Was this helpful?