Filters
Filters allow you to narrow request results when programmatically interacting with StrongDM via the CLI or the API. This article describes how to use filters with the sdm admin CLI commands, including proper syntax, usage examples, and available filter parameters and values.
For information on how to use filters in API requests with any of StrongDM's SDKs, please consult the documentation for the specific tool you wish to use.
Syntax and Filtering Considerations
Filters are specified in sdm admin CLI commands with the --filter flag followed by the field and the value on which you want to filter.
Example:
sdm admin users list --filter '<FIELD>:<VALUE>'Let's say, for example, that your organization has 50 users whose first name is Sam, and you want to list only those people. To do that, run the command with the filter set as follows:
sdm admin users list --filter 'firstname:sam'Possible filter fields and values are described in section Filter Parameters by Entity and section Potential Resource Type Values.
Wildcards
The --filter flag accepts wildcard (*) values for certain fields, such as name and email. For example, you can use a filter and wildcard to list only users whose email address ends with @strongdm.com:
sdm admin users list --filter 'email:*@strongdm.com'Special characters
Special characters must be properly escaped using quotation marks. Additionally, multi-word names in filters must be encapsulated in quotation marks. For example, name:"Foo Bar" is correct, and name:Foo Bar is not.
Case
Filters are case-insensitive. Uppercase and lowercase values return the same results.
Terminal syntax differences
The terminal programs on different operating systems use syntax that can vary slightly. For example, using the --filter flag requires the following syntax for most macOS or Linux terminals:
--filter 'verb:"user added"'Command Prompt on Windows, however, requires the following formatting for the same command:
--filter "verb:\"*user added*\""In Powershell, the following formatting is needed for the same command:
--filter 'verb:"*user*added*"'The examples presented throughout the documentation primarily use the first syntax example given (for macOS or Linux) for CLI command examples. If your command is not working, verify that you are following the appropriate syntax rules for your terminal program when it comes to quoting, escaping, flagging, and similar operations.
Date/Time format
Our system can parse the date (year, month, day) and time (hours, minutes, seconds) in a variety of formats. Examples of some accepted formats include the following:
2024-01-01 00:00:00 UTC01 January 2024 00:002024-01-01T12:00:00Z
When filtering based on date and time, an acceptable format must be used. It's optional to provide the time.
Example:
sdm audit activities --filter 'after:2024-01-01'An error message is returned if you are not using a valid format: Could not find format and will need to structure your date in a different way.
Usage Examples
This section provides examples of various ways to use single filters and multiple filters with the sdm admin management commands.
List servers by name
The following example command shows how you can apply a filter to list all servers with a name that includes the word "admin." Note the use of wildcards around "admin."
$ sdm admin servers list --filter 'name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
rs-7bb96dd41d9ac70b azure-gateway-admin sshShow only sshCert servers
In the following example, the type filter is used to list SSH Certificate-type servers:
$ sdm admin servers list --filter 'type:sshCert'
Server ID Name Type
rs-1b08901ed124e296 azure-gateway sshCert
rs-2b73c2267a7e1379 azure-gateway - CA (root) sshCert
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCertUse multiple filters
The following example uses two filters, one for type and one for name, to list SSH Certificate-type servers that have admin in their name:
$ sdm admin servers list --filter 'type:sshCert,name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCertUse multiple flags for multiple filters
You can also provide filters as separate flags to achieve the same results, as in the following example:
$ sdm admin servers list --filter 'type:sshCert' --filter 'name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCertFilter based on ID
When id is used as a filter, results return any matching results. Because every ID is unique, it would be impossible to match more than one simultaneously if multiple id filters are provided.
In the example shown, you can see that listing servers and filtering by id results in a list of all servers that have the specified IDs.
$ sdm admin servers list --filter 'id:rs-1b08901ed124e296' --filter 'id:rs-2b73c2267a7e1379' --filter 'id:rs-03ad1e1b240c85c1'
Server ID Name Type
rs-1b08901ed124e296 azure-gateway - CA sshCert
rs-2b73c2267a7e1379 azure-gateway - CA (Copy) sshCert
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCertBulk operations examples
You can use filters to assist with various bulk actions, such as showing all websites for a given hostname, deleting a group of resources, and so forth. This section includes some examples of such bulk operations.
Update multiple resources
You may use filters to do batch updates on multiple resources.
In the following example, an Update command is used with the --filter and --tags flags to add the env=public tag to all HTTP (No Auth) type-websites:
$ sdm admin websites update --filter 'type:httpnoauth' --tags 'env=public'
changed 4 out of 4 matching datasourcesTo check that the env=public tag has been applied to the correct websites, you can filter for all websites with the type httpnoauth, as in the following example:
$ sdm admin websites list --filter 'type:httpnoauth'
Website ID Name Type Tags
rs-3b34c199bef73d19 google httpNoAuth env=public
rs-000000000004682d ksql control center httpNoAuth env=public
rs-4d1c88780405f0ad potato httpNoAuth env=public
rs-000000000004d17f support kibana httpNoAuth env=publicDelete multiple resources
You can use the --filter flag to delete a group of the same resources that have something in common. The filter specifies what they have in common, such as an assigned tag or the resource type.
In the example shown, the --filter flag is used to delete all the websites that are tagged with env=public.
$ sdm admin websites delete --filter 'tags:env=public' --apply
deleted 4 datasourcesJSON Filters
For larger or more complex search queries, you can use a JSON file to define your list of filters. Commands that point to JSON files use the --filter-json flag instead of --filter.
Example:
sdm admin datasources list --filter-json <PATH_TO_JSON_FILE>Let's say that you want to list a specific datasource and all PostgreSQL datasources that have been assigned the region=EU tag. Your command includes the --filter-json flag and the path to the JSON filter file:
sdm admin datasources list --filter-json /Users/alice.glick/Documents/example.jsonThe JSON filter file includes several filter parameters and their values, as in the following example:
[
{
"ids": [
"rs-0835300a78ea36a0"
]
},
{
"type": "postgres",
"tags": {
"region": "EU"
}
}
]Note that the JSON-based filter is the union of filters, whose attributes are additive. In this example, results of the filter file are the union of one datasource (id = rs-0835300a78ea36a0) and all datasources whose type is postgres and contain the region=EU tag.
Filters Help
You can use the --filters-help option with any CLI command that has filters to show all possible filters and usage examples. This option enables you to see filters with proper syntax, in context, without leaving the CLI. The --filters-help option is supported for all CLI commands that have the --filter option.
The output varies based on entity type. In the example shown, sdm admin datasources list --filters-help returns all possible filters that can be used to filter a list of datasources.
Example:
$ sdm admin datasources list --filters-help
Filters:
assigned true
bindAddress 127.0.0.1:2022
bindInterface 127.0.0.1
discoveryEnabled true
hasRequest true
healthy true
hostname www.example.com
http_subdomain internalsite
id rs-e1b2
identity_enabled true
identity_set_id ig-e1b2
inPeeringGroup true
lockStatus locked
name dev-db2
port 5432
port_override 15432
secretStoreId se-e1b2
tags k=v
type postgres
userAccess available
username admin
vnmMode true
workflow aw-e1b2Filter Parameters by Entity
Fields available to filter on vary by entity type. This section describes all possible filter parameters for the following entity types:
Access requests
Accounts (users and services)
Activities
Healthchecks
Nodes (gateways and relays)
Queries
Permissions (account resources)
Resources (clouds, clusters, datasources, servers, websites)
Roles
Workflows (including workflow approvers, workflow assignments, and workflow roles)
Supported data types for filter values
Boolean
True or false values, including true, false, t, f, 1, and 0
Datetime
Series of values representing the date (year, month, day) and time (hours, minutes, seconds)
Text values that are properly formatted email addresses
IP
Supports IPv4 address with or without port
KVP
Key-value pair in the format title=value
String
Any non-null value
URL
Data that follows the pattern of a URL
Access requests
account
Account ID of the user requesting access to the resource
String
sdm access requests --filter 'account:aq-e1b2'
assigned
Resources assigned (true) or unassigned (false) to a workflow
Boolean
sdm access catalog --filter 'assigned:true'
bindAddress
IP address to which the resource is bound, and port, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1
IP
sdm access catalog --filter 'bindAddress:127.0.0.1:2022'
bindInterface
IP address to which the resource is bound, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1
IP
sdm access catalog --filter 'bindInterface:127.0.0.1'
hasRequest
Resources that users have requested to access (true) or not (false)
Boolean
sdm access catalog --filter 'hasRequest:true'
healthy
Health status of the resource being requested to access
Boolean
sdm access catalog --filter 'healthy:false'
hostname
Hostname of the resource; for websites, the URL of the website
URL
sdm access catalog --filter 'hostname:www.example.com'
http_subdomain
Organization's web domain value
String
sdm access catalog --filter 'http_subdomain:internalsite'
id
ID of the resource
String
sdm access catalog --filter 'id:rs-e1b2'
identity_enabled
Method of authentication for the resource, either Identity Aliases (true) or leased credentials (false)
Boolean
sdm access catalog --filter 'identity_enabled:true'
identity_set_id
ID of the Identity Set, if the resource's method of authentication is set to Identity Aliases
String
sdm access catalog --filter 'identity_set_id:ig-e1b2'
inPeeringGroup
Resources that are attached to a peering group (true) or unattached to a peering group (false)
Boolean
sdm access catalog --filter 'inPeeringGroup:true'
lockStatus
Lock status of the resource (locked or unlocked)
String
sdm access catalog --filter 'lockStatus:locked'
name
Name of the resource
String
sdm access catalog --filter 'name:dev-db2'
port
Port number
Number
sdm access catalog --filter 'port:5432'
port_override
Port override to which the resource is bound
Number
sdm access catalog --filter 'port_override:15432'
request
Requested account or resource name
String
sdm access requests --filter 'request:redis'
secretStoreId
Secret store identifier for the resource; use sdm admin secretstores list to get it
String
sdm access catalog --filter 'secretStoreId:se-e1b2'
status
Status of the request to access the resource (pending, approved, denied, canceled, or timed out)
String
sdm access requests --filter 'status:"timed out"'
submittedAfter
Date/time after the request to access the resource was submitted
String
sdm access requests --filter 'submittedAfter:2024-01-01T12:00:00Z'
submittedBefore
Date/time before the request to access the resource was submitted
String
sdm access requests --filter 'submittedBefore:2024-01-01T12:00:00Z'
tags
Resource tags assigned to the resource
KVP
sdm access catalog --filter 'tags:k=v'
target
Resource ID of the target resource
String
sdm access requests --filter 'target:rs-e1b2'
type
Specific type of resource (for example, sshCert, redis, and so forth)
String
sdm access catalog --filter 'type:postgres'
userAccess
Resources available for users to request access to them
String
sdm access catalog --filter 'userAccess:available'
username
Username to be used for authentication to the resource
String
sdm access catalog --filter 'username:admin'
vnmMode
Resources that are configured to use Virtual Networking Mode (true) or not (false)
Boolean
sdm access catalog --filter 'vnmMode:true'
workflow
Workflow ID of the workflow to which the resource is assigned
String
sdm access catalog --filter 'workflow:aw-e1b2'
Accounts - users and service accounts
active
Users who have (true) or have not (false) actively used StrongDM in the last 90 days
Boolean
sdm admin users list --filter 'active:false'
approver
Users who have the ability to approve requests for workflows
Boolean
sdm admin users list --filter 'approver:true'
firstName
User's first name
String
sdm admin users list --filter 'firstName:alice'
fullName
User's full name (first and last) or the service account's name
String
sdm admin services list --filter 'fullName:*Service
hasRequest
Users who have (true) or have not (false) requested access to resources
Boolean
sdm admin users list --filter 'hasRequest:true'
hasTemporaryAccess
Users who have temporary access to resources
Boolean
sdm admin users list --filter 'hasTemporaryAccess:true'
id
User ID
String
sdm admin users list --filter 'id:a-005c9fd06213dba8'
inNoRoles
Users who have no assigned role
Boolean
sdm admin users list --filter 'inNoRoles:true'
lastName
User's last name
String
sdm admin users list --filter 'lastName:glick'
locked
Users who are locked out or not from StrongDM
Boolean
sdm admin users list --filter 'locked:true'
managed
Users who are managed and provisioned by StrongDM (false) or managed and provisioned by a third-party identity provider (true) such as Okta
Boolean
sdm admin users list --filter 'managed:false'
new
Users who have been created but not yet logged in
Boolean
sdm admin users list --filter 'new:true'
permissionLevel
User's permission level (admin, admin-token, auditor, database-admin, multi-team-leader, relay, service, suspended, scim-token, or user)
String
sdm admin users list --filter 'permissionLevel:database-admin'
roleID
Role ID
String
sdm admin users list --filter 'roleID:r-e1b2'
suspended
User's status
Boolean
sdm admin users list --filter 'suspended:true'
tags
Tags assigned to the user; supports wildcards (*); tag values containing commas must be inside quotes
KVP
sdm admin users list --filter 'tags:region="useast,uswest"'
type
Type of account (user or service)
String
sdm admin users list --filter 'type:user'
workflowIDs
Returns all accounts that are assigned as explicit approvers for any of the provided workflowIDs
String
sdm admin users list --filter 'workflowIDs:aw-e1b2'
Activities
actor_id
User or service account ID
String
sdm audit activities --filter 'actor_id:a-e1b2'
after
Activities logged after the specified date and time
Datetime
sdm audit activities --filter 'after:2024-01-01T12:00:00Z'
before
Activities logged before the specified date and time
Datetime
sdm audit activities --filter 'before:2024-01-01T12:00:00Z'
content
Activity log contents
String
sdm audit activities --filter 'content:user addded or something detailed happened'
description
Activity log description
String
sdm audit activities --filter 'description:something detailed happened'
id
Activity log identifier
String
sdm audit activities --filter 'id:at-e1b2'
ip
IP address of the user
IP
sdm audit activities --filter 'ip:127.0.0.1'
verb
Short string that can be used to filter or group activities by the action that is being taken
String
sdm audit activities --filter 'verb:user added'
Healthchecks
healthy
Healthy status of a node or resource
Boolean
sdm healthchecks list --filter 'healthy:false'
nodeId
ID of the gateway or relay
String
sdm healthchecks list --filter 'nodeId:n-e1b2'
nodeName
Name of the gateway or relay
String
sdm healthchecks list --filter 'nodeName:sdmNode14'
resourceID
Resource ID
String
sdm healthchecks list --filter 'resourceID:r-e1b2'
resourceName
Resource name
String
sdm healthchecks list --filter 'resourceName:database123'
Nodes - gateways and relays
bindaddr
Bind address; note that this parameter is only for gateways
IP
sdm admin nodes list gateways --filter 'bindaddr:0.0.0.0:5000'
id
ID of the gateway or relay
String
sdm admin nodes list --filter 'id:n-123abc4d567e89fg'
listenaddr
IP or host address that the gateway listens on; this parameter is only for gateways, as relays do not listen for client connections
IP, URL
sdm admin gateways --filter 'listenaddr:ec2-1-23-456-78.compute-1.amazonaws.com:5000'
name
Name of the gateway or relay
String
sdm admin nodes list --filter 'name:docs'
online
Status of the gateway or relay
Boolean
sdm admin nodes list --filter 'online:false'
tags
Resource tags assigned to the gateway or relay
KVP
sdm admin nodes list --filter 'tag:env=dev'
type
Node type (gateway or relay)
String
sdm admin nodes list --filter 'type:relay'
Permissions
account_grant_id
Account grant ID
String
sdm audit permissions --filter 'account_grant_id:ag-e1b2'
account_id
User or service account ID
String
sdm audit permissions --filter 'account_id:a-e1b2'
granted_after
Permissions granted after the specified date and time
Datetime
sdm audit permissions --filter 'granted_after:2024-01-01T12:00:00Z'
granted_before
Permissions granted before the specified date and time
Datetime
sdm audit permissions --filter 'granted_before:2024-01-01T12:00:00Z'
resource_id
Resource ID
String
sdm audit permissions --filter 'resource_id:rs-e1b2'
role_id
Role ID
String
sdm audit permissions --filter 'role_id:r-e1b2'
Queries
account
Account name or email
String or email
sdm audit queries --filter 'account:alice.glick'
account_id
Account ID
String
sdm audit queries --filter 'account_id:a-e1b2'
after
Queries logged after the specified date and time
Datetime
sdm audit queries --filter 'after:2024-01-01T12:00:00Z'
before
Queries logged before the specified date and time
Datetime
sdm audit queries --filter 'before:2024-01-01T12:00:00Z'
encrypted
Encryption status of the query
Boolean
sdm audit queries --filter 'encrypted:true'
firstName
User's first name
String
sdm audit queries --filter 'firstName:Bob'
id
Query identifier
String
sdm audit queries --filter 'id:0asb124dsac'
lastName
User's last name
String
sdm audit queries --filter 'lastName:Belcher'
query
Query executed by the user
String
sdm audit queries --filter 'query:select * from users'
query_category
Resource category for the query
String
sdm audit queries --filter 'query_category:cluster'
resource_id
Resource ID
String
sdm audit queries --filter 'resource_id:r-e1b2'
resource_name
Resource name
String
sdm audit queries --filter 'resource_name:dev-db2'
resource_type
Resource type
String
sdm audit queries --filter 'resource_type:postgres'
Resources - clouds, clusters, datasources, servers, websites
assigned
Resources that are assigned to a workflow
Boolean
sdm admin datasources list --filter 'assigned:true'
bindAddress
IP address to which the resource is bound, and port, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1
IP
sdm admin datasources list --filter 'bindAddress:127.0.0.1:2022'
bindInterface
IP address to which the resource is bound, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1
IP
sdm admin datasources list --filter 'bindInterface:127.0.0.1'
hasRequest
Resources that users have requested to access
Boolean
sdm admin servers list --filter 'hasRequest:true'
healthy
Health status of the resource
Boolean
sdm admin datasources list --filter 'healthy:false'
hostname
Hostname of the resource; for websites, the URL of the website
URL
sdm admin datasources list --filter 'hostname:example-host.com'
httpsubdomain
Organization's web domain value
String
sdm admin datasources list --filter 'httpsubdomain:education-team'
id
ID of the resource
String
sdm admin datasources list --filter 'id:rs-058a6582617b2c95'
identity_enabled
Method of authentication for the resource, either Identity Aliases (true) or leased credentials (false)
Boolean
sdm admin servers list --filter 'identity_enabled:true'
identity_set_id
ID of the Identity Set, if the resource's method of authentication is set to Identity Aliases
String
sdm admin servers list --filter 'identity_set_id:ig-e1b2'
name
Name of the resource
String
sdm admin datasources list --filter 'name:ExampleResourceName'
port
Port number
Number
sdm admin datasources list --filter 'port:27017'
portoverride
Port override to which the resource is bound
Number
sdm admin datasources list --filter 'portoverride:1234'
secretStoreId
Secret store identifier for the resource; use sdm admin secretstores list to get it
String
sdm admin clouds list --filter 'secretStoreId:se-1a2b3cd45678e9f1'
tags
Resource tags assigned to the resource
KVP
sdm admin datasources list --filter 'tag:env=dev'
type
Specific type of resource (for example, sshCert, redis, and so forth)
String
sdm admin datasources list --filter 'type:redis'
username
Username to be used for authentication to the resource
String
sdm admin datasources list --filter 'username:admin'
Roles
assigned
Roles assigned (true) or unassigned (false) to an account
Boolean
sdm admin roles list --filter 'assigned:false'
id
Role ID
String
sdm admin roles list --filter 'id:r-449dd90f60f610d7'
managed
Roles (groups) that are managed and provisioned by StrongDM (false) or managed and provisioned by a third-party identity provider (true) such as Okta
Boolean
sdm admin roles list --filter 'managed:false'
name
Name of the role
String
sdm admin roles list --filter 'name:Docs'
tags
Tags assigned to the role
KVP
sdm admin roles update 'Test Role' --tags 'env=dev'
workflow
Workflow ID of the workflow to which the role is assigned
String
sdm access catalog --filter 'workflow:aw-e1b2'
Workflows, workflow-approvers, workflow-assignments, workflow-roles
account
Account ID of the user
String
sdm admin workflows list workflow-approvers --filter 'account:a-e1b2'
autogrant
Approval criteria for the workflow, either automatic approval (true) or manual approval (false)
Boolean
sdm admin workflows list workflows --filter 'autogrant:true'
enabled
Status of workflow (enabled or disabled)
Boolean
sdm admin workflows list workflows --filter 'enabled:true'
id
Workflow ID
String
sdm admin workflows list workflows --filter 'id:aw-e1b2'
name
Name of workflow
String
sdm admin workflows list workflows --filter 'name:mysql-dev'
resource
Resource ID
String
sdm admin workflows list workflow-assignments --filter 'resource:rs-e1b2'
role
Role ID
String
sdm admin workflows list workflow-roles --filter 'role:r-e1b2'
workflow
Workflow ID
String
sdm admin workflows list workflow-approvers --filter 'workflow:aw-e1b2'
Potential Resource Type Values
This section provides the accepted values for each resource type.
Datasources
This table provides the values for each datasource type.
Amazon ES
amazones
Amazon MQ (AMQP 0.9.1)
amazonmq-amqp-091
Athena
athena
Aurora MySQL
aurora-mysql
Aurora PostgreSQL
aurora-postgres
Aurora PostgreSQL (IAM)
aurorapostgresiam
Azure Database for MySQL
azuremysql
Azure Database for PostgreSQL
azurepostgres
Azure PostgreSQL (Managed Identity)
azurepostgresmanagedidentity
BigQuery
bigquery
Cassandra
cassandra
Citus
citus
Clustrix
clustrix
CockroachDB
cockroach
Db2i
db2i
Db2 LUW
db2luw
DocumentDB (replica set)
documentdbreplicaset
DocumentDB (single host)
documentdbhost
Druid
druid
DynamoDB
dynamo
ElastiCache Redis
ecredis
Elasticsearch
elastic
Greenplum
greenplum
Maria
maria
Memcached
memcached
MemSQL
memsql
Microsoft SQL Server
mssql
Microsoft SQL Server (Azure AD)
mssqlAzureAD
Microsoft SQL Server (Kerberos)
mssqlKerberos
MongoDB (replica set)
mongo-replicaset
MongoDB (sharded cluster)
mongoshardedcluster
MongoDB (single host)
mongo
MySQL
mysql
Neptune
neptune
Neptune (IAM)
neptuneiam
Oracle
oracle
PostgreSQL
postgres
PostgreSQL (mTLS)
mTLSPostgres
Presto
presto
RabbitMQ (AMQP 0.9.1)
rabbitmq-amqp-091
RDS PostgreSQL (IAM)
rdspostgresiam
Redis
redis
Redshift
redshift
SingleStore
singlestore
Snowflake
snowflake
Sybase ASE
sybase
Sybase IQ
sybase-iq, sybaseiq
Teradata
teradata
Servers
This table provides the values for each server type.
RDP
rdp
RDP (Certificate Based)
rdp-cert, rdpCert
SSH (Public Key)
ssh
SSH (Certificate Based)
ssh-cert, sshCert
SSH (Customer Managed Key)
ssh-customer-key
TCP
rawtcp
Clusters
This table provides the values for each cluster type.
AKS
aks
AKS (Service Account)
aks-service, aksservice
AKS (Service Account - User Impersonation)
aks-service-ui, aksserviceui
AKS (User Impersonation)
aks-ui
Elastic Kubernetes Service
amazon-eks, amazoneks, eks
Elastic Kubernetes Service (instance profile)
amazon-eks-instance-profile, amazoneksinstanceprofile, eks-instance-profile
Elastic Kubernetes Service (User Impersonation)
amazon-eks-ui, amazoneksui, eksui
Elastic Kubernetes Service (instance profile - User Impersonation)
amazon-eks-instance-profile-ui, amazoneksinstanceprofileui, eks-instance-profile-ui
Google Kubernetes Engine
gke
Google Kubernetes Engine (User Impersonation)
gke-ui
Kubernetes
k8s, kubernetes
Kubernetes (Service Account)
k8s-service, k8sservice
Kubernetes (Service Account - User Impersonation)
k8s-service-ui, k8sserviceui
Kubernetes (User Impersonation)
k8s-ui, kubernetesui
Clouds
This table provides the values for each cloud type.
AWS
aws
AWS Management Console
awsConsole
AWS Management Console (Static key pair)
awsConsoleStaticKeyPair
Azure (Certificate)
azurecert
Azure (Password)
azure
GCP CLI/SDK (Service Account)
gcp
GCP Web Console (Workforce Identity Federation)
gcpConsole
GCP CLI/SDK (Workforce Identity Federation)
gcpWIF
Snowsight (Snowflake Web Console)
snowsight
Websites
This table provides the values for each website type.
HTTP
http, httpNoAuth, http-no-auth
HTTP Basic Auth
http-basic, httpBasic, basicauth
HTTP Custom Auth
http-header-auth, headerauth
Last updated
Was this helpful?