Amazon MQ
Last modified on September 16, 2024
On this page
To add Amazon MQ as a datasource in the Admin UI, set the following configuration properties. For more information, see our main guide, Add a Datasource.
In order to connect to the Amazon MQ resource through StrongDM, you will need to disable hostname verification or allow invalid hostnames on the client side.
Configuration Properties
- Display Name (Required): Enter a meaningful name for this resource, such as “amazon-mq.” This name displays throughout StrongDM. Do not include special characters like quotes (") or angle brackets (< or >).
- Datasource Type (Required): Select Amazon MQ (AMQP 0.9.1).
- Hostname (Required): Enter the hostname, which must be accessible to a Gateway or Relay. Do not include the protocol (ampq://) or port.
- Port (Required): Enter the port to connect to the service (default: 5671). Use port 5671 for TLS; use port 5672 for non-TLS.
- Bind Interface (Read only): Bind Interface is the IP address to which the port override of this resource is bound. The IP address value is automatically generated in the
127.0.0.1
to127.255.255.254
IP address range after the resource is created. The default is127.0.0.1
. You can modify this value with your preferred bind interface value later under Settings > Port Overrides. - Port Override (Read only): After this datasource has been created, this field will be automatically filled with a port between 1024-59999 that is not in use by another datasource. You can optionally overwrite it with your own preferred port later in the Port Overrides settings.
- Secret Store (Optional): This field lets you specify where the credentials for this resource are stored. The default Secret Store type is Strong Vault. Selecting any other Secret Store type causes properties unique to that Secret Store to appear, such as Username (path), Password (path), and so forth. For more detailed information about path to the secrets you have stored in a particular Secret Store, see the Secret Store integration configuration guide for the one you are using.
- Username (Required): This field is shown when Secret Store integration is not configured for your organization, or when it is and StrongDM is the selected Secret Store type. Enter the username for authentication to Amazon MQ (for example, “administrator”).
- Username (path) (Required): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not StrongDM, enter the path to the secret in your Secret Store (for example,
path/to/credential?key=optionalKeyName
). The key argument is optional. - Password (Required): This field is shown when Secret Store integration is not configured for your organization, or when it is and StrongDM is the selected Secret Store type. Enter the password for the provided username.
- Password (path) (Required): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not StrongDM, enter the path to the secret in your Secret Store (for example,
path/to/credential?key=optionalKeyName
). The key argument is optional. - TLS Required? (Optional): If your Amazon MQ service is configured to require TLS, you can select this checkbox to enable StrongDM to use a TLS connection.
- Resource Tags (Optional): Assign tags to the datasource by entering key-value pairs in the format
<KEY>=<VALUE>
(for example,env=dev
,region=us-east-1
, and so forth).