Filters
Last modified on November 6, 2024
Filters allow you to narrow request results when programmatically interacting with StrongDM via the CLI or the API. This article describes how to use filters with the sdm admin CLI commands, including proper syntax, usage examples, and available filter parameters and values.
For information on how to use filters in API requests with any of StrongDM’s SDKs, please consult the documentation for the specific tool you wish to use.
Syntax and Filtering Considerations
Filters are specified in sdm admin CLI commands with the --filter flag followed by the field and the value on which you want to filter.
Example:
sdm admin users list --filter '<FIELD>:<VALUE>'
Let’s say, for example, that your organization has 50 users whose first name is Sam, and you want to list only those people. To do that, run the command with the filter set as follows:
sdm admin users list --filter 'firstname:sam'
Possible filter fields and values are described in section Filter Parameters by Entity and section Potential Resource Type Values.
Wildcards
The --filter flag accepts wildcard (*) values for certain fields, such as name and email. For example, you can use a filter and wildcard to list only users whose email address ends with @strongdm.com:
sdm admin users list --filter 'email:*@strongdm.com'
Special characters
Special characters must be properly escaped using quotation marks. Additionally, multi-word names in filters must be encapsulated in quotation marks. For example, name:"Foo Bar" is correct, and name:Foo Bar is not.
Case
Filters are case-insensitive. Uppercase and lowercase values return the same results.
Terminal syntax differences
The terminal programs on different operating systems use syntax that can vary slightly. For example, using the --filter flag requires the following syntax for most macOS or Linux terminals:
--filter 'verb:"user added"'
Command Prompt on Windows, however, requires the following formatting for the same command:
--filter="verb:\"user added\""
The examples presented throughout the documentation primarily use the first syntax example given (for macOS or Linux) for CLI command examples. If your command is not working, verify that you are following the appropriate syntax rules for your terminal program when it comes to quoting, escaping, flagging, and similar operations.
Date/Time format
Our system can parse the date (year, month, day) and time (hours, minutes, seconds) in a variety of formats. Examples of some accepted formats include the following:
2024-01-01 00:00:00 UTC01 January 2024 00:002024-01-01T12:00:00Z
When filtering based on date and time, an acceptable format must be used. It’s optional to provide the time.
Example:
sdm audit activities --filter 'after:2024-01-01'
An error message is returned if you are not using a valid format: Could not find format and will need to structure your date in a different way.
Usage Examples
This section provides examples of various ways to use single filters and multiple filters with the sdm admin management commands.
List servers by name
The following example command shows how you can apply a filter to list all servers with a name that includes the word “admin.” Note the use of wildcards around “admin.”
$ sdm admin servers list --filter 'name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
rs-7bb96dd41d9ac70b azure-gateway-admin ssh
Show only sshCert servers
In the following example, the type filter is used to list SSH Certificate-type servers:
$ sdm admin servers list --filter 'type:sshCert'
Server ID Name Type
rs-1b08901ed124e296 azure-gateway sshCert
rs-2b73c2267a7e1379 azure-gateway - CA (root) sshCert
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
type:sshCert or type:sshcert returns the same results.Use multiple filters
The following example uses two filters, one for type and one for name, to list SSH Certificate-type servers that have admin in their name:
$ sdm admin servers list --filter 'type:sshCert,name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
Use multiple flags for multiple filters
You can also provide filters as separate flags to achieve the same results, as in the following example:
$ sdm admin servers list --filter 'type:sshCert' --filter 'name:*admin*'
Server ID Name Type
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
Filter based on ID
When id is used as a filter, results return any matching results. Because every ID is unique, it would be impossible to match more than one simultaneously if multiple id filters are provided.
In the example shown, you can see that listing servers and filtering by id results in a list of all servers that have the specified IDs.
$ sdm admin servers list --filter 'id:rs-1b08901ed124e296' --filter 'id:rs-2b73c2267a7e1379' --filter 'id:rs-03ad1e1b240c85c1'
Server ID Name Type
rs-1b08901ed124e296 azure-gateway - CA sshCert
rs-2b73c2267a7e1379 azure-gateway - CA (Copy) sshCert
rs-03ad1e1b240c85c1 azure-gateway - CA (admin) sshCert
Bulk operations examples
You can use filters to assist with various bulk actions, such as showing all websites for a given hostname, deleting a group of resources, and so forth. This section includes some examples of such bulk operations.
Update multiple resources
You may use filters to do batch updates on multiple resources.
In the following example, an Update command is used with the --filter and --tags flags to add the env=public tag to all HTTP (No Auth) type-websites:
$ sdm admin websites update --filter 'type:httpnoauth' --tags 'env=public'
changed 4 out of 4 matching datasources
To check that the env=public tag has been applied to the correct websites, you can filter for all websites with the type httpnoauth, as in the following example:
$ sdm admin websites list --filter 'type:httpnoauth'
Website ID Name Type Tags
rs-3b34c199bef73d19 google httpNoAuth env=public
rs-000000000004682d ksql control center httpNoAuth env=public
rs-4d1c88780405f0ad potato httpNoAuth env=public
rs-000000000004d17f support kibana httpNoAuth env=public
Delete multiple resources
You can use the --filter flag to delete a group of the same resources that have something in common. The filter specifies what they have in common, such as an assigned tag or the resource type.
--apply (or --all or -a) to specify that you want to delete all matching resources. Omitting that flag results in an error.In the example shown, the --filter flag is used to delete all the websites that are tagged with env=public.
$ sdm admin websites delete --filter 'tags:env=public' --apply
deleted 4 datasources
JSON Filters
For larger or more complex search queries, you can use a JSON file to define your list of filters. Commands that point to JSON files use the --filter-json flag instead of --filter.
Example:
sdm admin datasources list --filter-json <PATH_TO_JSON_FILE>
Let’s say that you want to list a specific datasource and all PostgreSQL datasources that have been assigned the region=EU tag. Your command includes the --filter-json flag and the path to the JSON filter file:
sdm admin datasources list --filter-json /Users/alice.glick/Documents/example.json
The JSON filter file includes several filter parameters and their values, as in the following example:
[
{
"ids": [
"rs-0835300a78ea36a0"
]
},
{
"type": "postgres",
"tags": {
"region": "EU"
}
}
]
Note that the JSON-based filter is the union of filters, whose attributes are additive. In this example, results of the filter file are the union of one datasource (id = rs-0835300a78ea36a0) and all datasources whose type is postgres and contain the region=EU tag.
Filters Help
You can use the --filters-help option with any CLI command that has filters to show all possible filters and usage examples. This option enables you to see filters with proper syntax, in context, without leaving the CLI. The --filters-help option is supported for all CLI commands that have the --filter option.
The output varies based on entity type. In the example shown, sdm admin datasources list --filters-help returns all possible filters that can be used to filter a list of datasources.
Example:
$ sdm admin datasources list --filters-help
Filters:
assigned true
bindAddress 127.0.0.1:2022
bindInterface 127.0.0.1
discoveryEnabled true
hasRequest true
healthy true
hostname www.example.com
http_subdomain internalsite
id rs-e1b2
identity_enabled true
identity_set_id ig-e1b2
inPeeringGroup true
lockStatus locked
name dev-db2
port 5432
port_override 15432
secretStoreId se-e1b2
tags k=v
type postgres
userAccess available
username admin
vnmMode true
workflow aw-e1b2
Filter Parameters by Entity
Fields available to filter on vary by entity type. This section describes all possible filter parameters for the following entity types:
- Access requests
- Accounts (users and services)
- Activities
- Healthchecks
- Nodes (gateways and relays)
- Queries
- Permissions (account resources)
- Resources (clouds, clusters, datasources, servers, websites)
- Roles
- Workflows (including workflow approvers, workflow assignments, and workflow roles)
Supported data types for filter values
| Data type | Description |
|---|---|
| Boolean | True or false values, including true, false, t, f, 1, and 0 |
| Datetime | Series of values representing the date (year, month, day) and time (hours, minutes, seconds) |
| Text values that are properly formatted email addresses | |
| IP | Supports IPv4 address with or without port |
| KVP | Key-value pair in the format title=value |
| String | Any non-null value |
| URL | Data that follows the pattern of a URL |
Access requests
| Field | Description | Value type | Usage example |
|---|---|---|---|
account | Account ID of the user requesting access to the resource | String | sdm access requests --filter 'account:aq-e1b2' |
assigned | Resources assigned (true) or unassigned (false) to a workflow | Boolean | sdm access catalog --filter 'assigned:true' |
bindAddress | IP address to which the resource is bound, and port, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1 | IP | sdm access catalog --filter 'bindAddress:127.0.0.1:2022' |
bindInterface | IP address to which the resource is bound, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1 | IP | sdm access catalog --filter 'bindInterface:127.0.0.1' |
hasRequest | Resources that users have requested to access (true) or not (false) | Boolean | sdm access catalog --filter 'hasRequest:true' |
healthy | Health status of the resource being requested to access | Boolean | sdm access catalog --filter 'healthy:false' |
hostname | Hostname of the resource; for websites, the URL of the website | URL | sdm access catalog --filter 'hostname:www.example.com' |
http_subdomain | Organization’s web domain value | String | sdm access catalog --filter 'http_subdomain:internalsite' |
id | ID of the resource | String | sdm access catalog --filter 'id:rs-e1b2' |
identity_enabled | Method of authentication for the resource, either Identity Aliases (true) or leased credentials (false) | Boolean | sdm access catalog --filter 'identity_enabled:true' |
identity_set_id | ID of the Identity Set, if the resource’s method of authentication is set to Identity Aliases | String | sdm access catalog --filter 'identity_set_id:ig-e1b2' |
inPeeringGroup | Resources that are attached to a peering group (true) or unattached to a peering group (false) | Boolean | sdm access catalog --filter 'inPeeringGroup:true' |
lockStatus | Lock status of the resource (locked or unlocked) | String | sdm access catalog --filter 'lockStatus:locked' |
name | Name of the resource | String | sdm access catalog --filter 'name:dev-db2' |
port | Port number | Number | sdm access catalog --filter 'port:5432' |
port_override | Port override to which the resource is bound | Number | sdm access catalog --filter 'port_override:15432' |
request | Requested account or resource name | String | sdm access requests --filter 'request:redis' |
secretStoreId | Secret store identifier for the resource; use sdm admin secretstores list to get it | String | sdm access catalog --filter 'secretStoreId:se-e1b2' |
status | Status of the request to access the resource (pending, approved, denied, canceled, or timed out) | String | sdm access requests --filter 'status:"timed out"' |
submittedAfter | Date/time after the request to access the resource was submitted | String | sdm access requests --filter 'submittedAfter:2024-01-01T12:00:00Z' |
submittedBefore | Date/time before the request to access the resource was submitted | String | sdm access requests --filter 'submittedBefore:2024-01-01T12:00:00Z' |
tags | Resource tags assigned to the resource | KVP | sdm access catalog --filter 'tags:k=v' |
target | Resource ID of the target resource | String | sdm access requests --filter 'target:rs-e1b2' |
type | Specific type of resource (for example, sshCert, redis, and so forth) | String | sdm access catalog --filter 'type:postgres' |
userAccess | Resources available for users to request access to them | String | sdm access catalog --filter 'userAccess:available' |
username | Username to be used for authentication to the resource | String | sdm access catalog --filter 'username:admin' |
vnmMode | Resources that are configured to use Virtual Networking Mode (true) or not (false) | Boolean | sdm access catalog --filter 'vnmMode:true' |
workflow | Workflow ID of the workflow to which the resource is assigned | String | sdm access catalog --filter 'workflow:aw-e1b2' |
Accounts - users and service accounts
| Field | Description | Value type | Usage example |
|---|---|---|---|
active | Users who have (true) or have not (false) actively used StrongDM in the last 90 days | Boolean | sdm admin users list --filter 'active:false' |
approver | Users who have the ability to approve requests for workflows | Boolean | sdm admin users list --filter 'approver:true' |
email | User’s email address | sdm admin users list --filter 'email:alice.glick@strongdm.com' | |
firstName | User’s first name | String | sdm admin users list --filter 'firstName:alice' |
fullName | User’s full name (first and last) or the service account’s name | String | sdm admin services list --filter 'fullName:*Service |
hasRequest | Users who have (true) or have not (false) requested access to resources | Boolean | sdm admin users list --filter 'hasRequest:true' |
hasTemporaryAccess | Users who have temporary access to resources | Boolean | sdm admin users list --filter 'hasTemporaryAccess:true' |
id | User ID | String | sdm admin users list --filter 'id:a-005c9fd06213dba8' |
inNoRoles | Users who have no assigned role | Boolean | sdm admin users list --filter 'inNoRoles:true' |
lastName | User’s last name | String | sdm admin users list --filter 'lastName:glick' |
locked | Users who are locked out or not from StrongDM | Boolean | sdm admin users list --filter 'locked:true' |
managed | Users who are managed and provisioned by StrongDM (false) or managed and provisioned by a third-party identity provider (true) such as Okta | Boolean | sdm admin users list --filter 'managed:false' |
new | Users who have been created but not yet logged in | Boolean | sdm admin users list --filter 'new:true' |
permissionLevel | User’s permission level (admin, admin-token, auditor, database-admin, multi-team-leader, relay, service, suspended, scim-token, or user) | String | sdm admin users list --filter 'permissionLevel:database-admin' |
roleID | Role ID | String | sdm admin users list --filter 'roleID:r-e1b2' |
suspended | User’s status | Boolean | sdm admin users list --filter 'suspended:true' |
tags | Tags assigned to the user; supports wildcards (*); tag values containing commas must be inside quotes | KVP | sdm admin users list --filter 'tags:region="useast,uswest"' |
type | Type of account (user or service) | String | sdm admin users list --filter 'type:user' |
workflowIDs | Returns all accounts that are assigned as explicit approvers for any of the provided workflowIDs | String | sdm admin users list --filter 'workflowIDs:aw-e1b2' |
Activities
| Field | Description | Value type | Usage example |
|---|---|---|---|
actor_id | User or service account ID | String | sdm audit activities --filter 'actor_id:a-e1b2' |
after | Activities logged after the specified date and time | Datetime | sdm audit activities --filter 'after:2024-01-01T12:00:00Z' |
before | Activities logged before the specified date and time | Datetime | sdm audit activities --filter 'before:2024-01-01T12:00:00Z' |
content | Activity log contents | String | sdm audit activities --filter 'content:user addded or something detailed happened' |
description | Activity log description | String | sdm audit activities --filter 'description:something detailed happened' |
id | Activity log identifier | String | sdm audit activities --filter 'id:at-e1b2' |
ip | IP address of the user | IP | sdm audit activities --filter 'ip:127.0.0.1' |
verb | Short string that can be used to filter or group activities by the action that is being taken | String | sdm audit activities --filter 'verb:user added' |
Healthchecks
| Field | Description | Value type | Usage example |
|---|---|---|---|
healthy | Healthy status of a node or resource | Boolean | sdm healthchecks list --filter 'healthy:false' |
nodeId | ID of the gateway or relay | String | sdm healthchecks list --filter 'nodeId:n-e1b2' |
nodeName | Name of the gateway or relay | String | sdm healthchecks list --filter 'nodeName:sdmNode14' |
resourceID | Resource ID | String | sdm healthchecks list --filter 'resourceID:r-e1b2' |
resourceName | Resource name | String | sdm healthchecks list --filter 'resourceName:database123' |
Nodes - gateways and relays
| Field | Description | Value type | Usage example |
|---|---|---|---|
bindaddr | Bind address; note that this parameter is only for gateways | IP | sdm admin nodes list gateways --filter 'bindaddr:0.0.0.0:5000' |
id | ID of the gateway or relay | String | sdm admin nodes list --filter 'id:n-123abc4d567e89fg' |
listenaddr | IP or host address that the gateway listens on; this parameter is only for gateways, as relays do not listen for client connections | IP, URL | sdm admin gateways --filter 'listenaddr:ec2-1-23-456-78.compute-1.amazonaws.com:5000' |
name | Name of the gateway or relay | String | sdm admin nodes list --filter 'name:docs' |
online | Status of the gateway or relay | Boolean | sdm admin nodes list --filter 'online:false' |
tags | Resource tags assigned to the gateway or relay | KVP | sdm admin nodes list --filter 'tag:env=dev' |
type | Node type (gateway or relay) | String | sdm admin nodes list --filter 'type:relay' |
Permissions
| Field | Description | Value type | Usage example |
|---|---|---|---|
account_grant_id | Account grant ID | String | sdm audit permissions --filter 'account_grant_id:ag-e1b2' |
account_id | User or service account ID | String | sdm audit permissions --filter 'account_id:a-e1b2' |
granted_after | Permissions granted after the specified date and time | Datetime | sdm audit permissions --filter 'granted_after:2024-01-01T12:00:00Z' |
granted_before | Permissions granted before the specified date and time | Datetime | sdm audit permissions --filter 'granted_before:2024-01-01T12:00:00Z' |
resource_id | Resource ID | String | sdm audit permissions --filter 'resource_id:rs-e1b2' |
role_id | Role ID | String | sdm audit permissions --filter 'role_id:r-e1b2' |
Queries
| Field | Description | Value type | Usage example |
|---|---|---|---|
account | Account name or email | String or email | sdm audit queries --filter 'account:alice.glick' |
account_id | Account ID | String | sdm audit queries --filter 'account_id:a-e1b2' |
after | Queries logged after the specified date and time | Datetime | sdm audit queries --filter 'after:2024-01-01T12:00:00Z' |
before | Queries logged before the specified date and time | Datetime | sdm audit queries --filter 'before:2024-01-01T12:00:00Z' |
email | User’s email address | sdm audit queries --filter 'email:a@b.com' | |
encrypted | Encryption status of the query | Boolean | sdm audit queries --filter 'encrypted:true' |
firstName | User’s first name | String | sdm audit queries --filter 'firstName:Bob' |
id | Query identifier | String | sdm audit queries --filter 'id:0asb124dsac' |
lastName | User’s last name | String | sdm audit queries --filter 'lastName:Belcher' |
query | Query executed by the user | String | sdm audit queries --filter 'query:select * from users' |
query_category | Resource category for the query | String | sdm audit queries --filter 'query_category:cluster' |
resource_id | Resource ID | String | sdm audit queries --filter 'resource_id:r-e1b2' |
resource_name | Resource name | String | sdm audit queries --filter 'resource_name:dev-db2' |
resource_type | Resource type | String | sdm audit queries --filter 'resource_type:postgres' |
Resources - clouds, clusters, datasources, servers, websites
| Field | Description | Value type | Usage example |
|---|---|---|---|
assigned | Resources that are assigned to a workflow | Boolean | sdm admin datasources list --filter 'assigned:true' |
bindAddress | IP address to which the resource is bound, and port, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1 | IP | sdm admin datasources list --filter 'bindAddress:127.0.0.1:2022' |
bindInterface | IP address to which the resource is bound, in the 127.0.0.1 to 127.255.255.254 IP address range; default is 127.0.0.1 | IP | sdm admin datasources list --filter 'bindInterface:127.0.0.1' |
hasRequest | Resources that users have requested to access | Boolean | sdm admin servers list --filter 'hasRequest:true' |
healthy | Health status of the resource | Boolean | sdm admin datasources list --filter 'healthy:false' |
hostname | Hostname of the resource; for websites, the URL of the website | URL | sdm admin datasources list --filter 'hostname:example-host.com' |
httpsubdomain | Organization’s web domain value | String | sdm admin datasources list --filter 'httpsubdomain:education-team' |
id | ID of the resource | String | sdm admin datasources list --filter 'id:rs-058a6582617b2c95' |
identity_enabled | Method of authentication for the resource, either Identity Aliases (true) or leased credentials (false) | Boolean | sdm admin servers list --filter 'identity_enabled:true' |
identity_set_id | ID of the Identity Set, if the resource’s method of authentication is set to Identity Aliases | String | sdm admin servers list --filter 'identity_set_id:ig-e1b2' |
name | Name of the resource | String | sdm admin datasources list --filter 'name:ExampleResourceName' |
port | Port number | Number | sdm admin datasources list --filter 'port:27017' |
portoverride | Port override to which the resource is bound | Number | sdm admin datasources list --filter 'portoverride:1234' |
secretStoreId | Secret store identifier for the resource; use sdm admin secretstores list to get it | String | sdm admin clouds list --filter 'secretStoreId:se-1a2b3cd45678e9f1' |
tags | Resource tags assigned to the resource | KVP | sdm admin datasources list --filter 'tag:env=dev' |
type | Specific type of resource (for example, sshCert, redis, and so forth) | String | sdm admin datasources list --filter 'type:redis' |
username | Username to be used for authentication to the resource | String | sdm admin datasources list --filter 'username:admin' |
Roles
| Field | Description | Value type | Usage example |
|---|---|---|---|
assigned | Roles assigned (true) or unassigned (false) to an account | Boolean | sdm admin roles list --filter 'assigned:false' |
id | Role ID | String | sdm admin roles list --filter 'id:r-449dd90f60f610d7' |
managed | Roles (groups) that are managed and provisioned by StrongDM (false) or managed and provisioned by a third-party identity provider (true) such as Okta | Boolean | sdm admin roles list --filter 'managed:false' |
name | Name of the role | String | sdm admin roles list --filter 'name:Docs' |
tags | Tags assigned to the role | KVP | sdm admin roles update 'Test Role' --tags 'env=dev' |
workflow | Workflow ID of the workflow to which the role is assigned | String | sdm access catalog --filter 'workflow:aw-e1b2' |
Workflows, workflow-approvers, workflow-assignments, workflow-roles
| Field | Description | Value type | Usage example |
|---|---|---|---|
account | Account ID of the user | String | sdm admin workflows list workflow-approvers --filter 'account:a-e1b2' |
autogrant | Approval criteria for the workflow, either automatic approval (true) or manual approval (false) | Boolean | sdm admin workflows list workflows --filter 'autogrant:true' |
enabled | Status of workflow (enabled or disabled) | Boolean | sdm admin workflows list workflows --filter 'enabled:true' |
id | Workflow ID | String | sdm admin workflows list workflows --filter 'id:aw-e1b2' |
name | Name of workflow | String | sdm admin workflows list workflows --filter 'name:mysql-dev' |
resource | Resource ID | String | sdm admin workflows list workflow-assignments --filter 'resource:rs-e1b2' |
role | Role ID | String | sdm admin workflows list workflow-roles --filter 'role:r-e1b2' |
workflow | Workflow ID | String | sdm admin workflows list workflow-approvers --filter 'workflow:aw-e1b2' |
Potential Resource Type Values
This section provides the accepted values for each resource type.
Datasources
This table provides the values for each datasource type.
| Datasource type | Value |
|---|---|
| Amazon ES | amazones |
| Amazon MQ (AMQP 0.9.1) | amazonmq-amqp-091 |
| Athena | athena |
| Aurora MySQL | aurora-mysql |
| Aurora PostgreSQL | aurora-postgres |
| Aurora PostgreSQL (IAM) | aurorapostgresiam |
| Azure Database for MySQL | azuremysql |
| Azure Database for PostgreSQL | azurepostgres |
| Azure PostgreSQL (Managed Identity) | azurepostgresmanagedidentity |
| BigQuery | bigquery |
| Cassandra | cassandra |
| Citus | citus |
| Clustrix | clustrix |
| CockroachDB | cockroach |
| Db2i | db2i |
| Db2 LUW | db2luw |
| DocumentDB (replica set) | documentdbreplicaset |
| DocumentDB (single host) | documentdbhost |
| Druid | druid |
| DynamoDB | dynamo |
| ElastiCache Redis | ecredis |
| Elasticsearch | elastic |
| Greenplum | greenplum |
| Maria | maria |
| Memcached | memcached |
| MemSQL | memsql |
| Microsoft SQL Server | mssql |
| Microsoft SQL Server (Azure AD) | mssqlAzureAD |
| Microsoft SQL Server (Kerberos) | mssqlKerberos |
| MongoDB (replica set) | mongo-replicaset |
| MongoDB (sharded cluster) | mongoshardedcluster |
| MongoDB (single host) | mongo |
| MySQL | mysql |
| Neptune | neptune |
| Neptune (IAM) | neptuneiam |
| Oracle | oracle |
| PostgreSQL | postgres |
| PostgreSQL (mTLS) | mTLSPostgres |
| Presto | presto |
| RabbitMQ (AMQP 0.9.1) | rabbitmq-amqp-091 |
| RDS PostgreSQL (IAM) | rdspostgresiam |
| Redis | redis |
| Redshift | redshift |
| SingleStore | singlestore |
| Snowflake | snowflake |
| Sybase ASE | sybase |
| Sybase IQ | sybase-iq, sybaseiq |
| Teradata | teradata |
Servers
This table provides the values for each server type.
| Server type | Value |
|---|---|
| RDP | rdp |
| RDP (Certificate Based) | rdp-cert, rdpCert |
| SSH (Public Key) | ssh |
| SSH (Certificate Based) | ssh-cert, sshCert |
| SSH (Customer Managed Key) | ssh-customer-key |
| TCP | rawtcp |
Clusters
This table provides the values for each cluster type.
| Cluster type | Value |
|---|---|
| AKS | aks |
| AKS (Service Account) | aks-service, aksservice |
| AKS (Service Account - User Impersonation) | aks-service-ui, aksserviceui |
| AKS (User Impersonation) | aks-ui |
| Elastic Kubernetes Service | amazon-eks, amazoneks, eks |
| Elastic Kubernetes Service (instance profile) | amazon-eks-instance-profile, amazoneksinstanceprofile, eks-instance-profile |
| Elastic Kubernetes Service (User Impersonation) | amazon-eks-ui, amazoneksui, eksui |
| Elastic Kubernetes Service (instance profile - User Impersonation) | amazon-eks-instance-profile-ui, amazoneksinstanceprofileui, eks-instance-profile-ui |
| Google Kubernetes Engine | gke |
| Google Kubernetes Engine (User Impersonation) | gke-ui |
| Kubernetes | k8s, kubernetes |
| Kubernetes (Service Account) | k8s-service, k8sservice |
| Kubernetes (Service Account - User Impersonation) | k8s-service-ui, k8sserviceui |
| Kubernetes (User Impersonation) | k8s-ui, kubernetesui |
Clouds
This table provides the values for each cloud type.
| Cloud type | Value |
|---|---|
| AWS | aws |
| AWS Management Console | awsConsole |
| AWS Management Console (Static key pair) | awsConsoleStaticKeyPair |
| Azure (Certificate) | azurecert |
| Azure (Password) | azure |
| GCP | gcp |
| Snowsight (Snowflake Web Console) | snowsight |
Websites
This table provides the values for each website type.
| Website type | Value |
|---|---|
| HTTP | http, httpNoAuth, http-no-auth |
| HTTP Basic Auth | http-basic, httpBasic, basicauth |
| HTTP Custom Auth | http-header-auth, headerauth |