What is a Resource?
A Resource is the target VaultPAM brokers access to. It can be an RDP server, an SSH host, an HTTP admin console, or a database. In practice, registering a Resource means telling VaultPAM where the target lives and which connector can reach it.
What gets stored
When you register a Resource, you provide a few pieces of information:
- The hostname or IP address.
- The port the service listens on.
- A display name that users can recognize in the app.
- The connector or connectors that can route traffic to the target network.
That information gives VaultPAM enough context to open a session without exposing the target directly to the internet.
Why registration matters
Registration is not the same as access. A Resource by itself does not let anyone log in. Access comes from a Safe, which binds the Resource to members, policy, and a credential or JIT account.
The Resource record also gives the connector a routing target. When a session starts, VaultPAM does not guess how to reach the host. It uses the connector relationship you configured and routes the session through that path.
In practice
Use a clear display name that matches the system the user sees in the rest of the environment, such as prod-rdp-01 or finance-db-02. Keep the hostname and port accurate, and prefer the connector that has the shortest and most stable network path to the target.