Resources

Resources are any destination host, server or application. Twingate supports any TCP or UDP protocol, so it is not necessary to differentiate between different destination protocols. Whether SSH or HTTPS access is required, a resource is simply defined by its destination address.

Connector

A Connector is a Twingate software component that runs on the destination Remote network. Any traffic destined for private Resources will go through the Connector, and all traffic will appear to originate from the Connector host.

We deliver this component as a Docker container that does not require any special host privileges. You can either run this directly on a Linux-based server or VM, or directly on AWS, Google Cloud or Azure using their native container services.

Access Policy

An Access Policy defines which Identity Provider (IdP) policy the user needs to pass in order to be allowed to access a Resource. This allows IdP policies to be applied to specific Resources, regardless of the protocol used. For example, an MFA IdP policy can be applied to SSH server access.

Groups

A Group is a logical grouping of Users that are given permission to a set of Resources. All Users that are members of a Group can access all Resources that are associated with the same Group.

Groups are associated with a single Access Policy that defines which Identity Provider policy is used for user authentication for all Resources in the Group.