Cloud Providers
Termial integrates with major cloud providers, letting you browse and connect to your cloud instances directly from the app.
Supported Providers
- Amazon Web Services (AWS) - EC2 instances
- Google Cloud Platform (GCP) - Compute Engine instances
- Microsoft Azure - Virtual Machines
Adding a Cloud Connection
- Click the + button in the sidebar under Cloud Connections
- Select New Cloud Connection
- Choose your provider (AWS, Azure, or GCP)
- Enter your credentials
- Click Save
AWS Configuration
Required Information
- Access Key: Your AWS access key ID
- Secret Key: Your AWS secret access key
- Region: The AWS region to connect to (e.g., us-east-1)
Getting AWS Credentials
- Sign in to the AWS Console
- Go to IAM → Users → Your user
- Go to Security credentials
- Click Create access key
- Copy the Access Key ID and Secret Access Key
Required Permissions
Your AWS user needs permissions to:
ec2:DescribeInstances- List instancesec2:DescribeSecurityGroups- View security groupsec2:AuthorizeSecurityGroupIngress- Add SSH rules (optional, for auto-adding your IP)
Google Cloud Configuration
Required Information
- Service Account Key: JSON key file from GCP
- Project ID: Your GCP project ID
Getting GCP Credentials
- Go to the GCP Console
- Navigate to IAM & Admin → Service Accounts
- Create a service account or select an existing one
- Click Add Key → Create new key
- Choose JSON format
- Save the key file
Required Permissions
Your service account needs the Compute Viewer role or equivalent permissions.
Azure Configuration
Required Information
- Subscription ID: Your Azure subscription
- Tenant ID: Your Azure AD tenant
- Client ID: Application (client) ID
- Client Secret: Application secret
Getting Azure Credentials
- Go to the Azure Portal
- Navigate to Azure Active Directory → App registrations
- Create a new registration or use existing
- Note the Application (client) ID and Directory (tenant) ID
- Go to Certificates & secrets → New client secret
- Copy the secret value
Required Permissions
Assign the Reader role on the subscription or resource group containing your VMs.
Using Cloud Connections
Once configured, your cloud connection appears in the sidebar:
- Click on the cloud connection to expand it
- Browse available instances by region/zone
- See instance status (running, stopped, etc.)
- Double-click an instance to connect via SSH
Connecting to Instances
When you connect to a cloud instance:
- Termial retrieves the instance's public IP
- Creates an SSH connection
- You provide the SSH credentials (key or password)
SSH Access Setup
Ensure your instances are configured for SSH access:
AWS:
- Instance has a public IP or you're using a bastion
- Security group allows SSH (port 22) from your IP
- You have the SSH key pair
GCP:
- Instance has external IP
- Firewall allows SSH from your IP
- SSH keys configured in metadata
Azure:
- VM has public IP
- NSG allows SSH from your IP
- SSH configured on the VM
Managing Cloud Connections
Editing
- Right-click a cloud connection
- Select Edit
- Update credentials or settings
- Save changes
Deleting
- Right-click a cloud connection
- Select Delete
- Confirm deletion
Credentials are removed from your encrypted storage.
Security
Credential Storage
Cloud credentials are:
- Encrypted locally with your passphrase
- Synced encrypted to the cloud (if sync enabled)
- Never stored in plain text
Best Practices
- Use least privilege - Only grant necessary permissions
- Rotate credentials - Change keys regularly
- Use IAM roles - When possible, use roles instead of long-term keys
- Monitor usage - Check cloud provider logs for unusual activity
Troubleshooting
Can't List Instances
- Verify credentials are correct
- Check permissions/roles
- Ensure the region is correct
- Check network connectivity
Connection Failed
- Verify instance is running
- Check security group/firewall rules
- Ensure SSH is configured on the instance
- Verify you have the correct SSH key