bzeroagent as a transparent proxy to facilitate secure access to your databases. This proxy must be able to resolve a DNS hostname or reach an IP address as specified in the database target configuration. This setup does not require any open ports or publicly available IP addresses.
zliand can then access their database through their chosen database client.
zliand the proxy target to make a secure MrZAP connection to the database. If allowed access by policy, the user is returned a local port number, which is used in the database client configuration. The database username, password, and role continue to be managed independent of BastionZero.