Cloud Bastion Host
Cloud Bastion Host
All results for "
" in this service
All results for "
" in this service
What's New
What's New
Function Overview
Service Overview
What Is CBH?
Product Advantages
Application Scenarios
Features
Edition Differences
Pricing Details
Permissions Management of CBH Instances
Limitations and Constraints
CBH and Other Services
Basic Concepts
Personal Data Protection Mechanism
Security Statement
Getting Started
Creating and Logging In to a Bastion Host
Getting Started with Common Practices
User Guide
Buying a CBH Instance
Authorizing Access to Cloud Assets
Managing Instances
Checking Instance Details
Changing Specifications of a CBH Instance
Increasing Instance Storage
Resetting the Login Method for User admin
Resetting the Password of User admin
Changing an Instance from Single-Node to Primary/Standby Deployment
Upgrading the Instance Version
Starting a CBH Instance
Stopping a CBH Instance
Restarting a CBH Instance
Changing a VPC for a CBH Instance
Changing Security Groups
Binding an EIP to a CBH Instance
Unbinding an EIP from a CBH Instance
Managing Tags
Renewing a CBH Instance
Unsubscribing from an Instance
Rolling Back the Upgrade
Key CBH Instance Operations Recorded by CTS
CBH Operations Supported by CTS
Viewing CTS Traces
Logging In to a Bastion Host Instance
Logging In to an Instance
Logging In to a Bastion Host Through the Service Console
Using a Web Browser to Log In to Your Bastion Host
Using a Client to Log In to Your Bastion Host
User and Resource Account
Overview of Login Users, Roles, and Resource Accounts
Creating a Login User and Associating a Role with the User
User Management
Managing Basic User Information
Adding Users to a User Group
Enabling or Disabling a User
Deleting a User
Configuring User Login Restrictions
Resetting a User Login Password
Exporting User Information
User Role Management
Creating a User Role
Deleting a Role
Querying and Editing Role Information
User Group Management
Creating a User Group
Deleting a User Group
Querying and Editing User Group Information
Editing the Members of a User Group
Creating a Resource Account and Associating It with the Corresponding Resource
Resource Account Management
Managing Resource Account Groups
Resource
Resource Management Overview
Host or Database Resources
Managing Host or Database Resources with a Bastion Host
Managing Proxy Servers
Managing Host or Database Resources
Application Resources
Managing Application Resources Using a Bastion Host
Managing Application Servers
Managing Application Resources
Cloud Servers (Using a Bastion Host to Manage Container Resources)
Creating a Kubernetes Server
Operations About Kubernetes Servers
Creating a Container
Container Resource Management
Resource Labels
Overview
Adding a Label for a Resource
Deleting a Resource Label
Resource OS Types
Policy
Policy Overview
ACL Rules
Creating an ACL Rule and Associating It with Users and Resource Accounts
Setting Two-person Authorization
Querying and Editing an ACL Rule
Command Rules
Creating a Command Rule
Querying and Editing a Command Rule
Managing Command Sets
Defining Custom Related Commands
Database Rules
Creating a Database Rule
Querying and Editing a Database Rule
Managing Regulation Sets
Password Rules
Creating a Password Rule
Querying and Editing a Password Rule
Managing Password Logs
Account Synchronization Rules
Creating a Synchronization Rule
Querying and Editing a Synchronization Rule
Managing Synchronization Execution Logs
Resource Operation
Host Resource Operation
Configuring Host Resource Operations
Using a Web Browser to Log In to Resources for O&M
Using an SSH Client to Log In to Resources for O&M
Using an FTP or SFTP Client to Log In to File Transfer Resources
Using an SSO Client to Log In to Database Resources for O&M
Batch Logging In to Host Resources for O&M
File Transmission
Cooperation
Enabling Forcible RDP Connections
Application Resource Operation
Viewing the Application Resource List and Setting Resource Labels
Using a Web Browser to Log In to Application Resources for O&M
Cloud Service Operation
Viewing the Host Resource List and Setting Resource Labels
Logging In to Managed Resources Using a Web Browser for O&M Container
Operation Script Management
Creating a Script
Viewing and Editing Script Information
Downloading a Script
Deleting a Script
Fast Operation
Managing Command Operation Tasks
Managing Script Operation Tasks
Managing File Transfer Tasks
Managing Fast Operation Task Execution Logs
OM Task
Creating an OM Task
Querying and Modifying OM Tasks
Managing OM Task Execution Logs
Ticket
Ticket Configuration Management
Configuring the System Ticket Modes
Configuring the Ticket Approval Process
Creating an ACL Ticket
Managing Command Approval Tickets
Managing Database Approval Tickets
Ticket Approval
Ticket Application Examples
Audit
Live Session
Viewing Live Sessions
Monitoring Live Sessions
Interrupting a Live Session
History Session
Viewing History Sessions
Exporting History Session Records
Managing Session Videos
System Log
Querying System Logs
Exporting System Logs
Operation Report
Viewing Operation Reports
Pushing Operation Reports
System Report
Viewing System Reports
Pushing System Reports
Authentication Configuration
Multifactor Verification Management
USB Key Management
OTP Token Management
Mobile OTPs
SSH Pubkey
Configuring Multifactor Verification
Configuring SMS Login Verification
Configuring Mobile OTP Login Verification
Configuring USB Key Login Verification
Configuring OTP Token Login Verification
Remote Authentication Management
Configuring Remote AD Authentication
Configuring Remote LDAP Authentication
Configuring Remote RADIUS Authentication
Configuring Remote Azure AD Authentication
Configuring Remote SAML Authentication
Login Security Configuration
Configuring User Login Lockout
Configuring the Login Password Rules
Configuring Web Login Timeout and Authentication
Updating a System Web Certificate
Configuring the Mobile OTP Type
Configuring the USB Key Vendor
Configuring Policies to Disable Certain Users (Available in V3.3.30.0 and Later)
Configuring the RDP Resource Client Proxy (Available in 3.3.26.0 and Later Versions)
Enabling API Configuration (Included in V3.3.34.0 and Later Versions Only).
Configuring Automatic Inspection (Available in V3.3.36.0 and Later)
Configuring a Resource Account
Configuring Client Login
Configuring a User Expiration Reminder
Configuring Session Limit
Configuring Insecure Protocols
Configuring Insecure Algorithms
Instance Configuration
Instance Configuration Overview
Network
Viewing Network Configurations
Adding a Static Route to Your Bastion Host
HA
Enabling HA
Port
Configuring the Operation Ports
Configuring the Web Console Port
Configuring the SSH Console Port
Outgoing
Configuring the Outgoing Mail Server
Configuring the Outgoing SMS Gateway
Configuring LTS
Alarm
Configuring Alarm Channels
Configuring Alarm Levels
Configuring Alarm Sending
Theme
Changing the System Theme
Basic Instance Information Management
Instance Dashboard
Viewing CBH Instance Information
Profile
Viewing Your Profile
Editing Basic Information in Profile
Tasks
Messages
Managing Messages
Creating a System Notice
Download Center
Department Management
Overview
Creating a Department
Deleting a Department
Viewing and Editing Department Information
Querying Configurations of a Department
Maintenance Management
Data Maintenance
Viewing System Memory
Configuring the Netdisk Capacity
Deleting System Data
Creating a Local Data Backup
Configuring the Syslog Server for Remote Backup
Configuring an FTP/SFTP Server for Remote Log Backup
Configuring OBS Buckets for Remote Log Backup
System Maintenance
Viewing System Status
System Mgmt
System Configuration Backup and Restoration (Backup&Restore)
License
Network Diagnosis
System Diagnosis
Installing an Application Server
Overview
Installing a Windows Server 2019 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2016 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2012 R2 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2008 R2 Application Server
Installation Environment
Installing the AD Domain
Installing and Licensing Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Linux Application Server
Upgrading the RemoteApp Program
Permissions Management
Creating a User and Granting Permissions for CBH Instances to It
Creating Custom Policies for CBH Instances
Managing CBH Instance Permissions and Supported Actions
Monitoring
CBH Monitoring Metrics
Configuring Monitoring Alarm Rules
Viewing Metrics
Best Practices
CBH Best Practices You May Need
Changing Specifications of a CBH Instance
Before You Start
Preparations
Checking the System Environment
Backing Up the CBH System Data
Changing Specifications of a CBH Instance
Verification After the Change
Checking the System Environment
(Optional) Restoring CBH System Configurations
(Optional) Resetting the Passwords of System Users
Verifying the CBH System configurations
Host and Application Resource Management
Overview
Managing Host or Database Resources
Managing Application Resources
Enabling Secondary Authorization for High-Risk Database Operations
Centralized O&M of Cloud and On-Premises Resources Across Clouds and VPCs
How Can We Use CBH to Locate Incident Causes?
API Reference
Before You Start
Calling APIs
Making an API Request
Authentication
Response
API Description
Querying AZs
Obtaining AZs Where CBH Is Available
Quota Management
Obtaining the ECS Resource Quota Required for Creating a CBH Instance
Obtaining the CBH Instance Quota
Specifications Management
Querying CBH Instance Specifications
Operation Management
Obtaining the CBH Instance List
Obtaining the Status of a CBH Instance
Starting a CBH Instance
Stopping a CBH Instance
Restarting a CBH Instance
Upgrading a CBH Instance
Resetting the admin Password of a CBH Instance
Resetting the Login Mode for User Admin for a CBH Instance
Deleting a Faulty CBH Instance
Changing a CBH Instance
Rolling Back a CBH Instance
Logging In to a CBH Instance Console as User admin
Lifecycle Management
Creating a CBH Instance
Network Management
Binding an EIP to a CBH Instance
Unbinding an EIP from a CBH Instance
Changing the Security Group for a CBH Instance
Changing the VPC A CBH Instance Belongs To
Agency Authorization
Authorizing CBH
Creating or Canceling an Agency Authorization for CBH.
Label Management
Querying Resource Tags of an Account in a Project
Querying the Tag Information of a CBH Instance
Counting the Number of Instances with a Specified Tag
Querying Instances by Tags
Performing Operations on a CBH Instance Tag
Appendixes
Status Codes
Error Codes
Obtaining a Project ID
SDK Reference
SDK Overview
FAQs
Product Consulting
What Are the Differences Between a CBH Instance and a CBH System?
Which Security Hardening Measures Does CBH Provide?
What Is the Number of Assets?
What Is the Number of Concurrent Requests?
Does CBH Support IAM Fine-Grained Management?
Can I Use a CBH System to Centrally Manage My Cloud ERP or SAP Services?
What Does Automatic O&M Include?
How Do I Obtain an Enterprise Agreement Number?
How Can I Configure Ports for a Bastion Host?
Can CBH Manage Resources Under Multiple Subnets?
Which Types of Databases Can I Manage in a CBH System?
About Purchase
About Purchase
What Are the Editions of the CBH Service?
How Do I Configure a Security Group for a CBH Instance?
License
Does CBH Provide a Third-Party License?
What Can I Do If the CBH System License Is About to Expire or Has Expired?
About Backup, Specification Change, and Upgrade
Which Types of System Data Can Be Backed Up in the CBH System?
How Do I Back Up Data in a CBH System Before Upgrading the System Version?
Will Changing Instance Specifications or Upgrading Instances Cause Audit Data Loss?
Why Does FTP/SFTP Remote Backup Fail?
About File Transfer
What File Transfer Methods Can be Used in a CBH System?
How Do I Use FTP/SFTP to Transfer Files to or From an SSH Host?
How Do I Upload or Download Files When I Log In to Managed Hosts Using a Web Browser?
What Is the Netdisk of a CBH System?
Why Does File Upload to or Download from a Managed Host Fail?
How Do I Clear the Personal Net Disk Space?
Why Is File Transfer Not Supported When I Use a Web Browser for Resource O&M?
Why Does the File List Cannot Be Loaded After I Click File Transfer When I Log In to CBH Through a Web Browser?
How Do I Configure File Management Permissions?
Does CBH Check Security of Uploaded Files?
Billing, Renewals, and Unsubscriptions
How Do I Renew a CBH Instance and Update the Mapped System Authorization?
How Is CBH Billed?
Can I Unsubscribe from a CBH Instance?
How Is a CBH Instance Billed After I Change Specifications of the Instance?
Will I Be Billed for Upgrading the CBH Software Version?
How Do I Increase the CBH Instance Quota?
How Do I Purchase a CBH Instance When the System Prompts that Resources Are Sold Out?
About CBH System Login
Login Methods and Password Issues
Can I Use a Domain Name to Log In to a CBH System?
What Login Methods Does CBH Provide?
Which Login Authentication Methods Are Available in a CBH System?
What Is the Initial Password for Logging In to a CBH System?
How Do I Reset the User Password for Logging In to a CBH System?
Multifactor Verification
How Can I Install an OTP Authentication Application on the Mobile Phone?
Why Does the Mobile OTP Application Binding Operation Fail?
How Do I Enable Mobile SMS Authentication For Logging In to the CBH System?
How Do I Cancel Mobile SMS Authentication?
How Can I Cancel Mobile OTP Authentication If No Mobile OTP Application is Bound to My Account?
Why Does Login Fail When an Account That Has Mobile OTP Application Bound Is Used to Log In?
Login Security Management
How Do I Set a Security Lock for Logging In to the CBH System?
How Do I Unlock a User or IP Address Locked During the Login to a CBH Instance?
User, Resource, and Policy Configuration in a CBH System
Users
How Do I Change a Mobile Number Bound to a CBH System User?
How Many Users Can Be Created in a CBH System?
Adding Resources to a CBH System
How Can I Start Database Maintenance in a CBH System?
How Do I Use CBH to Manage RDS Databases?
How Do I Change the Password of a Managed Resource Account?
How Do I Set a Sudo Privilege Escalation Account for the Managed Resource?
How Do I Add a Label to Resources Managed in a CBH System?
How Do I Import or Export Information of Host Resources in Batches?
What Are the AK and SK of an Imported Host? How Can I Obtain Them?
What Are the Statuses of a Managed Resource Account in a CBH System?
Can I Share Labels of Managed Resources with Other System Users?
Can I Manually Enter a Password to Log In to a Managed Resource Through the CBH System?
Why Does the CBH System Fail to Identify Hosts Imported in Batches?
How Do I Access Services Provided by the Intranet Through a CBH Instance?
Policy Management
What Is Dynamic Approval and How Does It Work?
System Configuration
How Do I Configure an SSH Key for Logging In to a Managed Host?
How Do I Set the Personal Net Disk Capacity?
How Do I Send More SMS Messages Than the Limit Allowed by CBH
How Do I Connect CBH to a Third-Party Email Server?
Resources Managed in a CBH System
Operation Management
Can CBH Support GUI-Based O&M for Linux Hosts?
Does CBH Support Mobile App O&M?
How Do I Configure the SSO Tool?
Does CBH Allow Multiple Users to Log In to the Same Resource Concurrently?
Which Algorithms Are Supported by CBH in SSH O&M Mode
O&M Operations
What Login Methods Does CBH Provide?
How Do I Create a Collaborative O&M Session?
How Do I Use Resource Labels in the CBH System?
How Do I Set the Resolution of the O&M Session Window When I Use a Web Browser for O&M?
How Can I Use Shortcut Keys to Copy and Paste Text When a Web Browser Is Used for O&M?
What Are the Shortcut Keys for O&M in CBH?
Why Is the File List Not Displayed During O&M Using a Web Browser?
O&M Log Audit
What Audit Logs Does CBH Provide?
Can I Download Operation Recordings?
Can I Delete CBH O&M Data for a Specific Day?
Can I Back Up System Audit Logs to an OBS Bucket?
How Long Can I Store Audit Logs in the CBH System?
How Are Audit Logs in the CBH System Processed?
Why Is the Playable Duration Shorter Than the Total Duration of a Session?
Why Is There No Login Record in History Sessions While I Received a Resource Login Message?
Troubleshooting
CBH System Login Failures
How Do I Handle Login Exceptions?
Why Is the IP Address or MAC Address Blocked When I Log In to the CBH System?
Why Am I Seeing Error Code 404 When I Log In to the CBH System?
Why Am I Seeing Error Code 499 When I Log In to My CBH System?
What Are Possible Faults If I Log In to the CBH System as an Intranet User?
Why Is a Host Inaccessible Through CBH?
Why Does CBH Login Fail Through an ECS in a New VPC Connected with the VPC Where CBH Is via VPN or a VPC Peering Connection
CBH Managed Resource Login Failures
Why Does an Exception Occur When I Log In to My Resources Managed in CBH?
Why Am I Seeing Login Errors of Code: T_514 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: T_1006 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_515 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_519 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_769 When I Use a Web Browser for Resource O&M?
Why Cannot I See the Accessible Resources in the Resource List?
Why Does the Session Page Fail to Load When I Log In to the Managed Host Using a Web Browser?
Why Is the Application Resource Inaccessible through CBH?
Why Are Databases Managed in CBH Inaccessible with an SSO Tool?
Why Does the Number of Concurrent Sessions Reach the Limit When I Use CBH to Log In to a Host Resource?
Why a Black Screen Is Displayed When the MSTSC Client is Used to Access a Host Resource?
Why a Black Block Is Displayed on the Mouse When the MSTSC Client Is Used to Access a Server Resource?
Why Am I Seeing User Creation Failure Message When Accessing a Windows Application Publishing Server?
Maintenance Issues
Why Does SMS Verification Code Fail to Send When I Log In to a CBH Instance?
Why Am I Seeing a Message Indicating that the Number of Resources Has Reached the Limit When I Add a Resource to CBH?
Why Does Verification of An Account for a Managed Host Fail?
Why Am I Seeing Garbled Characters When I Open a System Data File?
Why Does Login Timeout Frequently Occur During an O&M Session?
Why Does the PL/SQL Client Display Garbled Characters During Application O&M?
Why Is the Requested Session Denied After I Log In to a Managed Host?
Why Does the CBH Traffic Bandwidth Exceed the Threshold?
Why Text Cannot Be Copied When I Perform O&M Through a Web Browser?
Which Types of Failures May Occur During the O&M?
I Mapped My CBH Instance IP Address to a Domain Name, and Added the Domain Name to WAF. Why Does the Domain Name Become Inaccessible?
Why Is the Connection Disconnected After I Log In to CBH to Manage an Application?
Why My Certificate Becomes Abnormal After a Cross-Version Upgrade?
SSO O&M Faults
Message "1251-lost connection to mysql server during query" Displayed While Backing Up MySQL Database Tables
Message "1251-Client does not support authentication protocol requested by server" Reported While Managing MySQL Database Through Host Operations
Error Message "2013-Lost connection to MySQL server at waiting for initial communication packet', system error:0" Reported While Connecting to MySQL Databases
Error Message "ORA-12537_TNS_Connection closed" Reported While Connecting to Oracle Databases
Error Message "ORA-12637_Packet Receive Failed" Reported While Connecting to Oracle Databases
Error Message "ORA 12170 TNS Connect Timeout" Reported While Connecting Oracle Databases through Host Operations in the Bastion Host
SSO Failed as JRE Is Missing in the Running Environment
Videos