Cloud Bastion Host
Cloud Bastion Host
All results for "
" in this service
All results for "
" in this service
What's New
Function Overview
Service Overview
Cloud Bastion Host
Features
Product Advantages
Application Scenarios
Edition Differences
Basic Concepts
Pricing Details
Restrictions on Using CBH
Permissions Management of CBH Instances
CBH and Other Services
Personal Data Protection Mechanism
Security Statement
Getting Started
Buying and Logging In to a Bastion Host
Before You Start
Step 1: Log In to a CBH System
Step 2: Create a CBH System User
Step 3: Add Resources to the CBH System
Step 4: Configure O&M Permissions
Step 5: Log In to a Resource You Want to Manage
Step 6: Audit O&M Sessions
User Guide
Instances
Permissions Management
Creating a User and Granting Permissions for CBH Instances to It
Creating Custom Policies for CBH Instances
Managing CBH Instance Permissions and Supported Actions
Assigning Permissions Using IAM
Role/Policy-based Authorization
Identity Policy-based Authorization
Creating a CBH Instance
Checking Instance Details
Resetting the Login Method for User admin
Resetting the Password of User Admin
Upgrading the CBH System Version
Starting a CBH Instance
Stopping a CBH Instance
Restarting a CBH Instance
Changing a VPC for a CBH Instance
Changing Security Groups
Binding an EIP to a CBH Instance
Unbinding an EIP from a CBH Instance
Allowing Access to Cloud Assets
Managing Tags
Key CBH Instance Operations Recorded by CTS
CBH Operations Supported by CTS
Viewing CTS Traces
Logging In to the CBH System
Overview
Using a Web Browser to Log In to Your Bastion Host
Using a Client to Log In to Your Bastion Host
Configuring Multifactor Verification
Configuring SMS Login Authentication
Configuring Mobile OTP Login Authentication
Configuring USB Key Login Authentication
Configuring OTP Token Login Authentication
Managing Login Security
Configuring User Login Lockout
Configuring the Login Password Policies
Configuring Web Login Timeout and Authentication
Updating a System Web Certificate
Configuring the Mobile OTP Type
Configuring the USB Key Vendor
Configuring Policies to Disable Zombie Users (Available in V3.3.30.0 and Later Versions)
Configuring the RDP Resource Client Proxy (Available in 3.3.26.0 and Later Versions)
Enabling API Configuration (Included in V3.3.34.0 and Later Versions Only).
Configuring Automatic Inspection (Available in V3.3.36.0 and Later)
Configuring a Resource Account
Configuring Client Login
Configuring a User Expiration Reminder
Configuring Session Limit
Dashboard of the CBH System
Dashboard
Profile
Viewing Your Profile
Editing Basic Information in Profile
Managing Mobile OTP Application for Login Authentication
Managing SSH Public Keys
Tasks
Messages
Managing Messages
Creating a System Notice
Download Center
Department
Overview
Creating a Department
Deleting a Department
Viewing and Editing Department Information
Querying Configurations of a Department
User
Overview
User Management
Creating a User and Assigning a Role to the User
Enabling or Disabling a User
Deleting a User
Configuring User Login Restrictions
Querying and Editing User Information
Changing User Login Passwords
Exporting User Information
Adding Users to a User Group
User Role Management
Overview
Creating a Custom Role
Deleting a Role
Querying and Editing Role Information
User Group Management
Overview
Creating a User Group
Deleting a User Group
Querying and Editing User Group Information
Editing the Members of a User Group
Remote Authentication Management
Configuring Remote AD Authentication
Configuring Remote LDAP Authentication
Configuring Remote RADIUS Authentication
Configuring Remote Azure AD Authentication
Configuring Remote SAML Authentication
USB Key Management
OTP Token Management
Resource
Overview
Managing Host Resources Using a Bastion Host
Managing Application Servers Using a Bastion Host
Adding Accounts of Managed Host or Application Resources into Your Bastion Host
Resource Management
Verifying Managed Resource Accounts
Deleting Managed Resources
Querying and Editing Managed Resource Configurations
Exporting Resource Information
Adding a Resource Account to an Account Group
Account Group
Overview
Creating an Account Group
Deleting an Account Group
Querying and Editing Account Group Information
Managing Resource Labels
Overview
Creating a Resource Label
Deleting a Resource Label
Customizing OS Types
Creating a Proxy Server
Policy
ACL Rules
Creating an ACL Rule and Associating It with Users and Resource Accounts
Setting Two-person Authorization
Querying and Editing an ACL Rule
Command Rules
Creating a Command Rule
Querying and Editing a Command Rule
Managing Command Sets
Defining Custom Related Commands
Password Rules
Creating a Password Rule
Querying and Editing a Password Rule
Managing Password Logs
Account Synchronization Rules
Creating a Synchronization Rule
Querying and Editing a Synchronization Rule
Managing Synchronization Execution Logs
Ticket
Ticket Configuration Management
Configuring the System Ticket Modes
Configuring the Ticket Approval Process
ACL Ticket
Command Approval Ticket
Ticket Approval
Ticket Application Examples
Operation
Host Operation
Viewing the Host Resource List and Setting Resource Labels
Logging In to Managed Resources Using a Web Browser for O&M
Logging In to Resources Using an SSH Client for O&M
Logging In to File Transfer Resources Using an FTP or SFTP Client
Logging In to and Maintaining Database Resources Using an SSO Client
Logging In to Hosts in Batches for O&M
File Transmission
Cooperation
Enabling Forcible RDP Connections
Application Operation
Viewing the Application Resource List and Setting Resource Labels
Logging In to Application Resources Using a Web Browser for O&M
Audit
Live Session
Viewing Live Sessions
Monitoring Live Sessions
Interrupting a Live Session
History Session
Viewing History Sessions
Exporting History Session Records
Managing Session Videos
System Logs
Querying System Logs
Exporting System Logs
Operation Report
Viewing Operation Reports
Pushing Operation Reports
System Report
Viewing System Reports
Pushing System Reports
System Management
Sysconfig
System Configuration Overview
Network
View Network Configurations
Adding a Static Route to Your Bastion Host
HA
Enabling HA
Port
Configuring the Operation Ports
Configuring the Web Console Port
Configuring the SSH Console Port
Outgoing
Configuring the Outgoing Mail Server
Configuring the Outgoing SMS Gateway
Configuring LTS
Alarm
Configuring Alarm Channels
Configuring Alarm Levels
Configuring Alarm Sending
Theme
Changing the System Theme
Data Maintenance
Viewing System Memory
Configuring the Netdisk Capacity
Deleting System Data
Creating a Local Data Backup
Configuring the Syslog Server for Remote Backup
Configuring an FTP/SFTP Server for Remote Log Backup
Configuring OBS Buckets for Remote Log Backup
System Maintenance
Viewing System Status
System Mgmt
System Configuration Backup and Restoration (Backup&Restore)
License
Network Diagnosis
System Diagnosis
About System
Installing an Application Server
Overview
Installing a Windows Server 2019 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2016 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2012 R2 Application Server
Installing a Server
Licensing and Activating the Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Windows Server 2008 R2 Application Server
Installation Environment
Installing the AD Domain
Installing and Licensing Remote Desktop Service
Modifying the Group Policy
Installing RemoteApp Program
Installing a Linux Application Server
Monitoring
CBH Monitoring Metrics
Configuring Monitoring Alarm Rules
Viewing Metrics
API Reference
Before You Start
Overview
API Calling
Endpoints
Basic Concepts
Selecting an API Type
Calling APIs
Making an API Request
Authentication
Response
API Description
Managing CBH Instances
Stopping a CBH Instance
Upgrading a CBH Instance
Restarting a CBH Instance
Binding an EIP to a CBH Instance
Unbinding an EIP from a CBH Instance
Changing the Password of the admin User
Starting a CBH Instance
Configuring MFA for User admin
Modifying CBH Instance Network Settings
Querying CBH Details
Obtaining the CBH Instance List
Obtaining the ECS Quota
Checking CBH Instance Network Connection
Obtaining the AZ Where CBH Is Deployed
Querying CBH Quota
Managing CBH Orders
Creating a CBH Instance Subscription Order
Creating a CBH Instance
Creating a CBH Instance Specification Change Order
Appendixes
Status Codes
Error Codes
Obtaining a Project ID
Change History
Best Practices
Change CBH Instance Specifications
Before You Start
Preparations
Checking the System Environment
Backing Up the CBH System Data
Changing Specifications of a CBH Instance
Verification After the Change
Checking the System Environment
(Optional) Restoring CBH System Configurations
(Optional) Resetting the Passwords of System Users
Verifying the CBH System configurations
Secondary Authorization for High-Risk Database Operations
FAQs
Product Consulting
What Are the Differences Between a CBH Instance and a CBH System?
Which Security Hardening Measures Does CBH Provide?
What Is the Number of Assets?
What Is the Number of Concurrent Requests?
Can I Use a CBH System to Centrally Manage My Cloud ERP or SAP Services?
What Does Automatic O&M Include?
How Do I Obtain an Enterprise Agreement Number?
How Can I Configure Ports for a CBH Instance?
Can CBH Manage Resources Under Multiple Subnets?
Which Types of Databases Can I Manage in a CBH System?
Regions and AZs
Can I Use CBH to Manage Resources Under Other Accounts?
Can CBH Manage Hosts in Regions or VPCs Different from that of the CBH Instance?
Can CBH Be Used on DeC?
About Purchase
About Purchase
What Are the Editions of the CBH Service?
How Do I Configure a Security Group for a CBH Instance?
License
Does CBH Provide a Third-Party License?
What Can I Do If the CBH System License Is About to Expire or Has Expired?
About Backup, Specification Change, and Upgrade
Which Types of System Data Can Be Backed Up in the CBH System?
What Are Precautions for Version Upgrade?
How Do I Back Up Data in a CBH System Before Upgrading the System Version?
Will Audit Data Be Lost If I Change Instance Specifications or Upgrade a CBH Instance?
About File Transfer
What File Transfer Methods Can be Used in a CBH System?
How Do I Use FTP/SFTP to Transfer Files to or From an SSH Host?
How Do I Upload or Download Files When I Log In to Managed Hosts Using a Web Browser?
What Is the Netdisk of a CBH System?
How Do I Clear the Personal Net Disk Space?
How Do I Configure File Management Permissions?
Does CBH Check Security of Uploaded Files?
Billing, Renewals, and Unsubscriptions
How Do I Renew a CBH Instance and Update the Mapped System Authorization?
How Is CBH Billed?
Can I Unsubscribe from a CBH Instance?
How Is the CBH Instance Billed After I Change Specifications of the Instance?
Will I Be Billed for Upgrading the CBH Software Version?
How Do I Increase the CBH Instance Quota?
How Do I Purchase a CBH Instance When the System Prompts that Resources Are Sold Out?
About CBH System Login
Login Methods and Password Issues
Can I Use a Domain Name to Log In to a CBH System?
What Login Methods Does CBH Provide?
Which Login Authentication Methods Are Available in a CBH System?
What Is the Initial Password for Logging In to a CBH System?
How Do I Reset the User Password for Logging In to the CBH System?
Multifactor Verification
How Can I Install an OTP Authentication Application on the Mobile Phone?
Why Does the Mobile OTP Application Binding Operation Fail?
How Do I Enable Mobile SMS Authentication For Logging In to the CBH System?
How Do I Cancel Mobile SMS Authentication?
How Can I Cancel Mobile OTP Authentication If No Mobile OTP Application is Bound to My Account?
Why Does Login Fail When an Account That Has Mobile OTP Application Bound Is Used to Log In?
Login Security Management
How Do I Set a Security Lock for Logging In to the CBH System?
How Do I Unlock a User or IP Address Locked During the Login to a CBH Instance?
User, Resource, and Policy Configuration in a CBH System
Users
Why Cannot I Select a Superior Department When Creating a User or Resource?
How Do I Change a Mobile Number Bound to a CBH System User?
How Many Users Can Be Created in a CBH System?
Adding Resources to a CBH System
How Do I Change the Password of a Managed Resource Account?
How Do I Set a Sudo Privilege Escalation Account for the Managed Resource?
How Do I Add a Label to Resources Managed in a CBH System?
How Do I Import or Export Information of Host Resources in Batches?
What Are the AK and SK of an Imported Host? How Can I Obtain Them?
What Are the Statuses of a Managed Resource Account in a CBH System?
Can I Share Labels of Managed Resources with Other System Users?
Can I Manually Enter a Password to Log In to a Managed Resource Through the CBH System?
Why Does the CBH System Fail to Identify Hosts Imported in Batches?
How Do I Access Services Provided by the Intranet Through a CBH Instance?
How Do I Add a Server with an IPv6 Address to a CBH Instance?
What is an Empty Account?
Policy Management
What Is Dynamic Approval and How Does It Work?
System Configuration
How Do I Configure an SSH Key for Logging In to a Managed Host?
How Do I Set the Personal Net Disk Capacity?
How Do I Send More SMS Messages Than the Limit Allowed by CBH
Resources Managed in a CBH System
Operation Management
Can CBH Support GUI-Based O&M for Linux Hosts?
Does CBH Support Mobile App O&M?
How Do I Configure the SSO Tool?
Does CBH Allow Multiple Users to Log In to the Same Resource Concurrently?
Which Algorithms Are Supported by CBH in SSH O&M Mode
O&M Operations
What Login Methods Does CBH Provide?
How Do I Create a Collaborative O&M Session?
How Do I Use Resource Labels in the CBH System?
How Do I Set the Resolution of the O&M Session Window When I Use a Web Browser for O&M?
How Can I Use Shortcut Keys to Copy and Paste Text When a Web Browser Is Used for O&M?
What Are the Shortcut Keys for O&M in CBH?
O&M Log Audit
What Audit Logs Does CBH Provide?
Can I Download Operation Recordings?
Can I Delete CBH O&M Data for a Specific Day?
Can I Back Up System Audit Logs to an OBS Bucket?
How Long Can I Store Audit Logs in the CBH System?
How Are Audit Logs in the CBH System Processed?
Can I Audit User Operations If a User Logs In to Server A Through the CBH System and Then Logs In to Server B from Server A?
Why Is the Playable Duration Shorter Than the Total Duration of a Session?
Why Is There No Login Record in History Sessions While I Received a Resource Login Message?
Troubleshooting
CBH System Login Failures
What Does a Login Exception Occur?
Why Is the IP Address or MAC Address Blocked When I Log In to the CBH System?
Why Am I Seeing Error Code 404 When I Log In to the CBH System?
Why Am Seeing Error Code 499 When I Log In to the CBH System?
What Are Possible Faults If I Log In to the CBH System as an Intranet User?
Why Is a Host Inaccessible Through CBH?
Why Does CBH Login Fail Through an ECS in a New VPC Connected with the VPC Where CBH Is via VPN or a VPC Peering Connection
CBH Managed Resource Login Failures
Why Does an Exception Occur When I Log In to My Resources Managed in CBH?
Why Am I Seeing Login Errors of Code: T_514 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: T_1006 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_515 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_519 When I Use a Web Browser for Resource O&M?
Why Am I Seeing Login Errors of Code: C_769 When I Use a Web Browser for Resource O&M?
Why Cannot I See the Accessible Resources in the Resource List?
Why Does the Session Page Fail to Load When I Log In to the Managed Host Using a Web Browser?
Why Is the Application Resource Inaccessible through CBH?
Why Are Databases Managed in CBH Inaccessible with an SSO Tool?
Why Does the Number of Concurrent Sessions Reach the Limit When I Use CBH to Log In to a Host Resource?
Why a Black Block Is Displayed on the Mouse When the MSTSC Client Is Used to Access a Server Resource?
Maintenance Issues
Why Does SMS Verification Code Fail to Send When I Log In to a CBH Instance?
Why Am I Seeing a Message Indicating that the Number of Resources Has Reached the Limit When I Add a Resource to CBH?
Why Does Verification of An Account for a Managed Host Fail?
Why Am I Seeing Garbled Characters When I Open a System Data File?
Why Does Login Timeout Frequently Occur During an O&M Session?
Why Does the PL/SQL Client Display Garbled Characters During Application O&M?
Why Is the Requested Session Denied After I Log In to a Managed Host?
Why Does the CBH Traffic Bandwidth Exceed the Threshold?
Why Text Cannot Be Copied When I Perform O&M Through a Web Browser?
Which Types of Failures May Occur During the O&M?
What Do I Do If an Exception Occurs When I Enter Chinese Characters Using WPS During the O&M of a Windows Server?
Videos